VIRY.CZ

Prosím radu, nejde mi zapnout brána firewall, tak jsem stáhl combofix, že sem dám log, ale ten mi zamrzne na modré obrazovce a jen bliká kurzor a občas problikne disk, tak jsem to po 40 minutách restartoval.
Je to systém vista a je tam placená verze AVG.
To AVG jsem před combofixem zastavil.
Děkuji předem za rady.

Tak se mi povedlo udělat log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by toshiba at 2013-05-21 19:29:38
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 23 GB (15%) free of 152 GB
Total RAM: 2939 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:29:54, on 21.5.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\vsnpstd3.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\toshiba\Desktop\RSIT.exe
C:\Program Files\trend micro\toshiba.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?f=1&a=Searchoo ... 986225&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: (no name) - {a7347e8c-1ca6-469b-951e-4a23c4437935} - (no file)
R3 - URLSearchHook: (no name) - {a8baaddd-ab98-4cdb-84cc-3c9ed9f38d1e} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: VMN Toolbar Astro Gemini - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: VMN Toolbar Astro Gemini - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] c:\progra~1\videod~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [Toshiba TEMPRO] c:\program files\toshiba tempro\temprotray.exe
O4 - HKLM\..\Run: [SynTPEnh] c:\program files\synaptics\syntp\syntpenh.exe
O4 - HKLM\..\Run: [snpstd3] c:\windows\vsnpstd3.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [Skytel] skytel.exe
O4 - HKLM\..\Run: [RtHDVCpl] rthdvcpl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Persistence] c:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [IgfxTray] c:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [HotKeysCmds] c:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [HFALoader] c:\program files\hamster soft\free zip archiver\hamsterarc.exe -loader
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [SRSAENotifier] C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
O4 - HKCU\..\Run: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" auto
O4 - HKCU\..\Run: [Logitech Vid] "c:\program files\logitech\vid hd\vid.exe" -bootmode
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca3af3958c8040) (gupdate1ca3af3958c8040) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: SRS HDAudio Lab Service (SRSHDAudioService) - SRS Labs, Inc. - C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe

--
End of file - 13828 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ASCv5_AutoUpdateD.job
C:\Windows\tasks\Defraggler Volume C Task.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"4zffxtbr@VideoDownloadConverter_4z.com"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
quickstores@quickstores.de

C:\Program Files\Mozilla Firefox\components\
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npDivxPlayerPlugin.dll
npdrmv2.dll
npdsplay.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwmsdrm.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
Mp3Tube.xml
yahoo.xml

C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\
4zffxtbr@VideoDownloadConverter_4z.com
ascsurfingprotection@iobit.com
avg@toolbar
cs@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
engine@conduit.com
nl-NL@dictionaries.addons.mozilla.org
openmedspel@e-medtools.com
yasearch@yandex.ru
{20a82645-c095-46ed-80e3-08825760534b}
{3112ca9c-de6d-4884-a869-9855de68056c}
{51a86bb3-6602-4c85-92a5-130ee4864f13}(71)
{5351568c-ac00-4794-8f5e-dbf52cb1f567}(82)
{5ebdca98-43b3-45bb-87e0-716029fb42ab}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{ea614400-e918-4741-9a97-7a972ff7c30b}
{ecdee021-0d17-467f-a1ff-c7a115230949}(72)
{fbc8441e-a153-45b0-8e93-87521a5812a1}

C:\Users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\searchplugins\
conduit.xml
encyklopedie-seznam.xml
hellspy.xml
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
SearchYa!.xml
slovnk-czen.xml
slovnk-encz.xml
softonic.xml
sweetim.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-10-15 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-21 1929392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
VMN Toolbar Astro Gemini - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-15 1950656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL [2013-04-24 659264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Vizuální záložky - C:\Program Files\Yandex\YandexBarIE\fastdial.dll [2011-10-13 2697528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2009-05-18 992408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}]
C:\Program Files\PicLensIE\cooliris.dll [2008-10-13 4087808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{A057A204-BACC-4D26-8287-79A187E26987} - VMN Toolbar Astro Gemini - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-15 1950656]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-21 1929392]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Yandex.Bar - C:\Program Files\Yandex\YandexBarIE\yndbar.dll [2011-10-20 12336440]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-02-21 1151152]
"VideoDownloadConverter_4z Browser Plugin Loader"=c:\progra~1\videod~2\bar\1.bin\4zbrmon.exe [2012-08-16 30096]
"Toshiba TEMPRO"=c:\program files\toshiba tempro\temprotray.exe [2010-08-27 1050072]
"SynTPEnh"=c:\program files\synaptics\syntp\syntpenh.exe [2008-08-14 1348904]
"snpstd3"=c:\windows\vsnpstd3.exe [2007-05-10 835584]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"Skytel"=C:\Windows\skytel.exe [2007-11-20 1826816]
"RtHDVCpl"=C:\Windows\rthdvcpl.exe [2008-04-08 6037504]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"Persistence"=c:\windows\system32\igfxpers.exe [2008-06-25 145944]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"IgfxTray"=c:\windows\system32\igfxtray.exe [2008-06-25 150040]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"HotKeysCmds"=c:\windows\system32\hkcmd.exe [2008-06-25 170520]
"HFALoader"=c:\program files\hamster soft\free zip archiver\hamsterarc.exe [2011-11-09 2324992]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2009-07-27 424496]
"SRSAENotifier"=C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe [2011-08-24 528216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SRSHDAudioLab"=C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe [2011-08-24 3877216]
"Logitech Vid"=c:\program files\logitech\vid hd\vid.exe [2010-10-29 5915480]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-12-05 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files\adobe\reader 9.0\reader\reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
c:\program files\alcohol soft\alcohol 120\axautomntsrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2012-03-28 404568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
c:\program files\camera assistant software for toshiba\traybar.exe [2009-07-27 424496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
c:\program files\google\google desktop search\googledesktop.exe [2011-03-25 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-02-28 18642024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
c:\program files\sony ericsson\sony ericsson pc companion\pccompanion.exe [2011-10-21 433872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-12-05 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe [2009-05-19 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor]
C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2012-08-16 42536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\309042~1.318\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-05-21 19:29:38 ----D---- C:\rsit
2013-05-21 19:29:38 ----D---- C:\Program Files\trend micro
2013-05-21 18:52:33 ----SHD---- C:\$RECYCLE.BIN
2013-05-21 17:42:19 ----D---- C:\Windows\temp
2013-05-21 17:16:41 ----SD---- C:\ComboFix
2013-05-21 16:42:41 ----A---- C:\Windows\zip.exe
2013-05-21 16:42:41 ----A---- C:\Windows\SWSC.exe
2013-05-21 16:42:41 ----A---- C:\Windows\SWREG.exe
2013-05-21 16:42:41 ----A---- C:\Windows\sed.exe
2013-05-21 16:42:41 ----A---- C:\Windows\PEV.exe
2013-05-21 16:42:41 ----A---- C:\Windows\NIRCMD.exe
2013-05-21 16:42:41 ----A---- C:\Windows\MBR.exe
2013-05-21 16:42:41 ----A---- C:\Windows\grep.exe
2013-05-21 16:40:31 ----D---- C:\Qoobox
2013-05-21 16:39:54 ----D---- C:\Windows\erdnt
2013-05-21 16:39:51 ----SD---- C:\32788R22FWJFW
2013-05-18 08:42:38 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-18 08:25:09 ----D---- C:\Users\toshiba\AppData\Roaming\Searchya
2013-05-18 08:25:04 ----D---- C:\Users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C
2013-05-18 08:25:03 ----D---- C:\Program Files\SearchYa!
2013-05-16 00:20:02 ----D---- C:\Program Files\Common Files\Macrovision Shared
2013-05-16 00:20:00 ----D---- C:\Program Files\Common Files\SRS Labs
2013-04-24 08:48:47 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2013-05-21 19:29:52 ----D---- C:\Windows\Prefetch
2013-05-21 19:29:45 ----AD---- C:\ProgramData\Temp
2013-05-21 19:29:38 ----D---- C:\Program Files
2013-05-21 17:42:19 ----D---- C:\Windows
2013-05-21 17:39:27 ----AD---- C:\Windows\System32
2013-05-21 17:39:16 ----HD---- C:\ProgramData
2013-05-21 17:33:27 ----D---- C:\Windows\system32\drivers
2013-05-21 17:33:25 ----D---- C:\Windows\AppPatch
2013-05-21 17:33:12 ----D---- C:\Program Files\Common Files
2013-05-21 17:25:35 ----D---- C:\Windows\tracing
2013-05-21 17:05:08 ----D---- C:\Windows\Minidump
2013-05-21 16:57:43 ----D---- C:\Windows\SoftwareDistribution
2013-05-21 16:27:48 ----D---- C:\Windows\system32\drivers\AVG
2013-05-21 16:25:24 ----D---- C:\Users\toshiba\AppData\Roaming\Skype
2013-05-20 20:59:28 ----SHD---- C:\System Volume Information
2013-05-20 12:50:07 ----D---- C:\Windows\inf
2013-05-18 21:22:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-18 08:42:36 ----D---- C:\Program Files\Mozilla Firefox
2013-05-18 08:25:10 ----D---- C:\Windows\system32\Tasks
2013-05-17 07:56:23 ----D---- C:\Windows\Debug
2013-05-16 14:12:06 ----D---- C:\Windows\ModemLogs
2013-05-16 00:30:39 ----D---- C:\Windows\system32\config
2013-05-16 00:24:42 ----D---- C:\Users\toshiba\AppData\Roaming\Apple Computer
2013-05-16 00:21:06 ----SHD---- C:\Windows\Installer
2013-05-15 00:27:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-05-14 16:57:50 ----D---- C:\ProgramData\MFAData
2013-04-30 18:16:41 ----D---- C:\Windows\system32\catroot
2013-04-27 19:39:32 ----D---- C:\ProgramData\Adobe
2013-04-24 08:48:58 ----D---- C:\ProgramData\Skype
2013-04-24 08:48:48 ----RD---- C:\Program Files\Skype
2013-04-22 14:10:11 ----D---- C:\Program Files\Camera Assistant Software for Toshiba

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-10 436792]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-07-18 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-02-21 33112]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2008-04-28 20384]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-02 64128]
R2 Ethpdrv;Ethernet Packet Driver; C:\Windows\system32\DRIVERS\ethpdrv.sys [2007-08-01 16376]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-06-20 112128]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-11-04 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SRS_AE_Service;SRS Audio Essentials; C:\Windows\system32\drivers\SRS_AE_i386.sys [2011-08-01 404256]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2008-03-25 41472]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2007-11-14 100992]
S3 AF9035HB;AF9035 Hybrid Device; C:\Windows\System32\Drivers\AF9035HB.sys [2010-05-15 863616]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys []
S3 catchme;catchme; \??\C:\Users\toshiba\AppData\Local\Temp\catchme.sys []
S3 CompFilter;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbusflt.sys [2012-01-18 22176]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB.sys [2010-05-12 16896]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-07-30 101120]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2010-05-07 25824]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2012-01-18 312096]
S3 LVUVC;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-01-18 4332960]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2007-01-15 9728]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2009-04-24 10472960]
S3 SRS_HDAL_Service;HD Audio Lab; C:\Windows\system32\drivers\SRS_HDAL_i386.sys [2010-07-02 384752]
S3 SRS_iWowPC_Service;SRS Labs iWow PC; C:\Windows\system32\drivers\srs_iWowPC_i386.sys [2008-11-17 37888]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2011-01-12 25088]
S3 Tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-04-23 131712]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2008-01-22 54144]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 41856]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-10-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-10-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-10-21 25216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-12-31 247152]
R2 SRSHDAudioService;SRS HDAudio Lab Service; C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe [2011-08-24 12648]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [2010-08-27 124368]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-04-11 124264]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2012-08-16 42504]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-05-16 1045256]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 77824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca3af3958c8040;Služba Google Update (gupdate1ca3af3958c8040); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-21 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-21 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-17 194032]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2008-04-16 954368]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-12 117144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-25 30192]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S4 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S4 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-21 968880]

-----------------EOF-----------------

Zdravím!
Nespouštějte ComboFix bez pokynu rádce. Můžete nabořit systém. CF je utilita pro profesinály. Dejte log RSIT: http://forum.viry.cz/viewtopic.php?t=81939 .

JJ, na to jsem už přišel a bohužel jsem dal editovat, namísto odpovědět, takže log je výše.
Díky moc.

Spuštění CF nic nebrání. CF zkuste spustit v nouz. režimu. Před tím a le odinstalujte AdvancedSystemCare. Tento čínský šmejd v rukou laika rovněž dokáže poškodit systém.

Tak se to povedlo a log mám, ale musím z druhého PC, na tamtom nejde po restartu spustit žádný prohlížeč.

Tady je log z CF:

ComboFix 13-05-21.01 - toshiba 21.05.2013 20:56:57.3.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2939.2419 [GMT 2:00]
Spuštěný z: c:\users\toshiba\Desktop\Plocha\ComboFix.exe
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files\BasicScan
c:\program files\BasicScan\basicscan.dll
c:\program files\BasicScan\basicscan.exe
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences\prefs.js
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome\basicscan.jar
c:\program files\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\install.rdf
c:\programdata\BasicScan
c:\programdata\d046c0ee7cea5abc12818f32a6e97874_c
c:\programdata\hpe57B0.dll
c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\users\toshiba\AppData\Roaming\Desktopicon
c:\users\toshiba\AppData\Roaming\Desktopicon\config.ini
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\arwDwn.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ae.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\bg.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\cn.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\cz.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\de.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\eg.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\en.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\es.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\fr.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\gr.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\he.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ch.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\il.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\it.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ja.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\jp.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\nl.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\no.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\pl.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\pt.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ro.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ru.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\sa.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\se.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\sv.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\tr.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ua.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\us.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\help_16.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\home.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\icon_seperator.png
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\logo.PNG
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\privecy_16_hot.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\specialoffer.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\imgs\tellafriend.gif
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\mtstart.js
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\searchya.css
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\searchya.xul
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\content\tmplt.js
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\chrome.manifest
c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ffxtlbr@searchya.com\install.rdf
c:\users\toshiba\AppData\Roaming\vso_ts_preview.xml
c:\windows\$NtUninstallKB44661$
c:\windows\system32\frapsvid.dll
c:\windows\system32\pt
c:\windows\system32\pt\toscdspd.cpl.mui
c:\windows\system32\system
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BasicScan Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-21 do 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 19:05 . 2013-05-21 19:10 -------- d-----w- c:\users\toshiba\AppData\Local\temp
2013-05-21 19:05 . 2013-05-21 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-21 17:29 . 2013-05-21 17:29 -------- d-----w- C:\rsit
2013-05-21 17:29 . 2013-05-21 17:29 -------- d-----w- c:\program files\trend micro
2013-05-21 14:55 . 2013-05-21 14:55 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2013-05-18 06:25 . 2013-05-18 06:25 -------- d-----w- c:\users\toshiba\AppData\Roaming\Searchya
2013-05-18 06:25 . 2013-05-18 06:25 -------- d-----w- c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C
2013-05-18 06:25 . 2013-05-18 06:25 -------- d-----w- c:\program files\SearchYa!
2013-05-15 22:20 . 2013-05-15 22:20 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-05-15 22:20 . 2013-05-15 22:20 -------- d-----w- c:\program files\Common Files\SRS Labs
2013-04-24 06:48 . 2013-04-24 06:48 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 05:57 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-14 22:27 . 2013-03-28 19:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-14 22:27 . 2013-03-23 11:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-11 01:18 . 2013-04-11 01:18 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\system32\GPhotos.scr
2013-02-21 12:52 . 2012-11-08 22:58 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2009-11-15 10:00 . 2013-03-08 11:41 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-21 12:52 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-21 1929392]
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"= "c:\program files\Yandex\YandexBarIE\yndbar.dll" [2011-10-20 12336440]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"= "c:\program files\Yandex\YandexBarIE\yndbar.dll" [2011-10-20 12336440]
.
[HKEY_CLASSES_ROOT\clsid\{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOT\Yandex.Toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRSHDAudioLab"="c:\program files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" [2011-08-24 3877216]
"Logitech Vid"="c:\program files\logitech\vid hd\vid.exe" [2010-10-29 5915480]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-05 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-02-21 1151152]
"VideoDownloadConverter_4z Browser Plugin Loader"="c:\progra~1\videod~2\bar\1.bin\4zbrmon.exe" [2012-08-16 30096]
"Toshiba TEMPRO"="c:\program files\toshiba tempro\temprotray.exe" [2010-08-27 1050072]
"SynTPEnh"="c:\program files\synaptics\syntp\syntpenh.exe" [2008-08-14 1348904]
"snpstd3"="c:\windows\vsnpstd3.exe" [2007-05-10 835584]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"Skytel"="skytel.exe" [2007-11-20 1826816]
"RtHDVCpl"="rthdvcpl.exe" [2008-04-08 6037504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"HFALoader"="c:\program files\hamster soft\free zip archiver\hamsterarc.exe" [2011-11-09 2324992]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2009-07-27 424496]
"SRSAENotifier"="c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe" [2011-08-24 528216]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2012-03-28 00:53 404568 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
2009-07-27 09:37 424496 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2011-03-24 22:42 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
2011-10-21 13:06 433872 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-12-05 08:40 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
2009-05-19 20:16 222504 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor]
2012-08-16 21:20 42536 ----a-w- c:\progra~1\VIDEOD~2\bar\1.bin\4zSrchMn.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HDMICtrlMan"=c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
"tsnpstd3"=c:\windows\tsnpstd3.exe
"TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
"00TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"cfFncEnabler.exe"=cfFncEnabler.exe
"NDSTray.exe"=NDSTray.exe
"Google EULA Launcher"=c:\program files\Google\Google EULA\GoogleEULALauncher.exe IE PA
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 20:54 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-28 22:27]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-21 19:41]
.
2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-21 19:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2X ... 986225&ir=
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-05-16 02:24; ascsurfingprotection@iobit.com; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-05-18 08:25; {5ebdca98-43b3-45bb-87e0-716029fb42ab}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF - ExtSQL: 2013-05-18 08:26; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2009-09-26 17:11; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-08-16 23:20; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld -
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 6429b9c70000000000000024d271dd43
FF - user.js: extensions.Softonic.instlDay - 15694
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - INF00040
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2X ... 986225&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?f=2&a=SearchooD&cd=2X ... 986225&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?f=3&a=SearchooD&cd=2X ... 225&ir=&q=
FF - user.js: extensions.searchya.id - 0024D271DD43B9C7
FF - user.js: extensions.searchya.instlDay - 15843
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.08:25:3
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - SearchooD
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
FF - user.js: extensions.irspeeddial.aflt - SearchooD
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 1073986225
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtByE0DtByBtC0D0DyEtA0Bzy0CyBtN0D0Tzu0CyDtDtAtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C1V0F1L1C1P1O1F2V
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
URLSearchHooks-{a7347e8c-1ca6-469b-951e-4a23c4437935} - (no file)
URLSearchHooks-{a8baaddd-ab98-4cdb-84cc-3c9ed9f38d1e} - (no file)
URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-21 21:09
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,38,12,78,38,4c,
81,00,23,88,0a,f5,40,f8,f6,90,c6,d4,52
"{A057A204-BACC-4D26-8287-79A187E26987}"=hex:51,66,7a,6c,4c,1d,38,12,6a,a1,44,
a4,fe,f4,48,08,fd,91,3a,e1,82,bc,2d,93
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,35,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"=hex:51,66,7a,6c,4c,1d,38,12,4e,7e,2a,
95,74,5a,ba,54,f5,e2,43,00,cf,4f,63,a2
"{48586425-6BB7-4F51-8DC6-38C88E3EBB58}"=hex:51,66,7a,6c,4c,1d,38,12,4b,67,4b,
4c,85,25,3f,0a,f2,d0,7b,88,8b,60,ff,4c
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}"=hex:51,66,7a,6c,4c,1d,38,12,c3,8a,99,
0a,e5,db,85,05,f2,8b,4b,7e,f2,58,2e,15
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}"=hex:51,66,7a,6c,4c,1d,38,12,95,87,3c,
35,42,c7,bd,0a,c2,cd,33,52,ef,9a,eb,dd
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{C547C6C2-561B-4169-A2A5-20BA771CA93B}"=hex:51,66,7a,6c,4c,1d,38,12,ac,c5,54,
c1,29,18,07,04,dd,b3,63,fa,72,42,ed,2f
"{C93F72A2-2162-4BBA-A07A-F13663C297A6}"=hex:51,66,7a,6c,4c,1d,38,12,cc,71,2c,
cd,50,6f,d4,0e,df,6c,b2,76,66,9c,d3,b2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{EA837F48-5AD1-443E-AE34-FFE03CBF3099}"=hex:51,66,7a,6c,4c,1d,38,12,26,7c,90,
ee,e3,14,50,01,d1,22,bc,a0,39,e1,74,8d
"{EAEE5C74-6D0D-4ACA-9232-0DA4A7B866BA}"=hex:51,66,7a,6c,4c,1d,38,12,1a,5f,fd,
ee,3f,23,a4,0f,ed,24,4e,e4,a2,e6,22,ae
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,32,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a0,46,33,6b,36,10,ce,01
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0022\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0023\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3676)
c:\program files\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\AVG\AVG2012\avgwdsvc.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Toshiba TEMPRO\TemproSvc.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\AVG\AVG2012\AVGIDSAgent.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\windows\system32\conime.exe
c:\program files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
c:\windows\RtHDVCpl.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2013-05-21 21:16:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-21 19:16
.
Před spuštěním: Volných bajtů: 26 470 981 632
Po spuštění: Volných bajtů: 25 830 432 768
.
- - End Of File - - 70D98DFAA5685AC3515AB94726057839

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\users\toshiba\AppData\Roaming\Searchya
c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C
c:\program files\SearchYa!
c:\program files\Yandex
c:\program files\Google\GoogleToolbarNotifier
c:\program files\SweetIM

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CLASSES_ROOT\clsid\{91397d20-1446-11d4-8af4-0040ca1127b6}]
[-HKEY_CLASSES_ROOT\Yandex.Toolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[-HKEY_CLASSES_ROOT\Yandex.Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91397D20-1446-11D4-8AF4-0040CA1127B6}"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SweetIM"=-

Firefox::
FF - ProfilePath - c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-05-16 02:24; ascsurfingprotection@iobit.com; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-05-18 08:25; {5ebdca98-43b3-45bb-87e0-716029fb42ab}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF - ExtSQL: 2013-05-18 08:26; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2009-09-26 17:11; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-08-16 23:20; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00040/tb_ ... rce=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00040/tb_ ... rce=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00040/tb_ ... e=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld -
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00040/tb_ ... rce=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00040/tb_ ... e=1&cc=&q=
FF - user.js: extensions.Softonic.id - 6429b9c70000000000000024d271dd43
FF - user.js: extensions.Softonic.instlDay - 15694
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - INF00040
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?f=1&a=Searchoo ... 986225&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?f=2&a=Searchoo ... 986225&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?f=3&a=Searchoo ... 225&ir=&q=
FF - user.js: extensions.searchya.id - 0024D271DD43B9C7
FF - user.js: extensions.searchya.instlDay - 15843
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.08:25:3
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - SearchooD
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
FF - user.js: extensions.irspeeddial.aflt - SearchooD
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 1073986225
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtByE0DtByBtC0D0DyEtA0Bzy0CyBtN0D0Tzu0CyDtDtAtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C1V0F1L1C1P1O1F2V

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0022\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0023\AllUserSettings]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Tak jsem to provedl a vytvořilo mi to další log:

ComboFix 13-05-21.01 - toshiba 21.05.2013 22:40:10.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2939.1789 [GMT 2:00]
Spuštěný z: c:\users\toshiba\Desktop\Plocha\ComboFix.exe
Použité ovládací přepínače :: D:\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\GoogleToolbarNotifier
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\gth.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\Readme.url
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\program files\SearchYa!
c:\program files\SearchYa!\1.5.25.0\bh\searchya.dll
c:\program files\SearchYa!\1.5.25.0\escortShld.dll
c:\program files\SearchYa!\1.5.25.0\FavIcon.ico
c:\program files\SearchYa!\1.5.25.0\searchyaApp.dll
c:\program files\SearchYa!\1.5.25.0\searchyaEng.dll
c:\program files\SearchYa!\1.5.25.0\searchyasrv.exe
c:\program files\SearchYa!\1.5.25.0\searchyaTlbr.dll
c:\program files\SearchYa!\1.5.25.0\SearchyaUpdater.exe
c:\program files\SearchYa!\1.5.25.0\Sqlite3.dll
c:\program files\SearchYa!\1.5.25.0\uninst.dat
c:\program files\SearchYa!\1.5.25.0\uninstall.exe
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\program files\Yandex
c:\program files\Yandex\YandexBarIE\accelerators\search.ico
c:\program files\Yandex\YandexBarIE\accelerators\search.xml
c:\program files\Yandex\YandexBarIE\Apache Licence, version 2.0.rtf
c:\program files\Yandex\YandexBarIE\bar.ico
c:\program files\Yandex\YandexBarIE\branding.zip
c:\program files\Yandex\YandexBarIE\default.xml
c:\program files\Yandex\YandexBarIE\facebook_ff_1.0_13.zip
c:\program files\Yandex\YandexBarIE\facebook_ie_2_12.zip
c:\program files\Yandex\YandexBarIE\fastdial.dll
c:\program files\Yandex\YandexBarIE\games_cs_ie_1_7.zip
c:\program files\Yandex\YandexBarIE\gmail3_wwt_1.zip
c:\program files\Yandex\YandexBarIE\license.rtf
c:\program files\Yandex\YandexBarIE\news_cs_ff_1_8.zip
c:\program files\Yandex\YandexBarIE\news_cs_ie_1_7.zip
c:\program files\Yandex\YandexBarIE\quotes_7.zip
c:\program files\Yandex\YandexBarIE\radio_ff_1_15.zip
c:\program files\Yandex\YandexBarIE\radio_ie_2_4.zip
c:\program files\Yandex\YandexBarIE\seznam_ff_1_11.zip
c:\program files\Yandex\YandexBarIE\seznam_ie_1_9.zip
c:\program files\Yandex\YandexBarIE\seznamrank_ff_1_8.zip
c:\program files\Yandex\YandexBarIE\seznamrank_ie_1_9.zip
c:\program files\Yandex\YandexBarIE\soc_ff_1_11.zip
c:\program files\Yandex\YandexBarIE\soc_ie_1_11.zip
c:\program files\Yandex\YandexBarIE\translator_ie_1_11.zip
c:\program files\Yandex\YandexBarIE\twitter_ff_1_13.zip
c:\program files\Yandex\YandexBarIE\twitter_ie_1_14.zip
c:\program files\Yandex\YandexBarIE\video_cs_ie_1_4.zip
c:\program files\Yandex\YandexBarIE\yndbar.dll
c:\program files\Yandex\YandexBarIE\yndhelper.exe
c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C
c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C\Firefox Packages\uninstaller.exe
c:\users\toshiba\AppData\Roaming\Searchya
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-21 do 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 20:58 . 2013-05-21 21:02 -------- d-----w- c:\users\toshiba\AppData\Local\temp
2013-05-21 20:58 . 2013-05-21 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-21 17:29 . 2013-05-21 17:29 -------- d-----w- C:\rsit
2013-05-21 17:29 . 2013-05-21 17:29 -------- d-----w- c:\program files\trend micro
2013-05-21 14:55 . 2013-05-21 14:55 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2013-05-15 22:20 . 2013-05-15 22:20 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-05-15 22:20 . 2013-05-15 22:20 -------- d-----w- c:\program files\Common Files\SRS Labs
2013-04-24 06:48 . 2013-04-24 06:48 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 05:57 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-14 22:27 . 2013-03-28 19:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-14 22:27 . 2013-03-23 11:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-11 01:18 . 2013-04-11 01:18 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\system32\GPhotos.scr
2013-02-21 12:52 . 2012-11-08 22:58 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2009-11-15 10:00 . 2013-03-08 11:41 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-21 12:52 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRSHDAudioLab"="c:\program files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" [2011-08-24 3877216]
"Logitech Vid"="c:\program files\logitech\vid hd\vid.exe" [2010-10-29 5915480]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-02-21 1151152]
"VideoDownloadConverter_4z Browser Plugin Loader"="c:\progra~1\videod~2\bar\1.bin\4zbrmon.exe" [2012-08-16 30096]
"Toshiba TEMPRO"="c:\program files\toshiba tempro\temprotray.exe" [2010-08-27 1050072]
"SynTPEnh"="c:\program files\synaptics\syntp\syntpenh.exe" [2008-08-14 1348904]
"snpstd3"="c:\windows\vsnpstd3.exe" [2007-05-10 835584]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"Skytel"="skytel.exe" [2007-11-20 1826816]
"RtHDVCpl"="rthdvcpl.exe" [2008-04-08 6037504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"HFALoader"="c:\program files\hamster soft\free zip archiver\hamsterarc.exe" [2011-11-09 2324992]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2009-07-27 424496]
"SRSAENotifier"="c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe" [2011-08-24 528216]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2012-03-28 00:53 404568 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
2009-07-27 09:37 424496 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
2011-10-21 13:06 433872 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
2009-05-19 20:16 222504 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor]
2012-08-16 21:20 42536 ----a-w- c:\progra~1\VIDEOD~2\bar\1.bin\4zSrchMn.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HDMICtrlMan"=c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
"tsnpstd3"=c:\windows\tsnpstd3.exe
"TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
"00TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
"cfFncEnabler.exe"=cfFncEnabler.exe
"NDSTray.exe"=NDSTray.exe
"Google EULA Launcher"=c:\program files\Google\Google EULA\GoogleEULALauncher.exe IE PA
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 20:54 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-28 22:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2X ... 986225&ir=
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\
FF - ExtSQL: 2013-05-16 02:24; ascsurfingprotection@iobit.com; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-05-18 08:25; {5ebdca98-43b3-45bb-87e0-716029fb42ab}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF - ExtSQL: 2013-05-18 08:26; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\khaf0gke.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2009-09-26 17:11; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-08-16 23:20; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.seznam.cz/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld -
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 6429b9c70000000000000024d271dd43
FF - user.js: extensions.Softonic.instlDay - 15694
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:46
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - INF00040
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?f=1&a=SearchooD&cd=2X ... 986225&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?f=2&a=SearchooD&cd=2X ... 986225&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?f=3&a=SearchooD&cd=2X ... 225&ir=&q=
FF - user.js: extensions.searchya.id - 0024D271DD43B9C7
FF - user.js: extensions.searchya.instlDay - 15843
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.08:25:3
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - SearchooD
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
FF - user.js: extensions.irspeeddial.aflt - SearchooD
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 1073986225
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtByE0DtByBtC0D0DyEtA0Bzy0CyBtN0D0Tzu0CyDtDtAtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C1V0F1L1C1P1O1F2V
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-searchya - c:\program files\SearchYa!\1.5.25.0\uninstall.exe
AddRemove-Firefox Packages - c:\users\toshiba\AppData\Roaming\0D1G1I1Q1B2Z1C1V0A1N1N1C1P1N1T2Z1F1C\Firefox Packages\uninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-21 23:01
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4920)
c:\program files\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\AVG\AVG2012\avgwdsvc.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Toshiba TEMPRO\TemproSvc.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\progra~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\AVG\AVG2012\AVGIDSAgent.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
c:\windows\RtHDVCpl.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2013-05-21 23:15:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-21 21:14
ComboFix2.txt 2013-05-21 19:16
.
Před spuštěním: Volných bajtů: 25 487 962 112
Po spuštění: Volných bajtů: 25 349 664 768
.
- - End Of File - - 4F9986B94BDFA7DA0812446C7A006576

Bohužel mi tam nejde spustit prohlížeč, píše mi to
"C:\Program Files\Mozila Firefox\firefox.exe"
Pokus použít neplatnou operaci na klíč registru, který je označen pro odstrnění.

Dá se s tím něco dělat?

Omlouvám se, ale stačil restart.
Ještě něco je potřeba?

Ano, někdy je třeba druhý restart. Nastala nějaká změna?

Moc děkuji za rady, už běží jak má.
Ještě že tu jste, takoví šikolové, fakt díky moc za pomoc.

ComboFix odinstalujte pomocí T-Cleaneru: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe . Nemáte zač!