Prosím o kontrolu,občas nelze otevřít žádný program Vyřešeno

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Folder::
c:\program files\ESET
c:\program files\Skype\Updater

Driver::
SkypeUpdate

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
http://files.avast.com/files/rootkit-scanner/aswmbr.exe
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Reklama]

[nerolli]

ComboFix 13-09-23.02 - PC 23.09.2013 18:57:03.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.662 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PC\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ESET
c:\program files\ESET\ESET Online Scanner\esets_apiA.dll
c:\program files\ESET\ESET Online Scanner\esets_apiW.dll
c:\program files\ESET\ESET Online Scanner\esets_apiW_a.dll
c:\program files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
c:\program files\ESET\ESET Online Scanner\log.txt
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod2BFC.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod6B95.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod02E1.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod05B9.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod0B18.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod160C.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod3069.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod3169.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod3613.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod3839.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod4037.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod4876.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod5A2F.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6266.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod675C.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6A77.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6D26.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod7127.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod798A.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles\em023_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em023_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
c:\program files\ESET\ESET Online Scanner\Modules\em000_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em001_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em003_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em004_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em005_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em006_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em023_32.dat
c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
c:\program files\ESET\ESET Online Scanner\OnlineScanner.cab
c:\program files\ESET\ESET Online Scanner\OnlineScanner.inf
c:\program files\ESET\ESET Online Scanner\OnlineScanner.ocx
c:\program files\ESET\ESET Online Scanner\OnlineScanner64.ocx
c:\program files\ESET\ESET Online Scanner\OnlineScannerApp.exe
c:\program files\ESET\ESET Online Scanner\OnlineScannerLang.dll
c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
c:\program files\ESET\ESET Online Scanner\unicows.dll
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-23 do 2013-09-23 )))))))))))))))))))))))))))))))
.
.
2013-09-22 21:51 . 2013-09-22 21:51 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-09-22 21:51 . 2013-09-22 21:51 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\eSupport.com
2013-09-22 17:29 . 2010-02-10 19:20 77824 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2013-09-22 17:29 . 2010-02-10 19:20 32768 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2013-09-22 17:29 . 2010-02-10 19:20 221184 ----a-w- c:\program files\Common Files\InstallShield\IScript\IScript.dll
2013-09-22 17:29 . 2010-02-10 19:20 217088 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2013-09-22 17:29 . 2010-02-10 19:20 212992 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2013-09-22 17:21 . 2013-09-22 17:21 -------- d-----w- c:\program files\CPUID
2013-09-22 12:50 . 2013-09-22 12:50 -------- d-----w- c:\windows\ERUNT
2013-09-21 23:14 . 2013-09-22 12:34 -------- d-----w- C:\AdwCleaner
2013-09-21 22:58 . 2013-09-21 22:58 -------- d-----w- c:\documents and settings\PC\Data aplikací\Malwarebytes
2013-09-21 22:58 . 2013-09-21 22:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-09-21 22:12 . 2013-09-21 22:12 -------- d-----w- c:\program files\Trend Micro
2013-09-17 08:58 . 2013-06-18 14:21 91544 ----a-w- c:\program files\Mozilla Firefox\updated\nssdbm3.dll
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-08-28 18:14 . 2013-08-28 18:20 -------- d-----w- c:\program files\Mozilla Thunderbird
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-22 13:53 . 2012-09-07 12:23 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-22 13:53 . 2012-08-17 23:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 01:56 . 2006-03-02 12:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-08 06:09 . 2006-03-02 12:00 1877760 ----a-w- c:\windows\system32\win32k.sys
2013-08-08 06:05 . 2006-03-02 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-08-08 06:05 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-08 06:05 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-08-08 06:05 . 2006-03-02 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-08-08 00:02 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2013-08-05 13:30 . 2006-03-02 12:00 1289216 ----a-w- c:\windows\system32\ole32.dll
2013-08-02 23:48 . 2006-10-18 20:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-10 10:37 . 2006-03-02 12:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:34 . 2004-08-17 15:45 2072320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-04 07:34 . 2006-03-02 12:00 2195712 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-27 21:30 . 2013-05-13 17:18 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 21:30 . 2011-12-22 18:00 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 21:30 . 2011-12-22 18:00 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2009-03-31 20:47 . 2013-04-11 22:17 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 577536]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-06-11 83968]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-04-15 450560]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-02-13 02:37 1263952 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
2002-02-04 21:32 53248 ------w- c:\program files\REGSHAVE\REGSHAVE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-21 07:58 19875432 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2006-09-19 08:07 827392 ----a-w- c:\windows\vsnpstd3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
2009-02-20 15:55 326656 ----a-w- c:\windows\tsnpstd3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"N360"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [13.5.2013 19:18 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [13.5.2013 19:18 175176]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.5.2010 22:43 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [22.12.2011 20:00 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.12.2011 20:00 369584]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14.5.2009 18:07 759048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.12.2011 20:00 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [13.5.2013 19:18 66336]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [22.9.2013 23:51 23456]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-07 13:53]
.
2013-09-23 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-02 08:58]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com
TCP: DhcpNameServer = 192.168.100.1
DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - hxxp://games.bigfishgames.com/en_fashio ... 0.0.21.cab
DPF: {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} - hxxp://games.bigfishgames.com/en_dairy- ... 0.0.15.cab
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://games.bigfishgames.com/en_chocol ... 0.0.13.cab
DPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} - hxxp://games.bigfishgames.com/en_great- ... 0.0.12.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {D40F5876-A494-4124-8161-82625BB28C06} - hxxp://games.bigfishgames.com/en_chocol ... 0.0.10.cab
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - hxxp://games.bigfishgames.com/en_chocol ... .0.0.6.cab
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\wjfurlfy.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-08-29 19:34; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\wjfurlfy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-23 19:05
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(716)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3692)
c:\program files\RocketDock\RocketDock.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\bgsvcgen.exe
c:\windows\SOUNDMAN.EXE
c:\windows\AGRSMMSG.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2013-09-23 19:08:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-23 17:08
ComboFix2.txt 2013-09-23 16:18
ComboFix3.txt 2013-09-23 12:39
ComboFix4.txt 2013-09-22 20:15
ComboFix5.txt 2013-09-23 16:55
.
Před spuštěním: Volných bajtů: 65 662 832 640
Po spuštění: Volných bajtů: 65 558 188 032
.
- - End Of File - - F95161FF66E542F14859CE9D97D1B657
413FC2A0C716421B3158746D63736515

[nerolli]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:50, on 23.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O3 - Toolbar: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - http://games.bigfishgames.com/en_fashio ... 0.0.21.cab
O16 - DPF: {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} - http://games.bigfishgames.com/en_dairy- ... 0.0.15.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - http://www.ekonstrukter.cz/smsx.cab
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://games.bigfishgames.com/en_cookin ... .0.0.9.cab
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - http://games.bigfishgames.com/en_chocol ... 0.0.13.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://games.bigfishgames.com/en_dinerd ... 0.0.48.cab
O16 - DPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} (CPlayFirstGreatChocoControl Object) - http://games.bigfishgames.com/en_great- ... 0.0.12.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://games.bigfishgames.com/en_burger ... yer_v4.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://games.bigfishgames.com/en_dinerd ... 0.0.33.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {D40F5876-A494-4124-8161-82625BB28C06} - http://games.bigfishgames.com/en_chocol ... 0.0.10.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://games.bigfishgames.com/en_cinema ... tycoon.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://games.bigfishgames.com/en_weddin ... 0.0.47.cab
O16 - DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} (CPlayFirstChocolatieControl Object) - http://games.bigfishgames.com/en_chocol ... .0.0.6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 7272 bytes

[nerolli]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-23 19:14:39
-----------------------------
19:14:39.500 OS Version: Windows 5.1.2600 Service Pack 3
19:14:39.500 Number of processors: 1 586 0x1F00
19:14:39.500 ComputerName: PC-0B125086EEB3 UserName: PC
19:14:40.265 Initialize success
19:14:40.703 AVAST engine defs: 13092300
19:14:57.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066
19:14:57.671 Disk 0 Vendor: WDC_WD1600JD-00HBB0 08.02D08 Size: 152626MB BusType: 3
19:14:57.734 Disk 0 MBR read successfully
19:14:57.750 Disk 0 MBR scan
19:14:57.765 Disk 0 Windows XP default MBR code
19:14:57.781 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 131061 MB offset 63
19:14:57.843 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 21563 MB offset 268414020
19:14:57.859 Disk 0 scanning sectors +312576705
19:14:57.890 Disk 0 scanning C:\WINDOWS\system32\drivers
19:15:06.390 Service scanning
19:15:14.984 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
19:15:17.859 Modules scanning
19:15:48.953 Disk 0 trace - called modules:
19:15:49.187 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvatabus.sys spev.sys >>UNKNOWN [0x8718d938]<<
19:15:49.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87103610]
19:15:49.593 3 CLASSPNP.SYS[f7676fd7] -> nt!IofCallDriver -> \Device\00000067[0x87103030]
19:15:49.796 5 ACPI.sys[f7422620] -> nt!IofCallDriver -> \Device\00000066[0x870cd6e8]
19:15:50.390 AVAST engine scan C:\WINDOWS
19:15:55.562 AVAST engine scan C:\WINDOWS\system32
19:17:22.359 AVAST engine scan C:\WINDOWS\system32\drivers
19:17:35.953 AVAST engine scan C:\Documents and Settings\PC
19:21:39.609 AVAST engine scan C:\Documents and Settings\All Users
19:22:10.156 File: C:\Documents and Settings\All Users\Data aplikací\Installations\{653A52D8-127C-476D-BAD9-27117A3A4959}\Installer\CommonCustomActions\closeapp.exe **INFECTED** Win32:MalOb-EI [Cryp]
19:22:49.875 Scan finished successfully
19:23:41.406 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\PC\Plocha\MBR.dat"
19:23:41.437 The log file has been saved successfully to "C:\Documents and Settings\PC\Plocha\aswMBR1.txt"

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

v HJT fixni:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O3 - Toolbar: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O16 - DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - http://games.bigfishgames.com/en_fashio ... 0.0.21.cab
O16 - DPF: {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} - http://games.bigfishgames.com/en_dairy- ... 0.0.15.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - http://www.ekonstrukter.cz/smsx.cab
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://games.bigfishgames.com/en_cookin ... .0.0.9.cab
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - http://games.bigfishgames.com/en_chocol ... 0.0.13.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://games.bigfishgames.com/en_dinerd ... 0.0.48.cab
O16 - DPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} (CPlayFirstGreatChocoControl Object) - http://games.bigfishgames.com/en_great- ... 0.0.12.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://games.bigfishgames.com/en_burger ... yer_v4.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://games.bigfishgames.com/en_dinerd ... 0.0.33.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {D40F5876-A494-4124-8161-82625BB28C06} - http://games.bigfishgames.com/en_chocol ... 0.0.10.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://games.bigfishgames.com/en_cinema ... tycoon.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://games.bigfishgames.com/en_weddin ... 0.0.47.cab
O16 - DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} (CPlayFirstChocolatieControl Object) - http://games.bigfishgames.com/en_chocol ... .0.0.6.cab

Znovu spusť aswMBR a dej FIX

[nerolli]

Ten ekonstrukter to je eshop který provozuji, to asi nemám fixnout?

[nerolli]

Otevřela jsem OTC postupovala podle instrukcí, chtělo to dát restart, to jsem dala a po restartu ten program na ploše nemám a zmizel i ten co mám použít nakonci aswMBR

[nerolli]

aswMBR jsem stáhla znovu, spustila, ukázalo mi to 1 žlutý řádek, a dva červené, což jsem si myslela, že to jsou ěci k výmazu,ale po fixnutí zůstali takhle barevné.

Ten OTC nevím, jestli mám znovu stahovat prosím?


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-23 21:47:57
-----------------------------
21:47:57.437 OS Version: Windows 5.1.2600 Service Pack 3
21:47:57.437 Number of processors: 1 586 0x1F00
21:47:57.437 ComputerName: PC-0B125086EEB3 UserName: PC
21:47:58.000 Initialize success
21:47:59.609 AVAST engine defs: 13092300
21:48:23.046 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
21:48:23.062 Disk 0 Vendor: WDC_WD1600JD-00HBB0 08.02D08 Size: 152626MB BusType: 3
21:48:23.187 Disk 0 MBR read successfully
21:48:23.203 Disk 0 MBR scan
21:48:23.218 Disk 0 Windows XP default MBR code
21:48:23.234 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 131061 MB offset 63
21:48:23.265 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 21563 MB offset 268414020
21:48:23.281 Disk 0 scanning sectors +312576705
21:48:23.343 Disk 0 scanning C:\WINDOWS\system32\drivers
21:48:31.750 Service scanning
21:48:40.390 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
21:48:43.203 Modules scanning
21:48:51.515 Disk 0 trace - called modules:
21:48:51.750 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvatabus.sys sppy.sys >>UNKNOWN [0x8718d938]<<
21:48:51.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x871018c8]
21:48:52.156 3 CLASSPNP.SYS[f763cfd7] -> nt!IofCallDriver -> \Device\00000065[0x8712f9a0]
21:48:52.359 5 ACPI.sys[f73e8620] -> nt!IofCallDriver -> \Device\00000064[0x8707e6e8]
21:48:52.937 AVAST engine scan C:\WINDOWS
21:48:57.765 AVAST engine scan C:\WINDOWS\system32
21:50:24.640 AVAST engine scan C:\WINDOWS\system32\drivers
21:50:38.328 AVAST engine scan C:\Documents and Settings\PC
21:54:21.421 AVAST engine scan C:\Documents and Settings\All Users
21:54:31.140 File: C:\Documents and Settings\All Users\Data aplikací\Installations\{653A52D8-127C-476D-BAD9-27117A3A4959}\Installer\CommonCustomActions\closeapp.exe **INFECTED** Win32:MalOb-EI [Cryp]
21:54:59.156 Scan finished successfully
21:55:46.921 Verifying
21:55:56.937 Disk 0 Windows 501 MBR fixed successfully
21:56:30.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\PC\Plocha\MBR.dat"
21:56:30.109 The log file has been saved successfully to "C:\Documents and Settings\PC\Plocha\aswMBR2.txt"

[nerolli]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:27:37, on 23.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - http://www.ekonstrukter.cz/smsx.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 4340 bytes

[jaro3]

Ten ekonstrukter to je eshop který provozuji, to asi nemám fixnout?

Nemusíš , ale asi si už udělala..

Spusť znovu HJT. Klikni na " Open the Misc Tool" , pak na Backups.

Označ ty položky , které chceš vrátit zatržítkem. Pak klikni na "Restore".

Co problémy?

[nerolli]

Ne ne neudělala :) říkala jsem si, že ho fixnu když tak později, až podle toho co mi poradíte :)

Problémy mám ted snad jen s tím, že se mi všechno po aplikaci combofixu rozšířilo. Každý program je větší ...plocha, okna, i prohlížeč, takže musím neustále ručně zmenšovat.
A při scrollu nebo přesunu okna se mi to okno vlní. V prohlížeči to vlnění při scrollu nemám, jen při přesunu okna.
Poslední známá konfigurace také nepomohla.

V nastavení rozlišení to změnit nejde, jsou tam jen 2 jiné možnosti a ty jsou ještě horší :(

Můžete mi prosím ještě s tímhle poradit pokud je to možné?

[jaro3]

To rozlišení ..jaké jsi tam měla dříve?

Podívej se do správce zařízení není-li u grafiky otazník nebo vykřičník.