VIRY.CZ

Prosim o pomoc,
po instlacii Nod 32 windows a internet strasne spomalil.
Odinstalacia nepomohla.

Win xP SP3, mesiac nainstalovany ...
Start win trva 5 minut, praca v nom pomala.

Otvarania stranok taktiez pomale, youtube videa seka zvuk ...

Dakujem.

Log z ComboFix-u:

ComboFix 11-04-30.05 - xy . 05. 2011 14:53:33.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.2047.1644 [GMT 2:00]
Running from: c:\documents and settings\xy\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-04-01 to 2011-05-01 )))))))))))))))))))))))))))))))
.
.
2011-05-01 10:16 . 2011-05-01 10:18 -------- d-----w- C:\6ac5042614d0b09accff7b
2011-04-12 00:43 . 2011-04-12 00:43 -------- d-----r- C:\MSOCache
2011-04-10 22:41 . 2011-04-10 22:42 -------- d-----w- C:\wamp
2011-04-10 21:48 . 2011-04-10 21:48 -------- d-----w- C:\Intel
2011-04-10 21:45 . 2011-04-10 21:45 -------- d-----w- C:\ATI
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 06:36 . 2008-04-14 06:52 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2008-04-14 05:45 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:08 . 2008-04-14 06:52 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 2008-04-14 06:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 23:08 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-02-22 11:41 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2008-04-13 22:47 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2008-04-13 22:45 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2010-08-13 16:44 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2008-04-14 06:37 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2008-04-14 06:51 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 06:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2008-04-14 06:51 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2007-04-03 06:44 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-18 18:05 . 2011-04-10 22:35 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Infium"="c:\program files\QIP 2010\qip.exe" [2011-02-01 5856640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440]
"RTHDCPL"="RTHDCPL.EXE" [2010-12-30 19972712]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2009-11-03 1372160]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-11-03 1202448]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-04-10 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-02-23 106496]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-07-28 20882696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2011-02-01 09:58 187776 ----a-w- c:\documents and settings\xy\Data aplikací\QipGuard\QipGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
2006-05-24 18:31 1372160 ----a-w- c:\program files\TGTSoft\StyleXP\StyleXP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 12:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"StyleXPService"=2 (0x2)
"QipGuard"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.17\\bin\\httpd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
.
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13. 1. 2006 15:00 15872]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [11. 4. 2011 1:32 508680]
R3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [11. 4. 2011 1:32 3512072]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\drivers\btmusb.sys [11. 4. 2011 1:32 395776]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [11. 4. 2011 0:33 218688]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10. 4. 2011 23:49 6609920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [12. 4. 2011 2:52 8192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10. 4. 2011 23:51 1691480]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [11. 4. 2011 1:32 901384]
S3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\drivers\btmcom.sys [11. 4. 2011 1:32 41344]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9. 1. 2010 21:37 4640000]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19. 2. 2010 13:37 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16 753504]
S4 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [11. 4. 2011 0:15 187776]
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-30 c:\windows\Tasks\AdobeAAMUpdater-1.0-MACO-xy.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-04-10 23:06]
.
2011-04-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = hxxp://dt-updates.com/activate?query=myIuLRyrgEKb7pVKXRh9vhkwsJ2cz%2fQzQp86JvqBiOupgCsxbyyueBZo5WXtFxGmvHkDT5qyMWrqh7MByBB5FMdFaYWqIk%2f%2fBGLQtzTw1xYWRCKD%2bG38Pd6x4skvDjzUPk5ZpKoLDuCoKVzaEkwu%2bGWBLOqUlzpnLc26yjT1t6KDEb%2fhxtX%2blsZ8ohCk5uI3xPfEW%2fO8fMDgQf9mkKUMW1HnKADlQ9Qj6oMq5D0YIgbNbljdVKSia4ZjwIrlZNfKXKZs0QBvhCojY4mzyGSc8tGBv5XQKz%2fN0Pe%2f0nJjdimACTkGhFECp1d1W65zVHtQP5sIEqI5d8YtTUGOmjHgz7SU42wtl2WO6kc2208N0VE%3d
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
FF - ProfilePath - c:\documents and settings\xy\Data aplikací\Mozilla\Firefox\Profiles\m99y99s0.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-TaskTray - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-01 15:07
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(604)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\netprovcredman.dll
.
Completion time: 2011-05-01 15:12:01
ComboFix-quarantined-files.txt 2011-05-01 13:11
.
Pre-Run: Volných bajtů: 29 071 220 736
Post-Run: Volných bajtů: 30 078 341 120
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 49A1F4ADFD86EC5DFFA898BF32F3E213

Log vypadá čistý. Zkuste obnovu systému k datu, kdy korektně fungoval.

Skusil som 5 datumov obnovy, ale ani raz sa mi nepodarilo. Stale vypisalo: Nepodarilo sa obnovit ...

Nejaka rada, pls.

Podle návodu: http://www.viry.cz/forum/viewtopic.php?f=11&t=2791 odstraňte z registry vše, co obsahuje řetězec Eset.

Bohuzial, nepomohlo.

Vymazal som, znova obnova, dlho obnovuje a zhruba 5% pred koncom skoci na koniec, reset a obnova sa nepodarila.

Nevie niekto?

Budete muset zkusit opravu systému buď pomocí XPManageru: http://www.viry.cz/forum/viewtopic.php?f=46&t=17549 , nebo z instal. média.

Mozno niekomu pomoze, moj problem bol tento:
http://www.erodov.com/forums/hard-disk- ... /7912.html

Uz ide setko ako ma.

Děkujeme za informaci.