VIRY.CZ

Pozdravujem Vás. V poslednom čase mi veľmi zle a veľmi pomaly reaguje moja plocha. Keď dám napr. vlastnosti a chcem niečo meniť tak mi to mrzne alebo mení strašnepomaly. Keď pridávam cez otlook do prílohy súbor ktorý mám na ploche tak mi to zamrzne, resp. odmrzne a pridá mi to po niekoľkých minútach . Taktiež mi nešli otvárať fotografie z plocha (mrzlo taktiež). Možno to nebude mať nič z vírusmi , "gúglil " som no noč na túto tématiku som nenašiel. Ak by vedel niekto poradiť, tak budem vďačný

Ďakujem za čas a ochotu

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2014
Ran by Owner (administrator) on UNI-MONT on 03-11-2014 08:13:17
Running from C:\Documents and Settings\Owner\Desktop
Loaded Profile: Owner (Available profiles: Owner & Administrator)
Platform: Systém Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Angličtina (USA)
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\Cobian.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\WINDOWS\system32\PSIService.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbInterface.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\WINDOWS\system32\fxssvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Outlook Express\msimn.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(forum.viry.cz) C:\Documents and Settings\Owner\My Documents\Preberanie\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-776561741-1844823847-839522115-1003\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-776561741-1844823847-839522115-1003\...\Run: [Cobian Backup 11] => C:\Program Files\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-776561741-1844823847-839522115-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-776561741-1844823847-839522115-1003\...\MountPoints2: {0ba8d23c-b68b-11e0-9be4-487444737531} - E:\SoftwareSuite.exe
HKU\S-1-5-21-776561741-1844823847-839522115-1003\...\MountPoints2: {120efa81-7c7d-11dc-b32e-0015589b6fe3} - E:\LaunchU3.exe -a
HKU\S-1-5-21-776561741-1844823847-839522115-1003\...\MountPoints2: {5a9d9b4f-b5d6-11db-8383-806d6172696f} - D:\Setup.exe
HKU\S-1-5-21-776561741-1844823847-839522115-1003\...\MountPoints2: {6dc9928b-1107-11e2-9d06-487444737531} - E:\urDrive.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Owner\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Owner\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Owner\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Owner\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "C:\Documents and Settings\All Users\Application Data\ICQ\ICQNewTab\newTab.html"
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-776561741-1844823847-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKCU - No Name - {F2CF5485-4E02-4F68-819C-B92DE9277049} - No File
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {248F1F2D-E854-40AD-BB42-2E69EBC1CD8B} https://zona.t-com.sk/VianKampan2007/STWebDialer.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CE40C3F1-3DF5-4461-A521-810923235628} http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/sh ... wflash.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nylp1ezj.default-1389594932031
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=1.6.0_35 -> C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Owner\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Owner\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Documents and Settings\Owner\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npEModelPlugin.dll (Dassault Systèmes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Owner\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Owner\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Owner\Application Data\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Adblock Plus - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nylp1ezj.default-1389594932031\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-07]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-09-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-22]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U25) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (EModel scriptable Plugin) - C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll (Dassault Systèmes SolidWorks Corp.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Media Go Detector) - c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-24]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-15]
CHR Extension: (Peňaženka Google) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-12]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-16]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-16] (AVAST Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153584 2012-09-27] (Sun Microsystems, Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-07-24] (Hewlett-Packard Company) [File not signed]
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [174656 2006-11-02] () [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2010-02-11] (SolidWorks) [File not signed]
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2011-06-29] (Avanquest Software) [File not signed]
R2 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1174152 2007-02-06] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [51072 2012-09-17] (Identcode Ltd.) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-16] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-16] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-16] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-16] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-16] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-16] ()
S3 CnxTrLan; C:\WINDOWS\System32\DRIVERS\CnxTrLan.sys [23296 2003-04-27] (Conexant) [File not signed]
S3 CnxTrUsb; C:\WINDOWS\System32\DRIVERS\CnxTrUsb.sys [50560 2003-04-27] (Conexant) [File not signed]
R2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [40448 2003-07-29] (DeviceGuys, Inc.) [File not signed]
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [21376 2013-08-20] (Dev47Apps)
R3 DUSBTAWAN; C:\WINDOWS\System32\DRIVERS\musbwn2k.sys [23930 2009-03-03] () [File not signed]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [383800 2007-02-06] (Symantec Corporation)
R3 FakeWDMmdm; C:\WINDOWS\System32\DRIVERS\dusbcomm.sys [151428 2009-03-03] () [File not signed]
R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R0 JGOGO; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron )
R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [42368 2006-04-02] (JMicron Technology Corp.)
S3 mDTA128; C:\WINDOWS\System32\DRIVERS\musbta2k.sys [98313 2009-03-03] () [File not signed]
S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2008-10-02] (VSO Software) [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 se45bus; C:\WINDOWS\System32\DRIVERS\se45bus.sys [61536 2006-07-25] (MCCI)
S3 se45mdfl; C:\WINDOWS\System32\DRIVERS\se45mdfl.sys [9360 2006-07-25] (MCCI)
S3 se45mdm; C:\WINDOWS\System32\DRIVERS\se45mdm.sys [97088 2006-07-25] (MCCI)
S3 se45mgmt; C:\WINDOWS\System32\DRIVERS\se45mgmt.sys [88624 2006-07-25] (MCCI)
S3 se45nd5; C:\WINDOWS\System32\DRIVERS\se45nd5.sys [18704 2006-07-25] (MCCI)
S3 se45obex; C:\WINDOWS\System32\DRIVERS\se45obex.sys [86432 2006-07-25] (MCCI)
S3 se45unic; C:\WINDOWS\System32\DRIVERS\se45unic.sys [90800 2006-07-25] (MCCI)
R2 symlcbrd; C:\WINDOWS\system32\drivers\symlcbrd.sys [10344 2007-02-06] (Symantec Corporation)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [244608 2006-03-15] (Marvell)
S3 catchme; \??\C:\DOCUME~1\ADMINI~1.001\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-03 08:13 - 2014-11-03 08:13 - 00022884 _____ () C:\Documents and Settings\Owner\Desktop\FRST.txt
2014-11-03 08:13 - 2014-11-03 08:13 - 00015327 _____ () C:\Documents and Settings\Owner\Desktop\LM.bat
2014-11-03 08:02 - 2014-11-03 08:13 - 00029696 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\MSGBOX.EXE
2014-11-03 07:59 - 2014-11-03 08:13 - 00000000 ____D () C:\FRST
2014-11-03 07:54 - 2014-11-03 07:58 - 01106432 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST.exe
2014-10-30 13:36 - 2014-10-30 13:36 - 00000380 _____ () C:\Documents and Settings\Owner\My Documents\Odkaz na xerox.lnk
2014-10-30 12:20 - 2014-10-30 12:21 - 00000270 _____ () C:\Documents and Settings\Owner\My Documents\Desktop.lnk
2014-10-30 11:52 - 2014-10-30 11:52 - 00000000 ____D () C:\Program Files\Dropbox
2014-10-30 11:52 - 2014-10-30 11:52 - 00000000 ____D () C:\Documents and Settings\Owner\Start Menu\Programs\Dropbox
2014-10-30 11:52 - 2014-10-30 11:52 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\DropboxMaster
2014-10-30 11:52 - 2014-10-30 11:52 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\com.wd.WDMyCloud
2014-10-30 11:52 - 2014-10-30 11:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Western Digital
2014-10-30 11:51 - 2014-10-30 11:51 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Dropbox
2014-10-30 11:50 - 2014-10-30 11:50 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Dicky kolena
2014-10-30 11:49 - 2014-10-30 11:50 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\TP enseco
2014-10-30 11:49 - 2014-10-30 11:49 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Zoznamy ludia
2014-10-30 11:49 - 2014-10-30 11:49 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\rio
2014-10-27 10:15 - 2014-10-27 10:15 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\com.wd.WDMyCloud.sav
2014-10-23 14:25 - 2014-10-23 14:25 - 00000000 ____D () C:\WINDOWS\pss
2014-10-16 13:10 - 2014-10-16 13:10 - 00265006 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-10-16 12:52 - 2014-10-16 12:52 - 00000000 ____D () C:\Program Files\Cobian Backup 11
2014-10-16 12:52 - 2014-10-16 12:52 - 00000000 ____D () C:\Documents and Settings\Owner\Start Menu\Programs\Cobian Backup 11
2014-10-16 11:48 - 2014-10-16 11:48 - 00000878 _____ () C:\Documents and Settings\All Users\Desktop\WD My Cloud.lnk
2014-10-16 11:48 - 2014-10-16 11:48 - 00000000 ____D () C:\Program Files\Western Digital
2014-10-16 11:47 - 2014-10-16 11:47 - 00000000 ____D () C:\Program Files\Bonjour Print Services
2014-10-16 11:47 - 2014-10-16 11:47 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-16 11:47 - 2014-10-16 11:47 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Bonjour Print Services
2014-10-16 11:45 - 2014-10-16 11:45 - 00000242 _____ () C:\Documents and Settings\Owner\Desktop\WD My Cloud Learning Center.url
2014-10-16 11:45 - 2014-10-16 11:45 - 00000194 _____ () C:\Documents and Settings\Owner\Desktop\WD My Cloud Public Share.url
2014-10-16 11:45 - 2014-10-16 11:45 - 00000190 _____ () C:\Documents and Settings\Owner\Desktop\WD My Cloud Dashboard.url
2014-10-16 11:45 - 2014-10-16 11:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Western Digital
2014-10-16 11:43 - 2014-10-16 11:46 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Western Digital
2014-10-14 11:27 - 2014-10-14 11:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 9
2014-10-14 06:45 - 2014-10-14 06:45 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-10-14 06:45 - 2014-10-14 06:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-03 08:13 - 2010-12-08 16:19 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Preberanie
2014-11-03 08:13 - 2008-04-10 10:35 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-11-03 07:54 - 2011-06-01 12:31 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-03 07:37 - 2007-02-06 11:56 - 01226940 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-03 07:28 - 2014-07-08 06:26 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-11-03 07:28 - 2013-01-22 12:43 - 00000316 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-11-03 07:28 - 2011-06-01 12:31 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-03 07:28 - 2007-02-06 12:49 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-03 07:28 - 2007-02-06 12:49 - 00000051 _____ () C:\WINDOWS\wiaservc.log
2014-11-03 07:28 - 2007-02-06 12:01 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-03 07:28 - 2006-02-28 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-10-31 14:57 - 2007-02-06 12:01 - 00032620 _____ () C:\WINDOWS\SchedLgU.Txt
2014-10-31 14:57 - 2007-02-06 12:01 - 00000278 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-10-31 07:58 - 2011-09-19 08:55 - 00001825 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-10-30 13:37 - 2010-03-23 13:23 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\xerox
2014-10-30 13:35 - 2009-11-10 09:48 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\vlc
2014-10-30 13:35 - 2009-02-11 14:51 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Ja sukromne
2014-10-30 12:49 - 2014-07-07 08:21 - 01165109 _____ () C:\WINDOWS\FaxSetup.log
2014-10-30 12:49 - 2014-07-07 08:21 - 00569737 _____ () C:\WINDOWS\ocgen.log
2014-10-30 12:49 - 2014-07-07 08:21 - 00447991 _____ () C:\WINDOWS\tsoc.log
2014-10-30 12:49 - 2014-07-07 08:21 - 00204552 _____ () C:\WINDOWS\comsetup.log
2014-10-30 12:49 - 2014-07-07 08:21 - 00182451 _____ () C:\WINDOWS\iis6.log
2014-10-30 12:49 - 2014-07-07 08:21 - 00124863 _____ () C:\WINDOWS\ntdtcsetup.log
2014-10-30 12:49 - 2014-07-07 08:21 - 00058674 _____ () C:\WINDOWS\msgsocm.log
2014-10-30 12:49 - 2014-07-07 08:21 - 00034169 _____ () C:\WINDOWS\ocmsn.log
2014-10-30 12:49 - 2014-07-07 08:21 - 00004625 _____ () C:\WINDOWS\imsins.BAK
2014-10-30 12:49 - 2014-07-07 08:21 - 00001943 _____ () C:\WINDOWS\imsins.log
2014-10-30 12:49 - 2014-01-14 14:47 - 00428861 _____ () C:\WINDOWS\setupapi.log
2014-10-30 12:49 - 2007-02-06 12:47 - 00567818 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-30 12:02 - 2013-02-25 12:18 - 00001733 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-10-30 11:54 - 2013-05-13 06:52 - 00000000 ____D () C:\Documents and Settings\Administrator.UNI-MONT.001
2014-10-30 11:54 - 2007-02-06 12:01 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-10-30 11:54 - 2007-02-06 12:01 - 00000000 ____D () C:\Documents and Settings\Owner
2014-10-30 11:54 - 2007-02-06 12:00 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-10-30 11:53 - 2014-08-14 12:16 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
2014-10-30 11:53 - 2007-02-06 11:54 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-30 11:50 - 2013-04-10 06:32 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\usb
2014-10-30 09:35 - 2010-04-13 08:21 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\skype
2014-10-30 09:13 - 2007-10-26 07:23 - 00326144 ___SH () C:\Documents and Settings\Owner\My Documents\Thumbs.db
2014-10-30 09:07 - 2011-04-11 07:45 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Dokumentacia UNI-MONT
2014-10-30 08:27 - 2013-10-17 12:38 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\priepustky
2014-10-29 14:51 - 2007-04-13 09:50 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Skype
2014-10-28 11:36 - 2014-01-09 12:06 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Vyuctovania 2014
2014-10-27 16:34 - 2007-03-07 07:46 - 00000000 ____D () C:\ALFA
2014-10-23 08:45 - 2012-06-22 08:03 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-21 10:30 - 2007-02-12 14:20 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Pošta
2014-10-21 08:05 - 2007-02-06 12:37 - 00000000 ____D () C:\WINDOWS\repair
2014-10-20 14:12 - 2013-10-29 13:58 - 00002283 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-10-17 06:41 - 2014-09-29 07:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-17 06:41 - 2012-05-24 06:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-16 12:29 - 2012-01-19 08:34 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-16 12:29 - 2012-01-19 08:34 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-10-16 11:15 - 2009-08-26 13:02 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-10-16 10:53 - 2013-03-14 13:35 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-10-16 07:33 - 2007-02-12 14:17 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Protokoly
2014-10-14 11:27 - 2014-01-07 13:48 - 00000815 _____ () C:\Documents and Settings\All Users\Desktop\TeamViewer 9.lnk
2014-10-14 06:45 - 2014-07-07 11:09 - 00000000 ___RD () C:\Program Files\Skype
2014-10-14 06:45 - 2007-04-13 09:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-10-08 07:01 - 2013-07-02 07:27 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\prihlasovanie skoleni + vstupy

Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyxigyy.dll
C:\Documents and Settings\Owner\Local Settings\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Zdravim

Napiste mi velikost adresare plochy (C:\Documents and Settings\Owner\Desktop)


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

nó .. plocha má 34 GB .. (mám tam jeden sieťový adresár do ktorého skenujem a nechávam zdielať veci .. bude to hlavný problém ? .. k ostatnému sa dostanem neskôr

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Plocha vyčistená na 200 MB .. priloženie súboru sa nezrýchlilo (ešte to skúsim reštartovať) disk vyzerá o.k. či ? potom skúsim to ADW-čko

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2014/11/03 9:54:30

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8 4 port Serial ATA Storage Controller - 2820 [ATA]
+ Primary IDE Channel (0)
- MAXTOR STM3160211AS
- Secondary IDE Channel (1)
+ Intel(R) ICH8 2 port Serial ATA Storage Controller - 2825 [ATA]
- Primary IDE Channel (0)
- Secondary IDE Channel (1)
+ JMicron JMB36X RAID Controller [SCSI]
- HL-DT-ST DVDRAM GSA-H42N SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) MAXTOR STM3160211AS : 160,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) MAXTOR STM3160211AS
----------------------------------------------------------------------------
Model : MAXTOR STM3160211AS
Firmware : 3.AAE
Serial Number : 6PT2Z814
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 2048 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/150
Power On Hours : 204 hours (?)
Power On Count : 1945 count
Temparature : 44 C (111 F)
Health Status : Good
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _92 __6 00000D9420A8 Read Error Rate
03 _95 _95 __0 000000000000 Spin-Up Time
04 _99 _99 _20 000000000740 Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _85 _60 _30 000014D67E76 Seek Error Rate
09 _86 _86 __0 000000002FF1 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _99 _99 _20 000000000799 Power Cycle Count
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BD 100 100 __0 000000000000 High Fly Writes
BE _56 _49 _45 00002C18002C Airflow Temperature
C2 _44 _51 __0 000E0000002C Temperature
C3 _66 _46 __0 00000D6AF95D Hardware ECC recovered
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
CA 100 253 __0 000000000000 Data Address Mark Error

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3650 3650 5432 5A38 3134
020: 0000 1000 0004 332E 4141 2020 2020 4D41 5854 4F52
030: 2053 544D 3331 3630 3231 5320 5320 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0502 0502 0000 0048 0040
080: 00FE 0000 346B 7D01 4023 3C01 3C01 4023 207F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 9EB0
130: 12A1 9EB0 12A1 2020 0002 0002 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1312 0002 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 1400 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 ABA5

Disk hlasi dost chyb. Uvidime, jak to bude vypadat po procisteni.

AdwCleaner v3.311 - Report created 03/11/2014 at 14:17:40
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - UNI-MONT
# Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\icqtoolbar

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v33.0 (x86 sk)

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nylp1ezj.default-1389594932031\prefs.js ]


-\\ Google Chrome v38.0.2125.111

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2149 octets] - [03/11/2014 13:24:38]
AdwCleaner[R1].txt - [2209 octets] - [03/11/2014 13:29:31]
AdwCleaner[S0].txt - [2162 octets] - [03/11/2014 14:17:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2222 octets] ##########



plocha stále pomalá

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

kua.. na to že to išlo skoro celý deň, nič moc alwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2014.11.04.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Owner :: UNI-MONT [administrátor]

4.11.2014 7:40:40
MBAM-log-2014-11-04 (12-47-58).txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 571953
Uplynutý čas: 5 hod, 3 min, 40 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 1
HKCU\Software\Microsoft|bk (Malware.Trace) -> Dáta: dns-requests.com/test/;
-> Žiadna úloha nevykonaná.

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 1
C:\System Volume Information\_restore{0917B4FC-F0A1-49F9-96F4-6149F2592448}\RP1488\A0311781.exe (PUP.RemoveWGA) -> Žiadna úloha nevykonaná.

(koniec)



mazať ?

Havet je v bodu obnovy


Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Zopakujte test s MBAM a napiste jeho vysledek a podle toho zvolim dalsi postup.

Pokud bude cisto, zapnete zase funkci vytvareni bodu obnovy, at pak na to nezapomenem.

Márty84 píše:Havet je v bodu obnovy


Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Zopakujte test s MBAM a napiste jeho vysledek a podle toho zvolim dalsi postup.

Pokud bude cisto, zapnete zase funkci vytvareni bodu obnovy, at pak na to nezapomenem.

aj jaj aj jaj .. ja som už včera nevydržal a mazal .. tak dnes znovu spustiť mbam asi čo ?

Jen vymazte ty body obnovy, restar pc a udeljte sken. Bohuzel (nebo vlastne bohudik ) chodim do prace, takze nemuzu odpovidat drive

.. v pohode..


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2014.11.04.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Owner :: UNI-MONT [administrátor]

5.11.2014 12:24:53
mbam-log-2014-11-05 (12-24-53).txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 572688
Uplynutý čas: 4 hod, 36 min, 17 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

MBAM odinstalujte.


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Pozdravujem Vás, ozývam sa neskôr, nakoľko mi PC padlo úplne - zkolabovalo .. vypísalo mi chýbajúci nejaký súbor, PC som rozbehal ale hneď som vedel že už je choré.. išlo strašne pomaly a a blokovalo mi pripojenie na stránku pre stiahnutie combofixu .. nakoniec som ho tam dostal cez druhé PC, nižšie výsledok:

ComboFix 14-11-17.01 - Owner 19.11.2014 9:33.7.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.3070.2485 [GMT 1:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\Local Settings\Application Data\MSGBOX.EXE
c:\windows\$msi31uninstall_kb893803v2$
c:\windows\$msi31uninstall_kb893803v2$\msi.dll
c:\windows\$msi31uninstall_kb893803v2$\msiexec.exe
c:\windows\$msi31uninstall_kb893803v2$\msihnd.dll
c:\windows\$msi31uninstall_kb893803v2$\msimsg.dll
c:\windows\$msi31uninstall_kb893803v2$\msisip.dll
c:\windows\$msi31uninstall_kb893803v2$\reg00013
c:\windows\$msi31uninstall_kb893803v2$\reg00014
c:\windows\$msi31uninstall_kb893803v2$\reg00015
c:\windows\$msi31uninstall_kb893803v2$\reg00016
c:\windows\$msi31uninstall_kb893803v2$\reg00017
c:\windows\$msi31uninstall_kb893803v2$\reg00018
c:\windows\$msi31uninstall_kb893803v2$\reg00019
c:\windows\$msi31uninstall_kb893803v2$\reg00020
c:\windows\$msi31uninstall_kb893803v2$\reg00021
c:\windows\$msi31uninstall_kb893803v2$\reg00022
c:\windows\$msi31uninstall_kb893803v2$\reg00023
c:\windows\$msi31uninstall_kb893803v2$\reg00024
c:\windows\$msi31uninstall_kb893803v2$\reg00025
c:\windows\$msi31uninstall_kb893803v2$\reg00026
c:\windows\$msi31uninstall_kb893803v2$\reg00027
c:\windows\$msi31uninstall_kb893803v2$\reg00028
c:\windows\$msi31uninstall_kb893803v2$\reg00029
c:\windows\$msi31uninstall_kb893803v2$\reg00030
c:\windows\$msi31uninstall_kb893803v2$\reg00031
c:\windows\$msi31uninstall_kb893803v2$\reg00032
c:\windows\$msi31uninstall_kb893803v2$\reg00033
c:\windows\$msi31uninstall_kb893803v2$\reg00034
c:\windows\$msi31uninstall_kb893803v2$\reg00035
c:\windows\$msi31uninstall_kb893803v2$\reg00036
c:\windows\$msi31uninstall_kb893803v2$\reg00037
c:\windows\$msi31uninstall_kb893803v2$\reg00038
c:\windows\$msi31uninstall_kb893803v2$\reg00039
c:\windows\$msi31uninstall_kb893803v2$\reg00040
c:\windows\$msi31uninstall_kb893803v2$\reg00041
c:\windows\$msi31uninstall_kb893803v2$\reg00042
c:\windows\$msi31uninstall_kb893803v2$\reg00043
c:\windows\$msi31uninstall_kb893803v2$\reg00044
c:\windows\$msi31uninstall_kb893803v2$\reg00045
c:\windows\$msi31uninstall_kb893803v2$\reg00046
c:\windows\$msi31uninstall_kb893803v2$\reg00047
c:\windows\$msi31uninstall_kb893803v2$\reg00048
c:\windows\$msi31uninstall_kb893803v2$\reg00051
c:\windows\$msi31uninstall_kb893803v2$\reg00052
c:\windows\$msi31uninstall_kb893803v2$\reg00053
c:\windows\$msi31uninstall_kb893803v2$\reg00054
c:\windows\$msi31uninstall_kb893803v2$\reg00055
c:\windows\$msi31uninstall_kb893803v2$\reg00056
c:\windows\$msi31uninstall_kb893803v2$\reg00057
c:\windows\$msi31uninstall_kb893803v2$\reg00058
c:\windows\$msi31uninstall_kb893803v2$\reg00059
c:\windows\$msi31uninstall_kb893803v2$\reg00060
c:\windows\$msi31uninstall_kb893803v2$\reg00061
c:\windows\$msi31uninstall_kb893803v2$\reg00062
c:\windows\$msi31uninstall_kb893803v2$\reg00063
c:\windows\$msi31uninstall_kb893803v2$\reg00064
c:\windows\$msi31uninstall_kb893803v2$\reg00065
c:\windows\$msi31uninstall_kb893803v2$\reg00066
c:\windows\$msi31uninstall_kb893803v2$\reg00067
c:\windows\$msi31uninstall_kb893803v2$\reg00068
c:\windows\$msi31uninstall_kb893803v2$\reg00069
c:\windows\$msi31uninstall_kb893803v2$\reg00070
c:\windows\$msi31uninstall_kb893803v2$\reg00071
c:\windows\$msi31uninstall_kb893803v2$\reg00072
c:\windows\$msi31uninstall_kb893803v2$\reg00073
c:\windows\$msi31uninstall_kb893803v2$\reg00074
c:\windows\$msi31uninstall_kb893803v2$\reg00075
c:\windows\$msi31uninstall_kb893803v2$\reg00076
c:\windows\$msi31uninstall_kb893803v2$\reg00077
c:\windows\$msi31uninstall_kb893803v2$\reg00078
c:\windows\$msi31uninstall_kb893803v2$\reg00079
c:\windows\$msi31uninstall_kb893803v2$\reg00080
c:\windows\$msi31uninstall_kb893803v2$\reg00081
c:\windows\$msi31uninstall_kb893803v2$\reg00082
c:\windows\$msi31uninstall_kb893803v2$\reg00083
c:\windows\$msi31uninstall_kb893803v2$\reg00084
c:\windows\$msi31uninstall_kb893803v2$\reg00085
c:\windows\$msi31uninstall_kb893803v2$\reg00086
c:\windows\$msi31uninstall_kb893803v2$\reg00087
c:\windows\$msi31uninstall_kb893803v2$\reg00088
c:\windows\$msi31uninstall_kb893803v2$\reg00089
c:\windows\$msi31uninstall_kb893803v2$\reg00090
c:\windows\$msi31uninstall_kb893803v2$\reg00091
c:\windows\$msi31uninstall_kb893803v2$\reg00092
c:\windows\$msi31uninstall_kb893803v2$\reg00093
c:\windows\$msi31uninstall_kb893803v2$\reg00094
c:\windows\$msi31uninstall_kb893803v2$\reg00095
c:\windows\$msi31uninstall_kb893803v2$\reg00096
c:\windows\$msi31uninstall_kb893803v2$\reg00097
c:\windows\$msi31uninstall_kb893803v2$\reg00098
c:\windows\$msi31uninstall_kb893803v2$\reg00099
c:\windows\$msi31uninstall_kb893803v2$\reg00100
c:\windows\$msi31uninstall_kb893803v2$\reg00101
c:\windows\$msi31uninstall_kb893803v2$\reg00102
c:\windows\$msi31uninstall_kb893803v2$\reg00103
c:\windows\$msi31uninstall_kb893803v2$\reg00104
c:\windows\$msi31uninstall_kb893803v2$\reg00105
c:\windows\$msi31uninstall_kb893803v2$\reg00106
c:\windows\$msi31uninstall_kb893803v2$\reg00107
c:\windows\$msi31uninstall_kb893803v2$\reg00108
c:\windows\$msi31uninstall_kb893803v2$\reg00109
c:\windows\$msi31uninstall_kb893803v2$\reg00110
c:\windows\$msi31uninstall_kb893803v2$\reg00111
c:\windows\$msi31uninstall_kb893803v2$\reg00112
c:\windows\$msi31uninstall_kb893803v2$\reg00113
c:\windows\$msi31uninstall_kb893803v2$\reg00114
c:\windows\$msi31uninstall_kb893803v2$\reg00115
c:\windows\$msi31uninstall_kb893803v2$\reg00116
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.exe
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.inf
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.txt
c:\windows\$msi31uninstall_kb893803v2$\spuninst\updspapi.dll
c:\windows\msdownld.tmp
C:\WindowsXP-KB945436-x86-CSY.exe
.
---- Previous Run -------
.
c:\documents and settings\All Users\Application Data\hpe6.dll
c:\documents and settings\All Users\Application Data\MainApp.dll
C:\Thumbs.db
c:\windows\iun6002.exe
c:\windows\system32\CddbCdda.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\MUI\041b\tourstart.exe
c:\windows\system32\SET101.tmp
c:\windows\system32\SET102.tmp
c:\windows\system32\SET104.tmp
c:\windows\system32\SET105.tmp
c:\windows\system32\SET133.tmp
c:\windows\system32\SET134.tmp
c:\windows\system32\SET136.tmp
c:\windows\system32\SET137.tmp
c:\windows\system32\SET139.tmp
c:\windows\system32\SET13B.tmp
c:\windows\system32\SET13F.tmp
c:\windows\system32\SET141.tmp
c:\windows\system32\SET142.tmp
c:\windows\system32\SET143.tmp
c:\windows\system32\SET162.tmp
c:\windows\system32\SET165.tmp
c:\windows\system32\SET168.tmp
c:\windows\system32\SET16B.tmp
c:\windows\system32\SET16E.tmp
c:\windows\system32\SET16F.tmp
c:\windows\system32\SET170.tmp
c:\windows\system32\SET179.tmp
c:\windows\system32\SET17A.tmp
c:\windows\system32\SET17B.tmp
c:\windows\system32\SET181.tmp
c:\windows\system32\SET186.tmp
c:\windows\system32\SET18A.tmp
c:\windows\system32\SET18D.tmp
c:\windows\system32\SET19B.tmp
c:\windows\system32\SET19E.tmp
c:\windows\system32\SET1A1.tmp
c:\windows\system32\SET1A4.tmp
c:\windows\system32\SET1B5.tmp
c:\windows\system32\SET1BB.tmp
c:\windows\system32\SET1C9.tmp
c:\windows\system32\SET1CC.tmp
c:\windows\system32\SET1D8.tmp
c:\windows\system32\SET1EB.tmp
c:\windows\system32\SET1FE.tmp
c:\windows\system32\SET1FF.tmp
c:\windows\system32\SET206.tmp
c:\windows\system32\SET207.tmp
c:\windows\system32\SET214.tmp
c:\windows\system32\SET215.tmp
c:\windows\system32\SET21A.tmp
c:\windows\system32\SET21B.tmp
c:\windows\system32\SET21F.tmp
c:\windows\system32\SET223.tmp
c:\windows\system32\SET226.tmp
c:\windows\system32\SET229.tmp
c:\windows\system32\SET22D.tmp
c:\windows\system32\SET22E.tmp
c:\windows\system32\SET235.tmp
c:\windows\system32\SET236.tmp
c:\windows\system32\SET25B.tmp
c:\windows\system32\SET25E.tmp
c:\windows\system32\SET264.tmp
c:\windows\system32\SET267.tmp
c:\windows\system32\SET26B.tmp
c:\windows\system32\SET270.tmp
c:\windows\system32\SET277.tmp
c:\windows\system32\SET282.tmp
c:\windows\system32\SET289.tmp
c:\windows\system32\SET290.tmp
c:\windows\system32\SET29D.tmp
c:\windows\system32\SET29E.tmp
c:\windows\system32\SET29F.tmp
c:\windows\system32\SET2A0.tmp
c:\windows\system32\SET2A4.tmp
c:\windows\system32\SET2A5.tmp
c:\windows\system32\SET2A8.tmp
c:\windows\system32\SET2A9.tmp
c:\windows\system32\SET2AA.tmp
c:\windows\system32\SET2AD.tmp
c:\windows\system32\SET2AF.tmp
c:\windows\system32\SET2D9.tmp
c:\windows\system32\SET2DC.tmp
c:\windows\system32\SET2DD.tmp
c:\windows\system32\SET2DF.tmp
c:\windows\system32\SET2E2.tmp
c:\windows\system32\SET2E3.tmp
c:\windows\system32\SET2E7.tmp
c:\windows\system32\SET2E8.tmp
c:\windows\system32\SET2E9.tmp
c:\windows\system32\SET2EA.tmp
c:\windows\system32\SET2EB.tmp
c:\windows\system32\SET307.tmp
c:\windows\system32\SET30A.tmp
c:\windows\system32\SET4B.tmp
c:\windows\system32\SET4C.tmp
c:\windows\system32\SET4D.tmp
c:\windows\system32\SET4E.tmp
c:\windows\system32\SET5.tmp
c:\windows\system32\SET53.tmp
c:\windows\system32\SET5D.tmp
c:\windows\system32\SET8.tmp
c:\windows\system32\SET92.tmp
c:\windows\system32\SET93.tmp
c:\windows\system32\SET94.tmp
c:\windows\system32\SETA5.tmp
c:\windows\system32\SETA6.tmp
c:\windows\system32\SETA7.tmp
c:\windows\system32\SETB0.tmp
c:\windows\system32\SETBD.tmp
c:\windows\system32\SETD2.tmp
c:\windows\system32\SETD5.tmp
c:\windows\system32\SETD8.tmp
c:\windows\system32\SETDB.tmp
c:\windows\system32\SETDF.tmp
c:\windows\system32\SETE0.tmp
c:\windows\system32\SETE1.tmp
c:\windows\system32\SETEA.tmp
c:\windows\system32\SETEB.tmp
c:\windows\system32\SETEC.tmp
c:\windows\system32\SETF5.tmp
c:\windows\system32\SETF6.tmp
c:\windows\system32\SETF7.tmp
c:\windows\system32\SETF9.tmp
c:\windows\system32\SETFD.tmp
c:\windows\system32\SETFF.tmp
c:\windows\system32\spool\prtprocs\w32x86\x5pp.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_USNJSVC
-------\Service_usnjsvc
.
.
((((((((((((((((((((((((( Files Created from 2014-10-19 to 2014-11-19 )))))))))))))))))))))))))))))))
.
.
2014-11-19 07:48 . 2014-11-19 07:48 -------- d-----w- c:\windows\system32\wbem\Repository
2014-11-19 07:47 . 2014-11-19 07:47 -------- d-----w- c:\documents and settings\Administrator.UNI-MONT.001\Application Data\Zeon
2014-11-19 07:46 . 2014-11-19 07:46 -------- d-----w- c:\documents and settings\All Users\Application Data\SSScanAppDataDir
2014-11-19 07:46 . 2014-11-19 07:46 -------- d-----w- c:\program files\ScanSoft
2014-11-19 07:46 . 2014-11-19 07:46 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Scansoft
2014-11-18 07:59 . 2007-06-08 09:18 38440 ----a-w- c:\windows\system32\ZnMacroUIRes.enu
2014-11-18 07:59 . 2007-01-12 14:14 266240 ----a-w- c:\windows\system32\ZnMacroUI.dll
2014-11-03 12:26 . 2010-08-30 07:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-11-03 12:24 . 2014-11-03 13:17 -------- d-----w- C:\AdwCleaner
2014-11-03 06:59 . 2014-11-03 07:14 -------- d-----w- C:\FRST
2014-10-30 10:52 . 2014-10-30 10:52 -------- d-----w- c:\documents and settings\Owner\Application Data\com.wd.WDMyCloud
2014-10-30 10:52 . 2014-10-30 10:52 -------- d-----w- c:\program files\Dropbox
2014-10-30 10:51 . 2014-10-30 10:51 -------- d-----w- c:\documents and settings\Owner\Application Data\Dropbox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-07 06:57 . 2012-06-22 07:03 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-07 06:57 . 2011-05-18 05:09 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-16 05:41 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Owner\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Owner\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Owner\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Owner\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cobian Backup 11"="c:\program files\Cobian Backup 11\Cobian.exe" [2012-12-05 720896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2013-05-14 12:02 116648 ----atw- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-05-23 13:16 1561968 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-05-23 13:16 311152 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2013-04-18 23:45 1090912 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-08-11 13:43 7630848 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-04-04 09:44 16120832 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-10-01 08:46 22057568 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\3Com\\ControlCenter\\Instupdt.exe"=
"c:\\Program Files\\xerox\\nwwia\\XrxFTPLt.exe"=
"c:\\Documents and Settings\\Owner\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Sony\\Media Go\\MediaGo.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\DroidCam\\DroidCamApp.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Cobian Backup 11\\cbRemoteManager.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20400:TCP"= 20400:TCP:KrosPort20400
"20401:TCP"= 20401:TCP:KrosPort20401
"20402:TCP"= 20402:TCP:KrosPort20402
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [11.3.2013 7:38 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [11.3.2013 7:38 192352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [22.1.2013 12:43 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [22.1.2013 12:43 414520]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [7.3.2007 8:31 51072]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [16.7.2014 6:42 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [11.3.2013 7:38 67824]
R2 cbVSCService11;Cobian Backup 11 Stínová kopie - Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [16.10.2014 12:52 67584]
R2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [7.1.2014 13:47 4799760]
R3 DroidCam;DroidCam Virtual Audio;c:\windows\system32\drivers\droidcam.sys [20.8.2013 13:50 21376]
R3 DUSBTAWAN;DrayTek ISDN NDISWAN;c:\windows\system32\drivers\musbwn2k.sys [31.1.2001 10:43 23930]
R3 FakeWDMmdm;DWDMCOMM;c:\windows\system32\drivers\dusbcomm.sys [6.2.2001 10:59 151428]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [23.6.2010 14:25 90112]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.4.2014 19:21 315008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [1.7.2013 14:40 83864]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [6.6.2011 6:35 13224]
S3 mDTA128;DrayTek ISDN USB TA;c:\windows\system32\drivers\musbta2k.sys [7.3.2001 10:21 98313]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2.10.2008 10:52 47360]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [6.6.2011 6:14 155344]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [1.7.2013 14:40 181912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-31 06:58 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 06:57]
.
2014-11-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-16 05:41]
.
2014-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-01 10:49]
.
2014-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-01 10:49]
.
2013-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-776561741-1844823847-839522115-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-06-25 12:02]
.
2013-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-776561741-1844823847-839522115-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-06-25 12:02]
.
2014-11-19 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- c:\windows\system32\xp_eos.exe [2014-07-07 01:59]
.
2014-09-08 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- c:\windows\system32\xp_eos.exe [2014-07-07 01:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>;*.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open with ScanSoft PDF Converter 4.1 - c:\program files\Nuance\PDF Converter 4\cnvres_eng.dll /100
TCP: DhcpNameServer = 192.168.1.1
DPF: {248F1F2D-E854-40AD-BB42-2E69EBC1CD8B} - hxxps://zona.t-com.sk/VianKampan2007/STWebDialer.cab
DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\nylp1ezj.default-1389594932031\
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-19 09:45
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-776561741-1844823847-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2014-11-19 09:47:05
ComboFix-quarantined-files.txt 2014-11-19 08:47
ComboFix2.txt 2009-03-05 15:55
ComboFix3.txt 2008-04-10 09:35
ComboFix4.txt 2008-02-15 11:00
ComboFix5.txt 2013-05-13 06:01
.
Pre-Run: 35 101 990 912 bytes free
Post-Run: 28 adresárov, 36 091 715 584 voľných bajtov
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - D61E629EE20C0155324AFB6E60651AA2
8F558EB6672622401DA993E1E865C861