Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Antivíry a antispywary » sekanie,lagovanie,nestabilita- prosim o kontrolu logov

sekanie,lagovanie,nestabilita- prosim o kontrolu logov

Stránka: 1 z 1

[ Príspevok: 1 ]

Autor

Správa

patrik89

Užívateľ

Užívateľ

Registrovaný: 28.07.10
Prihlásený: 05.08.10
Príspevky: 5
Témy: 2 | 2

Napísal

patrik89: 28.07.2010 14:39 | sekanie,lagovanie,nestabilita- prosim o kontrolu logov

ComboFix 10-07-27.02 - Tomi 07/28/2010 10:10:34.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.737 [GMT 2:00]
Running from: c:\documents and settings\Tomi\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\rloci.bin
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000019_.tmp.dll
c:\windows\system32\_000020_.tmp.dll
c:\windows\system32\_000021_.tmp.dll

.
((((((((((((((((((((((((( Files Created from 2010-06-28 to 2010-07-28 )))))))))))))))))))))))))))))))
.

2010-07-27 20:22 . 2010-07-27 20:22 10 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan\icn_62766A54CB96B6647A4A21CFAB84387D.dll
2010-07-27 20:22 . 2010-07-27 20:22 833 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan\icn_000021599B0090400000000000F01FEC.dll
2010-07-27 20:22 . 2010-07-27 20:22 1175 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan\icn_6F9E66FF7E38E3A3FA41D89E8A906A4A.dll
2010-07-27 19:35 . 2010-07-27 19:35 -------- d-----w- c:\program files\AceLogix
2010-07-27 19:26 . 2010-07-27 19:26 -------- d-----w- c:\documents and settings\Tomi\Application Data\Registry Mechanic
2010-07-27 19:23 . 2010-07-27 19:37 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2010-07-27 19:01 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-27 19:01 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-07-27 18:47 . 2010-07-27 18:55 -------- d-----w- c:\program files\Microsoft AntiSpyware
2010-07-27 18:41 . 2010-07-27 18:41 -------- d-----w- c:\documents and settings\Tomi\Application Data\Uniblue
2010-07-25 18:33 . 2010-07-25 18:33 15872 ----a-r- c:\documents and settings\Tomi\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
2010-07-25 18:33 . 2010-07-25 18:33 -------- d-----w- c:\program files\Valve
2010-07-25 15:10 . 2010-07-25 15:10 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\Downloaded Installations
2010-07-25 15:03 . 2010-07-25 15:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ATI
2010-07-25 15:00 . 2010-07-25 15:01 -------- d-----w- c:\program files\ATI
2010-07-25 14:59 . 2010-07-25 14:59 -------- d-----w- C:\ATI
2010-07-25 12:12 . 2010-07-25 14:26 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\NVIDIA Corporation
2010-07-25 12:12 . 2004-08-03 20:29 1897408 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-07-25 12:12 . 2004-08-03 22:56 4274816 ----a-w- c:\windows\system32\nv4_disp.dll
2010-07-25 12:12 . 2010-07-25 12:12 -------- d-----w- C:\NVIDIA
2010-07-24 10:33 . 2010-07-24 10:33 388096 ----a-r- c:\documents and settings\Tomi\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-24 10:33 . 2010-07-24 10:33 -------- d-----w- c:\program files\Trend Micro
2010-07-24 10:15 . 2010-07-24 10:15 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\ESET
2010-07-23 21:42 . 2010-07-24 10:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2010-07-23 21:42 . 2010-07-23 21:42 -------- d-----w- c:\documents and settings\Tomi\Application Data\Yahoo!
2010-07-23 21:05 . 2010-07-23 21:05 1152 ----a-w- c:\windows\system32\windrv.sys
2010-07-23 20:58 . 2010-07-23 22:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SystemKey
2010-07-23 13:55 . 2010-07-23 14:58 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\avg9
2010-07-23 11:25 . 2010-07-23 11:28 -------- d-----w- c:\program files\WinClamAVShield
2010-07-23 11:08 . 2010-07-23 12:22 -------- d-----w- c:\program files\Crawler
2010-07-23 11:08 . 2010-07-23 11:39 -------- d-----w- c:\documents and settings\Tomi\Application Data\Spyware Terminator
2010-07-23 11:08 . 2010-07-23 11:08 6144 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator\sp_rsdel.exe
2010-07-23 11:08 . 2010-07-23 11:08 5632 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator\fileobjinfo.sys
2010-07-23 11:08 . 2010-07-23 11:08 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-07-23 11:08 . 2010-07-23 12:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spyware Terminator
2010-07-22 11:14 . 2010-07-22 11:14 3806 ---ha-w- C:\aaw7boot.cmd
2010-07-22 10:28 . 2010-07-22 10:28 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-22 10:19 . 2010-07-22 10:19 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\Sunbelt Software
2010-07-22 10:17 . 2010-07-24 10:56 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2010-07-21 11:45 . 2010-02-12 10:44 1274160 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\CentrumczToolbar\IEToolbar.dll
2010-07-19 21:24 . 2010-07-19 21:24 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\Centrum.cz Toolbar
2010-07-19 21:20 . 2010-07-21 11:45 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\CentrumczToolbar
2010-07-17 09:59 . 2010-07-17 09:59 -------- d-----w- c:\program files\Phyxion.net
2010-07-16 22:15 . 2010-07-16 22:15 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ICQ
2010-07-16 22:14 . 2010-07-27 14:08 -------- d-----w- c:\documents and settings\Tomi\Application Data\ICQ
2010-07-16 22:14 . 2010-07-16 22:14 -------- d-----w- c:\documents and settings\Tomi\Local Settings\Application Data\AOL
2010-07-16 22:14 . 2010-07-16 22:17 -------- d-----w- c:\program files\ICQ7.2
2010-07-06 22:14 . 2010-07-07 23:41 -------- d-----w- c:\program files\XTB-Trader
2010-07-03 21:00 . 2010-07-03 21:00 -------- d-----w- c:\program files\Plus500

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-28 08:00 . 2010-07-23 21:14 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SecTaskMan
2010-07-27 19:03 . 2010-05-08 14:47 17464 -c--a-w- c:\documents and settings\Tomi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-25 14:27 . 2009-07-14 13:53 -------- d-----w- c:\program files\NVIDIA Corporation
2010-07-24 10:56 . 2009-08-12 09:58 -------- d-----w- c:\program files\Lavasoft
2010-07-24 10:30 . 2010-06-05 11:37 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2010-07-23 22:18 . 2010-05-08 16:13 -------- d-----w- c:\program files\AMD
2010-07-22 11:20 . 2010-05-15 11:05 -------- d-----w- c:\program files\ATI Technologies
2010-07-19 21:20 . 2009-11-30 08:17 -------- d-----w- c:\program files\CentrumczToolbar
2010-07-18 19:37 . 2009-07-14 13:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-16 22:15 . 2009-07-14 14:57 -------- d-----w- c:\program files\ICQ6Toolbar
2010-07-16 18:59 . 2009-08-18 08:38 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2010-07-14 12:17 . 2009-07-14 14:18 -------- d-----w- c:\program files\Opera
2010-07-07 11:46 . 2010-05-09 13:24 604776 -c--a-w- c:\windows\system32\NVUNINST.EXE
2010-06-17 20:24 . 2010-06-08 10:03 -------- d-----w- c:\documents and settings\Tomi\Application Data\pdfMachine
2010-06-12 23:29 . 2009-07-27 00:02 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-11 10:43 . 2010-06-11 10:43 61440 ----a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-37dd3130-n\decora-sse.dll
2010-06-11 10:43 . 2010-06-11 10:43 12800 ----a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-37dd3130-n\decora-d3d.dll
2010-06-10 15:46 . 2010-06-10 15:46 0 ----a-w- c:\windows\nsreg.dat
2010-06-08 10:39 . 2010-04-16 18:01 -------- d-----w- c:\program files\Syncrosoft
2010-06-08 08:24 . 2010-06-10 15:53 52224 ----a-w- c:\documents and settings\Tomi\Application Data\Mozilla\Firefox\Profiles\e11pdbzm.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
2010-06-08 08:24 . 2010-06-10 15:53 101376 ----a-w- c:\documents and settings\Tomi\Application Data\Mozilla\Firefox\Profiles\e11pdbzm.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
2010-06-06 19:05 . 2010-04-10 21:07 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-06-06 13:44 . 2010-06-06 13:44 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-06-06 11:56 . 2010-06-06 11:56 -------- d-----w- c:\program files\Another Day
2010-06-05 17:27 . 2010-06-04 12:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Test Drive Unlimited
2010-06-05 17:05 . 2010-06-05 17:05 -------- d--h--r- c:\documents and settings\Tomi\Application Data\SecuROM
2010-06-05 17:05 . 2010-06-05 17:05 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-06-05 11:43 . 2010-06-05 11:43 -------- d-----w- c:\documents and settings\Tomi\Application Data\IObit
2010-06-04 12:07 . 2010-06-04 12:07 49152 -c--a-r- c:\documents and settings\Tomi\Application Data\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
2010-06-04 11:56 . 2010-06-04 11:56 -------- d-----w- c:\program files\DAEMON Tools
2010-06-04 11:54 . 2010-06-04 11:54 639224 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-02 12:12 . 2010-06-02 12:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-31 13:49 . 2010-05-08 15:48 -------- d-----w- c:\documents and settings\Tomi\Application Data\Ventrilo
2010-05-30 14:06 . 2010-05-24 19:51 -------- d-----w- c:\documents and settings\Tomi\Application Data\DivX
2010-05-28 10:54 . 2010-05-28 10:54 503808 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3330e7a6-n\msvcp71.dll
2010-05-28 10:54 . 2010-05-28 10:54 499712 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3330e7a6-n\jmc.dll
2010-05-28 10:54 . 2010-05-28 10:54 348160 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3330e7a6-n\msvcr71.dll
2010-05-27 17:37 . 2010-05-08 14:52 4830720 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-05-27 17:12 . 2010-05-08 14:52 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-05-27 17:12 . 2010-05-08 14:52 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-05-27 17:10 . 2010-05-08 14:52 4071424 ----a-w- c:\windows\system32\aticaldd.dll
2010-05-27 17:05 . 2010-07-22 11:21 15208448 ----a-w- c:\windows\system32\atioglxx.dll
2010-05-27 17:02 . 2010-07-22 11:21 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-05-27 16:59 . 2010-07-22 11:21 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-05-27 16:58 . 2010-05-08 14:52 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2010-05-27 16:54 . 2010-05-08 14:52 3699936 ----a-w- c:\windows\system32\ati3duag.dll
2010-05-27 16:46 . 2010-07-22 11:21 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-05-27 16:46 . 2010-07-22 11:21 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-05-27 16:45 . 2010-07-22 11:21 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-05-27 16:45 . 2010-07-22 11:21 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-05-27 16:45 . 2010-05-08 14:52 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-05-27 16:44 . 2010-07-22 11:21 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-05-27 16:43 . 2010-07-22 11:21 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-05-27 16:42 . 2010-05-08 14:52 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-05-27 16:41 . 2010-05-08 14:52 2256512 ----a-w- c:\windows\system32\ativvaxx.dll
2010-05-27 16:41 . 2010-07-22 11:21 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-05-27 16:41 . 2010-07-22 11:21 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-05-27 16:39 . 2010-05-08 14:52 573440 ----a-w- c:\windows\system32\atikvmag.dll
2010-05-27 16:38 . 2010-05-08 14:52 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-05-27 16:37 . 2010-07-22 11:21 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-05-27 16:35 . 2010-05-08 14:52 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-05-27 16:33 . 2010-05-08 14:52 692224 ----a-w- c:\windows\system32\ati2cqag.dll
2010-05-27 16:29 . 2010-05-08 14:52 65536 ----a-w- c:\windows\system32\atimpc32.dll
2010-05-27 16:29 . 2010-05-08 14:52 65536 ----a-w- c:\windows\system32\amdpcom32.dll
2010-05-27 16:28 . 2010-05-08 14:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-05-24 19:51 . 2010-05-24 19:51 57344 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-05-24 19:51 . 2010-05-24 19:51 56978 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-05-24 19:51 . 2010-05-24 19:51 56766 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-05-24 19:51 . 2010-05-24 19:51 57679 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\Player\Uninstaller.exe
2010-05-24 19:51 . 2010-05-24 19:51 53600 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\Update\Uninstaller.exe
2010-05-24 19:47 . 2010-05-24 19:47 144696 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-05-24 19:47 . 2010-05-24 19:51 754984 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\Setup\Resource.dll
2010-05-24 19:47 . 2010-05-24 19:51 1180952 -c--a-w- c:\documents and settings\All Users.WINDOWS\Application Data\DivX\Setup\DivXSetup.exe
2010-05-13 11:43 . 2010-05-13 11:43 472576 -c--a-w- c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe
2010-05-10 21:25 . 2010-05-10 21:25 503808 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46976bba-n\msvcp71.dll
2010-05-10 21:25 . 2010-05-10 21:25 499712 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46976bba-n\jmc.dll
2010-05-10 21:25 . 2010-05-10 21:25 348160 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46976bba-n\msvcr71.dll
2010-05-10 21:25 . 2010-05-10 21:25 61440 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-521436b1-n\decora-sse.dll
2010-05-10 21:25 . 2010-05-10 21:25 12800 -c--a-w- c:\documents and settings\Tomi\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-521436b1-n\decora-d3d.dll
2010-05-10 21:25 . 2010-05-10 21:25 411368 -c--a-w- c:\windows\system32\deployJava1.dll
2010-05-10 11:13 . 2010-05-10 11:10 518 -c--a-w- c:\documents and settings\Tomi\Application Data\iolo\Registry\Last\restore.bat
2010-05-10 10:58 . 2010-05-10 10:58 1569 -c--a-w- c:\documents and settings\Tomi\Application Data\iolo\restore.bat
2010-05-10 10:54 . 2010-05-10 10:54 74703 -c--a-w- c:\windows\system32\mfc45.dll
2010-05-09 10:27 . 2010-05-08 14:30 86327 -c--a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-08 15:08 . 2010-05-08 15:09 737280 -c--a-w- c:\windows\iun6002.exe
2010-05-08 14:52 . 2010-05-08 14:52 0 -c--a-w- c:\windows\ativpsrm.bin
2010-05-08 14:28 . 2010-05-08 14:28 21640 -c--a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Tomi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-07-11 136176]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-06-08 133368]
"Steam"="c:\program files\valve\steam\steam.exe" [2010-07-25 1238352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2010-03-16 251904]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
"NoRecentDocsNetHood"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bgsmsnd.exe]
2006-06-01 23:33 106496 ----a-w- c:\windows\system32\spool\drivers\w32x86\2\bgsmsnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Analog Devices\\SoundMAX\\SMax4Wiz.exe"=
"c:\\Program Files\\Valve\\Steam\\Steam.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\WINDOWS\\system32\\LMabcoms.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\patulo89\\counter-strike\\hl.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1200:UDP"= 1200:UDP:c

R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [7/23/2010 1:08 PM 142592]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7/14/2009 4:57 PM 246520]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [5/8/2010 6:13 PM 31744]
R3 vHidDev;Razer Gaming Device;c:\windows\system32\drivers\vHidDev.sys [5/18/2010 10:16 PM 5760]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/15/2010 5:58 PM 136176]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [5/8/2010 4:39 PM 5824]
S3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [5/8/2010 7:43 PM 22784]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6/4/2010 1:54 PM 639224]
.
Contents of the 'Scheduled Tasks' folder

2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb0d5165f6c7d8.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 15:03]

2010-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-362288127-682003330-1003Core.job
- c:\documents and settings\Tomi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-11 17:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://www.ngohq.com
IE: E&xportovat do programu Microsoft Excel - c:\progra~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SystemKey - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 10:12
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Completion time: 2010-07-28 10:13:12
ComboFix-quarantined-files.txt 2010-07-28 08:13

Pre-Run: 64,177,074,176 bytes free
Post-Run: 64,151,896,064 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 7906EE37E447FB1363F802852B454784

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:41:35 PM, on 7/28/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Documents and Settings\Tomi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\valve\steam\steamapps\patulo89\counter-strike\hl.exe
C:\program files\valve\steam\GameOverlayUI.exe
C:\Documents and Settings\Tomi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tomi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ngohq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tomi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)

--
End of file - 7489 bytes

Stránka: 1 z 1

[ Príspevok: 1 ]

sekanie,lagovanie,nestabilita- prosim o kontrolu logov

Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Antivíry a antispywary » sekanie,lagovanie,nestabilita- prosim o kontrolu logov

Témy		Odpovede	Zobrazenia	Posledný príspevok
Podobné témy
	prosim o kontrolu logov po viruse v Antivíry a antispywary	7	430	11.04.2013 17:04 personal compuper
	Prosim o kontrolu v Antivíry a antispywary	19	2256	25.12.2007 14:31 yaJohny
	Prosim o kontrolu v Antivíry a antispywary	3	1403	27.09.2007 21:47 Rbot
	Prosím o kontrolu v Antivíry a antispywary	0	379	15.10.2011 21:20 Royksopp
	prosim o kontrolu logu v Antivíry a antispywary	3	662	04.08.2008 18:26 Spirit
	Prosím o kontrolu logu v Operačné systémy Microsoft	2	531	09.02.2008 10:24 _DanWer_
	Prosím o kontrolu logu v Antivíry a antispywary	8	772	09.01.2008 20:07 igiok1
	Prosím o kontrolu logu v Antivíry a antispywary	6	603	24.03.2008 13:40 igiok1
	prosim o kontrolu HJT v Antivíry a antispywary	10	840	08.01.2008 0:40 domcek
	prosím kontrolu logu HJT v Antivíry a antispywary	9	781	07.11.2007 0:49 patrick1
	prosim o kontrolu logu v Antivíry a antispywary	2	620	25.08.2008 14:50 xixan
	Prosím o kontrolu Hijacka. v Antivíry a antispywary	1	638	09.10.2007 12:15 br4n0
	prosim o kontrolu logu v Antivíry a antispywary	2	809	21.12.2009 15:41 pitimir
	prosim o kontrolu HJT v Antivíry a antispywary	5	589	08.07.2008 1:16 domcek
	prosím o kontrolu logu v Antivíry a antispywary	2	528	23.04.2008 11:37 maminkask
	prosím kontrolu logu HJT v Antivíry a antispywary	9	673	14.12.2007 19:04 alan

Podobné témy