Problém s pc

[memphisto]

Opět vypni rezidentní ochrany antiviru a firewallu a dále:
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\Tasks\Google Software Updater.job


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\regedit.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[Reklama]

[mEEEgy]

ComboFix 11-03-17.02 - cip 18.03.2011 14:23:43.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1022.669 [GMT 1:00]
Spuštěný z: c:\documents and settings\cip\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\cip\Plocha\CFScript.txt
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\windows\Tasks\Google Software Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Google Software Updater.job
.
c:\windows\regedit.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-18 do 2011-03-18 )))))))))))))))))))))))))))))))
.
.
2011-03-16 17:54 . 2011-03-16 17:54 -------- d-----w- c:\documents and settings\cip\Data aplikací\Malwarebytes
2011-03-16 17:53 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-16 17:53 . 2011-03-16 17:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-03-16 17:53 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-15 16:51 . 2011-03-15 16:51 -------- d-----w- C:\$AVG
2011-03-15 15:07 . 2011-03-15 15:07 388096 ----a-r- c:\documents and settings\cip\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-15 15:04 . 2011-03-15 15:04 -------- d-----w- c:\documents and settings\cip\Data aplikací\AVG10
2011-03-15 15:02 . 2011-03-15 15:02 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2011-03-15 15:00 . 2011-03-17 13:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG10
2011-03-15 14:59 . 2011-03-15 14:59 -------- d-----w- c:\program files\AVG
2011-03-15 06:55 . 2011-03-15 14:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2011-03-12 12:59 . 2011-03-18 13:06 -------- d-----w- c:\documents and settings\cip\Local Settings\Data aplikací\ESL Wire Game Client
2011-03-12 12:59 . 2010-12-08 10:53 841912 ----a-w- c:\windows\system32\drivers\ESLWireACD.sys
2011-03-12 12:58 . 2010-12-08 10:53 24504 ----a-w- c:\windows\system32\drivers\ESLvnic.sys
2011-03-12 12:58 . 2011-03-12 12:59 -------- d-----w- c:\program files\EslWire
2011-03-12 12:58 . 2011-03-12 12:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESL Wire
2011-02-26 01:19 . 2011-02-26 01:19 41872 ----a-w- c:\windows\system32\xfcodec.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-18 06:51 . 2009-04-02 13:45 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-03-18 06:51 . 2009-04-02 17:17 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-03-18 06:51 . 2009-04-02 13:45 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-18 06:51 . 2009-04-02 13:45 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-01-29 18:26 . 2009-04-02 13:45 22328 ----a-w- c:\documents and settings\cip\Data aplikací\PnkBstrK.sys
2011-01-29 18:26 . 2009-04-12 09:41 682280 ----a-w- c:\windows\system32\pbsvc.exe
.
.
------- Sigcheck -------
.
[-] 2008-05-26 18:12 . B585787BA6DE8EEAD48D1ED5B40DB3CD . 1536000 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll
[7] 2004-08-17 13:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2004-08-17 . DC0447EDA50475E6EB9AA14C308EFD9B . 100864 . . [5.4.3790.2180] . . c:\windows\system32\wuauclt.exe
[-] 2004-08-17 . DC0447EDA50475E6EB9AA14C308EFD9B . 100864 . . [5.4.3790.2180] . . c:\windows\system32\dllcache\wuauclt.exe
.
[-] 2006-08-25 . EE92170C908801FE0F364EDC73BF7D14 . 689152 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2004-08-17 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2004-08-17 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2007-08-13 . 1B70DB042A98B52BBBFEA5CBF8AF3FD2 . 3851264 . . [7.00.5730.13] . . c:\windows\system32\mshtml.dll
[-] 2007-08-13 . 1B70DB042A98B52BBBFEA5CBF8AF3FD2 . 3851264 . . [7.00.5730.13] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2004-08-17 . EF74351C9098210CC9C1A3679DB62041 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll
.
[-] 2007-08-13 . F284A6225A3057A1E19985E1D4B47ADA . 809472 . . [7.00.5730.13] . . c:\windows\system32\wininet.dll
[-] 2007-08-13 . F284A6225A3057A1E19985E1D4B47ADA . 809472 . . [7.00.5730.13] . . c:\windows\system32\dllcache\wininet.dll
[7] 2004-08-17 . 50D263E3454E8357D13BB598129185AD . 657408 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll
.
[-] 2007-06-13 . 74998A0669C3DE7A053E6EDE7AE7C54B . 1501696 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-05-26 . 82B0ED1EE0F3552290749FB80C074835 . 40448 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe
.
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2004-08-17 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . c:\windows\ie7\iexplore.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2010-11-17 1242448]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2010-11-16 172856]
"ESL Wire"="c:\program files\EslWire\wire.exe" [2011-01-26 2577408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2007-07-26 270336]
"P17Helper"="P17.dll" [2005-05-03 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-04 8523776]
"nwiz"="nwiz.exe" [2007-12-04 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-04 81920]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-05-26 40448]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-4 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=DrvTrNTm.dll
"wave"=DrvTrNTm.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steamapps\\rekvb\\condition zero\\hl.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\rekvb\\counter-strike\\hl.exe"=
"c:\\Program Files\\EslWire\\wire.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12195:TCP"= 12195:TCP:BitComet 12195 TCP
"12195:UDP"= 12195:UDP:BitComet 12195 UDP
"56362:TCP"= 56362:TCP:Pando Media Booster
"56362:UDP"= 56362:UDP:Pando Media Booster
"1065:TCP"= 1065:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11.4.2010 15:27 691696]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [17.8.2004 14:49 14336]
R2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys [12.3.2011 13:59 841912]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.10.2009 12:27 1074568]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [24.12.2010 20:12 47616]
R3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\drivers\ESLvnic.sys [12.3.2011 13:58 24504]
R3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [17.7.2009 19:37 127496]
S2 gupdate1c9b80a215723f4;Služba Google Update (gupdate1c9b80a215723f4);c:\program files\Google\Update\GoogleUpdate.exe [8.4.2009 06:23 133104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2009-04-01 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 17:35]
.
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu
IE: Stáhnout všechna videa s použitím BitCometu
IE: Stáhnout všechny odkazy s použitím BitCometu
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\cip\Data aplikací\Mozilla\Firefox\Profiles\l4peqha8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Aquatint Black: {7694c49c-9fbd-11dc-8314-0800200c9a66} - %profile%\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Virtus Search Opt-in: extension@virtusdesigns.com - %profile%\extensions\extension@virtusdesigns.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-18 14:29
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(516)
c:\windows\system32\cscui.dll
.
- - - - - - - > 'explorer.exe'(912)
c:\program files\EslWire\inGame32.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\Amhooker.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\Rundll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\EslWire\inGame32.exe
c:\program files\EslWire\dbus-daemon.exe
.
**************************************************************************
.
Celkový čas: 2011-03-18 14:34:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-18 13:34
ComboFix2.txt 2011-03-17 19:42
ComboFix3.txt 2011-03-17 14:25
.
Před spuštěním: Volných bajtů: 58 056 200 192
Po spuštění: Volných bajtů: 58 079 895 552
.
- - End Of File - - 6D93966287B284C3BF6E55B03096C081

a tu je odkaz:
http://www.virustotal.com/file-scan/rep ... 1300455463

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials


+HJT

Jak se chová PC?

[mEEEgy]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:19, on 18.3.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\System32\svchost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\LGScsiCommandService.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\system32\wscntfy.exe
C:\windows\system32\Rundll32.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\windows\explorer.exe
D:\Program Files\Xfire\Xfire.exe
C:\windows\system32\ctfmon.exe
D:\Documents and Settings\cip\Local Settings\Data aplikací\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\PnkBstrB.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [ESL Wire] "C:\Program Files\EslWire\wire.exe" --tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate1c9b80a215723f4) (gupdate1c9b80a215723f4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LG SCSI command service (LGScsiCommandService) - Mobile Leader Co.,Ltd. - C:\windows\system32\LGScsiCommandService.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe

--
End of file - 7920 bytes

No, pc se trošku zlepšil, ale furt to neni ono...

[memphisto]

Log HJT ok

Použij StartUpLite a pořeš položky po startu. Zkontroluj oaměti Memtestem a udělej log z Crystal disk info a vlož jej sem