VIRY.CZ

Dobrý den,
mám problém s nějakým virem, proto mi nejde spustit správce úloh
přikládám log z combofixu:

ComboFix 10-07-28.01 - Petr Hanák 29.07.2010 10:19:17.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2943.2010 [GMT 2:00]
Spuštěný z: c:\users\Petr Hanák\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\IE\4.0.2\config.ini
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Search Settings
c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
c:\users\Maminka\AppData\Roaming\BITS
c:\users\Maminka\AppData\Roaming\BITS\BITS.ini
c:\users\Maminka\AppData\Roaming\BITS\DHTTable.dat
c:\users\Maminka\AppData\Roaming\BITS\ProxyList.ini
c:\users\Petr\AppData\Roaming\BITS
c:\users\Petr\AppData\Roaming\BITS\BITS.ini
c:\users\Petr\AppData\Roaming\BITS\DHTTable.dat
c:\users\Petr\AppData\Roaming\BITS\ProxyList.ini
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_osppsvc

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-29 )))))))))))))))))))))))))))))))
.

2030-08-29 13:22 . 2030-08-29 13:22 143872 ------w- c:\windows\system32\iacenc.dll
2012-01-01 09:02 . 2012-01-01 09:02 -------- d-----w- c:\windows\system32\Futuremark
2012-01-01 09:02 . 2004-10-25 19:02 21664 ----a-w- c:\windows\system32\drivers\Entech.sys
2012-01-01 09:02 . 2004-06-22 14:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2012-01-01 09:02 . 2001-11-19 18:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2012-01-01 09:01 . 2012-01-01 09:01 -------- d-----w- c:\program files\Futuremark
2012-01-01 08:58 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-01-01 08:54 . 2010-05-01 09:17 -------- d-----w- C:\Programy
2012-01-01 08:43 . 2004-02-26 23:00 962612 ----a-w- c:\windows\system32\mfc42d.dll
2012-01-01 08:43 . 2004-02-16 23:00 434252 ----a-w- c:\windows\system32\MSVCRTD.DLL
2012-01-01 08:43 . 2007-12-17 16:14 12400 ----a-w- c:\windows\system32\drivers\AsIO.sys
2012-01-01 08:43 . 2006-01-10 15:50 24576 ----a-w- c:\windows\system32\AsIO.dll
2012-01-01 08:43 . 2012-01-01 08:43 -------- d-----w- c:\program files\ASUS
2012-01-01 08:43 . 2008-01-04 12:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2012-01-01 08:43 . 2008-01-04 12:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2012-01-01 08:42 . 2010-07-10 05:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-01-01 08:42 . 2009-08-17 18:17 1077760 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2012-01-01 08:42 . 2009-08-17 16:59 500224 ----a-w- c:\windows\system32\VIASysFx.dll
2012-01-01 08:42 . 2009-08-17 13:17 868352 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2012-01-01 08:42 . 2009-06-01 09:10 211456 ----a-w- c:\windows\system32\Dts2APO.dll
2012-01-01 08:42 . 2009-03-04 15:42 75776 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2012-01-01 08:42 . 2009-01-19 20:30 68608 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2012-01-01 08:42 . 2009-01-19 20:29 181248 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2012-01-01 08:42 . 2007-12-04 10:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll
2012-01-01 08:42 . 2007-12-04 10:28 71680 ----a-w- c:\windows\system32\nQAPO.dll
2012-01-01 08:42 . 2012-01-01 08:42 -------- d-----w- c:\program files\VIA
2012-01-01 08:42 . 2009-11-30 17:48 -------- d-----w- c:\program files\Common Files\InstallShield
2012-01-01 08:41 . 2010-07-29 06:32 -------- d-sh--w- c:\windows\Installer
2012-01-01 08:41 . 2010-07-29 08:33 -------- d-----w- c:\programdata\NVIDIA
2012-01-01 08:40 . 2010-05-23 12:05 -------- d-----w- c:\program files\NVIDIA Corporation
2012-01-01 08:40 . 2009-07-14 11:29 4223008 ----a-w- c:\windows\system32\NVStWiz.exe
2012-01-01 08:40 . 2009-08-05 15:10 6136 ----a-w- c:\windows\system32\drivers\nvphy.bin
2012-01-01 08:40 . 2009-07-30 15:48 705536 ----a-w- c:\windows\system32\cohelper.dll
2012-01-01 08:29 . 2009-08-08 17:46 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2012-01-01 08:29 . 2012-01-01 08:29 -------- d-----w- C:\NVIDIA
2012-01-01 08:27 . 2010-07-04 13:13 -------- d-----w- c:\windows\system32\wbem\Performance
2012-01-01 08:27 . 2009-05-13 18:11 6504 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2010-07-29 08:32 . 2010-07-29 08:32 -------- d-----w- C:\Device
2010-07-29 07:02 . 2010-07-29 06:35 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-29 06:35 . 2010-07-29 06:35 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-29 06:35 . 2010-07-29 06:35 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-29 06:34 . 2010-07-29 06:34 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-29 06:31 . 2010-07-29 06:31 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-07-29 06:31 . 2010-07-29 06:32 -------- d-----w- c:\program files\Lavasoft
2010-07-29 06:31 . 2010-07-29 06:35 -------- d-----w- c:\programdata\Lavasoft
2010-07-28 17:35 . 2010-07-28 17:36 -------- d-----w- c:\program files\BSplayer
2010-07-26 09:53 . 2010-07-26 09:53 -------- d-----w- c:\program files\Havliczech.eu
2010-07-24 16:53 . 2010-07-24 16:54 -------- d-----w- c:\program files\WinX Video Converter
2010-07-24 16:39 . 2010-07-24 16:40 -------- d-----w- c:\program files\VLC
2010-07-24 16:33 . 2010-07-24 16:33 -------- d-----w- c:\program files\Common Files\FDRLab
2010-07-23 12:59 . 2010-07-23 12:59 -------- d-----w- c:\program files\SweetIM
2010-07-23 12:59 . 2010-07-29 07:28 -------- d-----w- c:\programdata\SweetIM
2010-07-23 05:39 . 2010-07-26 12:20 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2010-07-22 18:04 . 2010-07-22 18:04 -------- d-----w- c:\program files\Common Files\xing shared
2010-07-21 19:09 . 2010-07-21 19:09 -------- d-----w- c:\users\Sourozenci\AppData\Roaming\DivX
2010-07-21 11:59 . 2010-07-21 11:59 -------- d-----w- c:\programdata\HPSSUPPLY
2010-07-18 13:28 . 2010-07-18 15:31 -------- d-----r- C:\plugins
2010-07-18 13:02 . 2010-07-29 08:35 -------- d-----w- c:\program files\Star-Steam
2010-07-16 19:45 . 2010-07-16 19:45 -------- d-----w- c:\windows\XSxS
2010-07-16 19:45 . 2010-07-16 19:45 -------- d-----w- c:\program files\Xenocode
2010-07-15 12:50 . 2010-07-15 12:57 524 ----a-w- c:\windows\bpfdat.dat
2010-07-15 12:43 . 2010-07-15 12:46 740 ----a-w- c:\windows\db2fdat.dat
2010-07-15 07:31 . 2010-07-15 07:31 -------- d-----w- c:\program files\Jasmio
2010-07-15 07:31 . 2010-07-15 07:31 -------- d-----w- c:\programdata\Jasmio
2010-07-12 11:28 . 2010-07-12 11:28 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-07-12 11:27 . 2010-07-12 11:27 -------- d-----w- c:\program files\Microsoft.NET
2010-07-12 11:27 . 2010-07-12 11:27 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-07-12 11:26 . 2010-07-12 13:12 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-07-12 11:24 . 2010-07-12 11:24 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-07-12 11:23 . 2010-07-12 11:23 -------- d-----r- C:\MSOCache
2010-07-09 09:19 . 2010-07-09 09:33 -------- d-----w- c:\program files\Counter-Strike Source
2010-07-09 07:08 . 2010-07-17 06:45 -------- d-----w- c:\program files\Counter Strike Source
2010-07-09 06:33 . 2010-07-09 06:33 -------- d-----w- c:\program files\Movier-media
2010-07-09 06:33 . 2010-07-09 06:33 -------- d-----w- c:\program files\Movier
2010-07-08 06:07 . 2010-06-25 14:01 142992 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-07-08 06:06 . 2010-06-25 14:01 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-07-08 06:06 . 2010-07-08 06:06 -------- d-----w- c:\program files\Oracle
2010-07-08 05:44 . 2003-10-27 12:06 505104 ----a-w- c:\windows\system32\msxml.dll
2010-07-08 05:44 . 2003-10-27 12:06 69632 ----a-w- c:\windows\system32\xmltok.dll
2010-07-08 05:44 . 2003-10-27 12:06 36864 ----a-w- c:\windows\system32\xmlparse.dll
2010-07-08 05:44 . 2003-10-27 12:06 28432 ----a-w- c:\windows\system32\msxmlr.dll
2010-07-08 05:44 . 2003-10-27 12:06 26096 ----a-w- c:\windows\system32\xmlinst.exe
2010-07-08 05:44 . 2003-10-27 12:06 24576 ----a-w- c:\windows\system32\msxml3a.dll
2010-07-08 05:44 . 2003-10-27 12:06 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2010-07-08 05:44 . 2010-07-08 05:44 -------- d-----w- c:\program files\Ubisoft
2010-07-06 06:30 . 2010-07-06 06:30 -------- d-----w- C:\SAVE
2010-07-06 06:28 . 2010-07-09 06:33 -------- d-----w- c:\users\TEMP
2010-07-06 06:27 . 2010-07-06 06:28 -------- d-----w- c:\program files\Half-Life
2010-07-02 16:45 . 2010-07-02 16:45 -------- d-----w- c:\program files\The KMPlayer
2010-07-02 16:17 . 2010-07-02 16:17 -------- d-----w- c:\programdata\r2 Studios
2010-07-02 16:17 . 2010-07-02 16:17 -------- d-----w- c:\program files\Startup Delayer
2010-07-01 06:33 . 2010-07-01 06:33 -------- d-----w- c:\program files\Miro
2010-06-30 11:34 . 2010-06-30 11:40 -------- d-----w- c:\program files\Call of Duty 5 - World at War

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-01 08:25 . 2012-01-01 08:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-07-29 08:35 . 2010-01-19 13:26 -------- d-----w- c:\program files\utorrent-portable
2010-07-29 08:33 . 2010-04-05 11:17 -------- d-----w- c:\programdata\VMware
2010-07-29 08:11 . 2010-04-05 16:30 -------- d-----w- c:\users\Sourozenci\AppData\Roaming\uTorrent
2010-07-29 07:30 . 2010-05-22 13:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-26 18:05 . 2010-05-17 13:38 -------- d-----w- c:\program files\Command and Conquer Red Alert 2
2010-07-26 18:05 . 2010-03-21 20:25 -------- d-----w- c:\program files\Team Fortress 2
2010-07-23 17:13 . 2009-12-05 16:40 262024 ----a-w- c:\users\Maminka\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-23 16:09 . 2010-03-23 12:16 -------- d-----w- c:\users\Petr\AppData\Roaming\Skype
2010-07-23 16:09 . 2010-04-05 16:30 -------- d-----w- c:\users\Petr\AppData\Roaming\uTorrent
2010-07-23 16:07 . 2010-03-23 11:24 262024 ----a-w- c:\users\Petr\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-23 08:01 . 2010-05-04 15:04 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-07-23 00:42 . 2010-05-07 17:03 -------- d-----w- c:\program files\a-squared Free
2010-07-22 18:05 . 2009-11-15 18:00 -------- d-----w- c:\program files\Common Files\Real
2010-07-22 18:04 . 2009-11-15 18:00 -------- d-----w- c:\program files\Real
2010-07-22 18:03 . 2009-11-15 15:19 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-07-22 18:03 . 2009-11-15 15:19 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-07-21 19:03 . 2010-05-21 12:30 -------- d-----w- c:\program files\Common Files\Steam
2010-07-14 06:31 . 2009-11-22 19:00 -------- d-----w- c:\programdata\Microsoft Help
2010-07-13 15:34 . 2010-04-12 11:19 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-12 13:38 . 2010-03-30 15:27 262024 ----a-w- c:\users\Sourozenci\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-12 13:19 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-07-12 11:27 . 2009-11-22 19:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-07-12 09:00 . 2009-07-14 08:44 641092 ----a-w- c:\windows\system32\perfh005.dat
2010-07-12 09:00 . 2009-07-14 08:44 127548 ----a-w- c:\windows\system32\perfc005.dat
2010-07-11 05:54 . 2010-05-19 17:31 -------- d-----w- c:\programdata\DivX
2010-07-11 05:46 . 2009-11-26 09:33 -------- d-----w- c:\program files\DivX
2010-07-02 06:15 . 2009-11-15 16:03 -------- d-----w- c:\program files\Opera
2010-06-29 12:29 . 2009-12-11 15:43 -------- d-----w- c:\program files\FlashGet
2010-06-29 07:02 . 2010-06-10 12:23 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-06-28 17:22 . 2009-11-18 12:04 -------- d-----w- c:\program files\Rockstar Games
2010-06-26 11:46 . 2010-05-30 15:30 -------- d-----w- c:\users\Petr\AppData\Roaming\SoftGrid Client
2010-06-26 11:45 . 2010-03-24 13:40 -------- d-----w- c:\users\Petr\AppData\Roaming\ICQ
2010-06-26 11:44 . 2010-03-23 12:18 -------- d-----w- c:\users\Petr\AppData\Roaming\skypePM
2010-06-26 09:01 . 2009-12-22 08:11 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-25 14:01 . 2010-06-25 14:01 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-06-25 14:01 . 2010-06-25 14:01 111312 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-06-25 14:01 . 2010-06-25 14:01 100496 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-06-23 17:46 . 2010-04-17 15:47 -------- d-----w- c:\program files\Metin2
2010-06-23 15:00 . 2010-06-23 15:00 -------- d-----w- c:\users\Petr\AppData\Roaming\VitySoft
2010-06-21 11:59 . 2009-11-15 09:50 -------- d-----w- c:\program files\OpenOffice.org 3
2010-06-18 11:56 . 2010-06-18 11:56 -------- d-----w- c:\users\Petr\AppData\Roaming\Foxit Software
2010-06-17 13:40 . 2010-06-13 06:14 -------- d-----w- c:\users\Petr\AppData\Roaming\Autodesk
2010-06-17 13:40 . 2010-06-13 06:14 -------- d-----w- c:\programdata\Autodesk
2010-06-17 10:24 . 2010-06-12 07:02 -------- d-----w- c:\program files\ManicTime
2010-06-13 06:24 . 2010-03-09 07:20 -------- d-----w- c:\programdata\FLEXnet
2010-06-13 06:23 . 2010-06-13 06:14 -------- d-----w- c:\program files\AutoCAD 2010
2010-06-13 06:17 . 2010-06-13 06:14 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-06-10 12:23 . 2010-04-30 14:45 -------- d-----w- c:\programdata\f-secure
2010-06-09 13:59 . 2010-03-24 13:40 -------- d-----w- c:\program files\ICQ7.1
2010-06-08 10:05 . 2009-12-22 08:12 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-06 11:46 . 2010-03-09 07:08 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-06 11:40 . 2010-06-06 11:40 -------- d-----w- c:\program files\PDF Creator
2010-06-05 16:34 . 2010-04-24 11:39 -------- d-----w- c:\program files\Command and Conquer Generals
2010-06-05 11:46 . 2010-02-25 11:23 -------- d-----w- c:\program files\LittleFighter2
2010-06-05 05:46 . 2010-02-20 17:19 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-04 12:53 . 2009-11-26 09:33 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-06-01 17:37 . 2009-11-15 14:32 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-30 17:51 . 2010-05-30 17:51 -------- d-----w- c:\programdata\VirtualizedApplications
2010-05-30 15:40 . 2010-05-30 15:40 -------- d-----w- c:\users\Petr\AppData\Roaming\NVD
2010-05-30 15:31 . 2010-05-30 14:43 -------- d-----w- c:\users\Petr\AppData\Roaming\TP
2010-05-29 18:48 . 2010-05-20 09:35 22328 ----a-w- c:\users\Petr\AppData\Roaming\PnkBstrK.sys
2010-05-29 18:48 . 2010-05-20 09:34 2337865 ----a-w- c:\windows\system32\pbsvc.exe
2010-05-27 07:24 . 2010-06-10 10:11 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-10 10:11 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 05:18 . 2010-06-10 10:12 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-19 10:10 . 2010-05-19 10:10 9304 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-05-12 14:03 . 2010-01-19 11:54 737280 ----a-w- c:\windows\iun6002.exe
2010-05-09 09:14 . 2010-06-23 04:39 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-05-09 09:14 . 2010-06-23 04:38 417792 ----a-w- c:\windows\system32\msdri.dll
2010-05-07 13:49 . 2010-05-07 13:49 92 ----a-w- c:\users\Petr\AppData\Local\fusioncache.dat
2010-05-01 14:49 . 2010-06-10 10:12 2326528 ----a-w- c:\windows\system32\win32k.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ce10bf86-da68-441e-91fa-38336363e3cd}"= "c:\program files\Movier-media\tbMovi.dll" [2010-03-09 2355224]

[HKEY_CLASSES_ROOT\clsid\{ce10bf86-da68-441e-91fa-38336363e3cd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 11:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-05-16 06:27 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2010-02-28 00:20 561552 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ce10bf86-da68-441e-91fa-38336363e3cd}]
2010-03-09 09:06 2355224 ----a-w- c:\program files\Movier-media\tbMovi.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25 1438520 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
"{ce10bf86-da68-441e-91fa-38336363e3cd}"= "c:\program files\Movier-media\tbMovi.dll" [2010-03-09 2355224]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{ce10bf86-da68-441e-91fa-38336363e3cd}]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CE10BF86-DA68-441E-91FA-38336363E3CD}"= "c:\program files\Movier-media\tbMovi.dll" [2010-03-09 2355224]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{ce10bf86-da68-441e-91fa-38336363e3cd}]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"uTorrent"="c:\program files\utorrent-portable\utorrent.exe" [2010-06-29 322352]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-11 39408]
"MoeMonitor.exe"="c:\users\Petr Hanák\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe" [2010-07-09 1315152]
"Steam"="c:\program files\Star-Steam\Steam.exe" [2010-07-18 1238352]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 1486848]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"NetFxUpdate_v1.1.4322"="c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" [2004-08-10 106496]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"a-squared"="c:\program files\EMSISOFT ANTI-MALWARE\a2guard.exe" [2010-07-19 3630472]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-06-07 111928]

c:\users\Babiźka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Windows Defender.lnk - c:\plugins\Server.jar [2010-7-18 1875007]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FontExpertType1Loader]
2009-09-29 13:27 294152 ----a-w- c:\program files\FontExpert\Type1Loader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-06-24 07:39 136176 ----atw- c:\users\Petr Hanák\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU]
2005-11-05 21:15 397312 --sha-r- c:\users\Petr Hanák\AppData\Roaming\installg\servefr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2010-04-17 10:56 394984 ----a-w- c:\program files\Sandboxie\SbieCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
2010-01-22 20:13 129584 ----a-w- c:\program files\VMware Workstation\vmware-tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows]
2010-04-26 15:09 679936 ----a-w- c:\users\Public\Public Documents\Windows Movie Player\player.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"HKCU"=c:\users\Petr Hanák\AppData\Roaming\installg\servefr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 135664]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2010-03-25 31824]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-23 1343400]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R4 Jasmio.MediaCenter.Service;Media Center Support Service;c:\program files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [2009-10-29 73144]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-10 691696]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-07-29 64288]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2010-06-25 142992]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2010-06-25 41936]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2010-07-14 1935120]
S2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [2010-04-15 1872320]
S2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-19 814344]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-29 1352832]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-07-14 239648]
S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe [2010-05-16 300656]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-01-22 70704]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760]
S2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe [2010-02-19 44880]
S3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2010-06-28 71008]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-02-19 9040]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-25 100496]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2010-06-25 111312]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-08-17 1077760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 06:35]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 16:46]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 16:46]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2460206527-1493759754-90791392-1019Core.job
- c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-30 16:56]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2460206527-1493759754-90791392-1019UA.job
- c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-30 16:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.tsbohemia.cz
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
LSP: c:\program files\VMware Workstation\vsocklib.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Petr Hanák\AppData\Roaming\Mozilla\Firefox\Profiles\fmf6t84p.default\
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: c:\program files\SpeedBit Video Downloader\SPFireFox\components\Engine.dll
FF - plugin: c:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Adobe\Reader\Reader\browser\nppdf32.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Opera\program\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
HKCU-Run-ICQ - ~c:\program files\ICQ7.1\ICQ.exe
HKCU-Run-yj4RbvTEhUlQfnhL - c:\users\Petr Hanák\AppData\Roaming\KncRG.exe
HKLM-Run-AdobeCS4ServiceManager - c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
MSConfigStartUp-FlashGet - c:\program files\FlashGet\FlashGet.exe
AddRemove-Age of Empires 2.0 - c:\program files\Age of Empires\UNINSTAL.EXE
AddRemove-Command & Conquer - c:\program\C&C\Uninstal.exe
AddRemove-DiskAid_is1 - f:\diskaid\unins000.exe
AddRemove-Free MP3 Sound Recorder_is1 - c:\program files\Free MP3 Sound Recorder\unins000.exe
AddRemove-MainType2_is1 - c:\program files\MainType\unins000.exe
AddRemove-NSS - c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.3.0.44\InstStub.exe
AddRemove-Re-Volt Demo - c:\program files\RV\Uninst.isu
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1 - f:\iphone explorer\unins000.exe
AddRemove-µTorrent CZ_is1 - c:\program files\uTorrent\unins000.exe

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\AUDIODG.EXE
c:\windows\system32\nvvsvc.exe
c:\program files\Alcohol 120%\StarWind\StarWindServiceAE.exe
c:\windows\system32\vmnat.exe
c:\program files\VMware Workstation\vmware-authd.exe
c:\windows\system32\vmnetdhcp.exe
c:\windows\system32\taskhost.exe
c:\progra~1\SPEEDB~2\VideoAcceleratorEngine.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\sppsvc.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2010-07-29 10:43:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-29 08:43

Před spuštěním: Volných bajtů: 298 386 583 552
Po spuštění: Volných bajtů: 317 360 623 616

- - End Of File - - 4F50CE1F396340F70B69AE931AB146AE

Zdravím, pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::
c:\program files\AskBarDis
c:\program files\ICQ6Toolbar

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-

Driver::
ICQ Service

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Po restartu už funguje správce úloh i regedit. Moc vám děkuji
Zde je log:

ComboFix 10-07-28.01 - Petr Hanák 29.07.2010 12:42:54.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2943.1439 [GMT 2:00]
Spuštěný z: c:\users\Petr Hanák\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr Hanák\Desktop\CFScript.txt
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ICQ Service

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-29 )))))))))))))))))))))))))))))))
.

2030-08-29 13:22 . 2030-08-29 13:22 143872 ------w- c:\windows\system32\iacenc.dll
2012-01-01 09:02 . 2012-01-01 09:02 -------- d-----w- c:\windows\system32\Futuremark
2012-01-01 09:02 . 2004-10-25 19:02 21664 ----a-w- c:\windows\system32\drivers\Entech.sys
2012-01-01 09:02 . 2004-06-22 14:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2012-01-01 09:02 . 2001-11-19 18:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2012-01-01 09:01 . 2012-01-01 09:01 -------- d-----w- c:\program files\Futuremark
2012-01-01 08:58 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-01-01 08:54 . 2010-05-01 09:17 -------- d-----w- C:\Programy
2012-01-01 08:43 . 2004-02-26 23:00 962612 ----a-w- c:\windows\system32\mfc42d.dll
2012-01-01 08:43 . 2004-02-16 23:00 434252 ----a-w- c:\windows\system32\MSVCRTD.DLL
2012-01-01 08:43 . 2007-12-17 16:14 12400 ----a-w- c:\windows\system32\drivers\AsIO.sys
2012-01-01 08:43 . 2006-01-10 15:50 24576 ----a-w- c:\windows\system32\AsIO.dll
2012-01-01 08:43 . 2012-01-01 08:43 -------- d-----w- c:\program files\ASUS
2012-01-01 08:43 . 2008-01-04 12:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2012-01-01 08:43 . 2008-01-04 12:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2012-01-01 08:42 . 2010-07-10 05:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-01-01 08:42 . 2009-08-17 18:17 1077760 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2012-01-01 08:42 . 2009-08-17 16:59 500224 ----a-w- c:\windows\system32\VIASysFx.dll
2012-01-01 08:42 . 2009-08-17 13:17 868352 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2012-01-01 08:42 . 2009-06-01 09:10 211456 ----a-w- c:\windows\system32\Dts2APO.dll
2012-01-01 08:42 . 2009-03-04 15:42 75776 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2012-01-01 08:42 . 2009-01-19 20:30 68608 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2012-01-01 08:42 . 2009-01-19 20:29 181248 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2012-01-01 08:42 . 2007-12-04 10:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll
2012-01-01 08:42 . 2007-12-04 10:28 71680 ----a-w- c:\windows\system32\nQAPO.dll
2012-01-01 08:42 . 2012-01-01 08:42 -------- d-----w- c:\program files\VIA
2012-01-01 08:42 . 2009-11-30 17:48 -------- d-----w- c:\program files\Common Files\InstallShield
2012-01-01 08:41 . 2010-07-29 06:32 -------- d-sh--w- c:\windows\Installer
2012-01-01 08:41 . 2010-07-29 10:55 -------- d-----w- c:\programdata\NVIDIA
2012-01-01 08:40 . 2010-05-23 12:05 -------- d-----w- c:\program files\NVIDIA Corporation
2012-01-01 08:40 . 2009-07-14 11:29 4223008 ----a-w- c:\windows\system32\NVStWiz.exe
2012-01-01 08:40 . 2009-08-05 15:10 6136 ----a-w- c:\windows\system32\drivers\nvphy.bin
2012-01-01 08:40 . 2009-07-30 15:48 705536 ----a-w- c:\windows\system32\cohelper.dll
2012-01-01 08:29 . 2009-08-08 17:46 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2012-01-01 08:29 . 2012-01-01 08:29 -------- d-----w- C:\NVIDIA
2012-01-01 08:27 . 2010-07-04 13:13 -------- d-----w- c:\windows\system32\wbem\Performance
2012-01-01 08:27 . 2009-05-13 18:11 6504 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2010-07-29 10:53 . 2010-07-29 10:53 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2010-07-29 10:53 . 2010-07-29 10:53 -------- d-----w- c:\users\Sourozenci\AppData\Local\temp
2010-07-29 10:53 . 2010-07-29 10:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-29 10:53 . 2010-07-29 10:53 -------- d-----w- c:\users\Petr\AppData\Local\temp
2010-07-29 10:53 . 2010-07-29 10:53 -------- d-----w- c:\users\Maminka\AppData\Local\temp
2010-07-29 10:53 . 2010-07-29 10:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-29 08:32 . 2010-07-29 08:32 -------- d-----w- C:\Device
2010-07-29 07:02 . 2010-07-29 06:35 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-29 06:35 . 2010-07-29 06:35 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-29 06:35 . 2010-07-29 06:35 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-29 06:34 . 2010-07-29 06:34 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-29 06:31 . 2010-07-29 06:31 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-07-29 06:31 . 2010-07-29 06:32 -------- d-----w- c:\program files\Lavasoft
2010-07-29 06:31 . 2010-07-29 06:35 -------- d-----w- c:\programdata\Lavasoft
2010-07-28 17:35 . 2010-07-28 17:36 -------- d-----w- c:\program files\BSplayer
2010-07-26 09:53 . 2010-07-26 09:53 -------- d-----w- c:\program files\Havliczech.eu
2010-07-24 16:53 . 2010-07-24 16:54 -------- d-----w- c:\program files\WinX Video Converter
2010-07-24 16:39 . 2010-07-24 16:40 -------- d-----w- c:\program files\VLC
2010-07-24 16:33 . 2010-07-24 16:33 -------- d-----w- c:\program files\Common Files\FDRLab
2010-07-23 12:59 . 2010-07-23 12:59 -------- d-----w- c:\program files\SweetIM
2010-07-23 12:59 . 2010-07-29 07:28 -------- d-----w- c:\programdata\SweetIM
2010-07-23 05:39 . 2010-07-26 12:20 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2010-07-22 18:04 . 2010-07-22 18:04 -------- d-----w- c:\program files\Common Files\xing shared
2010-07-21 19:09 . 2010-07-21 19:09 -------- d-----w- c:\users\Sourozenci\AppData\Roaming\DivX
2010-07-21 11:59 . 2010-07-21 11:59 -------- d-----w- c:\programdata\HPSSUPPLY
2010-07-18 13:28 . 2010-07-18 15:31 -------- d-----r- C:\plugins
2010-07-18 13:02 . 2010-07-29 10:56 -------- d-----w- c:\program files\Star-Steam
2010-07-16 19:45 . 2010-07-16 19:45 -------- d-----w- c:\windows\XSxS
2010-07-16 19:45 . 2010-07-16 19:45 -------- d-----w- c:\program files\Xenocode
2010-07-15 12:50 . 2010-07-15 12:57 524 ----a-w- c:\windows\bpfdat.dat
2010-07-15 12:43 . 2010-07-15 12:46 740 ----a-w- c:\windows\db2fdat.dat
2010-07-15 07:31 . 2010-07-15 07:31 -------- d-----w- c:\program files\Jasmio
2010-07-15 07:31 . 2010-07-15 07:31 -------- d-----w- c:\programdata\Jasmio
2010-07-12 11:28 . 2010-07-12 11:28 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-07-12 11:27 . 2010-07-12 11:27 -------- d-----w- c:\program files\Microsoft.NET
2010-07-12 11:27 . 2010-07-12 11:27 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-07-12 11:26 . 2010-07-12 13:12 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-07-12 11:24 . 2010-07-12 11:24 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-07-12 11:23 . 2010-07-12 11:23 -------- d-----r- C:\MSOCache
2010-07-09 09:19 . 2010-07-09 09:33 -------- d-----w- c:\program files\Counter-Strike Source
2010-07-09 07:08 . 2010-07-17 06:45 -------- d-----w- c:\program files\Counter Strike Source
2010-07-09 06:33 . 2010-07-09 06:33 -------- d-----w- c:\program files\Movier-media
2010-07-09 06:33 . 2010-07-09 06:33 -------- d-----w- c:\program files\Movier
2010-07-08 06:07 . 2010-06-25 14:01 142992 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-07-08 06:06 . 2010-06-25 14:01 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-07-08 06:06 . 2010-07-08 06:06 -------- d-----w- c:\program files\Oracle
2010-07-08 05:44 . 2003-10-27 12:06 505104 ----a-w- c:\windows\system32\msxml.dll
2010-07-08 05:44 . 2003-10-27 12:06 69632 ----a-w- c:\windows\system32\xmltok.dll
2010-07-08 05:44 . 2003-10-27 12:06 36864 ----a-w- c:\windows\system32\xmlparse.dll
2010-07-08 05:44 . 2003-10-27 12:06 28432 ----a-w- c:\windows\system32\msxmlr.dll
2010-07-08 05:44 . 2003-10-27 12:06 26096 ----a-w- c:\windows\system32\xmlinst.exe
2010-07-08 05:44 . 2003-10-27 12:06 24576 ----a-w- c:\windows\system32\msxml3a.dll
2010-07-08 05:44 . 2003-10-27 12:06 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2010-07-08 05:44 . 2010-07-08 05:44 -------- d-----w- c:\program files\Ubisoft
2010-07-06 06:30 . 2010-07-06 06:30 -------- d-----w- C:\SAVE
2010-07-06 06:28 . 2010-07-09 06:33 -------- d-----w- c:\users\TEMP
2010-07-06 06:27 . 2010-07-06 06:28 -------- d-----w- c:\program files\Half-Life
2010-07-02 16:45 . 2010-07-02 16:45 -------- d-----w- c:\program files\The KMPlayer
2010-07-02 16:17 . 2010-07-02 16:17 -------- d-----w- c:\programdata\r2 Studios
2010-07-02 16:17 . 2010-07-02 16:17 -------- d-----w- c:\program files\Startup Delayer
2010-07-01 06:33 . 2010-07-01 06:33 -------- d-----w- c:\program files\Miro
2010-06-30 11:34 . 2010-06-30 11:40 -------- d-----w- c:\program files\Call of Duty 5 - World at War

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-01 08:25 . 2012-01-01 08:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-07-29 10:59 . 2010-01-19 13:26 -------- d-----w- c:\program files\utorrent-portable
2010-07-29 10:55 . 2010-04-05 11:17 -------- d-----w- c:\programdata\VMware
2010-07-29 08:11 . 2010-04-05 16:30 -------- d-----w- c:\users\Sourozenci\AppData\Roaming\uTorrent
2010-07-29 07:30 . 2010-05-22 13:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-26 18:05 . 2010-05-17 13:38 -------- d-----w- c:\program files\Command and Conquer Red Alert 2
2010-07-26 18:05 . 2010-03-21 20:25 -------- d-----w- c:\program files\Team Fortress 2
2010-07-23 17:13 . 2009-12-05 16:40 262024 ----a-w- c:\users\Maminka\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-23 16:09 . 2010-03-23 12:16 -------- d-----w- c:\users\Petr\AppData\Roaming\Skype
2010-07-23 16:09 . 2010-04-05 16:30 -------- d-----w- c:\users\Petr\AppData\Roaming\uTorrent
2010-07-23 16:07 . 2010-03-23 11:24 262024 ----a-w- c:\users\Petr\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-23 08:01 . 2010-05-04 15:04 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-07-23 00:42 . 2010-05-07 17:03 -------- d-----w- c:\program files\a-squared Free
2010-07-22 18:05 . 2009-11-15 18:00 -------- d-----w- c:\program files\Common Files\Real
2010-07-22 18:04 . 2009-11-15 18:00 -------- d-----w- c:\program files\Real
2010-07-22 18:03 . 2009-11-15 15:19 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-07-22 18:03 . 2009-11-15 15:19 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-07-21 19:03 . 2010-05-21 12:30 -------- d-----w- c:\program files\Common Files\Steam
2010-07-14 06:31 . 2009-11-22 19:00 -------- d-----w- c:\programdata\Microsoft Help
2010-07-13 15:34 . 2010-04-12 11:19 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-12 13:38 . 2010-03-30 15:27 262024 ----a-w- c:\users\Sourozenci\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-12 13:19 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-07-12 11:27 . 2009-11-22 19:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-07-12 09:00 . 2009-07-14 08:44 641092 ----a-w- c:\windows\system32\perfh005.dat
2010-07-12 09:00 . 2009-07-14 08:44 127548 ----a-w- c:\windows\system32\perfc005.dat
2010-07-11 05:54 . 2010-05-19 17:31 -------- d-----w- c:\programdata\DivX
2010-07-11 05:46 . 2009-11-26 09:33 -------- d-----w- c:\program files\DivX
2010-07-02 06:15 . 2009-11-15 16:03 -------- d-----w- c:\program files\Opera
2010-06-29 12:29 . 2009-12-11 15:43 -------- d-----w- c:\program files\FlashGet
2010-06-29 07:02 . 2010-06-10 12:23 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-06-28 17:22 . 2009-11-18 12:04 -------- d-----w- c:\program files\Rockstar Games
2010-06-26 11:46 . 2010-05-30 15:30 -------- d-----w- c:\users\Petr\AppData\Roaming\SoftGrid Client
2010-06-26 11:45 . 2010-03-24 13:40 -------- d-----w- c:\users\Petr\AppData\Roaming\ICQ
2010-06-26 11:44 . 2010-03-23 12:18 -------- d-----w- c:\users\Petr\AppData\Roaming\skypePM
2010-06-26 09:01 . 2009-12-22 08:11 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-25 14:01 . 2010-06-25 14:01 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-06-25 14:01 . 2010-06-25 14:01 111312 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-06-25 14:01 . 2010-06-25 14:01 100496 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-06-23 17:46 . 2010-04-17 15:47 -------- d-----w- c:\program files\Metin2
2010-06-23 15:00 . 2010-06-23 15:00 -------- d-----w- c:\users\Petr\AppData\Roaming\VitySoft
2010-06-21 11:59 . 2009-11-15 09:50 -------- d-----w- c:\program files\OpenOffice.org 3
2010-06-18 11:56 . 2010-06-18 11:56 -------- d-----w- c:\users\Petr\AppData\Roaming\Foxit Software
2010-06-17 13:40 . 2010-06-13 06:14 -------- d-----w- c:\users\Petr\AppData\Roaming\Autodesk
2010-06-17 13:40 . 2010-06-13 06:14 -------- d-----w- c:\programdata\Autodesk
2010-06-17 10:24 . 2010-06-12 07:02 -------- d-----w- c:\program files\ManicTime
2010-06-13 06:24 . 2010-03-09 07:20 -------- d-----w- c:\programdata\FLEXnet
2010-06-13 06:23 . 2010-06-13 06:14 -------- d-----w- c:\program files\AutoCAD 2010
2010-06-13 06:17 . 2010-06-13 06:14 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-06-10 12:23 . 2010-04-30 14:45 -------- d-----w- c:\programdata\f-secure
2010-06-09 13:59 . 2010-03-24 13:40 -------- d-----w- c:\program files\ICQ7.1
2010-06-08 10:05 . 2009-12-22 08:12 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-06 11:46 . 2010-03-09 07:08 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-06 11:40 . 2010-06-06 11:40 -------- d-----w- c:\program files\PDF Creator
2010-06-05 16:34 . 2010-04-24 11:39 -------- d-----w- c:\program files\Command and Conquer Generals
2010-06-05 11:46 . 2010-02-25 11:23 -------- d-----w- c:\program files\LittleFighter2
2010-06-05 05:46 . 2010-02-20 17:19 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-04 12:53 . 2009-11-26 09:33 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-06-01 17:37 . 2009-11-15 14:32 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-30 17:51 . 2010-05-30 17:51 -------- d-----w- c:\programdata\VirtualizedApplications
2010-05-30 15:40 . 2010-05-30 15:40 -------- d-----w- c:\users\Petr\AppData\Roaming\NVD
2010-05-30 15:31 . 2010-05-30 14:43 -------- d-----w- c:\users\Petr\AppData\Roaming\TP
2010-05-29 18:48 . 2010-05-20 09:35 22328 ----a-w- c:\users\Petr\AppData\Roaming\PnkBstrK.sys
2010-05-29 18:48 . 2010-05-20 09:34 2337865 ----a-w- c:\windows\system32\pbsvc.exe
2010-05-27 07:24 . 2010-06-10 10:11 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-10 10:11 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 05:18 . 2010-06-10 10:12 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-19 10:10 . 2010-05-19 10:10 9304 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-05-12 14:03 . 2010-01-19 11:54 737280 ----a-w- c:\windows\iun6002.exe
2010-05-09 09:14 . 2010-06-23 04:39 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-05-09 09:14 . 2010-06-23 04:38 417792 ----a-w- c:\windows\system32\msdri.dll
2010-05-07 13:49 . 2010-05-07 13:49 92 ----a-w- c:\users\Petr\AppData\Local\fusioncache.dat
2010-05-01 14:49 . 2010-06-10 10:12 2326528 ----a-w- c:\windows\system32\win32k.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ce10bf86-da68-441e-91fa-38336363e3cd}"= "c:\program files\Movier-media\tbMovi.dll" [2010-03-09 2355224]

[HKEY_CLASSES_ROOT\clsid\{ce10bf86-da68-441e-91fa-38336363e3cd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-05-16 06:27 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2010-02-28 00:20 561552 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ce10bf86-da68-441e-91fa-38336363e3cd}]
2010-03-09 09:06 2355224 ----a-w- c:\program files\Movier-media\tbMovi.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25 1438520 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ce10bf86-da68-441e-91fa-38336363e3cd}"= "c:\program files\Movier-media\tbMovi.dll" [2010-03-09 2355224]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]

[HKEY_CLASSES_ROOT\clsid\{ce10bf86-da68-441e-91fa-38336363e3cd}]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CE10BF86-DA68-441E-91FA-38336363E3CD}"= "c:\program files\Movier-media\tbMovi.dll" [2010-03-09 2355224]

[HKEY_CLASSES_ROOT\clsid\{ce10bf86-da68-441e-91fa-38336363e3cd}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"uTorrent"="c:\program files\utorrent-portable\utorrent.exe" [2010-06-29 322352]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-11 39408]
"MoeMonitor.exe"="c:\users\Petr Hanák\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe" [2010-07-09 1315152]
"Steam"="c:\program files\Star-Steam\Steam.exe" [2010-07-18 1238352]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 1486848]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"NetFxUpdate_v1.1.4322"="c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" [2004-08-10 106496]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"a-squared"="c:\program files\EMSISOFT ANTI-MALWARE\a2guard.exe" [2010-07-19 3630472]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-06-07 111928]

c:\users\Babiźka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Windows Defender.lnk - c:\plugins\Server.jar [2010-7-18 1875007]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FontExpertType1Loader]
2009-09-29 13:27 294152 ----a-w- c:\program files\FontExpert\Type1Loader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-06-24 07:39 136176 ----atw- c:\users\Petr Hanák\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HKCU]
2005-11-05 21:15 397312 --sha-r- c:\users\Petr Hanák\AppData\Roaming\installg\servefr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2010-04-17 10:56 394984 ----a-w- c:\program files\Sandboxie\SbieCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
2010-01-22 20:13 129584 ----a-w- c:\program files\VMware Workstation\vmware-tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows]
2010-04-26 15:09 679936 ----a-w- c:\users\Public\Public Documents\Windows Movie Player\player.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"HKCU"=c:\users\Petr Hanák\AppData\Roaming\installg\servefr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 135664]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2010-03-25 31824]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-23 1343400]
R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R4 Jasmio.MediaCenter.Service;Media Center Support Service;c:\program files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [2009-10-29 73144]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-10 691696]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-07-29 64288]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2010-06-25 142992]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2010-06-25 41936]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2010-07-14 1935120]
S2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [2010-04-15 1872320]
S2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-19 814344]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-29 1352832]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-07-14 239648]
S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~2\VideoAcceleratorService.exe [2010-05-16 300656]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-01-22 70704]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760]
S2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe [2010-02-19 44880]
S3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2010-06-28 71008]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-02-19 9040]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-25 100496]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2010-06-25 111312]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-08-17 1077760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 06:35]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 16:46]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 16:46]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2460206527-1493759754-90791392-1019Core.job
- c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-30 16:56]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2460206527-1493759754-90791392-1019UA.job
- c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-30 16:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.tsbohemia.cz
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
LSP: c:\program files\VMware Workstation\vsocklib.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Petr Hanák\AppData\Roaming\Mozilla\Firefox\Profiles\fmf6t84p.default\
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: c:\program files\SpeedBit Video Downloader\SPFireFox\components\Engine.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Alcohol 120%\StarWind\StarWindServiceAE.exe
c:\progra~1\SPEEDB~2\VideoAcceleratorEngine.exe
c:\windows\system32\vmnat.exe
c:\program files\VMware Workstation\vmware-authd.exe
c:\windows\system32\vmnetdhcp.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\users\Petr Hanák\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe
c:\windows\system32\sppsvc.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2010-07-29 13:04:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-29 11:04
ComboFix2.txt 2010-07-29 08:43

Před spuštěním: Volných bajtů: 317 283 188 736
Po spuštění: Volných bajtů: 316 856 184 832

- - End Of File - - 7D8B97B656BF023999F4E4F86EDA217B

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Pokud již tedy není žádný problém máme hotovo.

VIRY.CZ

Nejde spustit správce úloh a regedit

Nejde spustit správce úloh a regedit

Re: Nejde spustit správce úloh a regedit

Re: Nejde spustit správce úloh a regedit

Re: Nejde spustit správce úloh a regedit