prosim o pomoc virus Vyřešeno

[fiveseven]

prosím o pomoc virus C:\Windows\explorer.exe Win32/Bamital.DX trójsky kôň nemožno liečiť
nemôže liečiť NOD 32 prosím o pomoc pridávam log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:33:24, on 6. 9. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\PresentationSettings.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\TouchFreeze\TouchFreeze.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Explorer.exe
C:\Windows\system32\WerCon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SecureBrowsingBho Helper - {7632ABCA-B104-4fbc-9C70-419C4147061B} - C:\Program Files\Finjan Secure Browsing\bho.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: PriceGong - {D2A2595C-4FE4-4315-AA9B-19DBD6271B71} - C:\Program Files\PriceGong\1.5.0\PriceGongIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Finjan Secure Browsing - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Program Files\Finjan Secure Browsing\bho.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [pdfFactory Dispatcher v3] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TouchFreeze] C:\Program Files\TouchFreeze\TouchFreeze.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Update ESET's licence.lnk.disabled
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Správca pre program Google Desktop 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1ca1c0a35ea2626) (gupdate1ca1c0a35ea2626) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11803 bytes

[Reklama]

[bledulka]

Ahoj,

Stáhni na plochu ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Před použitím vypni všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
-Zavři všechna aktivní okna a spusť ho pod učtem s právy administrátora
- Po spuštění se zobrazí podmínky použití, potvrď je stiskem tlačítka Ano

- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna

- Po dokončení skenování, se vytvoří log C:\ComboFix.txt, zkopíruj celý jeho obsah sem.

[fiveseven]

dobre uz mi to ide

[jaro3]

Tak sem dej ten log z Combofixu a vyčkej na bledulku. Ještě to nemáš dočistěno ...

[fiveseven]

log mi nevysiel z toho

[jaro3]

měl by být tady:
C:\ComboFix.txt

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole můzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

+
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[fiveseven]

nebol tam ten log

[jaro3]

Tak udělej to další..

+
Stáhni si windatfindbat of Karl83

Rozbal do složky, otevři jí poklepej na ní (ve vistě a win7 spusť jako správce). Otevře se okno DOS a posléze se objeví log.Jinak je pod názvem dirdat.txt v C:\ . Vlož sem prosím obsah toho logu, můžeš vybrat jen ty za poslední 3 měsíce.

[fiveseven]

Volume in drive C is Vista
Volume Serial Number is 6032-415E

Directory of C:\

10. 09. 2010 16:20 0 dirdat.txt
10. 09. 2010 14:23 3 215 831 040 hiberfil.sys
10. 09. 2010 14:23 3 529 629 696 pagefile.sys
15. 11. 2009 17:27 0 MSDOS.SYS
15. 11. 2009 17:27 0 IO.SYS
11. 04. 2009 08:36 333 257 bootmgr
17. 09. 2008 07:46 229 SWSTAMP.TXT
14. 08. 2008 11:00 24 816 _wdsuef.txt
18. 09. 2006 23:43 10 config.sys
18. 09. 2006 23:43 24 autoexec.bat
10 File(s) 6 745 819 072 bytes
0 Dir(s) 34 164 359 168 bytes free
Volume in drive C is Vista
Volume Serial Number is 6032-415E

Directory of C:\Windows\system

02. 11. 2006 14:34 25 264 mciseq.drv
02. 11. 2006 14:34 28 160 mciwave.drv
02. 11. 2006 14:34 109 456 avifile.dll
02. 11. 2006 14:34 69 584 avicap.dll
02. 11. 2006 14:34 73 376 mciavi.drv
02. 11. 2006 14:34 126 912 msvideo.dll
02. 11. 2006 09:10 24 064 OLESVR.DLL
02. 11. 2006 09:10 12 704 WFWNET.DRV
02. 11. 2006 09:10 32 816 COMMDLG.DLL
02. 11. 2006 09:10 4 048 TIMER.DRV
02. 11. 2006 09:10 68 992 MMSYSTEM.DLL
02. 11. 2006 09:10 1 152 mmtask.tsk
02. 11. 2006 09:10 2 032 mouse.drv
02. 11. 2006 09:10 2 176 vga.drv
02. 11. 2006 09:10 1 744 sound.drv
02. 11. 2006 09:10 2 000 keyboard.drv
02. 11. 2006 09:10 5 120 SHELL.DLL
02. 11. 2006 09:10 3 360 system.drv
18. 09. 2006 23:43 9 008 ver.dll
18. 09. 2006 23:43 82 944 olecli.dll
18. 09. 2006 23:43 9 936 lzexpand.dll
18. 09. 2006 23:35 5 532 stdole.tlb
22 File(s) 700 380 bytes
0 Dir(s) 34 164 355 072 bytes free
Volume in drive C is Vista
Volume Serial Number is 6032-415E

Directory of C:\Windows

10. 09. 2010 14:44 2 093 634 WindowsUpdate.log
10. 09. 2010 14:23 67 584 bootstat.dat
07. 09. 2010 14:48 255 system.ini
07. 09. 2010 14:46 6 464 PFRO.log
15. 08. 2010 19:14 14 775 746 REGBK01.ZIP
15. 08. 2010 19:10 52 Lic.xxx
15. 08. 2010 19:08 453 UPDLL.LOG
05. 08. 2010 13:46 31 073 DirectX.log
05. 08. 2010 08:39 35 wininit.ini
04. 08. 2010 14:25 14 660 039 REGBK00.ZIP
21. 05. 2010 20:12 626 eReg.dat
26. 04. 2010 15:58 256 512 PEV.exe
06. 03. 2010 17:34 155 win.ini
30. 01. 2010 15:14 13 707 DIIUnin.dat
30. 01. 2010 15:14 2 829 DIIUnin.pif
30. 01. 2010 15:14 94 208 DIIUnin.exe
17. 11. 2009 13:36 32 hip
25. 10. 2009 06:11 77 312 MBR.exe
10. 07. 2009 12:43 312 680 WLXPGSS.SCR
13. 06. 2009 14:12 0 ativpsrm.bin
20. 04. 2009 12:56 31 232 NIRCMD.exe
11. 04. 2009 08:27 2 926 592 explorer.exe
14. 08. 2008 12:43 10 csup.txt
21. 07. 2008 09:07 0 NDSTray.INI
21. 01. 2008 09:48 12 477 atiogl.xml
21. 01. 2008 04:43 749 WindowsShell.Manifest
21. 01. 2008 04:24 134 656 regedit.exe
21. 01. 2008 04:24 134 656 R.COM
21. 01. 2008 04:24 58 880 bfsvc.exe
21. 01. 2008 04:24 13 312 fveupdate.exe
21. 01. 2008 04:24 498 176 HelpPane.exe
21. 01. 2008 04:23 151 040 notepad.exe
16. 01. 2008 12:13 4 096 Thumbs.db
03. 11. 2006 14:30 43 254 oemlogo.bmp
02. 11. 2006 14:35 316 640 WMSysPr9.prx
02. 11. 2006 14:34 49 680 twunk_16.exe
02. 11. 2006 14:34 31 232 twunk_32.exe
02. 11. 2006 14:34 50 688 twain_32.dll
02. 11. 2006 14:34 94 784 twain.dll
02. 11. 2006 11:45 9 216 winhlp32.exe
02. 11. 2006 11:45 316 emm883b.hd
02. 11. 2006 11:45 14 848 hh.exe
02. 11. 2006 09:46 43 131 mib.bin
28. 10. 2006 00:34 862 397 ConfigFree.scr
19. 09. 2006 13:41 8 328 HomePremium.xml
18. 09. 2006 23:43 707 _default.pif
18. 09. 2006 23:43 256 192 winhelp.exe
18. 09. 2006 23:30 1 405 msdfmap.ini
14. 07. 2006 17:29 966 656 UNRecode.exe
14. 07. 2006 17:29 966 656 UNNeroMediaHome.exe
14. 07. 2006 17:29 966 656 UNNeroVision.exe
14. 07. 2006 17:29 966 656 UNNeroShowTime.exe
14. 07. 2006 17:29 966 656 UNNeroBackItUp.exe
15. 09. 2005 14:35 50 UNNeroMediaHome.cfg
30. 08. 2005 21:37 50 UNNeroVision.cfg
30. 08. 2005 21:37 50 UNNeroShowTime.cfg
30. 08. 2005 21:36 50 UNRecode.cfg
30. 08. 2005 21:33 50 UNNeroBackItUp.cfg
31. 08. 2000 08:00 212 480 SWXCACLS.exe
31. 08. 2000 08:00 136 704 SWSC.exe
31. 08. 2000 08:00 80 412 grep.exe
31. 08. 2000 08:00 161 792 SWREG.exe
31. 08. 2000 08:00 98 816 sed.exe
31. 08. 2000 08:00 68 096 zip.exe
29. 10. 1998 17:45 306 688 IsUninst.exe
13. 03. 1998 00:02 34 304 UNISTB32.EXE
22. 01. 1997 16:23 299 520 uninst.exe
67 File(s) 44 374 432 bytes
0 Dir(s) 34 164 350 976 bytes free
Volume in drive C is Vista
Volume Serial Number is 6032-415E

Directory of C:\Users\jozef\AppData\Local\Temp

10. 09. 2010 15:49 1 508 wmplog08.sqm
10. 09. 2010 15:20 1 406 wmplog07.sqm
10. 09. 2010 15:15 0 chrome_installer.log
10. 09. 2010 15:13 1 406 wmplog06.sqm
10. 09. 2010 14:31 2 805 jusched.log
10. 09. 2010 14:27 7 934 AdobeARM.log
10. 09. 2010 14:26 31 832 jozef.bmp
08. 09. 2010 16:15 1 772 wmplog05.sqm
08. 09. 2010 16:14 1 508 wmplog04.sqm
07. 09. 2010 17:35 1 406 wmplog03.sqm
07. 09. 2010 16:27 348 654 assojwgo.bmp
07. 09. 2010 15:14 1 406 wmplog02.sqm
07. 09. 2010 15:13 1 406 wmplog01.sqm
07. 09. 2010 15:10 1 406 wmplog00.sqm
19. 06. 2009 01:35 60 b.bmp
19. 06. 2009 01:35 452 x.bmp
19. 06. 2009 01:35 60 a.bmp
24. 04. 2009 21:41 18 617 logo.jpg
18 File(s) 423 638 bytes
0 Dir(s) 34 164 350 976 bytes free

[bledulka]

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole můzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

+
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[fiveseven]

ComboFix 10-09-09.04 - jozef . 09. 2010 17:20:51.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3066.2279 [GMT 2:00]
Running from: j:\program files\ComboFix.exe
FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\users\jozef\AppData\Local\Microsoft\Windows\Temporary Internet Files\TestBrowser.html
c:\users\jozef\AppData\Local\Windows Server\admin.txt
c:\users\jozef\AppData\Local\Windows Server\server.dat
c:\windows\regedit.com
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Files Created from 2010-08-10 to 2010-09-10 )))))))))))))))))))))))))))))))
.

2010-09-10 15:28 . 2010-09-10 15:28 -------- d-----w- c:\users\jozef\AppData\Local\temp
2010-09-10 15:28 . 2010-09-10 15:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-10 15:14 . 2010-09-10 15:15 -------- d-----w- C:\32788R22FWJFW
2010-09-10 12:33 . 2010-09-10 12:33 -------- d-----w- c:\users\jozef\AppData\Local\Apple
2010-09-06 19:03 . 2010-09-06 19:03 -------- d-----w- c:\users\jozef\AppData\Local\AOL
2010-09-06 18:27 . 2010-09-06 18:27 388096 ----a-r- c:\users\jozef\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-06 18:27 . 2010-09-06 18:27 -------- d-----w- c:\program files\Trend Micro
2010-09-06 15:34 . 2010-09-06 15:34 -------- d-----w- c:\users\jozef\AppData\Local\ATI
2010-09-06 15:33 . 2010-09-06 15:33 114520 ----a-w- c:\users\jozef\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-06 15:06 . 2010-09-06 15:06 -------- d-----w- c:\users\jozef\AppData\Local\ESET
2010-09-06 14:52 . 2010-09-06 14:52 -------- d-----w- c:\users\jozef\AppData\Local\2K Games(16)
2010-09-06 14:28 . 2010-09-06 14:28 -------- d-----w- c:\users\jozef\AppData\Roaming\Malwarebytes
2010-09-06 14:28 . 2010-09-06 14:28 -------- d-----w- c:\programdata\Malwarebytes
2010-09-06 14:28 . 2010-09-06 14:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-05 14:23 . 2010-09-05 14:23 -------- d-----w- c:\program files\Sophos
2010-08-30 14:41 . 2010-08-30 14:41 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-30 14:21 . 2010-09-07 01:12 -------- d-----w- c:\users\jozef\AppData\Local\2K Games
2010-08-25 12:55 . 2010-09-07 01:12 -------- d-----w- c:\users\jozef\AppData\Local\id Software
2010-08-25 08:49 . 2010-08-25 08:51 -------- d-----w- c:\users\jozef\AppData\Roaming\Ahead
2010-08-25 08:46 . 2010-08-25 08:50 -------- d-----w- c:\program files\Common Files\Ahead
2010-08-25 06:47 . 2009-03-16 12:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2010-08-25 06:47 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2010-08-25 06:47 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2010-08-25 06:47 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2010-08-25 06:46 . 2009-03-16 12:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2010-08-25 06:46 . 2009-03-16 12:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2010-08-25 06:46 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-08-25 06:46 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2010-08-25 06:46 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-08-25 06:46 . 2008-07-10 09:01 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-08-25 06:46 . 2008-07-10 09:00 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-08-25 06:46 . 2008-07-10 09:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-08-25 06:46 . 2008-05-30 12:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2010-08-25 06:46 . 2008-05-30 12:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2010-08-25 06:46 . 2008-05-30 12:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2010-08-25 06:46 . 2008-05-30 12:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2010-08-25 06:44 . 2010-08-25 12:48 139152 ----a-w- c:\users\jozef\AppData\Roaming\PnkBstrK.sys
2010-08-25 06:43 . 2010-08-25 12:48 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-08-24 08:33 . 2010-08-24 08:34 -------- d-----w- c:\program files\Polda 5
2010-08-24 08:25 . 2010-09-07 13:10 682232 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-17 14:24 . 2010-08-17 14:24 -------- d-----w- c:\program files\SpamBayes
2010-08-15 17:13 . 2010-08-15 17:14 14775746 ----a-w- c:\windows\REGBK01.ZIP
2010-08-15 17:10 . 2010-08-15 17:10 -------- d---a-w- c:\windows\rundll16.exe
2010-08-15 17:10 . 2010-08-15 17:10 -------- d---a-w- c:\windows\logo1_.exe
2010-08-15 17:09 . 2008-01-21 02:24 134656 ----a-w- c:\windows\R.COM
2010-08-15 17:09 . 2008-01-21 02:24 163840 ----a-w- c:\windows\system32\T.COM

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-09 15:48 . 2009-06-27 16:36 -------- d-----w- c:\users\jozef\AppData\Roaming\ICQ
2010-09-07 01:12 . 2009-08-04 12:48 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-09-04 17:22 . 2010-02-02 13:17 -------- d-----w- c:\program files\ICQ7.0
2010-09-04 04:37 . 2009-10-06 18:37 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-30 14:41 . 2008-07-21 07:26 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-25 12:48 . 2010-01-05 14:35 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-08-25 12:48 . 2010-01-05 14:35 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-08-25 12:48 . 2010-01-05 14:35 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-08-25 11:28 . 2008-07-21 06:43 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-25 08:46 . 2010-05-08 19:47 -------- d-----w- c:\program files\Nero
2010-08-24 08:27 . 2009-06-16 15:54 -------- d-----w- c:\program files\DAEMON Tools
2010-08-19 06:26 . 2008-07-21 06:27 -------- d-----w- c:\program files\Common Files\Java
2010-08-19 06:26 . 2008-07-21 06:27 -------- d-----w- c:\program files\Java
2010-08-11 14:58 . 2008-07-21 07:29 -------- d-----w- c:\programdata\Microsoft Help
2010-08-11 14:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-07 09:43 . 2010-08-07 09:43 489720 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-08-06 18:31 . 2010-08-05 16:39 -------- d-----w- c:\program files\ACE-HIGH MP3 WAV WMA OGG Converter
2010-08-05 11:50 . 2010-08-05 11:50 -------- d-----w- c:\program files\Electronic Arts
2010-08-05 10:05 . 2010-08-05 10:05 682232 ----a-w- c:\windows\system32\drivers\sptd.sys.67069431
2010-08-05 06:35 . 2010-08-02 12:33 -------- d-----w- c:\programdata\Kaspersky SDK
2010-08-04 12:25 . 2010-08-04 12:23 14660039 ----a-w- c:\windows\REGBK00.ZIP
2010-08-02 12:16 . 2010-08-02 12:16 -------- d-----w- c:\programdata\MicroWorld
2010-07-28 06:02 . 2010-02-27 22:15 -------- d-----w- c:\programdata\NOS
2010-07-27 16:45 . 2010-02-27 22:17 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-27 16:45 . 2010-07-27 16:46 53632 ----a-w- c:\users\jozef\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-27 16:45 . 2010-02-27 22:18 53632 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-19 19:34 . 2010-07-19 19:28 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-07-19 19:34 . 2010-07-19 19:28 -------- d-----w- c:\program files\AutoCAD 2005
2010-07-19 19:32 . 2010-07-19 19:32 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-07-19 19:28 . 2010-06-18 14:30 -------- d-----w- c:\programdata\Autodesk
2010-07-17 03:00 . 2010-04-20 08:57 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-26 06:05 . 2010-08-11 14:56 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02 . 2010-08-11 14:56 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:02 . 2010-08-11 14:56 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 04:25 . 2010-08-11 14:56 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-21 13:37 . 2010-08-11 14:56 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-06-18 17:31 . 2010-08-11 14:57 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-06-18 15:04 . 2010-08-11 14:57 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-18 15:04 . 2010-08-11 14:57 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-16 16:04 . 2010-08-11 14:56 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTogg.dll" [2010-06-13 2734688]

[HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\ToggleEN\tbTogg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
2009-08-10 22:55 288056 ----a-w- c:\program files\PriceGong\1.5.0\PriceGongIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTogg.dll" [2010-06-13 2734688]

[HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{038CB5C7-48EA-4AF9-94E0-A1646542E62B}"= "c:\program files\ToggleEN\tbTogg.dll" [2010-06-13 2734688]

[HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"TouchFreeze"="c:\program files\TouchFreeze\TouchFreeze.exe" [2005-04-29 45056]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-21 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-12-15 184320]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-06-29 286720]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"pdfFactory Dispatcher v3"="c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2010-03-18 614400]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

c:\users\jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Orez vaź obrazovky a spŁçśaź programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Update ESET's licence.lnk.disabled [2010-1-23 970]

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoAddPrinter"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain]
2008-03-19 11:35 716800 ----a-w- c:\program files\Toshiba\FlashCards\TCrdMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-04-03 22:29 165784 ----a-w- c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-10-26 14:17 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
2008-05-28 11:40 20480 ----a-w- c:\program files\Google\Google EULA\GoogleEULALauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HSON]
2007-10-31 20:01 54608 ----a-w- c:\program files\Toshiba\TBS\HSON.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
2008-01-25 11:33 509816 ----a-w- c:\program files\Toshiba\SmoothView\SmoothView.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-07-21 07:25 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
2007-07-10 07:24 581632 ----a-w- c:\program files\Toshiba\Toshiba Online Product Information\TOPI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
2008-01-11 02:07 574864 ----a-w- c:\program files\Toshiba\Registration\ToshibaRegistration.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
2010-05-12 11:28 1050072 ----a-w- c:\program files\Toshiba TEMPRO\TemproTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
2008-01-17 14:27 431456 ----a-w- c:\program files\Toshiba\Power Saver\TPwrMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R2 gupdate1ca1c0a35ea2626;Služba Google Update (gupdate1ca1c0a35ea2626);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 133104]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2010-05-12 124368]
R3 GoogleDesktopManager-093009-130223;Správca pre program Google Desktop 5.9.909.30391;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-10-26 30192]
R3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\DRIVERS\Rockey4USB.sys [2009-11-04 13973]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-09-07 682232]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
S3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 11:35]

2010-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-13 11:35]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\yuy568j3.default\
FF - prefs.js: browser.startup.homepage - ${URL_STARTPAGE}
FF - prefs.js: keyword.URL - ${URL_SEARCHPAGE}
FF - component: c:\users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\yuy568j3.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\FFExternalAlert.dll
FF - component: c:\users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\yuy568j3.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\RadioWMPCore.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-mwavscan_autoscan - c:\users\jozef\AppData\Local\Temp\mexe.com



**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-09-10 17:30:43
ComboFix-quarantined-files.txt 2010-09-10 15:30

Pre-Run: 33 911 361 536 bytes free
Post-Run: 34 111 397 888 bytes free

- - End Of File - - 8BA47A6121A6B665F6F4DF137D01E3BA

[bledulka]

Odinstaluj spybota a ten nelegální Eset a napiš mi co počítač.