Prosím o kontrolu logu - pomale PC Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Y_ago_Cz
Level 1
Level 1
Příspěvky: 71
Registrován: červen 06
Bydliště: z PlzeňSKA
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Y_ago_Cz

Prosím o kontrolu logu - pomale PC

Příspěvekod Y_ago_Cz » 22 dub 2011 10:09

Ahojte,
mohl bych poprosit o kontrolu logu? PC pomalu reaguje,než se něco otevře je to doba. PC je půl roku nainst,projel jsem to CCleanrem,Avastem z woken i před strartem něco to našlo ale ješte se mi to úplně nezdá jelikož po startu občas avast zahlasí v Documents and Settings nějakou havěť. Ještě jsem pro jistotu smazal co šlo v Tempu a Temporary Internet Files. Defragmentoval pomocí oodefrag,projel HDtune a Memtest.
CPU intel celeron 2,33GHz
512 RAM (resp.448 sdílená grafika)
Legal winXP aktualizované

projel jsem to MB i Hi a tady je log:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6417

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

22.4.2011 9:44:14
mbam-log-2011-04-22 (09-44-14).txt

Typ kontroly: Rychlý test
Testované objekty: 142679
Uplynulý čas: 5 minut, 56 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:45:55, on 22.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\OEM\Dokumenty\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=80744
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6609 bytes

Děkuji :)
Nahoru
Reklama
Top
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - pomale PC

Příspěvekod Žbeky » 22 dub 2011 10:12

Odinstaluj:
BS Player Toolbar
Conduit Engine

V HJT fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Y_ago_Cz
Level 1
Level 1
Příspěvky: 71
Registrován: červen 06
Bydliště: z PlzeňSKA
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Y_ago_Cz

Re: Prosím o kontrolu logu - pomale PC

Příspěvekod Y_ago_Cz » 22 dub 2011 11:30

Tak jsem se dostal az k ComboFix ale ten mi zahlásil ze mám aktivní antivir od microsoftu,tak jsem hledal v pc pze to je sousedovo. V program files má adresář Microsoft Security Client,který ovšem nejde smazat, ale v Ovládacích panelech není zobrazenej k odebraní. Koukám teď jeste přes msconfig a má tam zakázany Microsoft Security Client po spuštění woken.Asi ho tam měl předtím a pak tam dal Avast a jestli to nějak blbě odinstaloval netuším,každopádně teď nvm co s tím,nejde to nějak ulovnit přes registry?Možná je to taky jedna z příčin lenosti PC.Pustil i přesto Combofix a hodilo mi to log:


ComboFix 11-04-21.03 - OEM 22.04.2011 10:51:46.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.446.176 [GMT 2:00]
Spuštěný z: c:\documents and settings\OEM\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr1.dat
.
----- BITS: Možné infikované stránky -----
.
hxxp://apnmedia.ask.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-22 do 2011-04-22 )))))))))))))))))))))))))))))))
.
.
2011-04-22 08:04 . 2010-11-09 12:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-04-22 08:04 . 2011-04-22 08:04 -------- d-----w- c:\program files\CPUID
2011-04-22 07:37 . 2011-04-22 07:37 -------- d-----w- c:\documents and settings\OEM\Data aplikací\Malwarebytes
2011-04-22 07:36 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-22 07:36 . 2011-04-22 07:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-22 07:36 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-22 07:36 . 2011-04-22 07:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-22 07:23 . 2011-04-22 07:23 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BE9B64A9-5266-4309-8A55-7F339B511A1C}\MpKsl4eea2f7c.sys
2011-04-21 17:32 . 2011-04-21 18:22 -------- d-----w- c:\windows\system32\oodag
2011-04-21 15:50 . 2011-04-21 15:50 -------- d-----w- c:\documents and settings\OEM\Local Settings\Data aplikací\O&O
2011-04-21 15:50 . 2011-04-21 15:50 -------- d-----w- c:\program files\OO Software
2011-04-21 15:49 . 2011-04-21 15:49 -------- d-----w- c:\documents and settings\OEM\Local Settings\Data aplikací\Downloaded Installations
2011-04-21 15:09 . 2011-04-21 15:10 -------- d-----w- c:\program files\HD Tune
2011-04-19 17:06 . 2011-04-11 07:04 7071056 begin_of_the_skype_highlighting              04 7071056      end_of_the_skype_highlighting ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BE9B64A9-5266-4309-8A55-7F339B511A1C}\mpengine.dll
2011-04-18 15:30 . 2011-04-18 15:30 -------- d-----w- c:\program files\CCleaner
2011-04-18 15:12 . 2011-02-23 13:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-18 15:12 . 2011-02-23 13:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-18 15:12 . 2011-02-23 13:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-18 15:12 . 2011-02-23 13:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-18 15:12 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-18 15:12 . 2011-02-23 13:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-18 15:12 . 2011-02-23 13:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-18 15:12 . 2011-02-23 13:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-18 15:12 . 2011-02-23 14:04 40648 ----a-w- c:\windows\avastSS.scr
2011-04-18 15:12 . 2011-02-23 14:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-18 15:11 . 2011-04-18 15:11 -------- d-----w- c:\program files\AVAST Software
2011-04-18 15:11 . 2011-04-18 15:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-04-18 14:50 . 2011-04-18 14:51 -------- d-----w- c:\windows\Temp0AF55726-8B4A-9CD5-CC77-17B5C1F72454-Signatures
2011-04-18 14:50 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-04-18 14:49 . 2011-04-18 14:51 -------- d-----w- c:\program files\Microsoft Security Client
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 19:49 . 2010-12-01 20:32 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-03-15 04:05 . 2010-09-04 07:18 6792528 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-07 05:33 . 2010-09-02 18:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2006-03-02 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2006-03-02 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:08 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:08 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2006-03-02 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-03-02 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2006-03-02 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2006-03-02 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2006-03-02 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58 . 2010-09-02 17:58 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2010-09-02 17:58 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 09:41 . 2011-01-25 09:41 1627976 ----a-w- c:\windows\system32\ooscrsav.scr
2011-01-25 09:40 . 2011-01-25 09:40 275784 ----a-w- c:\windows\system32\oodbs.exe
2011-01-25 09:39 . 2011-01-25 09:39 535880 ----a-w- c:\windows\system32\oodssrs.dll
2011-01-25 09:38 . 2011-01-25 09:38 9544 ----a-w- c:\windows\system32\oodbsrs.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\OEM\Data aplikací\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\OEM\Data aplikací\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\OEM\Data aplikací\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-05-07 19523616]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^OEM^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
path=c:\documents and settings\OEM\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^OEM^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\OEM\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 11:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-01-15 18:26 136176 ----atw- c:\documents and settings\OEM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 00:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
2006-06-14 12:20 36864 ----a-w- c:\program files\HP\HP UT\bin\hppusg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-08-22 11:02 133432 ----a-w- c:\program files\ICQ7.1\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2010-11-30 11:20 997408 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-09-02 14:15 13351304 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolBoxFX]
2006-06-15 06:43 49152 ----a-w- c:\program files\HP\ToolboxFX\bin\HPTLBXFX.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\OEM\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Macmillan\\Inside Out\\Beginner\\data\\fscommand\\flashex.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18.4.2011 17:12 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18.4.2011 17:12 301528]
R1 MpKsl4eea2f7c;MpKsl4eea2f7c;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BE9B64A9-5266-4309-8A55-7F339B511A1C}\MpKsl4eea2f7c.sys [22.4.2011 9:23 28752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18.4.2011 17:12 19544]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [25.1.2011 11:41 2398536]
S1 MpKsl00e24e6f;MpKsl00e24e6f;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{97C630C8-A1FD-4844-A8B8-02B433AEB535}\MpKsl00e24e6f.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{97C630C8-A1FD-4844-A8B8-02B433AEB535}\MpKsl00e24e6f.sys [?]
S1 MpKsl872549e7;MpKsl872549e7;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{963A410E-C639-4D08-ACFA-EB37BE2CBA53}\MpKsl872549e7.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{963A410E-C639-4D08-ACFA-EB37BE2CBA53}\MpKsl872549e7.sys [?]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [22.4.2011 10:04 21992]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.9.2010 20:49 1691480]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - CPUZ135
*NewlyCreated* - MPKSL4EEA2F7C
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-22 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
FF - ProfilePath - c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?tool ... m-1.0.0&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-22 10:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="33F57DCD5C4FF42F542B4E4CC1691B9595A1902F61EA46F7475CC53F746E68DC5725754408A2793F9E84B66757344D18CF0ECDDF407E77B5EA7FCE763C95B96740AD63D373138B720F3DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CA6171C11EC38DE3DA6171C11EC38DE3D76B6138822E1D8F372E19F1D3165E87943C558E2911D6EAC6B624D2508432E7C664B8EAB3294A63A6B8146938651A84BB00C4EEBEB007DBF49ECE432D6861C2A9262E60F7F94F4CAA7749E7422DB3E0FF1D627755216E7DB411954095E61042D75A7B68140E45AFE3B9C246A214BF209D55EDE286B8D47537712396EEC8470862F5C5D038B5B72A2606E18D505BC12754E6CB5604166B8EBB917745D37F7ED2904D27FCC5F23DD7772F37D4A331FEC0272DEB32EC1755F6274FBAD01549292FDDCF502C81BBAC032F3499C8FF43757CEF9A71FD5C0625F65BCA6CE3E3F84726243BF1293027541FC88208220789B2BF3C44E075174ACE296C89305A7564E292369419D023F7A0C74F93E7D2DCD38C37B526C3B4C7523980F725142085F46D486A29ED7995D44CF2833FCA319EA4D03614B30D02744EA3158B9043EDC00961945E4113895CC21C11F4849CB7CAAEECD9978DB23F6C1FC617241627258C43B9B09CE637A6362B397D0EBA413A0C7048B8A46454D04B526E4CF4F379CDE1C8787739FF61D2656F20F2B77A3598666C8A88B49D7304AC8877857CF623F0ADAA00B973A40E13446AAE68EE7EF42E10ACD186DB591727B8B94DCE3D05720273681D9FEA5C653983078E1515FC6B59A1DF4CB70E504FBFAEE17D8C5851D4A39CAF62AA411263991F9CE49BA207A624B6BF7BE4CD7D57B61C92C35BEC44F0C7418A1B578CA11A5116B766709156E34C328E1EBA8AC41607B56C3C0060B1CF5C202F9BBDDC5C969BEB2088CEC4B9DE3086812D3A62B9560CA32A3CCC774C8DEC14EC700AE1AA81C745DF20C0BF19466CD253C7C553DB2758261E22EA146AAE143AA29C736841B1A4062FABDFC5FF3F783BBE9EDBCF0915C0C4AEF3FA665AD5B4B248FDD34E42081E59836FDCF8B729AC56D74B4D5F63B1583360B5DDEDED0EF16304211DB3F4DB55B3D0E2B0415D7916A610DE10F264D66395349EAC45FA8038EA4D934563AC95E4A7043290F3A83E4F71E3609CAF87AD8B1B413CB47BBDA41573EC39DC0A3D16513B6E8E05A62E3DFA992C9C3DD8B0AB926D124EBC9E9A317C61AC22928E8377BC6F763BB41958015EF11F1AE9322D519828210B723055236E3BEEC3492A0DC12AB006FAC1680F1566D4DAEE9A921CBCCE607B8A09DCBC917EF912BA1F880BAE1BC811C249EF3E53CF9E0549BD1916DEF2902581DF8200272D85E3AD74466DE66A9104A"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(628)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-04-22 11:02:27
ComboFix-quarantined-files.txt 2011-04-22 09:02
.
Před spuštěním: Volných bajtů: 10 192 961 536
Po spuštění: Volných bajtů: 10 241 982 464
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 8A0398C5AA334EF8D4D1435B254E88BC
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - pomale PC

Příspěvekod Žbeky » 22 dub 2011 17:46

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

SecCenter::
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

Folder::
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware
c:\windows\Temp0AF55726-8B4A-9CD5-CC77-17B5C1F72454-Signatures
c:\program files\Microsoft Security Client

File::
c:\windows\system32\ConduitEngine.tmp
c:\windows\Tasks\MP Scheduled Scan.job

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]

Driver::
MpKsl4eea2f7c
MpKsl00e24e6f
MpKsl872549e7

Firefox::
FF - ProfilePath - c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - Ext: BS Player Community Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Y_ago_Cz
Level 1
Level 1
Příspěvky: 71
Registrován: červen 06
Bydliště: z PlzeňSKA
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Y_ago_Cz

Re: Prosím o kontrolu logu - pomale PC

Příspěvekod Y_ago_Cz » 22 dub 2011 20:30

Tady je ten log,jenom se to automaticky nepustilo tak jsem to spustil manualne ale ten script pravdepodobně proběhl(delsi čas,nějaké mazáni a restart pc) jo a jestě nějaká aktualizace verze programu combfix,to jen tak pro info

ComboFix 11-04-21.06 - OEM 22.04.2011 20:09:56.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.446.175 [GMT 2:00]
Spuštěný z: c:\documents and settings\OEM\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\OEM\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\system32\ConduitEngine.tmp"
"c:\windows\Tasks\MP Scheduled Scan.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BE9B64A9-5266-4309-8A55-7F339B511A1C}\mpasbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BE9B64A9-5266-4309-8A55-7F339B511A1C}\mpasdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BE9B64A9-5266-4309-8A55-7F339B511A1C}\mpavbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BE9B64A9-5266-4309-8A55-7F339B511A1C}\mpavdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BE9B64A9-5266-4309-8A55-7F339B511A1C}\mpengine.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpasbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpasdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpavbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpavdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\LocalCopy\{0B21BA67-8C8E-16E8-4F3A-4A9D22952B45}-extract.cfxxe
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\LocalCopy\{4BA671E0-7A95-B7CB-6A09-801B0A0E6032}-SMSS.EXE
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\LocalCopy\{718CE924-A8CF-6F9D-E2EA-CEB50DDFD382}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\LocalCopy\{C8F59DA5-837E-75BE-FA67-28E9AFFEC26E}-ComboFix.exe
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\LocalCopy\{D7B34F3D-8835-8796-51EF-8A268EB65D86}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\CacheManager\MpScanCache-0.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0AF8E6B6-88C4-41F0-AB03-B0D2EDFE2291}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3A8791E3-9580-4204-BF40-7532CC7E3290}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{4A591D9E-CD8D-446D-9982-421EBDD52523}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{4F983E85-A3DC-43F9-985A-6358C41BCA92}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{65EE7674-A856-4AC8-BCC9-E7FE231BD55C}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6D6C962E-8E5E-42A4-8A50-230876B1FFB9}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9F33D41D-BE2F-478C-91A3-09F6A2AD668F}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{AA5B7A18-3915-4843-9A7F-4EBBD0E42242}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B1E9EBCF-EB91-4790-891F-C203E7FA582D}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B48DE1F6-AAAD-44E1-851C-57DFC2716147}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C623E4C0-1D4D-4B6A-9DAE-1A84DC6AFC4C}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{DDCBF193-9787-4DCD-A3A4-DA872DAA3A14}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E4933095-70D9-43B0-8C59-D499B7896BC0}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E9C911F9-32BB-4D11-BA89-F5D86D7F7C6C}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FC9D9E8C-5BC0-4DE7-9DEA-4626EDBA4D8E}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FF77F594-C017-4C21-BAE4-3CCE3360103F}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Service\History.Log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Service\Unknown.Log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\MpDiag.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpCacheStats.log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MPDetection-04182011-165133.log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MPLog-09022010-212652.log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04182011-165133-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04182011-165611-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04182011-165706-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04182011-170627-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04182011-171942-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04192011-185207-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04212011-170114-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04222011-082116-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04222011-092221-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04222011-134953-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-04222011-195343-00000023-00018445.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing.bin
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitAutoCompleteSearch.js
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitAutoCompleteSearch.xpt
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.idl
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.js
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.xpt
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.xpt
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\alertSettingsComponent.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\appContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\engineContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\engineSettings.json
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\fbAlert.js
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\getAppsContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\postAppsContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\toolbarContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\unsharedAppsContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome.manifest
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome\bs_player.jar
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\install.rdf
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\lib\xpcom.js
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\manifest.mf
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\zigbert.rsa
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\zigbert.sf
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.gif
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.ico
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.PNG
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.src
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\version.txt
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\components\ConduitToolbar.idl
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\components\ConduitToolbar.js
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\appContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\engineSettings.json
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\fbAlert.js
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\DualPackage\install.rdf
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\chrome.manifest
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\chrome\conduitengine.jar
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\install.rdf
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\lib\xpcom.js
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\META-INF\manifest.mf
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\META-INF\zigbert.rsa
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\META-INF\zigbert.sf
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\searchplugin\conduit.gif
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\searchplugin\conduit.ico
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\searchplugin\conduit.PNG
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\searchplugin\conduit.src
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\searchplugin\conduit.xml
c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\extensions\engine@conduit.com\version.txt
c:\program files\Microsoft Security Client
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpfilter\mpfilter.cat
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpfilter\mpfilter.inf
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpfilter\mpfilter.sys
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpnwmon\mpnwmon.cat
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpnwmon\mpnwmon.inf
c:\program files\Microsoft Security Client\Antimalware\Drivers\mpnwmon\mpnwmon.sys
c:\program files\Microsoft Security Client\Antimalware\EN-US\MpAsDesc.dll.mui
c:\program files\Microsoft Security Client\Antimalware\EN-US\mpevmsg.dll.mui
c:\program files\Microsoft Security Client\Antimalware\MpAsDesc.dll
c:\program files\Microsoft Security Client\Antimalware\MpClient.dll
c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe
c:\program files\Microsoft Security Client\Antimalware\MpCommu.dll
c:\program files\Microsoft Security Client\Antimalware\MpEvMsg.dll
c:\program files\Microsoft Security Client\Antimalware\MpOAv.dll
c:\program files\Microsoft Security Client\Antimalware\MpRTP.dll
c:\program files\Microsoft Security Client\Antimalware\MpSvc.dll
c:\program files\Microsoft Security Client\Antimalware\MsMpCom.dll
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpLics.dll
c:\program files\Microsoft Security Client\CS-CZ\amhelp.chm
c:\program files\Microsoft Security Client\CS-CZ\eula.rtf
c:\program files\Microsoft Security Client\CS-CZ\MsMpRes.dll.mui
c:\program files\Microsoft Security Client\CS-CZ\setupres.dll.mui
c:\program files\Microsoft Security Client\CS-CZ\shellext.dll.mui
c:\program files\Microsoft Security Client\en-us\amhelp.chm
c:\program files\Microsoft Security Client\en-us\eula.rtf
c:\program files\Microsoft Security Client\en-us\MsMpRes.dll.mui
c:\program files\Microsoft Security Client\en-us\setupres.dll.mui
c:\program files\Microsoft Security Client\en-us\shellext.dll.mui
c:\program files\Microsoft Security Client\shellext.dll
c:\program files\Microsoft Security Client\sqmapi.dll
c:\windows\system32\ConduitEngine.tmp
c:\windows\Tasks\MP Scheduled Scan.job
c:\windows\Temp0AF55726-8B4A-9CD5-CC77-17B5C1F72454-Signatures
c:\windows\Temp0AF55726-8B4A-9CD5-CC77-17B5C1F72454-Signatures\mpasdlta.vdm
c:\windows\Temp0AF55726-8B4A-9CD5-CC77-17B5C1F72454-Signatures\mpavdlta.vdm
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL00E24E6F
-------\Legacy_MPKSL872549E7
-------\Service_MpKsl00e24e6f
-------\Service_MpKsl872549e7
-------\Legacy_MsMpSvc
-------\Legacy_MsMpSvc
-------\Service_MsMpSvc
-------\Service_MsMpSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-22 do 2011-04-22 )))))))))))))))))))))))))))))))
.
.
2011-04-22 08:04 . 2010-11-09 12:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-04-22 08:04 . 2011-04-22 08:04 -------- d-----w- c:\program files\CPUID
2011-04-22 07:37 . 2011-04-22 07:37 -------- d-----w- c:\documents and settings\OEM\Data aplikací\Malwarebytes
2011-04-22 07:36 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-22 07:36 . 2011-04-22 07:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-22 07:36 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-22 07:36 . 2011-04-22 07:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-21 17:32 . 2011-04-22 11:59 -------- d-----w- c:\windows\system32\oodag
2011-04-21 15:50 . 2011-04-21 15:50 -------- d-----w- c:\documents and settings\OEM\Local Settings\Data aplikací\O&O
2011-04-21 15:50 . 2011-04-21 15:50 -------- d-----w- c:\program files\OO Software
2011-04-21 15:49 . 2011-04-21 15:49 -------- d-----w- c:\documents and settings\OEM\Local Settings\Data aplikací\Downloaded Installations
2011-04-21 15:09 . 2011-04-21 15:10 -------- d-----w- c:\program files\HD Tune
2011-04-18 15:30 . 2011-04-18 15:30 -------- d-----w- c:\program files\CCleaner
2011-04-18 15:12 . 2011-02-23 13:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-18 15:12 . 2011-02-23 13:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-18 15:12 . 2011-02-23 13:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-18 15:12 . 2011-02-23 13:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-18 15:12 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-18 15:12 . 2011-02-23 13:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-18 15:12 . 2011-02-23 13:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-18 15:12 . 2011-02-23 13:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-18 15:12 . 2011-02-23 14:04 40648 ----a-w- c:\windows\avastSS.scr
2011-04-18 15:12 . 2011-02-23 14:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-18 15:11 . 2011-04-18 15:11 -------- d-----w- c:\program files\AVAST Software
2011-04-18 15:11 . 2011-04-18 15:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2010-09-02 18:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2006-03-02 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2006-03-02 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:08 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:08 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2006-03-02 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-03-02 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2006-03-02 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2006-03-02 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2006-03-02 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58 . 2010-09-02 17:58 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2010-09-02 17:58 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 09:41 . 2011-01-25 09:41 1627976 ----a-w- c:\windows\system32\ooscrsav.scr
2011-01-25 09:40 . 2011-01-25 09:40 275784 ----a-w- c:\windows\system32\oodbs.exe
2011-01-25 09:39 . 2011-01-25 09:39 535880 ----a-w- c:\windows\system32\oodssrs.dll
2011-01-25 09:38 . 2011-01-25 09:38 9544 ----a-w- c:\windows\system32\oodbsrs.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\OEM\Data aplikací\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\OEM\Data aplikací\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\OEM\Data aplikací\Dropbox\bin\DropboxExt.13.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-05-07 19523616]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 2781000]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^OEM^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
path=c:\documents and settings\OEM\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^OEM^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\OEM\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 11:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-01-15 18:26 136176 ----atw- c:\documents and settings\OEM\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 00:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
2006-06-14 12:20 36864 ----a-w- c:\program files\HP\HP UT\bin\hppusg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-08-22 11:02 133432 ----a-w- c:\program files\ICQ7.1\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2011-01-25 09:41 2781000 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-09-02 14:15 13351304 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolBoxFX]
2006-06-15 06:43 49152 ----a-w- c:\program files\HP\ToolboxFX\bin\HPTLBXFX.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\OEM\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Macmillan\\Inside Out\\Beginner\\data\\fscommand\\flashex.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18.4.2011 17:12 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18.4.2011 17:12 301528]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18.4.2011 17:12 19544]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [22.4.2011 10:04 21992]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [25.1.2011 11:41 2398536]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.9.2010 20:49 1691480]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
FF - ProfilePath - c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\avjjuxv8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?tool ... m-1.0.0&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-MsMpSvc
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-22 20:19
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="33F57DCD5C4FF42F542B4E4CC1691B9595A1902F61EA46F7475CC53F746E68DC5725754408A2793F9E84B66757344D18CF0ECDDF407E77B5EA7FCE763C95B96740AD63D373138B720F3DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CA6171C11EC38DE3DA6171C11EC38DE3D76B6138822E1D8F372E19F1D3165E87943C558E2911D6EAC6B624D2508432E7C664B8EAB3294A63A6B8146938651A84BB00C4EEBEB007DBF49ECE432D6861C2A9262E60F7F94F4CAA7749E7422DB3E0FF1D627755216E7DB411954095E61042D75A7B68140E45AFE3B9C246A214BF209D55EDE286B8D47537712396EEC8470862F5C5D038B5B72A2606E18D505BC12754E6CB5604166B8EBB917745D37F7ED2904D27FCC5F23DD7772F37D4A331FEC0272DEB32EC1755F6274FBAD01549292FDDCF502C81BBAC032F3499C8FF43757CEF9A71FD5C0625F65BCA6CE3E3F84726243BF1293027541FC88208220789B2BF3C44E075174ACE296C89305A7564E292369419D023F7A0C74F93E7D2DCD38C37B526C3B4C7523980F725142085F46D486A29ED7995D44CF2833FCA319EA4D03614B30D02744EA3158B9043EDC00961945E4113895CC21C11F4849CB7CAAEECD9978DB23F6C1FC617241627258C43B9B09CE637A6362B397D0EBA413A0C7048B8A46454D04B526E4CF4F379CDE1C8787739FF61D2656F20F2B77A3598666C8A88B49D7304AC8877857CF623F0ADAA00B973A40E13446AAE68EE7EF42E10ACD186DB591727B8B94DCE3D05720273681D9FEA5C653983078E1515FC6B59A1DF4CB70E504FBFAEE17D8C5851D4A39CAF62AA411263991F9CE49BA207A624B6BF7BE4CD7D57B61C92C35BEC44F0C7418A1B578CA11A5116B766709156E34C328E1EBA8AC41607B56C3C0060B1CF5C202F9BBDDC5C969BEB2088CEC4B9DE3086812D3A62B9560CA32A3CCC774C8DEC14EC700AE1AA81C745DF20C0BF19466CD253C7C553DB2758261E22EA146AAE143AA29C736841B1A4062FABDFC5FF3F783BBE9EDBCF0915C0C4AEF3FA665AD5B4B248FDD34E42081E59836FDCF8B729AC56D74B4D5F63B1583360B5DDEDED0EF16304211DB3F4DB55B3D0E2B0415D7916A610DE10F264D66395349EAC45FA8038EA4D934563AC95E4A7043290F3A83E4F71E3609CAF87AD8B1B413CB47BBDA41573EC39DC0A3D16513B6E8E05A62E3DFA992C9C3DD8B0AB926D124EBC9E9A317C61AC22928E8377BC6F763BB41958015EF11F1AE9322D519828210B723055236E3BEEC3492A0DC12AB006FAC1680F1566D4DAEE9A921CBCCE607B8A09DCBC917EF912BA1F880BAE1BC811C249EF3E53CF9E0549BD1916DEF2902581DF8200272D85E3AD74466DE66A9104A"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(596)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(632)
c:\documents and settings\OEM\Data aplikací\Dropbox\bin\DropboxExt.13.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-04-22 20:23:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-22 18:23
ComboFix2.txt 2011-04-22 10:11
.
Před spuštěním: Volných bajtů: 10 229 493 760
Po spuštění: Volných bajtů: 10 124 894 208
.
- - End Of File - - 084E3D060514EA1F797BE9D011A29BB7
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - pomale PC

Příspěvekod Žbeky » 22 dub 2011 20:35

Jo, udělalo to vše potřebné. Už tam MSE nemáš.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Y_ago_Cz
Level 1
Level 1
Příspěvky: 71
Registrován: červen 06
Bydliště: z PlzeňSKA
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Y_ago_Cz

Re: Prosím o kontrolu logu - pomale PC

Příspěvekod Y_ago_Cz » 27 dub 2011 11:13

Tak tady je ten log,dříve jsem to nestíhal, chytnul jsem nějaký moribundus :)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:11:15, on 27.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\OEM\Dokumenty\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=80744
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5514 bytes
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - pomale PC

Příspěvekod Žbeky » 27 dub 2011 13:28

Tak ještě fixni:

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

Pokud nejsou problémy, můžeš dát vyřešeno
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Y_ago_Cz
Level 1
Level 1
Příspěvky: 71
Registrován: červen 06
Bydliště: z PlzeňSKA
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Y_ago_Cz

Re: Prosím o kontrolu logu - pomale PC  Vyřešeno

Příspěvekod Y_ago_Cz » 02 kvě 2011 10:37

jj uz se na tom alespoň dá pracovat,děkuji za pomoc :)
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 62 hostů