VIRY.CZ

Dobrý den,
už dlhśí čas mám pomalý PC, a programy sa dlhšie načítavajú. Neśiel mi spustiť RSIT, písalo to nejakú chybu (nepametám si presne čo, ale bolo tam, že nejaká premenná nieje deklarovná-poznám programátorské názvy =D )
Sustil som tam teda ComboFix. Tu je log a prosím o prezretie, či tam nieje niečo zlé.
Inak beží to Windows 7 32bit.

Ešte k logu poviem takto:
Dnes som si nainštaloval MBAM a Sophos Virus Removal Tool, a dám to preskenovať, ak bude treba.
Používam PsPad, ale nepoužívam ICQ ani SWFCatcher. Bol by som rád, ak by sa dalo vypnúť a zmazať Toolbary. Používam Mozilla Firefox, v IE otvorím stránku iba ak treba.

Ďakujem veľmi pekne

ComboFix 13-05-31.01 - Andrej . 05. 2013 10:13:37.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3071.1578 [GMT 2:00]
Running from: c:\users\Andrej\Desktop\ComboFix.exe
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Dec2005_d3dx9_28_x64.cab
c:\programdata\Dec2005_d3dx9_28_x86.cab
c:\programdata\DEC2006_d3dx10_00_x64.cab
c:\programdata\DEC2006_d3dx10_00_x86.cab
c:\programdata\DEC2006_d3dx9_32_x64.cab
c:\programdata\DEC2006_d3dx9_32_x86.cab
c:\programdata\DEC2006_XACT_x64.cab
c:\programdata\DEC2006_XACT_x86.cab
c:\programdata\DSETUP.dll
c:\programdata\dsetup32.dll
c:\programdata\Feb2005_d3dx9_24_x64.cab
c:\programdata\Feb2005_d3dx9_24_x86.cab
c:\programdata\Feb2006_d3dx9_29_x64.cab
c:\programdata\Feb2006_d3dx9_29_x86.cab
c:\programdata\Feb2006_XACT_x64.cab
c:\programdata\Feb2006_XACT_x86.cab
c:\programdata\FEB2007_XACT_x64.cab
c:\programdata\FEB2007_XACT_x86.cab
c:\programdata\MPK
c:\programdata\MPK\mpk_export.db
c:\users\Martin\Favorites\DXSETUP.exe
c:\windows\system32\frapsvid.dll
c:\windows\system32\SETCF74.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-04-28 to 2013-05-31 )))))))))))))))))))))))))))))))
.
.
2013-05-31 08:22 . 2013-05-31 08:22 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-31 08:22 . 2013-05-31 08:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-31 08:22 . 2013-05-31 08:22 -------- d-----w- c:\users\Martin\AppData\Local\temp
2013-05-31 08:22 . 2013-05-31 08:22 -------- d-----w- c:\users\Andrej\AppData\Local\temp
2013-05-31 08:22 . 2013-05-31 08:22 -------- d-----w- c:\users\Lukáš\AppData\Local\temp
2013-05-31 08:22 . 2013-05-31 08:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-31 08:11 . 2013-05-31 08:11 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8638659C-A964-488F-8FB0-DE2B191C1389}\offreg.dll
2013-05-31 08:03 . 2013-05-31 08:06 -------- d-----w- c:\program files\trend micro
2013-05-31 08:03 . 2013-05-31 08:03 -------- d-----w- C:\rsit
2013-05-31 07:45 . 2013-05-31 07:45 -------- d-----w- c:\programdata\Sophos
2013-05-31 07:45 . 2013-05-31 07:45 73728 ----a-r- c:\users\Andrej\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-05-31 07:45 . 2013-05-31 07:45 73728 ----a-r- c:\users\Andrej\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-05-31 07:45 . 2013-05-31 07:45 73728 ----a-r- c:\users\Andrej\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2013-05-31 07:45 . 2013-05-31 07:45 -------- d-----w- c:\program files\Sophos Virus Removal Tool
2013-05-31 07:42 . 2013-05-31 07:42 -------- d-----w- c:\users\Andrej\AppData\Roaming\Malwarebytes
2013-05-31 07:42 . 2013-05-31 07:42 -------- d-----w- c:\programdata\Malwarebytes
2013-05-31 07:42 . 2013-05-31 07:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-31 07:42 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-31 07:39 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8638659C-A964-488F-8FB0-DE2B191C1389}\mpengine.dll
2013-05-30 09:11 . 2013-05-30 09:11 -------- d-----w- c:\users\Andrej\AppData\Local\backburner
2013-05-21 01:54 . 2013-01-18 14:20 2953448 ----a-w- c:\windows\system32\nvcoproc.bin
2013-05-20 18:30 . 2013-05-20 18:30 -------- d-----w- C:\found.000
2013-05-20 18:12 . 2013-05-21 01:52 -------- d-----w- c:\windows\LastGood
2013-05-20 10:45 . 2013-05-20 10:45 -------- d-----w- C:\Riot Games
2013-05-15 15:37 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 15:37 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 15:37 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 15:34 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 15:34 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 15:34 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 15:34 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 15:34 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-14 03:18 . 2013-05-14 03:18 -------- d-----w- c:\program files\Common Files\Alias Shared
2013-05-13 18:32 . 2013-05-13 18:32 -------- d-----w- c:\users\Lukáš\AppData\Roaming\GHISLER
2013-05-11 17:18 . 2013-05-11 17:46 -------- d-----w- c:\program files\Wireless 5-Mode Oscar Editor
2013-05-11 17:15 . 2013-05-11 17:16 -------- d-----w- c:\program files\X7_5ModeWireless
2013-05-04 10:10 . 2013-05-04 10:10 -------- d-----w- c:\users\Andrej\AppData\Local\TNS
2013-05-01 19:48 . 2013-05-30 17:46 -------- d-----w- c:\users\Andrej\AppData\Local\PMB Files
2013-05-01 19:46 . 2013-05-30 17:46 -------- d-----w- c:\programdata\PMB Files
2013-05-01 19:27 . 2013-05-01 19:27 -------- d-----w- c:\users\Andrej\.swt
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-19 13:50 . 2012-03-31 21:55 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-19 13:50 . 2011-12-07 18:07 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-02 00:06 . 2011-12-07 18:21 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-20 11:36 . 2013-04-20 11:32 87608 ----a-w- c:\users\Andrej\AppData\Roaming\inst.exe
2013-04-20 11:36 . 2013-04-20 11:32 47360 ----a-w- c:\users\Andrej\AppData\Roaming\pcouffin.sys
2013-04-13 04:45 . 2013-05-15 15:37 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 15:37 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-24 13:14 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-05 21:46 . 2013-04-05 21:46 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-05 21:46 . 2013-04-05 21:46 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-05 21:46 . 2013-04-05 21:46 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-05 21:46 . 2013-04-05 21:46 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-05 21:46 . 2013-04-05 21:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-05 21:46 . 2013-04-05 21:46 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-05 21:46 . 2013-04-05 21:46 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-05 21:46 . 2013-04-05 21:46 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-05 21:46 . 2013-04-05 21:46 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-05 21:46 . 2013-04-05 21:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-05 21:46 . 2013-04-05 21:46 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-05 21:46 . 2013-04-05 21:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-05 21:45 . 2013-04-05 21:45 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-05 21:45 . 2013-04-05 21:45 361984 ----a-w- c:\windows\system32\html.iec
2013-04-05 21:45 . 2013-04-05 21:45 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-05 21:45 . 2013-04-05 21:45 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-05 21:45 . 2013-04-05 21:45 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-05 21:44 . 2013-04-05 21:44 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-04-05 21:44 . 2013-04-05 21:44 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-04-05 21:44 . 2013-04-05 21:44 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-04-05 21:44 . 2013-04-05 21:44 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-04-05 21:44 . 2013-04-05 21:44 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-04-05 21:44 . 2013-04-05 21:44 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-04-05 21:44 . 2013-04-05 21:44 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-04-05 21:44 . 2013-04-05 21:44 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-04-05 21:44 . 2013-04-05 21:44 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-04-05 21:44 . 2013-04-05 21:44 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-04-05 21:44 . 2013-04-05 21:44 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-04-05 21:44 . 2013-04-05 21:44 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-04-05 21:44 . 2013-04-05 21:44 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-04-05 21:44 . 2013-04-05 21:44 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-04-05 21:44 . 2013-04-05 21:44 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-04-05 21:44 . 2013-04-05 21:44 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-04-05 21:44 . 2013-04-05 21:44 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-04-05 21:44 . 2013-04-05 21:44 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-03-21 04:10 . 2013-03-21 04:10 42880 ----a-w- c:\windows\system32\xfcodec.dll
2013-03-19 05:04 . 2013-04-10 05:41 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 05:41 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 05:41 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 05:41 69632 ----a-w- c:\windows\system32\smss.exe
2010-08-03 10:11 819200 --sha-w- c:\windows\System32\xvidcore.dll
2010-08-03 10:11 180224 --sha-w- c:\windows\System32\xvidvfw.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Xfire"="d:\andrej\Stahovanie\Xfire\Xfire.exe" [2013-03-21 3560832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-14 5074384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RTHDVCPL"=c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe -s
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - MBAMSwissArmy
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 13:50]
.
2013-05-31 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-12-07 13:39]
.
2013-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-748102567-3861943476-210638618-1003Core.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-02 13:02]
.
2013-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-748102567-3861943476-210638618-1003UA.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-02 13:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877
IE: Od&oslať do programu OneNote
IE: YamicsoftDisabled
IE: YamicsoftDisabled\E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: { - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\bnufp2dq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 0
.
.
------- File Associations -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-31 10:40:14
ComboFix-quarantined-files.txt 2013-05-31 08:40
ComboFix2.txt 2012-07-23 17:57
.
Pre-Run: 379 721 478 144 bytes free
Post-Run: 380 373 041 152 bytes free
.
- - End Of File - - 9A0D4245D85F649F931A5A497776B91F

To, že vám nefunguje RSIT vám nedává důvod spouštět profi utilitu ComboFix. I v takovém případě platí, že si s ním laik může nabořit systém.

Ještě dosčistíme. otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\users\Andrej\.swt

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-748102567-3861943476-210638618-1003Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-748102567-3861943476-210638618-1003UA.job

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

No, som nevedel, že sa to nesmie...
Este v tomto logu som videl, ze sa spustil Windows Media Player. Mohol by sa nespustat?

DAKUJEM

ComboFix 13-05-31.01 - Andrej . 05. 2013 19:51:36.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3071.2317 [GMT 2:00]
Running from: c:\users\Andrej\Desktop\ComboFix.exe
Command switches used :: c:\users\Andrej\Desktop\CFScript.txt
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-748102567-3861943476-210638618-1003Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-748102567-3861943476-210638618-1003UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Andrej\.swt
c:\users\Andrej\.swt\lib\win32\x86\swt-win32-3740.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-04-28 to 2013-05-31 )))))))))))))))))))))))))))))))
.
.
2013-05-31 18:00 . 2013-05-31 18:03 -------- d-----w- c:\users\Andrej\AppData\Local\temp
2013-05-31 18:00 . 2013-05-31 18:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-31 18:00 . 2013-05-31 18:00 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-31 18:00 . 2013-05-31 18:00 -------- d-----w- c:\users\Martin\AppData\Local\temp
2013-05-31 18:00 . 2013-05-31 18:00 -------- d-----w- c:\users\Lukáš\AppData\Local\temp
2013-05-31 18:00 . 2013-05-31 18:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-31 13:15 . 2013-05-31 13:15 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8638659C-A964-488F-8FB0-DE2B191C1389}\offreg.dll
2013-05-31 10:12 . 2013-05-31 10:12 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Malwarebytes
2013-05-31 08:03 . 2013-05-31 08:06 -------- d-----w- c:\program files\trend micro
2013-05-31 07:45 . 2013-05-31 07:45 -------- d-----w- c:\programdata\Sophos
2013-05-31 07:45 . 2013-05-31 07:45 -------- d-----w- c:\program files\Sophos Virus Removal Tool
2013-05-31 07:42 . 2013-05-31 07:42 -------- d-----w- c:\users\Andrej\AppData\Roaming\Malwarebytes
2013-05-31 07:42 . 2013-05-31 07:42 -------- d-----w- c:\programdata\Malwarebytes
2013-05-31 07:42 . 2013-05-31 07:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-31 07:42 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-31 07:39 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8638659C-A964-488F-8FB0-DE2B191C1389}\mpengine.dll
2013-05-30 09:11 . 2013-05-30 09:11 -------- d-----w- c:\users\Andrej\AppData\Local\backburner
2013-05-21 01:54 . 2013-01-18 14:20 2953448 ----a-w- c:\windows\system32\nvcoproc.bin
2013-05-20 18:12 . 2013-05-21 01:52 -------- d-----w- c:\windows\LastGood.Tmp
2013-05-20 10:45 . 2013-05-20 10:45 -------- d-----w- C:\Riot Games
2013-05-15 15:37 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 15:37 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 15:37 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 15:34 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 15:34 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 15:34 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 15:34 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 15:34 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-14 03:18 . 2013-05-14 03:18 -------- d-----w- c:\program files\Common Files\Alias Shared
2013-05-13 18:32 . 2013-05-13 18:32 -------- d-----w- c:\users\Lukáš\AppData\Roaming\GHISLER
2013-05-11 17:18 . 2013-05-11 17:46 -------- d-----w- c:\program files\Wireless 5-Mode Oscar Editor
2013-05-11 17:15 . 2013-05-11 17:16 -------- d-----w- c:\program files\X7_5ModeWireless
2013-05-04 10:10 . 2013-05-04 10:10 -------- d-----w- c:\users\Andrej\AppData\Local\TNS
2013-05-01 19:48 . 2013-05-30 17:46 -------- d-----w- c:\users\Andrej\AppData\Local\PMB Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-31 18:04 . 2013-05-31 18:04 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-05-31 07:45 . 2013-05-31 07:45 73728 ----a-r- c:\users\Andrej\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-05-31 07:45 . 2013-05-31 07:45 73728 ----a-r- c:\users\Andrej\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-05-31 07:45 . 2013-05-31 07:45 73728 ----a-r- c:\users\Andrej\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2013-05-19 13:50 . 2012-03-31 21:55 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-19 13:50 . 2011-12-07 18:07 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-02 00:06 . 2011-12-07 18:21 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-20 11:36 . 2013-04-20 11:32 87608 ----a-w- c:\users\Andrej\AppData\Roaming\inst.exe
2013-04-20 11:36 . 2013-04-20 11:32 47360 ----a-w- c:\users\Andrej\AppData\Roaming\pcouffin.sys
2013-04-13 04:45 . 2013-05-15 15:37 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 15:37 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-24 13:14 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-05 21:46 . 2013-04-05 21:46 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-05 21:46 . 2013-04-05 21:46 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-05 21:46 . 2013-04-05 21:46 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-05 21:46 . 2013-04-05 21:46 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-05 21:46 . 2013-04-05 21:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-05 21:46 . 2013-04-05 21:46 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-05 21:46 . 2013-04-05 21:46 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-05 21:46 . 2013-04-05 21:46 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-05 21:46 . 2013-04-05 21:46 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-05 21:46 . 2013-04-05 21:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-05 21:46 . 2013-04-05 21:46 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-05 21:46 . 2013-04-05 21:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-05 21:45 . 2013-04-05 21:45 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-05 21:45 . 2013-04-05 21:45 361984 ----a-w- c:\windows\system32\html.iec
2013-04-05 21:45 . 2013-04-05 21:45 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-05 21:45 . 2013-04-05 21:45 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-05 21:45 . 2013-04-05 21:45 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-05 21:44 . 2013-04-05 21:44 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-05 21:44 . 2013-04-05 21:44 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-04-05 21:44 . 2013-04-05 21:44 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-04-05 21:44 . 2013-04-05 21:44 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-04-05 21:44 . 2013-04-05 21:44 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-04-05 21:44 . 2013-04-05 21:44 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-04-05 21:44 . 2013-04-05 21:44 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-04-05 21:44 . 2013-04-05 21:44 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-04-05 21:44 . 2013-04-05 21:44 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-04-05 21:44 . 2013-04-05 21:44 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-04-05 21:44 . 2013-04-05 21:44 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-04-05 21:44 . 2013-04-05 21:44 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-04-05 21:44 . 2013-04-05 21:44 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-04-05 21:44 . 2013-04-05 21:44 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-04-05 21:44 . 2013-04-05 21:44 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-04-05 21:44 . 2013-04-05 21:44 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-04-05 21:44 . 2013-04-05 21:44 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-04-05 21:44 . 2013-04-05 21:44 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-04-05 21:44 . 2013-04-05 21:44 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-03-21 04:10 . 2013-03-21 04:10 42880 ----a-w- c:\windows\system32\xfcodec.dll
2013-03-19 05:04 . 2013-04-10 05:41 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 05:41 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 05:41 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 05:41 69632 ----a-w- c:\windows\system32\smss.exe
2010-08-03 10:11 819200 --sha-w- c:\windows\System32\xvidcore.dll
2010-08-03 10:11 180224 --sha-w- c:\windows\System32\xvidvfw.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Xfire"="d:\andrej\Stahovanie\Xfire\Xfire.exe" [2013-03-21 3560832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-14 5074384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RTHDVCPL"=c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe -s
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 13:50]
.
2013-05-31 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-12-07 13:39]
.
2013-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-748102567-3861943476-210638618-1003Core.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-02 13:02]
.
2013-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-748102567-3861943476-210638618-1003UA.job
- c:\users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-02 13:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877
IE: Od&oslať do programu OneNote
IE: YamicsoftDisabled
IE: YamicsoftDisabled\E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: { - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\bnufp2dq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1068)
d:\andrej\Stahovanie\Xfire\xfire_toucan_46139.dll
c:\program files\Common Files\Ahead\Lib\MediaLibraryNSE.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2013-05-31 20:24:59 - machine was rebooted
ComboFix-quarantined-files.txt 2013-05-31 18:24
ComboFix2.txt 2013-05-31 08:40
ComboFix3.txt 2012-07-23 17:57
.
Pre-Run: 380 463 669 248 bytes free
Post-Run: 380 283 023 360 bytes free
.
- - End Of File - - D1F574BAFDB08CCA5BF6B8A5DAD0E9C9

Log je již OK. Startmenu>přík. řádek>(napsat) msconfig>Enter. Podívejte se do záložek "Po spuštění" a "Služby". Pokud tam najdete WMP, odstraňte zatržítko, nastavení uložte a restartujte PC. Zrychlil se PC?

WMP služba tam nieje. Ano, hej, je rýchlejśí než bol.

Ďakujem veľmi pekne za pomoc

Nemáte zač!

VIRY.CZ

Pomalé PC, nefunguje RSIT

Pomalé PC, nefunguje RSIT

Re: Pomalé PC, nefunguje RSIT

Re: Pomalé PC, nefunguje RSIT

Re: Pomalé PC, nefunguje RSIT

Re: Pomalé PC, nefunguje RSIT

Re: Pomalé PC, nefunguje RSIT