prosim o kontrolu logu - doporuceno Vyřešeno

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat

DDS::
mStart Page = hxxp://home.sweetim.com

Firefox::
FF - ProfilePath - c:\users\Taťka a mamka\AppData\Roaming\Mozilla\Firefox\Profiles\j8xnt307.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Reklama]

[Kamos]

jen malej dotaz je normalni ze combo musim spoustet jen v nouzovem rezimu?



ComboFix 11-04-14.03 - Taťka a mamka 15.04.2011 13:13:55.3.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.3103 [GMT 2:00]
Spuštěný z: c:\users\Taťka a mamka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Taťka a mamka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
"c:\windows\system32\perfh005.dat"
"c:\windows\system32\perfh009.dat"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\perfc005.dat
c:\windows\system32\perfh005.dat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-15 do 2011-04-15 )))))))))))))))))))))))))))))))
.
.
2011-04-15 11:18 . 2011-04-15 11:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-15 11:18 . 2011-04-15 11:18 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-04-15 09:22 . 2011-02-23 13:54 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-15 09:22 . 2011-02-23 13:57 280408 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-15 09:22 . 2011-02-23 13:55 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-15 09:22 . 2011-02-23 13:55 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-15 09:22 . 2011-02-23 13:57 505176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-15 09:22 . 2011-02-23 13:55 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-15 09:22 . 2011-02-23 14:04 40648 ----a-w- c:\windows\avastSS.scr
2011-04-15 09:22 . 2011-02-23 14:04 190016 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-04-15 09:22 . 2011-04-15 09:22 -------- d-----w- c:\programdata\AVAST Software
2011-04-15 09:22 . 2011-04-15 09:22 -------- d-----w- c:\program files\AVAST Software
2011-04-15 05:46 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-15 05:38 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C6D9A1E0-5F57-4EED-8C37-12479E3EAC12}\mpengine.dll
2011-04-15 05:30 . 2011-04-15 05:30 -------- d-----w- c:\users\Taťka a mamka\AppData\Local\Ahead
2011-04-13 18:31 . 2011-04-13 18:31 -------- d-----w- c:\program files\Mouse
2011-04-13 18:02 . 2011-04-13 18:02 -------- d-----w- c:\users\Taťka a mamka\AppData\Local\Diagnostics
2011-04-13 13:44 . 2011-04-13 13:44 -------- d-----w- c:\users\Taťka a mamka\AppData\Local\Adobe
2011-04-12 21:36 . 2011-04-12 21:36 -------- d-----w- c:\users\Taťka a mamka\AppData\Local\ATI
2011-04-12 21:17 . 2011-04-12 21:17 301568 ----a-w- c:\windows\SysWow64\CF7874.exe
2011-04-12 21:16 . 2011-04-12 21:16 301568 ----a-w- c:\windows\SysWow64\CF7659.exe
2011-04-12 21:16 . 2011-04-12 21:17 8704 ----a-w- c:\windows\system32\drivers\PROCEXP90.SYS
2011-04-12 21:16 . 2011-04-12 21:22 301568 ----a-w- c:\windows\SysWow64\cmd.execf
2011-04-12 15:34 . 2011-04-12 15:34 -------- d-----w- c:\users\Taťka a mamka\AppData\Roaming\Malwarebytes
2011-04-12 15:34 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-12 15:34 . 2011-04-12 15:34 -------- d-----w- c:\programdata\Malwarebytes
2011-04-12 15:34 . 2011-04-12 15:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-12 15:34 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-12 15:10 . 2011-04-12 15:10 388096 ----a-r- c:\users\Taťka a mamka\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2011-04-12 15:10 . 2011-04-12 15:10 -------- d-----w- c:\program files (x86)\TrendMicro
2011-04-12 15:00 . 2011-04-12 15:00 388096 ----a-r- c:\users\Taťka a mamka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-12 15:00 . 2011-04-12 15:00 -------- d-----w- c:\program files (x86)\Trend Micro
2011-04-12 14:49 . 2011-04-12 14:49 -------- d-----w- c:\program files\CPUID
2011-04-12 14:49 . 2010-11-09 12:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2011-04-12 14:43 . 2011-04-12 14:43 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2011-04-12 14:43 . 2011-04-12 14:43 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2011-04-12 14:43 . 2011-04-12 14:43 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2011-04-12 14:43 . 2011-04-12 14:43 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2011-04-12 14:43 . 2011-04-12 14:43 -------- d-----w- c:\programdata\MicroWorld
2011-04-12 14:36 . 2011-04-12 14:36 -------- d-----w- c:\program files\CCleaner
2011-04-07 10:13 . 2011-04-07 10:17 -------- d-----w- c:\users\Taťka a mamka\AppData\Local\Playata Client
2011-04-02 10:06 . 2011-04-02 10:13 -------- d-----w- c:\program files\The Stalin Subway
2011-04-01 09:37 . 2011-04-01 09:37 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-04-01 06:54 . 2011-02-16 15:11 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-04-01 06:54 . 2011-02-16 15:11 428136 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-04-01 06:54 . 2011-04-01 06:54 -------- d-----w- c:\program files (x86)\Realtek
2011-03-29 16:34 . 2011-03-29 16:34 -------- d-----w- c:\users\Taťka a mamka\AppData\Roaming\InstallShield
2011-03-29 15:49 . 2011-03-29 15:49 -------- d-----w- c:\programdata\SlySoft
2011-03-29 15:45 . 2011-03-29 15:45 -------- d-----w- c:\program files (x86)\SlySoft
2011-03-29 14:41 . 2011-03-29 14:41 -------- d-----w- c:\program files (x86)\The Ultimate File Splitter 1.0
2011-03-28 23:23 . 2011-03-18 17:55 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-28 23:23 . 2011-03-18 17:55 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-28 23:23 . 2011-03-18 17:55 728024 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-28 23:23 . 2011-03-18 17:55 1874904 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-03-28 23:23 . 2011-03-18 17:55 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-28 23:23 . 2011-03-18 17:55 1893336 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-28 23:23 . 2011-03-18 17:55 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-03-28 23:23 . 2011-03-18 17:55 1975768 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-25 11:06 . 2011-04-13 02:51 -------- d-----w- C:\BandwidthMeter
2011-03-25 10:34 . 2011-03-25 10:34 -------- d-----w- c:\program files (x86)\Driver-Soft
2011-03-21 09:48 . 2011-03-21 09:52 -------- d-----w- c:\program files (x86)\The KMPlayer
2011-03-18 08:12 . 2011-04-12 15:59 -------- d-----w- c:\program files (x86)\SweetIM
2011-03-18 08:12 . 2011-03-18 08:12 -------- d-----w- c:\programdata\SweetIM
2011-03-17 16:35 . 2011-03-17 16:35 -------- d-----w- c:\program files (x86)\TopCD
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-13 18:30 . 2008-02-13 14:20 17920 ----a-w- c:\windows\system32\drivers\Amusbx64.sys
2011-04-13 18:30 . 2007-10-15 09:41 12288 ----a-w- c:\windows\system32\drivers\Arfumx64.sys
2011-04-13 18:30 . 2007-10-15 09:39 21504 ----a-w- c:\windows\system32\drivers\Amps2x64.sys
2011-04-13 18:30 . 2007-10-15 09:37 12288 ----a-w- c:\windows\system32\drivers\Amfltx64.sys
2011-04-13 18:30 . 2007-04-06 12:05 32768 ----a-w- c:\windows\SysWow64\Amhooker.dll
2011-04-12 15:10 . 2011-04-12 15:10 388096 ----a-r- c:\users\Taťka a mamka\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2011-04-12 15:10 . 2011-04-12 15:10 388096 ----a-r- c:\users\Taťka a mamka\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2011-04-12 15:00 . 2011-04-12 15:00 388096 ----a-r- c:\users\Taťka a mamka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-12 15:00 . 2011-04-12 15:00 388096 ----a-r- c:\users\Taťka a mamka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-11 12:19 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-06 19:57 . 2010-12-26 21:26 319488 ----a-w- c:\windows\HideWin.exe
2011-02-23 14:04 . 2011-01-19 17:36 238968 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-19 06:37 . 2011-03-09 08:09 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 08:09 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 08:09 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 05:32 . 2011-03-09 08:09 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 08:09 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-16 15:11 . 2010-01-05 15:39 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2011-02-07 15:27 . 2011-02-07 15:26 475136 ------w- c:\windows\Setup1.exe
2011-02-07 15:27 . 2011-02-07 15:25 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-02-02 17:11 . 2010-12-26 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-02-02 13:31 . 2011-02-02 13:31 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-02-02 13:31 . 2011-02-02 13:31 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-01-26 06:53 . 2011-02-08 19:10 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-08 19:10 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-08 19:10 144384 ----a-w- c:\windows\system32\cdd.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-04-15_08.45.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-04-15 11:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-04-15 08:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-04-15 08:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-04-15 11:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-04-15 08:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-04-15 11:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-26 23:21 . 2011-04-15 11:21 51464 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-04-15 11:21 38526 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-26 21:32 . 2011-04-15 11:21 13488 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-800867951-441533802-1533705285-1000_UserData.bin
- 2010-12-26 21:00 . 2011-04-15 08:45 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-26 21:00 . 2011-04-15 11:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-04-15 08:53 78432 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-12-26 21:00 . 2011-04-15 11:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-26 21:00 . 2011-04-15 08:45 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-26 21:00 . 2011-04-15 08:45 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-26 21:00 . 2011-04-15 11:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-26 21:32 . 2011-04-15 08:45 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-26 21:32 . 2011-04-15 11:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-26 21:32 . 2011-04-15 11:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-26 21:32 . 2011-04-15 08:45 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-04-15 08:48 . 2011-04-15 08:48 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\6a8a0fb15f936916d6e51ab8538cff35\UIAutomationProvider.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\29b15b9eef203908b55751af62b163e2\PresentationCFFRasterizer.ni.dll
+ 2011-04-15 08:47 . 2011-04-15 08:47 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\12de3a3ae03044c5c1684ac7181358d2\Microsoft.VisualC.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11ebcba65c931267301739008a883e60\Accessibility.ni.dll
- 2011-04-15 08:44 . 2011-04-15 08:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-15 11:19 . 2011-04-15 11:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-04-15 11:19 . 2011-04-15 11:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-04-15 08:44 . 2011-04-15 08:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2011-04-15 11:10 388020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-04-15 08:34 388020 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-12 10:16 . 2009-07-12 10:16 223232 c:\windows\Installer\36a9a.msi
+ 2011-04-15 08:48 . 2011-04-15 08:48 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\7f7d2046655d4c9869df1400e96ef148\UIAutomationTypes.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\86f6b6c6f39adbf30b16f0010eae55ed\System.Web.RegularExpressions.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4be7719ea0e1f2ba2d3fde051d1ef7ab\System.Transactions.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\b6d66d3c48e430796c17d0497ce37972\System.ServiceProcess.ni.dll
+ 2011-04-15 08:47 . 2011-04-15 08:47 680960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\395fc7d9f333940351a74aaab5d6ae99\System.Security.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ad1106dcb485b61902595ebdbac11003\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:49 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\d571165dafc1dd90e3450ea2a1325657\System.EnterpriseServices.Wrapper.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\d571165dafc1dd90e3450ea2a1325657\System.EnterpriseServices.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ee36fbb280cddb3efe592efd9119c8d5\System.Drawing.Design.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\fcffd264d279dfade0e9e81676e2be2e\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-15 08:47 . 2011-04-15 08:47 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\6ab5ba34d9ef6368859b41a78d77cb8b\System.Configuration.Install.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b3063a90df90a31a7ab2524bac40b7fc\PresentationFramework.Classic.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b0aaab2b6a3abd5d4a54bdf346152416\PresentationFramework.Luna.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e1f199a523bdc014cd19072d583e7cc\PresentationFramework.Aero.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\35bfb432b168fb51731c8257117093aa\PresentationFramework.Royale.ni.dll
+ 2011-02-14 21:00 . 2011-04-15 11:10 2153400 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-02-14 21:00 . 2011-04-15 08:34 2153400 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-12-30 17:35 . 2011-04-15 11:10 9125964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-800867951-441533802-1533705285-1000-8192.dat
- 2010-12-30 17:35 . 2011-04-15 08:23 9125964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-800867951-441533802-1533705285-1000-8192.dat
+ 2011-04-15 08:47 . 2011-04-15 08:47 3325952 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\caa9d8bca3092573cdbb67c8e81bf0f3\WindowsBase.ni.dll
+ 2011-04-15 08:47 . 2011-04-15 08:47 7949312 c:\windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
+ 2011-04-15 08:47 . 2011-04-15 08:47 5452800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 1914880 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\8f1782183b31982f174d72fb90d7716f\System.Workflow.Runtime.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\62a4f0f720e9fbde89029958855f83b2\System.Workflow.ComponentModel.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\1bbb5146995a1f32c86f40741d92c2fe\System.Workflow.Activities.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f9fe5fb8add34a7107252b0cc957180f\System.Web.Services.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\ee6cdd2f7d1912e83be10c072d20b08d\System.Printing.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 1586688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\cf7ba38149c1045375a57ce45121b2a0\System.DirectoryServices.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\fb344a8683aa8f1c4250807eb4b264eb\System.Deployment.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 6618624 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\b9565c454a22ca564978b05db4186f22\System.Data.ni.dll
+ 2011-04-15 08:47 . 2011-04-15 08:47 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\2e02ccda4754a42463e74452f55b81d4\System.Data.SqlXml.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\901ca7df5560e0e9aae68a130549e71a\System.Data.OracleClient.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 2147328 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\c119a751d5835e2ec1bfa52a33c60daa\ReachFramework.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\88eb524b3a37cca550934d993ac4c205\PresentationUI.ni.dll
+ 2009-07-14 02:34 . 2011-04-15 09:48 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2011-04-15 08:28 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2011-04-15 08:48 . 2011-04-15 08:48 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 11807744 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\b867fbc0d573ac5e5fe71143d9caf43b\System.Web.ni.dll
+ 2011-04-15 08:49 . 2011-04-15 08:49 10578432 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c519a7e1b063eb63b43fa5b3a782c641\System.Design.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 14322688 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7827588b8043e8be3184c8a64a867fc\PresentationFramework.ni.dll
+ 2011-04-15 08:48 . 2011-04-15 08:48 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\03dd2b7701ca5cfe696d4ca5a0f7b8bb\PresentationCore.ni.dll
+ 2011-04-15 08:47 . 2011-04-15 08:47 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Glary Memory Optimizer"="c:\program files (x86)\Glary Utilities\memdefrag.exe" [2010-12-24 108344]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 908160]
"Seznam Postak"="c:\program files (x86)\Seznam.cz\postak.exe" [2010-10-07 488728]
"NCsoft Launcher"="c:\program files (x86)\NCsoft\Launcher\NCLauncher.exe" [2011-02-23 38184]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-03-08 17037704]
"PlayataClient"="c:\users\Taťka a mamka\AppData\Local\Playata Client\PlayataClient.exe" [2011-03-17 536576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2010-12-20 111928]
"TaskTray"="c:\program files (x86)\Driver-Soft\SuperOvladac\TaskTray.exe" [2011-01-27 284016]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-26 136176]
R3 ATICDSDr;ATICDSDr;c:\users\TAKAAM~1\AppData\Local\Temp\ATICDSDr.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-15 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-02-15 13:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"WheelMouse"="c:\program files\Mouse\Amoumain.exe" [2011-04-13 270336]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: {D478DE80-DC8B-40BB-9F2D-9410A09378E7} = 10.0.0.138
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Taťka a mamka\AppData\Roaming\Mozilla\Firefox\Profiles\j8xnt307.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{6EDC3889-B841-4127-A2BF-C5FC48F972C7} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files (x86)\TeamViewer\Version5\TeamViewer.exe
.
**************************************************************************
.
Celkový čas: 2011-04-15 13:24:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-15 11:24
ComboFix2.txt 2011-04-15 08:48
ComboFix3.txt 2011-04-13 02:53
.
Před spuštěním: 1 166 606 336
Po spuštění: 1 718 910 976
.
- - End Of File - - 0381E6D47637B79126C25EE98C6BDA51

[Žbeky]

Mělo by to jít spustit i v normálním, ale někdy se to postaví na hlavu

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

[Kamos]

zda se ze PC se chova docela korektne (teda po poslednim cisteni me nesla spustit hra Aion udelal jsem repair a porestartu bylo vse OK)
diky moc moc za pomoc

tady je ten log

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 15:34:35, on 15.4.2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Glary Utilities\memdefrag.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Seznam.cz\postak.exe
C:\Program Files (x86)\NCsoft\Launcher\NCLauncher.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Taťka a mamka\AppData\Local\Playata Client\PlayataClient.exe
C:\Program Files (x86)\Driver-Soft\SuperOvladac\TaskTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
G:\AionEU\bin32\aion.bin
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\core.3.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [TaskTray] C:\Program Files (x86)\Driver-Soft\SuperOvladac\TaskTray.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files (x86)\Glary Utilities\memdefrag.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [NCsoft Launcher] C:\Program Files (x86)\NCsoft\Launcher\NCLauncher.exe /Minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PlayataClient] "C:\Users\Taťka a mamka\AppData\Local\Playata Client\PlayataClient.exe" -silent
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D478DE80-DC8B-40BB-9F2D-9410A09378E7}: NameServer = 10.0.0.138
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10717 bytes

[Žbeky]

V HJT fixni ještě:

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\core.3.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [TaskTray] C:\Program Files (x86)\Driver-Soft\SuperOvladac\TaskTray.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab

Pokud nebudou problémy, můžeš dát vyřešeno

[Kamos]

zatim vse v poradku a jeste jednou moc diky za pomoc kdyby nahodou neco ozvu se znova dobrou