Pomalý PC

[ErikaB]

Takže prvých cca 30 minút je to stále spomalené a CPU často na 100% z čoho väčšina na nečinné súbory systému. Potom sa to už upokojilo a aj keď občas skočí na 100%, je to len pri načítaní graficky náročnejších stránok a len na chvíľku, čiže je to ok. Ja by som to brala ako vyriešené, myslím že za tým bude skôr slabá operačná pamäť .
Ďakujem za čas a pomoc a prajem čo najmenej vírusov. Erika

[Rudy]

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[ErikaB]

ComboFix 13-03-02.01 - Jano 2013-03-02 21:16:09.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.1023.695 [GMT 1:00]
Running from: d:\stiahnutú s˙bory\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Jano\WINDOWS
c:\windows\IsUn0405.exe
c:\windows\N00044B1E-Mortal Kombat 4-Setup.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\rgwie.dll
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-02-02 to 2013-03-02 )))))))))))))))))))))))))))))))
.
.
2013-03-02 17:26 . 2013-03-02 17:26 60872 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{B61198C6-2F28-487B-8041-BC036C5D33A1}\offreg.dll
2013-03-02 14:45 . 2013-03-02 14:44 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-02 14:45 . 2013-03-02 14:44 473520 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-01 19:53 . 2013-02-28 08:36 163784 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-01 19:53 . 2013-02-28 08:36 49320 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-01 19:53 . 2013-02-28 08:36 66408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-01 17:08 . 2013-02-08 00:45 6954968 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{B61198C6-2F28-487B-8041-BC036C5D33A1}\mpengine.dll
2013-02-26 17:28 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2013-02-26 17:19 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2013-02-26 17:13 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2013-02-26 17:07 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2013-02-26 16:58 . 2012-05-28 18:16 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2013-02-26 16:57 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2013-02-26 16:57 . 2012-12-26 20:19 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-02-26 16:51 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2013-02-26 16:51 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-02-26 16:51 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2013-02-26 16:50 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2013-02-25 19:34 . 2013-02-25 19:34 -------- d-----w- c:\windows\l2schemas
2013-02-25 19:34 . 2013-02-25 19:34 -------- d-----w- c:\windows\system32\cs
2013-02-25 19:34 . 2013-02-25 19:34 -------- d-----w- c:\windows\system32\bits
2013-02-25 19:21 . 2013-02-25 19:21 -------- d-----w- c:\windows\EHome
2013-02-21 16:09 . 2013-02-21 16:09 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-02-15 14:45 . 2009-11-26 09:35 588032 ----a-r- c:\windows\system32\drivers\RTL8192su.sys
2013-02-13 17:24 . 2013-02-13 17:24 -------- d-----w- c:\program files\EA GAMES
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-02 14:44 . 2007-04-27 17:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2013-02-28 08:36 . 2011-12-30 17:13 368248 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-28 08:36 . 2011-12-30 17:13 765808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-28 08:36 . 2011-12-30 17:13 62448 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-28 08:36 . 2011-12-30 17:13 49832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-28 08:36 . 2011-12-30 17:13 29880 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-28 08:36 . 2011-12-30 17:12 41664 ----a-w- c:\windows\avastSS.scr
2013-02-28 08:35 . 2011-12-30 17:12 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-27 18:10 . 2013-01-19 20:14 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-27 18:10 . 2012-01-13 16:35 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-26 18:57 . 2006-11-05 08:58 60416 ----a-w- c:\windows\ALCFDRTM.VER
2013-02-08 00:45 . 2008-02-28 17:03 6954968 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-26 03:55 . 2006-03-02 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-17 00:28 . 2011-12-24 13:35 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-07 07:26 . 2004-08-17 15:45 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2006-03-02 12:00 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2006-03-02 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2006-03-02 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2006-03-02 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:20 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2006-03-02 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2013-02-16 00:34 . 2013-02-26 18:46 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056]
"CloneCDElbyCDFL"="c:\program files\Elaborate Bytes\CloneCD\ElbyCheck.exe" [2002-11-02 45056]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"CHotkey"="mHotkey.exe" [2002-07-23 477184]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-31 385024]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
c:\documents and settings\Jano\Nabídka Start\Programy\Po spuštění\
Kalendár.lnk - c:\windows\MENINY.EXE [2007-1-9 47008]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2006-11-4 212992]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-03-01 49320]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-03-01 163784]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-03-06 639224]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-30 765808]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-30 368248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-04-29 242240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-30 29880]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-01 66408]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2013-02-15 588032]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-25 05:07 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-19 18:10]
.
2013-03-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-01-18 08:36]
.
2013-03-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.0.1
DPF: {813A45F9-744F-435F-A815-19E2DF35A9D8} - hxxp://www.o2c.de/download/o2cplayerac.cab
FF - ProfilePath - c:\documents and settings\Jano\Data aplikací\Mozilla\Firefox\Profiles\ktdae9s2.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - ExtSQL: 2013-01-18 20:25; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-02-21 19:20; {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}; c:\documents and settings\Jano\Data aplikací\Mozilla\Firefox\Profiles\ktdae9s2.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
FF - ExtSQL: !HIDDEN! 2011-12-27 20:43; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Mortal Kombat 4 - c:\windows\N00044B1E-Mortal Kombat 4-Setup.exe
AddRemove-Pandora's Box 1.0 - c:\program files\Microsoft Games\Pandora's Box\setup
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-02 21:21
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2013-03-02 21:22:53
ComboFix-quarantined-files.txt 2013-03-02 20:22
.
Pre-Run: Volných bajtů: 35,326,693,376
Post-Run: Volných bajtů: 35,322,322,944
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 8EA773A61D7E3423FB22E8DEEDEFE70E

[Rudy]

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

Firefox::
FF - ProfilePath - c:\documents and settings\Jano\Data aplikací\Mozilla\Firefox\Profiles\ktdae9s2.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - ExtSQL: 2013-01-18 20:25; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-02-21 19:20; {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}; c:\documents and settings\Jano\Data aplikací\Mozilla\Firefox\Profiles\ktdae9s2.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
FF - ExtSQL: !HIDDEN! 2011-12-27 20:43; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[ErikaB]

ComboFix 13-03-02.01 - Jano 2013-03-02 21:48:27.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.1023.711 [GMT 1:00]
Running from: d:\stiahnuté súbory\ComboFix.exe
Command switches used :: c:\documents and settings\Jano\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2013-02-02 to 2013-03-02 )))))))))))))))))))))))))))))))
.
.
2013-03-02 17:26 . 2013-03-02 17:26 60872 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{B61198C6-2F28-487B-8041-BC036C5D33A1}\offreg.dll
2013-03-02 14:45 . 2013-03-02 14:44 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-02 14:45 . 2013-03-02 14:44 473520 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-01 19:53 . 2013-02-28 08:36 163784 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-01 19:53 . 2013-02-28 08:36 49320 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-01 19:53 . 2013-02-28 08:36 66408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-01 17:08 . 2013-02-08 00:45 6954968 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{B61198C6-2F28-487B-8041-BC036C5D33A1}\mpengine.dll
2013-02-26 17:28 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2013-02-26 17:19 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2013-02-26 17:13 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2013-02-26 17:07 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2013-02-26 16:58 . 2012-05-28 18:16 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2013-02-26 16:57 . 2012-07-04 14:05 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2013-02-26 16:57 . 2012-12-26 20:19 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-02-26 16:51 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2013-02-26 16:51 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-02-26 16:51 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2013-02-26 16:50 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2013-02-25 19:34 . 2013-02-25 19:34 -------- d-----w- c:\windows\l2schemas
2013-02-25 19:34 . 2013-02-25 19:34 -------- d-----w- c:\windows\system32\cs
2013-02-25 19:34 . 2013-02-25 19:34 -------- d-----w- c:\windows\system32\bits
2013-02-25 19:21 . 2013-02-25 19:21 -------- d-----w- c:\windows\EHome
2013-02-21 16:09 . 2013-02-21 16:09 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-02-15 14:45 . 2009-11-26 09:35 588032 ----a-r- c:\windows\system32\drivers\RTL8192su.sys
2013-02-13 17:24 . 2013-02-13 17:24 -------- d-----w- c:\program files\EA GAMES
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-02 14:44 . 2007-04-27 17:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2013-02-28 08:36 . 2011-12-30 17:13 368248 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-28 08:36 . 2011-12-30 17:13 765808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-28 08:36 . 2011-12-30 17:13 62448 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-28 08:36 . 2011-12-30 17:13 49832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-28 08:36 . 2011-12-30 17:13 29880 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-28 08:36 . 2011-12-30 17:12 41664 ----a-w- c:\windows\avastSS.scr
2013-02-28 08:35 . 2011-12-30 17:12 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-27 18:10 . 2013-01-19 20:14 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-27 18:10 . 2012-01-13 16:35 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-26 18:57 . 2006-11-05 08:58 60416 ----a-w- c:\windows\ALCFDRTM.VER
2013-02-08 00:45 . 2008-02-28 17:03 6954968 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-26 03:55 . 2006-03-02 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-17 00:28 . 2011-12-24 13:35 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-07 07:26 . 2004-08-17 15:45 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2006-03-02 12:00 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2006-03-02 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2006-03-02 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2006-03-02 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:20 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2006-03-02 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2013-02-16 00:34 . 2013-02-26 18:46 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056]
"CloneCDElbyCDFL"="c:\program files\Elaborate Bytes\CloneCD\ElbyCheck.exe" [2002-11-02 45056]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"CHotkey"="mHotkey.exe" [2002-07-23 477184]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-31 385024]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
c:\documents and settings\Jano\Nabídka Start\Programy\Po spuštění\
Kalendár.lnk - c:\windows\MENINY.EXE [2007-1-9 47008]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2006-11-4 212992]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-03-01 49320]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-03-01 163784]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-03-06 639224]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-30 765808]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-30 368248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-04-29 242240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-30 29880]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-01 66408]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2013-02-15 588032]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-25 05:07 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-19 18:10]
.
2013-03-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-01-18 08:36]
.
2013-03-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.0.1
DPF: {813A45F9-744F-435F-A815-19E2DF35A9D8} - hxxp://www.o2c.de/download/o2cplayerac.cab
FF - ProfilePath - c:\documents and settings\Jano\Data aplikací\Mozilla\Firefox\Profiles\ktdae9s2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - ExtSQL: 2013-01-18 20:25; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-02-21 19:20; {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}; c:\documents and settings\Jano\Data aplikací\Mozilla\Firefox\Profiles\ktdae9s2.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
FF - ExtSQL: !HIDDEN! 2011-12-27 20:43; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-02 21:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(748)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3164)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\windows\mHotkey.exe
.
**************************************************************************
.
Completion time: 2013-03-02 22:01:28 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-02 21:01
ComboFix2.txt 2013-03-02 20:22
.
Pre-Run: Volných bajtů: 35,338,489,856
Post-Run: Volných bajtů: 35,281,563,648
.
- - End Of File - - 244EFAF53595A15FB643D1FF81106DD5

[Rudy]

Log již vypadá čistý. Nastala nějaká změna?

[ErikaB]

Syn hlásil, že už mu celkom dobre idú aj videá na youtube, takže zrejme sa zrýchlil. Prvých 10 minút ho nezaťažujem a potom už ide, povedala by som v rámci jeho možností. Zvládne dve online hry naraz, čiže je určite rýchlejší ako pred pár dňami.

[Rudy]

Tak to jsem rád.