Dobrý den, prosím o kontrolu logu

[Mc_Murphy]

Drobné nálezy, takže provedeme další opravy.

• Ukonči všechny programy!
• Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Počkej, než program dokončí Prescan.
• Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
• V záložce Registry nech všechny nálezy označeny.
• Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.

[bobjara]

RogueKiller V8.6.9 [Sep 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jaroslav Sedlák [Práva správce]
Mód : Odebrat -- Datum : 09/06/2013 17:45:37
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] HP Digital Imaging Monitor.lnk : G:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk @G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3160811AS +++++
--- User ---
[MBR] 4e8b4d473a48c365675bdb5e02d77672
[BSP] 1c234b473ec4a467b9b75fafa0a4ba15 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST3160811AS +++++
--- User ---
[MBR] a47975708a83793d810c278c1d20138b
[BSP] 891bfa9c2a846096fe35991cdac09ed3 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 20496 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 41977845 | Size: 55811 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: ST3160811AS +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_09062013_174537.txt >>
RKreport[0]_S_09062013_161649.txt;RKreport[0]_S_09062013_174526.txt

[Mc_Murphy]

Vlož mi sem prosím nový aktuální log ze RSITu, ať se podívám, co se povedlo a co zatím ne.

[bobjara]

Ahoj,
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jaroslav Sedlák at 2013-09-07 17:10:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive G: has 102 GB (67%) free of 153 GB
Total RAM: 2047 MB (65% free)

HijackThis download failed

======Scheduled tasks folder======

G:\WINDOWS\tasks\Adobe Flash Player Updater.job
G:\WINDOWS\tasks\AppleSoftwareUpdate.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
G:\WINDOWS\tasks\Wise Care 365.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - G:\Program Files\Java\jre7\bin\ssv.dll [2013-06-20 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - G:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - G:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-20 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=g:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]
"QuickTime Task"=G:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=G:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
G:\WINDOWS\system32\Ati2evxx.dll [2012-03-09 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
G:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - G:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - G:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoResolveTrack"=
"NoFileAssociate"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\Zoner\Photo Studio 13\Program32\Zps.exe"="G:\Program Files\Zoner\Photo Studio 13\Program32\Zps.exe:*:Enabled:Zoner Photo Studio 13"
"G:\Program Files\Opera\opera.exe"="G:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"H:\TmNationsForever\TmForever.exe"="H:\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"G:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="G:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"G:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="G:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Disabled:Microsoft OneNote"
"H:\World_of_Tanks\WorldOfTanks.exe"="H:\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks"
"H:\World_of_Tanks\WOTLauncher.exe"="H:\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher"
"G:\WINDOWS\system32\mmc.exe"="G:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"G:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe"="G:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe:*:Enabled:DXP SyncML Module"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"G:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="G:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="G:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="G:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"G:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="G:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"G:\Program Files\HP\HP Software Update\HPWUCli.exe"="G:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"G:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="G:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"G:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="G:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"G:\Program Files\Maxthon\Bin\MxUp.exe"="G:\Program Files\Maxthon\Bin\MxUp.exe:*:Enabled:MxUp"
"G:\Program Files\Maxthon\Bin\Maxthon.exe"="G:\Program Files\Maxthon\Bin\Maxthon.exe:*:Enabled:Maxthon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"G:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="G:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="G:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="G:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"G:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="G:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"G:\Program Files\HP\HP Software Update\HPWUCli.exe"="G:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"G:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="G:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"

======List of files/folders created in the last 1 months======

2013-09-05 20:03:51 ----D---- G:\AdwCleaner
2013-09-05 19:39:56 ----SHD---- G:\RECYCLER
2013-09-05 15:55:50 ----D---- G:\WINDOWS\ERUNT
2013-09-04 16:17:42 ----A---- G:\ComboFix.txt
2013-09-04 16:12:02 ----D---- G:\WINDOWS\temp
2013-09-03 10:53:02 ----D---- G:\rsit
2013-09-03 10:53:02 ----D---- G:\Program Files\trend micro
2013-08-29 09:48:34 ----HDC---- G:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-27 10:17:01 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\ZipGenius
2013-08-27 10:16:02 ----D---- G:\Program Files\ZipGenius 6
2013-08-14 16:46:13 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\Opera Software

======List of files/folders modified in the last 1 months======

2013-09-07 08:06:25 ----D---- G:\Program Files\SpeedFan
2013-09-07 07:58:01 ----D---- G:\WINDOWS
2013-09-07 07:54:24 ----D---- G:\WINDOWS\system32
2013-09-07 07:52:22 ----SD---- G:\WINDOWS\Tasks
2013-09-06 17:45:24 ----D---- G:\WINDOWS\system32\drivers
2013-09-06 15:34:01 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\Wise Care 365
2013-09-06 15:33:44 ----D---- G:\WINDOWS\system32\CatRoot2
2013-09-06 15:32:21 ----A---- G:\WINDOWS\SchedLgU.Txt
2013-09-06 15:31:47 ----D---- G:\Config.Msi
2013-09-06 15:31:45 ----SHD---- G:\WINDOWS\Installer
2013-09-06 15:31:41 ----RD---- G:\Program Files
2013-09-05 16:08:50 ----RD---- G:\Program Files\Common Files
2013-09-05 15:53:57 ----D---- G:\WINDOWS\erdnt
2013-09-04 16:14:44 ----A---- G:\WINDOWS\system.ini
2013-09-04 16:12:18 ----D---- G:\WINDOWS\system32\config
2013-09-04 16:10:00 ----D---- G:\WINDOWS\AppPatch
2013-09-04 15:47:05 ----SD---- G:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-09-04 15:46:36 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\HPAppData
2013-09-04 15:27:01 ----D---- G:\Program Files\QuickTime
2013-09-03 10:25:39 ----D---- G:\Full-size Mouse
2013-09-03 09:42:09 ----D---- G:\WINDOWS\SoftwareDistribution
2013-09-03 09:39:14 ----D---- G:\WINDOWS\Debug
2013-08-31 13:08:12 ----D---- G:\Program Files\Opera
2013-08-30 11:53:33 ----D---- G:\WINDOWS\Prefetch
2013-08-29 15:28:29 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\Apple Computer
2013-08-29 15:15:16 ----D---- G:\Program Files\WinRAR
2013-08-29 09:48:49 ----HD---- G:\WINDOWS\inf
2013-08-18 07:22:13 ----D---- G:\Moto assistant
2013-08-15 11:44:34 ----A---- G:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-15 06:46:52 ----D---- G:\WINDOWS\system32\MRT
2013-08-15 06:35:28 ----A---- G:\WINDOWS\system32\MRT.exe
2013-08-15 06:35:20 ----RSHDC---- G:\WINDOWS\system32\dllcache
2013-08-15 06:34:34 ----D---- G:\Program Files\Internet Explorer
2013-08-15 06:34:24 ----D---- G:\WINDOWS\system32\cs-cz
2013-08-12 12:03:59 ----AC---- G:\WINDOWS\MyHeritage.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; G:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; G:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 BT848;KWorld TV878 Video Capture; G:\WINDOWS\system32\drivers\cxvcap.sys [2000-01-01 63232]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; G:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; G:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; G:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; G:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-07-08 135168]
R3 AEAudioService;AEAudio Service; G:\WINDOWS\system32\drivers\AEAudio.sys [2005-07-08 127872]
R3 ati2mtag;ati2mtag; G:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-03-09 7586304]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; G:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-12-20 100368]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; G:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; G:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; G:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; G:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; G:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
R3 mouhid;Ovladač myši standardu HID; G:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; G:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NWRDR;NetWare Rdr; G:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; G:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; G:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 SenFiltService;SenFilt Service; G:\WINDOWS\system32\drivers\Senfilt.sys [2005-07-08 393088]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; G:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; G:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; G:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Třída USB Printer; G:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; G:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; G:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); G:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
S1 MoboroboAssDriver;MoboroboAssDriver; G:\WINDOWS\system32\drivers\MoboroboAssDriver.sys []
S3 catchme;catchme; \??\G:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; G:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; G:\WINDOWS\system32\drivers\CrystalSysInfo.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; G:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; G:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; G:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; G:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; G:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; G:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; G:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; G:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SWDUMon;SWDUMon; G:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2013-04-01 13464]
S3 upperdev;upperdev; G:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; G:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 WDC_SAM;WD SCSI Pass Thru driver; G:\WINDOWS\system32\DRIVERS\wdcsam.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; G:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 whfltr2k;WheelMouse USB Lower Filter Driver; G:\WINDOWS\system32\DRIVERS\whfltr2k.sys [2000-01-01 6784]
S3 WpdUsb;WpdUsb; G:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; G:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; G:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; G:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 zebrbus;Sony Ericsson Composite Device driver; G:\WINDOWS\system32\DRIVERS\zebrbus.sys [2008-01-15 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; G:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); G:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); G:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; G:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]
S4 sr;Ovladač filtru Obnovy systému; G:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; G:\WINDOWS\system32\Ati2evxx.exe [2012-03-09 643072]
R2 hpqcxs08;hpqcxs08; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; G:\Program Files\Java\jre7\bin\jqs.exe [2013-06-20 182184]
R2 MsMpSvc;Microsoft Antimalware Service; g:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]
R2 NMSAccess;NMSAccess; G:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-05 71096]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); G:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
R2 UxTuneUp;TuneUp Theme Extension; G:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 NWCWorkstation;Klient systému NetWare; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; G:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-15 257416]
S2 gupdate;Služba Google Update (gupdate); G:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-08 116648]
S2 WiseBootAssistant;Wise Boot Assistant; G:\Program Files\Wise\Wise Care 365\BootTime.exe [2012-07-17 580648]
S3 gupdatem;Služba Google Update (gupdatem); G:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-08 116648]
S3 gusvc;Google Updater Service; G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 npggsvc;nProtect GameGuard Service; G:\WINDOWS\system32\GameMon.des [2011-08-08 4865496]
S3 ose;Office Source Engine; G:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; G:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; G:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 WinRM;Windows Remote Management (WS-Management); G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; G:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

[Mc_Murphy]

Stáhni a spusť HJT.

• V okně, které se Ti otevře, klikni na [Do a system scan and save a logfile].
• Proběhne scan a vyskočí na Tebe log, který mi sem zkopíruj.

[bobjara]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:48, on 8.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21348)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
g:\Program Files\Microsoft Security Client\MsMpEng.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Java\jre7\bin\jqs.exe
G:\Program Files\CDBurnerXP\NMSAccessU.exe
G:\Program Files\CyberLink\Shared files\RichVideo.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\wbem\wmiapsrv.exe
G:\Program Files\Microsoft Security Client\msseces.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
G:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Wise\Wise Care 365\WiseTray.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Program Files\SpeedFan\speedfan.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\WINDOWS\system32\msiexec.exe
G:\Program Files\trend micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: Shell=
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - G:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [MSC] "g:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://G:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - G:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - G:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: #5A006F006200720061007A006900740020006E00650062006F00200073006B007200FD007400200048005000200053006D00610072007400200057006500620020005000720069006E00740069006E006700 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: g:\windows\system32\nwprovau.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - G:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - G:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - G:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - G:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - G:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - G:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - G:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - G:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - G:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 7690 bytes

[Mc_Murphy]

Fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: G:\Program Files\trend micro\HiJackThis\HiJackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe


Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.

• Pokud používáš operační systém Windows Vista či Windows 7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
• Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[clearallrestorepoints]
[resethosts]
[purity]
[emptytemp]
[emptyflash]
[emptyjava]

:Services
AdobeFlashPlayerUpdateSvc
gupdate
gupdatem
gusvc
JavaQuickStarterService
npggsvc
NMSAccess
catchme

:Files
G:\AdwCleaner
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
G:\WINDOWS\tasks\Adobe Flash Player Updater.job
G:\WINDOWS\tasks\AppleSoftwareUpdate.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
G:\WINDOWS\tasks\Wise Care 365.job
G:\ComboFix.txt

:Reg
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-

• Klikni na tlačítko [Opravit].
• Po dokončení skenu se objeví log, ten mi sem vlož.
• Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

[bobjara]

All processes killed
========== COMMANDS ==========
Unable to stop System Restore Service. Error code 1722. Restore points not cleared.
Restore point Set: OTL Restore Point
G:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Jaroslav Sedlák
->Temp folder emptied: 564984 bytes
->Temporary Internet Files folder emptied: 10973040 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 451520597 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 18230 bytes
->Temporary Internet Files folder emptied: 33676 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 238757292 bytes

Total Files Cleaned = 669,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Jaroslav Sedlák
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: Jaroslav Sedlák
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!

[Mc_Murphy]

Log není celý.

[bobjara]

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
G:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jaroslav Sedlák
->Temp folder emptied: 1000343 bytes
->Temporary Internet Files folder emptied: 5868913 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 62754280 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 7398 bytes
->Temporary Internet Files folder emptied: 33676 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24058 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 2913488 bytes

Total Files Cleaned = 69,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Jaroslav Sedlák
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: Jaroslav Sedlák
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Error: No service named AdobeFlashPlayerUpdateSvc was found to stop!
Service\Driver key AdobeFlashPlayerUpdateSvc not found.
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
Error: No service named JavaQuickStarterService was found to stop!
Service\Driver key JavaQuickStarterService not found.
Error: No service named npggsvc was found to stop!
Service\Driver key npggsvc not found.
Error: No service named NMSAccess was found to stop!
Service\Driver key NMSAccess not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
========== FILES ==========
File\Folder G:\AdwCleaner not found.
File/Folder G:\WINDOWS\system32\*.tmp.dll not found.
File/Folder G:\WINDOWS\system32\SET*.tmp not found.
File/Folder G:\WINDOWS\*.tmp not found.
File\Folder G:\WINDOWS\tasks\Adobe Flash Player Updater.job not found.
File\Folder G:\WINDOWS\tasks\AppleSoftwareUpdate.job not found.
File\Folder G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job not found.
File\Folder G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job not found.
File\Folder G:\WINDOWS\tasks\Wise Care 365.job not found.
File\Folder G:\ComboFix.txt not found.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 09092013_161030

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Mc_Murphy]

OK, OTL provedlo, co mělo.

Jak je na tom počítač teď? Mohu po sobě uklidit a hotovo?

[bobjara]

Zdravím a děkuji, zapnutí počítače je z původních 4 minut na necelou minutu, internet a složky reagují prakticky okamžitě.
PC je v provozu asi 7 let, čistím tím co kdo radí na netu, ale jak vidím asi to není ono.
Ještě jednou díky a jak se můžu revanžovat

[Mc_Murphy]

Ještě jednou díky a jak se můžu revanžovat

Můžeš podpořit naše fórum libovolnou dobrovoulnou částkou. Detaily si přečti prosím zde - http://forum.viry.cz/viewtopic.php?f=7&t=78175

Jinak jsem rád, že všechno šlape, jak má. Takže uklidím.


T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stáhni a spusť.
• Pokud používáš operační systém Windows Vista či Windows 7, klikni na T-Cleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce!
• Pro potvrzení volby mačkej A, Enter.
• Po použití utilitu smaž ručně.
• Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir)!

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stáhni a spusť.
• Klikni na CleanUp a potvrď YES.
• Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž ručně.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

[Mc_Murphy]

Zde můžeme uzavřít.