Nelze zapnout bránu firewall

[Petrasek]

Prosím radu, nejde mi zapnout brána firewall, tak jsem stáhl combofix, že sem dám log, ale ten mi zamrzne na modré obrazovce a jen bliká kurzor a občas problikne disk, tak jsem to po 40 minutách restartoval.
Je to systém vista a je tam placená verze AVG.
To AVG jsem před combofixem zastavil.
Děkuji předem za rady.

Tak se mi povedlo udělat log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by toshiba at 2013-05-21 19:29:38
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 23 GB (15%) free of 152 GB
Total RAM: 2939 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:29:54, on 21.5.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\vsnpstd3.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\toshiba\Desktop\RSIT.exe
C:\Program Files\trend micro\toshiba.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?f=1&a=Searchoo ... 986225&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: (no name) - {a7347e8c-1ca6-469b-951e-4a23c4437935} - (no file)
R3 - URLSearchHook: (no name) - {a8baaddd-ab98-4cdb-84cc-3c9ed9f38d1e} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: VMN Toolbar Astro Gemini - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: VMN Toolbar Astro Gemini - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] c:\progra~1\videod~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [Toshiba TEMPRO] c:\program files\toshiba tempro\temprotray.exe
O4 - HKLM\..\Run: [SynTPEnh] c:\program files\synaptics\syntp\syntpenh.exe
O4 - HKLM\..\Run: [snpstd3] c:\windows\vsnpstd3.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [Skytel] skytel.exe
O4 - HKLM\..\Run: [RtHDVCpl] rthdvcpl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Persistence] c:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [IgfxTray] c:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [HotKeysCmds] c:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [HFALoader] c:\program files\hamster soft\free zip archiver\hamsterarc.exe -loader
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [SRSAENotifier] C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
O4 - HKCU\..\Run: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" auto
O4 - HKCU\..\Run: [Logitech Vid] "c:\program files\logitech\vid hd\vid.exe" -bootmode
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca3af3958c8040) (gupdate1ca3af3958c8040) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: SRS HDAudio Lab Service (SRSHDAudioService) - SRS Labs, Inc. - C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe

--
End of file - 13828 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ASCv5_AutoUpdateD.job
C:\Windows\tasks\Defraggler Volume C Task.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"4zffxtbr@VideoDownloadConverter_4z.com"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
quickstores@quickstores.de

C:\Program Files\Mozilla Firefox\components\
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npDivxPlayerPlugin.dll
npdrmv2.dll
npdsplay.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwmsdrm.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
Mp3Tube.xml
yahoo.xml

C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\
4zffxtbr@VideoDownloadConverter_4z.com
ascsurfingprotection@iobit.com
avg@toolbar
cs@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
engine@conduit.com
nl-NL@dictionaries.addons.mozilla.org
openmedspel@e-medtools.com
yasearch@yandex.ru
{20a82645-c095-46ed-80e3-08825760534b}
{3112ca9c-de6d-4884-a869-9855de68056c}
{51a86bb3-6602-4c85-92a5-130ee4864f13}(71)
{5351568c-ac00-4794-8f5e-dbf52cb1f567}(82)
{5ebdca98-43b3-45bb-87e0-716029fb42ab}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{ea614400-e918-4741-9a97-7a972ff7c30b}
{ecdee021-0d17-467f-a1ff-c7a115230949}(72)
{fbc8441e-a153-45b0-8e93-87521a5812a1}

C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\searchplugins\
conduit.xml
encyklopedie-seznam.xml
hellspy.xml
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
SearchYa!.xml
slovnk-czen.xml
slovnk-encz.xml
softonic.xml
sweetim.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-10-15 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-21 1929392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
VMN Toolbar Astro Gemini - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-15 1950656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL [2013-04-24 659264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Vizuální záložky - C:\Program Files\Yandex\YandexBarIE\fastdial.dll [2011-10-13 2697528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2009-05-18 992408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}]
C:\Program Files\PicLensIE\cooliris.dll [2008-10-13 4087808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{A057A204-BACC-4D26-8287-79A187E26987} - VMN Toolbar Astro Gemini - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-15 1950656]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-21 1929392]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Yandex.Bar - C:\Program Files\Yandex\YandexBarIE\yndbar.dll [2011-10-20 12336440]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-02-21 1151152]
"VideoDownloadConverter_4z Browser Plugin Loader"=c:\progra~1\videod~2\bar\1.bin\4zbrmon.exe [2012-08-16 30096]
"Toshiba TEMPRO"=c:\program files\toshiba tempro\temprotray.exe [2010-08-27 1050072]
"SynTPEnh"=c:\program files\synaptics\syntp\syntpenh.exe [2008-08-14 1348904]
"snpstd3"=c:\windows\vsnpstd3.exe [2007-05-10 835584]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"Skytel"=C:\Windows\skytel.exe [2007-11-20 1826816]
"RtHDVCpl"=C:\Windows\rthdvcpl.exe [2008-04-08 6037504]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"Persistence"=c:\windows\system32\igfxpers.exe [2008-06-25 145944]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"IgfxTray"=c:\windows\system32\igfxtray.exe [2008-06-25 150040]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"HotKeysCmds"=c:\windows\system32\hkcmd.exe [2008-06-25 170520]
"HFALoader"=c:\program files\hamster soft\free zip archiver\hamsterarc.exe [2011-11-09 2324992]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2009-07-27 424496]
"SRSAENotifier"=C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe [2011-08-24 528216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SRSHDAudioLab"=C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe [2011-08-24 3877216]
"Logitech Vid"=c:\program files\logitech\vid hd\vid.exe [2010-10-29 5915480]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-12-05 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files\adobe\reader 9.0\reader\reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
c:\program files\alcohol soft\alcohol 120\axautomntsrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2012-03-28 404568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
c:\program files\camera assistant software for toshiba\traybar.exe [2009-07-27 424496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
c:\program files\google\google desktop search\googledesktop.exe [2011-03-25 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-02-28 18642024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
c:\program files\sony ericsson\sony ericsson pc companion\pccompanion.exe [2011-10-21 433872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-12-05 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor]
C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2012-08-16 42536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\309042~1.318\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-05-21 19:29:38 ----D---- C:\rsit
2013-05-21 19:29:38 ----D---- C:\Program Files\trend micro
2013-05-21 18:52:33 ----SHD---- C:\$RECYCLE.BIN
2013-05-21 17:42:19 ----D---- C:\Windows\temp
2013-05-21 17:16:41 ----SD---- C:\ComboFix
2013-05-21 16:42:41 ----A---- C:\Windows\zip.exe
2013-05-21 16:42:41 ----A---- C:\Windows\SWSC.exe
2013-05-21 16:42:41 ----A---- C:\Windows\SWREG.exe
2013-05-21 16:42:41 ----A---- C:\Windows\sed.exe
2013-05-21 16:42:41 ----A---- C:\Windows\PEV.exe
2013-05-21 16:42:41 ----A---- C:\Windows\NIRCMD.exe
2013-05-21 16:42:41 ----A---- C:\Windows\MBR.exe
2013-05-21 16:42:41 ----A---- C:\Windows\grep.exe
2013-05-21 16:40:31 ----D---- C:\Qoobox
2013-05-21 16:39:54 ----D---- C:\Windows\erdnt
2013-05-21 16:39:51 ----SD---- C:\32788R22FWJFW
2013-05-18 08:42:38 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-18 08:25:09 ----D---- C:\Users\toshiba\AppData\Roaming\Searchya
2013-05-18 08:25:04 ----D---- C:\Users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C
2013-05-18 08:25:03 ----D---- C:\Program Files\SearchYa!
2013-05-16 00:20:02 ----D---- C:\Program Files\Common Files\Macrovision Shared
2013-05-16 00:20:00 ----D---- C:\Program Files\Common Files\SRS Labs
2013-04-24 08:48:47 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2013-05-21 19:29:52 ----D---- C:\Windows\Prefetch
2013-05-21 19:29:45 ----AD---- C:\ProgramData\Temp
2013-05-21 19:29:38 ----D---- C:\Program Files
2013-05-21 17:42:19 ----D---- C:\Windows
2013-05-21 17:39:27 ----AD---- C:\Windows\System32
2013-05-21 17:39:16 ----HD---- C:\ProgramData
2013-05-21 17:33:27 ----D---- C:\Windows\system32\drivers
2013-05-21 17:33:25 ----D---- C:\Windows\AppPatch
2013-05-21 17:33:12 ----D---- C:\Program Files\Common Files
2013-05-21 17:25:35 ----D---- C:\Windows\tracing
2013-05-21 17:05:08 ----D---- C:\Windows\Minidump
2013-05-21 16:57:43 ----D---- C:\Windows\SoftwareDistribution
2013-05-21 16:27:48 ----D---- C:\Windows\system32\drivers\AVG
2013-05-21 16:25:24 ----D---- C:\Users\toshiba\AppData\Roaming\Skype
2013-05-20 20:59:28 ----SHD---- C:\System Volume Information
2013-05-20 12:50:07 ----D---- C:\Windows\inf
2013-05-18 21:22:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-18 08:42:36 ----D---- C:\Program Files\Mozilla Firefox
2013-05-18 08:25:10 ----D---- C:\Windows\system32\Tasks
2013-05-17 07:56:23 ----D---- C:\Windows\Debug
2013-05-16 14:12:06 ----D---- C:\Windows\ModemLogs
2013-05-16 00:30:39 ----D---- C:\Windows\system32\config
2013-05-16 00:24:42 ----D---- C:\Users\toshiba\AppData\Roaming\Apple Computer
2013-05-16 00:21:06 ----SHD---- C:\Windows\Installer
2013-05-15 00:27:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-05-14 16:57:50 ----D---- C:\ProgramData\MFAData
2013-04-30 18:16:41 ----D---- C:\Windows\system32\catroot
2013-04-27 19:39:32 ----D---- C:\ProgramData\Adobe
2013-04-24 08:48:58 ----D---- C:\ProgramData\Skype
2013-04-24 08:48:48 ----RD---- C:\Program Files\Skype
2013-04-22 14:10:11 ----D---- C:\Program Files\Camera Assistant Software for Toshiba

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-10 436792]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-07-18 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-02-21 33112]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2008-04-28 20384]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-02 64128]
R2 Ethpdrv;Ethernet Packet Driver; C:\Windows\system32\DRIVERS\ethpdrv.sys [2007-08-01 16376]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-06-20 112128]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-11-04 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SRS_AE_Service;SRS Audio Essentials; C:\Windows\system32\drivers\SRS_AE_i386.sys [2011-08-01 404256]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2007-11-14 100992]
S3 AF9035HB;AF9035 Hybrid Device; C:\Windows\System32\Drivers\AF9035HB.sys [2010-05-15 863616]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys []
S3 catchme;catchme; \??\C:\Users\toshiba\AppData\Local\Temp\catchme.sys []
S3 CompFilter;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbusflt.sys [2012-01-18 22176]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB.sys [2010-05-12 16896]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-07-30 101120]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2010-05-07 25824]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2012-01-18 312096]
S3 LVUVC;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-01-18 4332960]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2007-01-15 9728]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2009-04-24 10472960]
S3 SRS_HDAL_Service;HD Audio Lab; C:\Windows\system32\drivers\SRS_HDAL_i386.sys [2010-07-02 384752]
S3 SRS_iWowPC_Service;SRS Labs iWow PC; C:\Windows\system32\drivers\srs_iWowPC_i386.sys [2008-11-17 37888]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2011-01-12 25088]
S3 Tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-04-23 131712]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2008-01-22 54144]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 41856]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-10-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-10-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-10-21 25216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-12-31 247152]
R2 SRSHDAudioService;SRS HDAudio Lab Service; C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe [2011-08-24 12648]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [2010-08-27 124368]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-04-11 124264]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2012-08-16 42504]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-05-16 1045256]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 77824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca3af3958c8040;Služba Google Update (gupdate1ca3af3958c8040); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-21 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-21 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-17 194032]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2008-04-16 954368]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-12 117144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-25 30192]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S4 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S4 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-21 968880]

-----------------EOF-----------------

[Rudy]

Zdravím!
Nespouštějte ComboFix bez pokynu rádce. Můžete nabořit systém. CF je utilita pro profesinály. Dejte log RSIT: http://forum.viry.cz/viewtopic.php?t=81939 .

[Petrasek]

JJ, na to jsem už přišel a bohužel jsem dal editovat, namísto odpovědět, takže log je výše.
Díky moc.

[Rudy]

Spuštění CF nic nebrání. CF zkuste spustit v nouz. režimu. Před tím a le odinstalujte AdvancedSystemCare. Tento čínský šmejd v rukou laika rovněž dokáže poškodit systém.

[Petrasek]

Tak se to povedlo a log mám, ale musím z druhého PC, na tamtom nejde po restartu spustit žádný prohlížeč.

Tady je log z CF:

ComboFix 13-05-21.01 - toshiba 21.05.2013 20:56:57.3.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2939.2419 [GMT 2:00]
Spuštěný z: c:\users\toshiba\Desktop\Plocha\ComboFix.exe
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files\BasicScan
c:\program files\BasicScan\basicscan.dll
c:\program files\BasicScan\basicscan.exe
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences\prefs.js
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome\basicscan.jar
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\install.rdf
c:\programdata\BasicScan
c:\programdata\d046c0ee7cea5abc12818f32a6e97874_c
c:\programdata\hpe57B0.dll
c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\users\toshiba\AppData\Roaming\Desktopicon
c:\users\toshiba\AppData\Roaming\Desktopicon\config.ini
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\arwDwn.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ae.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\bg.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\cn.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\cz.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\de.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\eg.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\en.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\es.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\fr.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\gr.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\he.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ch.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\il.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\it.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ja.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\jp.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\nl.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\no.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\pl.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\pt.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ro.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ru.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\sa.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\se.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\sv.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\tr.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ua.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\us.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\help_16.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\home.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\icon_seperator.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\logo.PNG
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\privecy_16_hot.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\specialoffer.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\tellafriend.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\mtstart.js
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\searchya.css
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\searchya.xul
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\tmplt.js
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\chrome.manifest
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\install.rdf
c:\users\toshiba\AppData\Roaming\vso_ts_preview.xml
c:\windows\$NtUninstallKB44661$
c:\windows\system32\frapsvid.dll
c:\windows\system32\pt
c:\windows\system32\pt\toscdspd.cpl.mui
c:\windows\system32\system
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BasicScan Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-21 do 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 19:05 . 2013-05-21 19:10 -------- d-----w- c:\users\toshiba\AppData\Local\temp
2013-05-21 19:05 . 2013-05-21 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-21 17:29 . 2013-05-21 17:29 -------- d-----w- C:\rsit
2013-05-21 17:29 . 2013-05-21 17:29 -------- d-----w- c:\program files\trend micro
2013-05-21 14:55 . 2013-05-21 14:55 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2013-05-18 06:25 . 2013-05-18 06:25 -------- d-----w- c:\users\toshiba\AppData\Roaming\Searchya
2013-05-18 06:25 . 2013-05-18 06:25 -------- d-----w- c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C
2013-05-18 06:25 . 2013-05-18 06:25 -------- d-----w- c:\program files\SearchYa!
2013-05-15 22:20 . 2013-05-15 22:20 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-05-15 22:20 . 2013-05-15 22:20 -------- d-----w- c:\program files\Common Files\SRS Labs
2013-04-24 06:48 . 2013-04-24 06:48 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 05:57 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-14 22:27 . 2013-03-28 19:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-14 22:27 . 2013-03-23 11:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-11 01:18 . 2013-04-11 01:18 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\system32\GPhotos.scr
2013-02-21 12:52 . 2012-11-08 22:58 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2009-11-15 10:00 . 2013-03-08 11:41 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-21 12:52 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-21 1929392]
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"= "c:\program files\Yandex\YandexBarIE\yndbar.dll" [2011-10-20 12336440]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"= "c:\program files\Yandex\YandexBarIE\yndbar.dll" [2011-10-20 12336440]
.
[HKEY_CLASSES_ROOT\clsid\{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRSHDAudioLab"="c:\program files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" [2011-08-24 3877216]
"Logitech Vid"="c:\program files\logitech\vid hd\vid.exe" [2010-10-29 5915480]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-05 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-02-21 1151152]
"VideoDownloadConverter_4z Browser Plugin Loader"="c:\progra~1\videod~2\bar\1.bin\4zbrmon.exe" [2012-08-16 30096]
"Toshiba TEMPRO"="c:\program files\toshiba tempro\temprotray.exe" [2010-08-27 1050072]
"SynTPEnh"="c:\program files\synaptics\syntp\syntpenh.exe" [2008-08-14 1348904]
"snpstd3"="c:\windows\vsnpstd3.exe" [2007-05-10 835584]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"Skytel"="skytel.exe" [2007-11-20 1826816]
"RtHDVCpl"="rthdvcpl.exe" [2008-04-08 6037504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"HFALoader"="c:\program files\hamster soft\free zip archiver\hamsterarc.exe" [2011-11-09 2324992]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2009-07-27 424496]
"SRSAENotifier"="c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe" [2011-08-24 528216]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2012-03-28 00:53 404568 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
2009-07-27 09:37 424496 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2011-03-24 22:42 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
2011-10-21 13:06 433872 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-12-05 08:40 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
2009-05-19 20:16 222504 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor]
2012-08-16 21:20 42536 ----a-w- c:\progra~1\VIDEOD~2\bar\1.bin\4zSrchMn.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HDMICtrlMan"=c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
"tsnpstd3"=c:\windows\tsnpstd3.exe
"TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
"00TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"cfFncEnabler.exe"=cfFncEnabler.exe
"NDSTray.exe"=NDSTray.exe
"Google EULA Launcher"=c:\program files\Google\Google EULA\GoogleEULALauncher.exe IE PA
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 20:54 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-28 22:27]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-21 19:41]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-21 19:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2X ... 986225&ir=
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-05-16 02:24; ascsurfingprotection@iobit.com; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-05-18 08:25; {5ebdca98-43b3-45bb-87e0-716029fb42ab}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF - ExtSQL: 2013-05-18 08:26; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2009-09-26 17:11; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-08-16 23:20; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld -
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 6429b9c70000000000000024d271dd43
FF - user.js: extensions.Softonic.instlDay - 15694
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - INF00040
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2X ... 986225&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?f=2&a=SearchooD&cd=2X ... 986225&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?f=3&a=SearchooD&cd=2X ... 225&ir=&q=
FF - user.js: extensions.searchya.id - 0024D271DD43B9C7
FF - user.js: extensions.searchya.instlDay - 15843
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.08:25:3
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - SearchooD
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
FF - user.js: extensions.irspeeddial.aflt - SearchooD
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 1073986225
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtByE0DtByBtC0D0DyEtA0Bzy0CyBtN0D0Tzu0CyDtDtAtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C1V0F1L1C1P1O1F2V
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
URLSearchHooks-{a7347e8c-1ca6-469b-951e-4a23c4437935} - (no file)
URLSearchHooks-{a8baaddd-ab98-4cdb-84cc-3c9ed9f38d1e} - (no file)
URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-21 21:09
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,38,12,78,38,4c,
81,00,23,88,0a,f5,40,f8,f6,90,c6,d4,52
"{A057A204-BACC-4D26-8287-79A187E26987}"=hex:51,66,7a,6c,4c,1d,38,12,6a,a1,44,
a4,fe,f4,48,08,fd,91,3a,e1,82,bc,2d,93
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,35,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"=hex:51,66,7a,6c,4c,1d,38,12,4e,7e,2a,
95,74,5a,ba,54,f5,e2,43,00,cf,4f,63,a2
"{48586425-6BB7-4F51-8DC6-38C88E3EBB58}"=hex:51,66,7a,6c,4c,1d,38,12,4b,67,4b,
4c,85,25,3f,0a,f2,d0,7b,88,8b,60,ff,4c
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}"=hex:51,66,7a,6c,4c,1d,38,12,c3,8a,99,
0a,e5,db,85,05,f2,8b,4b,7e,f2,58,2e,15
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}"=hex:51,66,7a,6c,4c,1d,38,12,95,87,3c,
35,42,c7,bd,0a,c2,cd,33,52,ef,9a,eb,dd
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{C547C6C2-561B-4169-A2A5-20BA771CA93B}"=hex:51,66,7a,6c,4c,1d,38,12,ac,c5,54,
c1,29,18,07,04,dd,b3,63,fa,72,42,ed,2f
"{C93F72A2-2162-4BBA-A07A-F13663C297A6}"=hex:51,66,7a,6c,4c,1d,38,12,cc,71,2c,
cd,50,6f,d4,0e,df,6c,b2,76,66,9c,d3,b2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{EA837F48-5AD1-443E-AE34-FFE03CBF3099}"=hex:51,66,7a,6c,4c,1d,38,12,26,7c,90,
ee,e3,14,50,01,d1,22,bc,a0,39,e1,74,8d
"{EAEE5C74-6D0D-4ACA-9232-0DA4A7B866BA}"=hex:51,66,7a,6c,4c,1d,38,12,1a,5f,fd,
ee,3f,23,a4,0f,ed,24,4e,e4,a2,e6,22,ae
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,32,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a0,46,33,6b,36,10,ce,01
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0022\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0023\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3676)
c:\program files\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\AVG\AVG2012\avgwdsvc.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Toshiba TEMPRO\TemproSvc.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\AVG\AVG2012\AVGIDSAgent.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\windows\system32\conime.exe
c:\program files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
c:\windows\RtHDVCpl.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2013-05-21 21:16:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-21 19:16
.
Před spuštěním: Volných bajtů: 26 470 981 632
Po spuštění: Volných bajtů: 25 830 432 768
.
- - End Of File - - 70D98DFAA5685AC3515AB94726057839

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\users\toshiba\AppData\Roaming\Searchya
c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C
c:\program files\SearchYa!
c:\program files\Yandex
c:\program files\Google\GoogleToolbarNotifier
c:\program files\SweetIM

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CLASSES_ROOT\clsid\{91397d20-1446-11d4-8af4-0040ca1127b6}]
[-HKEY_CLASSES_ROOT\Yandex.Toolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[-HKEY_CLASSES_ROOT\Yandex.Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SweetIM"=-

Firefox::
FF - ProfilePath - c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-05-16 02:24; ascsurfingprotection@iobit.com; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-05-18 08:25; {5ebdca98-43b3-45bb-87e0-716029fb42ab}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF - ExtSQL: 2013-05-18 08:26; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2009-09-26 17:11; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-08-16 23:20; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00040/tb_ ... rce=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00040/tb_ ... rce=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00040/tb_ ... e=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld -
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00040/tb_ ... rce=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00040/tb_ ... e=1&cc=&q=
FF - user.js: extensions.Softonic.id - 6429b9c70000000000000024d271dd43
FF - user.js: extensions.Softonic.instlDay - 15694
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - INF00040
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?f=1&a=Searchoo ... 986225&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?f=2&a=Searchoo ... 986225&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?f=3&a=Searchoo ... 225&ir=&q=
FF - user.js: extensions.searchya.id - 0024D271DD43B9C7
FF - user.js: extensions.searchya.instlDay - 15843
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.08:25:3
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - SearchooD
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
FF - user.js: extensions.irspeeddial.aflt - SearchooD
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 1073986225
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtByE0DtByBtC0D0DyEtA0Bzy0CyBtN0D0Tzu0CyDtDtAtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C1V0F1L1C1P1O1F2V

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0022\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0023\AllUserSettings]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Petrasek]

Tak jsem to provedl a vytvořilo mi to další log:

ComboFix 13-05-21.01 - toshiba 21.05.2013 22:40:10.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2939.1789 [GMT 2:00]
Spuštěný z: c:\users\toshiba\Desktop\Plocha\ComboFix.exe
Použité ovládací přepínače :: D:\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\GoogleToolbarNotifier
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\gth.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\Readme.url
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\program files\SearchYa!
c:\program files\SearchYa!\1.5.25.0\bh\searchya.dll
c:\program files\SearchYa!\1.5.25.0\escortShld.dll
c:\program files\SearchYa!\1.5.25.0\FavIcon.ico
c:\program files\SearchYa!\1.5.25.0\searchyaApp.dll
c:\program files\SearchYa!\1.5.25.0\searchyaEng.dll
c:\program files\SearchYa!\1.5.25.0\searchyasrv.exe
c:\program files\SearchYa!\1.5.25.0\searchyaTlbr.dll
c:\program files\SearchYa!\1.5.25.0\SearchyaUpdater.exe
c:\program files\SearchYa!\1.5.25.0\Sqlite3.dll
c:\program files\SearchYa!\1.5.25.0\uninst.dat
c:\program files\SearchYa!\1.5.25.0\uninstall.exe
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\program files\Yandex
c:\program files\Yandex\YandexBarIE\accelerators\search.ico
c:\program files\Yandex\YandexBarIE\accelerators\search.xml
c:\program files\Yandex\YandexBarIE\Apache Licence, version 2.0.rtf
c:\program files\Yandex\YandexBarIE\bar.ico
c:\program files\Yandex\YandexBarIE\branding.zip
c:\program files\Yandex\YandexBarIE\default.xml
c:\program files\Yandex\YandexBarIE\facebook_ff_1.0_13.zip
c:\program files\Yandex\YandexBarIE\facebook_ie_2_12.zip
c:\program files\Yandex\YandexBarIE\fastdial.dll
c:\program files\Yandex\YandexBarIE\games_cs_ie_1_7.zip
c:\program files\Yandex\YandexBarIE\gmail3_wwt_1.zip
c:\program files\Yandex\YandexBarIE\license.rtf
c:\program files\Yandex\YandexBarIE\news_cs_ff_1_8.zip
c:\program files\Yandex\YandexBarIE\news_cs_ie_1_7.zip
c:\program files\Yandex\YandexBarIE\quotes_7.zip
c:\program files\Yandex\YandexBarIE\radio_ff_1_15.zip
c:\program files\Yandex\YandexBarIE\radio_ie_2_4.zip
c:\program files\Yandex\YandexBarIE\seznam_ff_1_11.zip
c:\program files\Yandex\YandexBarIE\seznam_ie_1_9.zip
c:\program files\Yandex\YandexBarIE\seznamrank_ff_1_8.zip
c:\program files\Yandex\YandexBarIE\seznamrank_ie_1_9.zip
c:\program files\Yandex\YandexBarIE\soc_ff_1_11.zip
c:\program files\Yandex\YandexBarIE\soc_ie_1_11.zip
c:\program files\Yandex\YandexBarIE\translator_ie_1_11.zip
c:\program files\Yandex\YandexBarIE\twitter_ff_1_13.zip
c:\program files\Yandex\YandexBarIE\twitter_ie_1_14.zip
c:\program files\Yandex\YandexBarIE\video_cs_ie_1_4.zip
c:\program files\Yandex\YandexBarIE\yndbar.dll
c:\program files\Yandex\YandexBarIE\yndhelper.exe
c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C
c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C\Firefox Packages\uninstaller.exe
c:\users\toshiba\AppData\Roaming\Searchya
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-21 do 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 20:58 . 2013-05-21 21:02 -------- d-----w- c:\users\toshiba\AppData\Local\temp
2013-05-21 20:58 . 2013-05-21 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-21 17:29 . 2013-05-21 17:29 -------- d-----w- C:\rsit
2013-05-21 17:29 . 2013-05-21 17:29 -------- d-----w- c:\program files\trend micro
2013-05-21 14:55 . 2013-05-21 14:55 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2013-05-15 22:20 . 2013-05-15 22:20 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-05-15 22:20 . 2013-05-15 22:20 -------- d-----w- c:\program files\Common Files\SRS Labs
2013-04-24 06:48 . 2013-04-24 06:48 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 05:57 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-14 22:27 . 2013-03-28 19:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-14 22:27 . 2013-03-23 11:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-11 01:18 . 2013-04-11 01:18 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\system32\GPhotos.scr
2013-02-21 12:52 . 2012-11-08 22:58 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2009-11-15 10:00 . 2013-03-08 11:41 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-21 12:52 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRSHDAudioLab"="c:\program files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" [2011-08-24 3877216]
"Logitech Vid"="c:\program files\logitech\vid hd\vid.exe" [2010-10-29 5915480]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-02-21 1151152]
"VideoDownloadConverter_4z Browser Plugin Loader"="c:\progra~1\videod~2\bar\1.bin\4zbrmon.exe" [2012-08-16 30096]
"Toshiba TEMPRO"="c:\program files\toshiba tempro\temprotray.exe" [2010-08-27 1050072]
"SynTPEnh"="c:\program files\synaptics\syntp\syntpenh.exe" [2008-08-14 1348904]
"snpstd3"="c:\windows\vsnpstd3.exe" [2007-05-10 835584]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"Skytel"="skytel.exe" [2007-11-20 1826816]
"RtHDVCpl"="rthdvcpl.exe" [2008-04-08 6037504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"HFALoader"="c:\program files\hamster soft\free zip archiver\hamsterarc.exe" [2011-11-09 2324992]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2009-07-27 424496]
"SRSAENotifier"="c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe" [2011-08-24 528216]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2012-03-28 00:53 404568 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
2009-07-27 09:37 424496 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
2011-10-21 13:06 433872 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
2009-05-19 20:16 222504 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor]
2012-08-16 21:20 42536 ----a-w- c:\progra~1\VIDEOD~2\bar\1.bin\4zSrchMn.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HDMICtrlMan"=c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
"tsnpstd3"=c:\windows\tsnpstd3.exe
"TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
"00TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
"cfFncEnabler.exe"=cfFncEnabler.exe
"NDSTray.exe"=NDSTray.exe
"Google EULA Launcher"=c:\program files\Google\Google EULA\GoogleEULALauncher.exe IE PA
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 20:54 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-28 22:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2X ... 986225&ir=
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\
FF - ExtSQL: 2013-05-16 02:24; ascsurfingprotection@iobit.com; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-05-18 08:25; {5ebdca98-43b3-45bb-87e0-716029fb42ab}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF - ExtSQL: 2013-05-18 08:26; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2009-09-26 17:11; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-08-16 23:20; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld -
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 6429b9c70000000000000024d271dd43
FF - user.js: extensions.Softonic.instlDay - 15694
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - INF00040
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2X ... 986225&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?f=2&a=SearchooD&cd=2X ... 986225&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?f=3&a=SearchooD&cd=2X ... 225&ir=&q=
FF - user.js: extensions.searchya.id - 0024D271DD43B9C7
FF - user.js: extensions.searchya.instlDay - 15843
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.08:25:3
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - SearchooD
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
FF - user.js: extensions.irspeeddial.aflt - SearchooD
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 1073986225
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtByE0DtByBtC0D0DyEtA0Bzy0CyBtN0D0Tzu0CyDtDtAtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C1V0F1L1C1P1O1F2V
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-searchya - c:\program files\SearchYa!\1.5.25.0\uninstall.exe
AddRemove-Firefox Packages - c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C\Firefox Packages\uninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-21 23:01
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4920)
c:\program files\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\AVG\AVG2012\avgwdsvc.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Toshiba TEMPRO\TemproSvc.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\AVG\AVG2012\AVGIDSAgent.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
c:\windows\RtHDVCpl.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2013-05-21 23:15:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-21 21:14
ComboFix2.txt 2013-05-21 19:16
.
Před spuštěním: Volných bajtů: 25 487 962 112
Po spuštění: Volných bajtů: 25 349 664 768
.
- - End Of File - - 4F9986B94BDFA7DA0812446C7A006576

[Petrasek]

Bohužel mi tam nejde spustit prohlížeč, píše mi to
"C:\Program Files\Mozila Firefox\firefox.exe"
Pokus použít neplatnou operaci na klíč registru, který je označen pro odstrnění.

Dá se s tím něco dělat?

[Petrasek]

Omlouvám se, ale stačil restart.
Ještě něco je potřeba?

[Rudy]

Ano, někdy je třeba druhý restart. Nastala nějaká změna?

[Petrasek]

Moc děkuji za rady, už běží jak má.
Ještě že tu jste, takoví šikolové, fakt díky moc za pomoc.

[Rudy]

ComboFix odinstalujte pomocí T-Cleaneru: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe . Nemáte zač!