VIRY.CZ

Drobné nálezy, takže provedeme další opravy.

• Ukonči všechny programy!
• Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Počkej, než program dokončí Prescan.
• Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
• V záložce Registry nech všechny nálezy označeny.
• Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.

RogueKiller V8.6.9 [Sep 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jaroslav Sedlák [Práva správce]
Mód : Odebrat -- Datum : 09/06/2013 17:45:37
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] HP Digital Imaging Monitor.lnk : G:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk @G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3160811AS +++++
--- User ---
[MBR] 4e8b4d473a48c365675bdb5e02d77672
[BSP] 1c234b473ec4a467b9b75fafa0a4ba15 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST3160811AS +++++
--- User ---
[MBR] a47975708a83793d810c278c1d20138b
[BSP] 891bfa9c2a846096fe35991cdac09ed3 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 20496 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 41977845 | Size: 55811 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: ST3160811AS +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_09062013_174537.txt >>
RKreport[0]_S_09062013_161649.txt;RKreport[0]_S_09062013_174526.txt

Vlož mi sem prosím nový aktuální log ze RSITu, ať se podívám, co se povedlo a co zatím ne.

Ahoj,
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jaroslav Sedlák at 2013-09-07 17:10:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive G: has 102 GB (67%) free of 153 GB
Total RAM: 2047 MB (65% free)

HijackThis download failed

======Scheduled tasks folder======

G:\WINDOWS\tasks\Adobe Flash Player Updater.job
G:\WINDOWS\tasks\AppleSoftwareUpdate.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
G:\WINDOWS\tasks\Wise Care 365.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - G:\Program Files\Java\jre7\bin\ssv.dll [2013-06-20 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - G:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - G:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-20 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=g:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]
"QuickTime Task"=G:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=G:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
G:\WINDOWS\system32\Ati2evxx.dll [2012-03-09 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
G:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - G:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - G:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoResolveTrack"=
"NoFileAssociate"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\Zoner\Photo Studio 13\Program32\Zps.exe"="G:\Program Files\Zoner\Photo Studio 13\Program32\Zps.exe:*:Enabled:Zoner Photo Studio 13"
"G:\Program Files\Opera\opera.exe"="G:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"H:\TmNationsForever\TmForever.exe"="H:\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"G:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="G:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"G:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="G:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Disabled:Microsoft OneNote"
"H:\World_of_Tanks\WorldOfTanks.exe"="H:\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks"
"H:\World_of_Tanks\WOTLauncher.exe"="H:\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher"
"G:\WINDOWS\system32\mmc.exe"="G:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"G:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe"="G:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe:*:Enabled:DXP SyncML Module"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"G:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="G:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="G:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="G:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"G:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="G:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"G:\Program Files\HP\HP Software Update\HPWUCli.exe"="G:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"G:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="G:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"G:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="G:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"G:\Program Files\Maxthon\Bin\MxUp.exe"="G:\Program Files\Maxthon\Bin\MxUp.exe:*:Enabled:MxUp"
"G:\Program Files\Maxthon\Bin\Maxthon.exe"="G:\Program Files\Maxthon\Bin\Maxthon.exe:*:Enabled:Maxthon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"G:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="G:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="G:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="G:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="G:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"G:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="G:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"G:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="G:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"G:\Program Files\HP\HP Software Update\HPWUCli.exe"="G:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"G:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="G:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"

======List of files/folders created in the last 1 months======

2013-09-05 20:03:51 ----D---- G:\AdwCleaner
2013-09-05 19:39:56 ----SHD---- G:\RECYCLER
2013-09-05 15:55:50 ----D---- G:\WINDOWS\ERUNT
2013-09-04 16:17:42 ----A---- G:\ComboFix.txt
2013-09-04 16:12:02 ----D---- G:\WINDOWS\temp
2013-09-03 10:53:02 ----D---- G:\rsit
2013-09-03 10:53:02 ----D---- G:\Program Files\trend micro
2013-08-29 09:48:34 ----HDC---- G:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-27 10:17:01 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\ZipGenius
2013-08-27 10:16:02 ----D---- G:\Program Files\ZipGenius 6
2013-08-14 16:46:13 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\Opera Software

======List of files/folders modified in the last 1 months======

2013-09-07 08:06:25 ----D---- G:\Program Files\SpeedFan
2013-09-07 07:58:01 ----D---- G:\WINDOWS
2013-09-07 07:54:24 ----D---- G:\WINDOWS\system32
2013-09-07 07:52:22 ----SD---- G:\WINDOWS\Tasks
2013-09-06 17:45:24 ----D---- G:\WINDOWS\system32\drivers
2013-09-06 15:34:01 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\Wise Care 365
2013-09-06 15:33:44 ----D---- G:\WINDOWS\system32\CatRoot2
2013-09-06 15:32:21 ----A---- G:\WINDOWS\SchedLgU.Txt
2013-09-06 15:31:47 ----D---- G:\Config.Msi
2013-09-06 15:31:45 ----SHD---- G:\WINDOWS\Installer
2013-09-06 15:31:41 ----RD---- G:\Program Files
2013-09-05 16:08:50 ----RD---- G:\Program Files\Common Files
2013-09-05 15:53:57 ----D---- G:\WINDOWS\erdnt
2013-09-04 16:14:44 ----A---- G:\WINDOWS\system.ini
2013-09-04 16:12:18 ----D---- G:\WINDOWS\system32\config
2013-09-04 16:10:00 ----D---- G:\WINDOWS\AppPatch
2013-09-04 15:47:05 ----SD---- G:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-09-04 15:46:36 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\HPAppData
2013-09-04 15:27:01 ----D---- G:\Program Files\QuickTime
2013-09-03 10:25:39 ----D---- G:\Full-size Mouse
2013-09-03 09:42:09 ----D---- G:\WINDOWS\SoftwareDistribution
2013-09-03 09:39:14 ----D---- G:\WINDOWS\Debug
2013-08-31 13:08:12 ----D---- G:\Program Files\Opera
2013-08-30 11:53:33 ----D---- G:\WINDOWS\Prefetch
2013-08-29 15:28:29 ----D---- G:\Documents and Settings\Jaroslav Sedlák\Data aplikací\Apple Computer
2013-08-29 15:15:16 ----D---- G:\Program Files\WinRAR
2013-08-29 09:48:49 ----HD---- G:\WINDOWS\inf
2013-08-18 07:22:13 ----D---- G:\Moto assistant
2013-08-15 11:44:34 ----A---- G:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-15 06:46:52 ----D---- G:\WINDOWS\system32\MRT
2013-08-15 06:35:28 ----A---- G:\WINDOWS\system32\MRT.exe
2013-08-15 06:35:20 ----RSHDC---- G:\WINDOWS\system32\dllcache
2013-08-15 06:34:34 ----D---- G:\Program Files\Internet Explorer
2013-08-15 06:34:24 ----D---- G:\WINDOWS\system32\cs-cz
2013-08-12 12:03:59 ----AC---- G:\WINDOWS\MyHeritage.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; G:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; G:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 BT848;KWorld TV878 Video Capture; G:\WINDOWS\system32\drivers\cxvcap.sys [2000-01-01 63232]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; G:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; G:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; G:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; G:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-07-08 135168]
R3 AEAudioService;AEAudio Service; G:\WINDOWS\system32\drivers\AEAudio.sys [2005-07-08 127872]
R3 ati2mtag;ati2mtag; G:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-03-09 7586304]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; G:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-12-20 100368]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; G:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; G:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; G:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; G:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; G:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
R3 mouhid;Ovladač myši standardu HID; G:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; G:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NWRDR;NetWare Rdr; G:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; G:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; G:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 SenFiltService;SenFilt Service; G:\WINDOWS\system32\drivers\Senfilt.sys [2005-07-08 393088]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; G:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; G:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; G:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Třída USB Printer; G:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; G:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; G:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); G:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
S1 MoboroboAssDriver;MoboroboAssDriver; G:\WINDOWS\system32\drivers\MoboroboAssDriver.sys []
S3 catchme;catchme; \??\G:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; G:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; G:\WINDOWS\system32\drivers\CrystalSysInfo.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; G:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; G:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; G:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; G:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; G:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; G:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; G:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; G:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SWDUMon;SWDUMon; G:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2013-04-01 13464]
S3 upperdev;upperdev; G:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; G:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 WDC_SAM;WD SCSI Pass Thru driver; G:\WINDOWS\system32\DRIVERS\wdcsam.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; G:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 whfltr2k;WheelMouse USB Lower Filter Driver; G:\WINDOWS\system32\DRIVERS\whfltr2k.sys [2000-01-01 6784]
S3 WpdUsb;WpdUsb; G:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; G:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; G:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; G:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 zebrbus;Sony Ericsson Composite Device driver; G:\WINDOWS\system32\DRIVERS\zebrbus.sys [2008-01-15 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; G:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); G:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); G:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; G:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]
S4 sr;Ovladač filtru Obnovy systému; G:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; G:\WINDOWS\system32\Ati2evxx.exe [2012-03-09 643072]
R2 hpqcxs08;hpqcxs08; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; G:\Program Files\Java\jre7\bin\jqs.exe [2013-06-20 182184]
R2 MsMpSvc;Microsoft Antimalware Service; g:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]
R2 NMSAccess;NMSAccess; G:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-05 71096]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); G:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
R2 UxTuneUp;TuneUp Theme Extension; G:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 NWCWorkstation;Klient systému NetWare; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; G:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-15 257416]
S2 gupdate;Služba Google Update (gupdate); G:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-08 116648]
S2 WiseBootAssistant;Wise Boot Assistant; G:\Program Files\Wise\Wise Care 365\BootTime.exe [2012-07-17 580648]
S3 gupdatem;Služba Google Update (gupdatem); G:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-08 116648]
S3 gusvc;Google Updater Service; G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 npggsvc;nProtect GameGuard Service; G:\WINDOWS\system32\GameMon.des [2011-08-08 4865496]
S3 ose;Office Source Engine; G:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; G:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; G:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 WinRM;Windows Remote Management (WS-Management); G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; G:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Stáhni a spusť HJT.

• V okně, které se Ti otevře, klikni na [Do a system scan and save a logfile].
• Proběhne scan a vyskočí na Tebe log, který mi sem zkopíruj.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:48, on 8.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21348)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
g:\Program Files\Microsoft Security Client\MsMpEng.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Java\jre7\bin\jqs.exe
G:\Program Files\CDBurnerXP\NMSAccessU.exe
G:\Program Files\CyberLink\Shared files\RichVideo.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\wbem\wmiapsrv.exe
G:\Program Files\Microsoft Security Client\msseces.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
G:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
G:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Wise\Wise Care 365\WiseTray.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\Program Files\SpeedFan\speedfan.exe
G:\Documents and Settings\Jaroslav Sedlák\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
G:\WINDOWS\system32\msiexec.exe
G:\Program Files\trend micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: Shell=
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - G:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [MSC] "g:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://G:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - G:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - G:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: #5A006F006200720061007A006900740020006E00650062006F00200073006B007200FD007400200048005000200053006D00610072007400200057006500620020005000720069006E00740069006E006700 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - G:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: g:\windows\system32\nwprovau.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - G:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - G:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - G:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - G:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - G:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - G:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - G:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - G:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - G:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 7690 bytes

Fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: G:\Program Files\trend micro\HiJackThis\HiJackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe


Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.

• Pokud používáš operační systém Windows Vista či Windows 7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
• Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

• Klikni na tlačítko [Opravit].
• Po dokončení skenu se objeví log, ten mi sem vlož.
• Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

All processes killed
========== COMMANDS ==========
Unable to stop System Restore Service. Error code 1722. Restore points not cleared.
Restore point Set: OTL Restore Point
G:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Jaroslav Sedlák
->Temp folder emptied: 564984 bytes
->Temporary Internet Files folder emptied: 10973040 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 451520597 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 18230 bytes
->Temporary Internet Files folder emptied: 33676 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 238757292 bytes

Total Files Cleaned = 669,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Jaroslav Sedlák
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: Jaroslav Sedlák
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!

Log není celý.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
G:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jaroslav Sedlák
->Temp folder emptied: 1000343 bytes
->Temporary Internet Files folder emptied: 5868913 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 62754280 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 7398 bytes
->Temporary Internet Files folder emptied: 33676 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24058 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 2913488 bytes

Total Files Cleaned = 69,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Jaroslav Sedlák
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: Jaroslav Sedlák
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Error: No service named AdobeFlashPlayerUpdateSvc was found to stop!
Service\Driver key AdobeFlashPlayerUpdateSvc not found.
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
Error: No service named JavaQuickStarterService was found to stop!
Service\Driver key JavaQuickStarterService not found.
Error: No service named npggsvc was found to stop!
Service\Driver key npggsvc not found.
Error: No service named NMSAccess was found to stop!
Service\Driver key NMSAccess not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
========== FILES ==========
File\Folder G:\AdwCleaner not found.
File/Folder G:\WINDOWS\system32\*.tmp.dll not found.
File/Folder G:\WINDOWS\system32\SET*.tmp not found.
File/Folder G:\WINDOWS\*.tmp not found.
File\Folder G:\WINDOWS\tasks\Adobe Flash Player Updater.job not found.
File\Folder G:\WINDOWS\tasks\AppleSoftwareUpdate.job not found.
File\Folder G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job not found.
File\Folder G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job not found.
File\Folder G:\WINDOWS\tasks\Wise Care 365.job not found.
File\Folder G:\ComboFix.txt not found.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 09092013_161030

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OK, OTL provedlo, co mělo.

Jak je na tom počítač teď? Mohu po sobě uklidit a hotovo?

Zdravím a děkuji, zapnutí počítače je z původních 4 minut na necelou minutu, internet a složky reagují prakticky okamžitě.
PC je v provozu asi 7 let, čistím tím co kdo radí na netu, ale jak vidím asi to není ono.
Ještě jednou díky a jak se můžu revanžovat

bobjara píše:Ještě jednou díky a jak se můžu revanžovat

Můžeš podpořit naše fórum libovolnou dobrovoulnou částkou. Detaily si přečti prosím zde - http://forum.viry.cz/viewtopic.php?f=7&t=78175

Jinak jsem rád, že všechno šlape, jak má. Takže uklidím.


T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stáhni a spusť.
• Pokud používáš operační systém Windows Vista či Windows 7, klikni na T-Cleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce!
• Pro potvrzení volby mačkej A, Enter.
• Po použití utilitu smaž ručně.
• Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir)!

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stáhni a spusť.
• Klikni na CleanUp a potvrď YES.
• Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž ručně.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

Zde můžeme uzavřít.