VIRY.CZ

U rodičů nejde internet - je tam řekl bych problém že je tam stažen Internet Security a ten nedovolí nainstalovat HJT co s tím?

Zdravim

Zkuste udelat log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=130783

Nějak mi na tom PC nejde spustit nouzový režim. Mačkám F8 a to se mne zeptá odkud chci nabootovat systém - potvrdím hardisk držím dále a najede stejně v normálním režimu dodal bych že je to winXP prof sp3

Tak nechte najet do normalniho a tam spustte FRST normalne poklikanim na jeho ikonu

Tak v normálním spustit nejde ten internet security hlásí že je infikován a nepustí ho

Fajn, pustte tam Hitman - KickStart dle tohoto navodu http://www.bleepingcomputer.com/virus-r ... ransomware

Když nechám nabootovat USB s Hitmenem tak po spuštění widdows na normální obrazovku se spustí akorát ten Internet Security ale Hitman neee

Mám při bootování usb s Hitmanem zkusit možnosti 2 nebo 3 když po volbě 1 Hitman nenajede?

Zkoušel jsem se do nouzáku dostat tímto způsobem http://forum.viry.cz/viewtopic.php?f=46&t=7554 a i toto ten internet security nepovolí Nejde spustit žádná aplikace ani nic nainstalovat ani odinstalovat. A tak nějak začínám být zoufalý a začínají se objevovat myšlenky na novou instalaci systému. PC rodičů jsem převezl domů a instalační CD vzal radši sebou. Ale pevně doufám že to nebude potřeba neb už v minulosti jsem si ověřil že jsou tady na fóru opravdu machři.

Po xxx pokusech jsem na tom nakaženém PC na obrazovce kde můžu vybrat nouzový režim - stav nouze, stav nouze se sítí a stav nouze se systémem MS dos, který vybrat a co pak dělat? Nebo spíš co stáhnout a který stav nouze pak vybrat?

Dle tohoto navodu FRST http://forum.viry.cz/viewtopic.php?f=24&t=130783

Takze na NR s MSDOS

Menší problémek jak dostat do příkazového řádku opačné lomítko když ho na klávesnici mám jen vedle bacspace na pozici vpravo? - strýček google pomohl alt 92 to zajistilo.

Myslim ze by mel schroupat i to opacne, ale jinak je to Alt+92

jj zrovna jsem svůj dotaz editoval - alt 92 zabrala

Tady je FRST.TXT:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2013
Ran by Doma (administrator) on 28-07-2013 20:27:21
Running from F:\
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33628160 2009-06-05] (VIA Technologies, Inc.)
HKLM\...\Run: [Six Engine] - C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [5782528 2009-06-24] ()
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1644680 2013-01-28] (Ask)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2236080 2013-06-29] ()
HKLM\...\Run: [ROC_roc_dec12] - C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe [928096 2012-01-15] ()
HKLM\...\Run: [ROC_ROC_JULY_P1] - C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe [1022048 2012-08-30] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [ICQ] - "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 [x]
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-10] (Google Inc.)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Run: [Internet Security] - C:\Documents and Settings\All Users\Data aplikací\mldefender.exe [840192 2013-07-28] (Poly-enter-Software Solutions)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\IRMonitor.exe (ITE Tech. Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={7672 ... 2011-12-12 17:00:53&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {168d8a79-64a1-42ce-acd5-b75465f08cca} URL = http://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
SearchScopes: HKCU - {1F69822F-ED12-4527-9C3F-83F9D18D3DF4} URL = http://websearch.ask.com/redirect?clien ... 0FE4152CE5
SearchScopes: HKCU - {277a24db-6e20-4a30-976c-d84d45487aae} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {3e22ce2e-a77b-47fc-a164-51023ce376f0} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={7672 ... 2011-12-12 17:00:53&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {d99bd502-d3e6-4a81-aaa6-a597c0f110cf} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
SearchScopes: HKCU - {DDE25753-2F4D-4403-A17F-6FF76DC55007} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU -No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Docs) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (AVG Safe Search) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0
CHR Extension: (AVG Security Toolbar) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.2.0.5_0
CHR Extension: (Gmail) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\ChromeExt\15.3.0.11\avg.crx

========================== Services (Whitelisted) =================

S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247608 2010-11-21] ()
S2 vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [711112 2012-11-08] ()
S2 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-29] (AVG Secure Search)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
S2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S1 AmdPPM; C:\Windows\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
S3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [4125696 2009-07-02] (ATI Technologies Inc.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-02-08] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [170808 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [245048 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-02-08] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-06-29] (AVG Technologies)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145920 2013-03-10] (ITE )
S3 monfilt; C:\Windows\System32\drivers\monfilt.sys [1389056 2008-02-14] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMI.sys [3688960 2008-04-29] (Realtek Semiconductor Corp.)
S3 RTLE8023xp; C:\Windows\System32\DRIVERS\Rtenicxp.sys [142336 2009-05-25] (Realtek Semiconductor Corporation )
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1374464 2009-06-02] (VIA Technologies, Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-28 20:26 - 2013-07-28 20:26 - 00000000 ____D C:\FRST
2013-07-28 20:19 - 2013-07-28 20:19 - 00000000 _____ C:\Documents and Settings\Doma\notepad
2013-07-28 20:16 - 2013-07-28 20:16 - 00004734 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2013-07-28 18:53 - 2013-07-28 18:53 - 00000000 ____D C:\WINDOWS\pss
2013-07-28 15:14 - 2013-07-28 15:14 - 00300662 _____ C:\Documents and Settings\Doma\Plocha\translate.googleusercontent.com-translate_c.mdi
2013-07-28 14:16 - 2013-07-28 14:16 - 00320176 _____ C:\Documents and Settings\Doma\Plocha\RSIT.exe
2013-07-28 11:35 - 2013-07-28 11:35 - 00004000 _____ C:\Documents and Settings\Doma\Plocha\marias.sta
2013-07-28 11:35 - 2013-07-28 11:35 - 00004000 _____ C:\Documents and Settings\Doma\Plocha\marias.ini
2013-07-28 11:08 - 2013-07-28 11:08 - 00873472 _____ C:\Documents and Settings\Doma\firefox.exe
2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\rundll32.exe
2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\opera.exe
2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\flashplayer.exe
2013-07-17 13:18 - 2013-07-17 13:18 - 00000000 ____D C:\Documents and Settings\Doma\Data aplikací\AVG2013
2013-07-17 13:16 - 2013-07-17 13:16 - 00000000 ____D C:\Documents and Settings\Doma\Data aplikací\TuneUp Software
2013-07-17 13:15 - 2013-07-17 13:15 - 00000000 ___HD C:\$AVG
2013-07-12 00:18 - 2013-07-12 00:18 - 00009386 _____ C:\WINDOWS\KB2834904.log
2013-07-12 00:18 - 2013-07-12 00:18 - 00008827 _____ C:\WINDOWS\KB2834886.log
2013-07-12 00:18 - 2013-07-12 00:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-12 00:18 - 2013-07-12 00:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-12 00:18 - 2013-07-12 00:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-12 00:18 - 2013-07-12 00:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-12 00:13 - 2013-07-12 00:14 - 00011391 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 05:28 - 2013-07-12 00:18 - 00013840 _____ C:\WINDOWS\KB2850851.log
2013-07-11 05:27 - 2013-07-12 00:18 - 00012565 _____ C:\WINDOWS\KB2845187.log
2013-07-05 17:13 - 2013-07-05 17:14 - 00034816 _____ C:\Documents and Settings\Doma\Plocha\excelovska-kalkulacka.xls
2013-07-02 05:26 - 2013-07-28 16:31 - 00000000 ____D C:\Documents and Settings\Doma\Plocha\Health Journal Green Coffee umožňuje spalovaní 5 kg za 6 dnů_ Akční nabídla pro naše čtenáře_soubory
2013-07-02 05:26 - 2013-07-02 05:26 - 00066479 _____ C:\Documents and Settings\Doma\Plocha\Health Journal Green Coffee umožňuje spalovaní 5 kg za 6 dnů_ Akční nabídla pro naše čtenáře.htm
2013-07-02 05:25 - 2013-07-02 05:25 - 00067664 _____ C:\Documents and Settings\Doma\Dokumenty\Health Journal Green Coffee umožňuje spalovaní 5 kg za 6 dnů_ Akční nabídla pro naše čtenáře.htm
2013-07-02 05:25 - 2013-07-02 05:25 - 00000000 ____D C:\Documents and Settings\Doma\Dokumenty\Health Journal Green Coffee umožňuje spalovaní 5 kg za 6 dnů_ Akční nabídla pro naše čtenáře_soubory
2013-06-29 17:29 - 2013-06-29 17:30 - 00000000 ____D C:\Program Files\Alex Kočičák
2013-06-29 17:29 - 2013-06-29 17:29 - 00000736 _____ C:\Documents and Settings\Doma\Plocha\Alex Kočičák.lnk
2013-06-29 17:29 - 2013-06-29 17:29 - 00000000 ____D C:\Documents and Settings\Doma\Nabídka Start\Programy\Alex Kočičák
2013-06-29 17:22 - 2013-06-30 09:14 - 00000000 ____D C:\Program Files\Robomoucha
2013-06-29 17:22 - 2013-06-29 17:29 - 00001581 _____ C:\Documents and Settings\Doma\Plocha\Pohádky zdarma ke stažení.lnk
2013-06-29 17:22 - 2013-06-29 17:29 - 00001574 _____ C:\Documents and Settings\Doma\Plocha\Špidla Data Processing, s.r.o..lnk
2013-06-29 17:22 - 2013-06-29 17:29 - 00001549 _____ C:\Documents and Settings\Doma\Plocha\Hry zdarma ke stažení.lnk
2013-06-29 17:22 - 2013-06-29 17:22 - 00000712 _____ C:\Documents and Settings\Doma\Plocha\Robomoucha.lnk
2013-06-29 17:22 - 2013-06-29 17:22 - 00000000 ____D C:\Documents and Settings\Doma\Nabídka Start\Programy\Robomoucha

==================== One Month Modified Files and Folders =======

2013-07-28 20:26 - 2013-07-28 20:26 - 00000000 ____D C:\FRST
2013-07-28 20:19 - 2013-07-28 20:19 - 00000000 _____ C:\Documents and Settings\Doma\notepad
2013-07-28 20:19 - 2011-10-22 23:15 - 00000000 ____D C:\Documents and Settings\Doma
2013-07-28 20:16 - 2013-07-28 20:16 - 00004734 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2013-07-28 20:12 - 2011-10-23 00:57 - 00701010 _____ C:\WINDOWS\setupapi.log
2013-07-28 20:12 - 2008-04-14 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-07-28 19:40 - 2011-12-09 00:50 - 00000232 _____ C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
2013-07-28 19:40 - 2011-10-23 01:01 - 00000216 _____ C:\WINDOWS\wiadebug.log
2013-07-28 19:40 - 2011-10-23 01:01 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-07-28 19:40 - 2011-10-22 23:15 - 00000272 ___SH C:\Documents and Settings\Doma\ntuser.ini
2013-07-28 19:40 - 2011-10-22 23:14 - 00032594 _____ C:\WINDOWS\SchedLgU.Txt
2013-07-28 19:40 - 2011-10-22 23:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-07-28 19:40 - 2011-10-22 23:11 - 02051536 _____ C:\WINDOWS\WindowsUpdate.log
2013-07-28 19:04 - 2012-05-10 20:09 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-07-28 19:02 - 2013-06-08 22:33 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-07-28 19:02 - 2013-03-10 16:07 - 00000048 _____ C:\monitor.log
2013-07-28 19:02 - 2012-05-10 20:10 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-28 19:02 - 2009-07-02 18:44 - 00219120 _____ C:\WINDOWS\system32\ativvaxx.cap
2013-07-28 18:53 - 2013-07-28 18:53 - 00000000 ____D C:\WINDOWS\pss
2013-07-28 18:52 - 2012-05-10 20:10 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-28 18:38 - 2011-10-23 00:57 - 00210383 _____ C:\WINDOWS\setupact.log
2013-07-28 16:44 - 2011-12-29 21:16 - 00002561 _____ C:\Documents and Settings\Doma\Plocha\Microsoft Office Word 2003.lnk
2013-07-28 16:31 - 2013-07-02 05:26 - 00000000 ____D C:\Documents and Settings\Doma\Plocha\Health Journal Green Coffee umožňuje spalovaní 5 kg za 6 dnů_ Akční nabídla pro naše čtenáře_soubory
2013-07-28 15:15 - 2011-10-22 23:15 - 00000000 ____D C:\Documents and Settings\Doma\Plocha
2013-07-28 15:14 - 2013-07-28 15:14 - 00300662 _____ C:\Documents and Settings\Doma\Plocha\translate.googleusercontent.com-translate_c.mdi
2013-07-28 14:33 - 2011-10-23 00:58 - 01030564 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-28 14:26 - 2011-10-22 23:33 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-07-28 14:16 - 2013-07-28 14:16 - 00320176 _____ C:\Documents and Settings\Doma\Plocha\RSIT.exe
2013-07-28 11:35 - 2013-07-28 11:35 - 00004000 _____ C:\Documents and Settings\Doma\Plocha\marias.sta
2013-07-28 11:35 - 2013-07-28 11:35 - 00004000 _____ C:\Documents and Settings\Doma\Plocha\marias.ini
2013-07-28 11:08 - 2013-07-28 11:08 - 00873472 _____ C:\Documents and Settings\Doma\firefox.exe
2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\rundll32.exe
2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\opera.exe
2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\flashplayer.exe
2013-07-28 11:08 - 2011-10-23 00:58 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-07-28 11:08 - 2011-10-23 00:57 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-07-28 11:05 - 2011-10-25 16:50 - 00000000 ____D C:\Documents and Settings\Doma\Data aplikací\Skype
2013-07-27 09:46 - 2011-10-28 07:27 - 00004714 _____ C:\Documents and Settings\Doma\intlname.ols
2013-07-26 12:55 - 2011-10-25 17:04 - 00000000 ____D C:\Documents and Settings\Doma\Data aplikací\ICQ
2013-07-17 21:32 - 2011-10-22 23:15 - 00000000 ___RD C:\Documents and Settings\Doma\Dokumenty
2013-07-17 15:29 - 2011-10-23 10:26 - 00000000 ____D C:\Program Files\AVG
2013-07-17 13:18 - 2013-07-17 13:18 - 00000000 ____D C:\Documents and Settings\Doma\Data aplikací\AVG2013
2013-07-17 13:18 - 2011-10-22 23:15 - 00000000 __RHD C:\Documents and Settings\Doma\Data aplikací
2013-07-17 13:16 - 2013-07-17 13:16 - 00000000 ____D C:\Documents and Settings\Doma\Data aplikací\TuneUp Software
2013-07-17 13:15 - 2013-07-17 13:15 - 00000000 ___HD C:\$AVG
2013-07-17 09:49 - 2011-10-23 10:26 - 00000000 ____D C:\WINDOWS\system32\Drivers\AVG
2013-07-16 21:11 - 2011-10-22 23:15 - 00000000 ___RD C:\Documents and Settings\Doma\Oblíbené položky
2013-07-15 13:30 - 2011-11-13 12:43 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-07-14 08:01 - 2012-05-02 21:50 - 00525650 _____ C:\Documents and Settings\Doma\Plocha\Fw_ INFO PONUKA - CENY PRE - MLADEZ, DOCHODCOV, RODICOV a DETI____.eml
2013-07-12 06:41 - 2011-10-22 23:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-12 05:20 - 2011-10-23 00:57 - 00136464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-12 00:18 - 2013-07-12 00:18 - 00009386 _____ C:\WINDOWS\KB2834904.log
2013-07-12 00:18 - 2013-07-12 00:18 - 00008827 _____ C:\WINDOWS\KB2834886.log
2013-07-12 00:18 - 2013-07-12 00:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-12 00:18 - 2013-07-12 00:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-12 00:18 - 2013-07-12 00:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-12 00:18 - 2013-07-12 00:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-12 00:18 - 2013-07-11 05:28 - 00013840 _____ C:\WINDOWS\KB2850851.log
2013-07-12 00:18 - 2013-07-11 05:27 - 00012565 _____ C:\WINDOWS\KB2845187.log
2013-07-12 00:18 - 2011-10-23 00:58 - 01391101 _____ C:\WINDOWS\iis6.log
2013-07-12 00:18 - 2011-10-23 00:58 - 01248098 _____ C:\WINDOWS\FaxSetup.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00605972 _____ C:\WINDOWS\ocgen.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00575037 _____ C:\WINDOWS\tsoc.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00425262 _____ C:\WINDOWS\comsetup.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00399004 _____ C:\WINDOWS\msmqinst.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00255979 _____ C:\WINDOWS\ntdtcsetup.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00219390 _____ C:\WINDOWS\netfxocm.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00086498 _____ C:\WINDOWS\MedCtrOC.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00078085 _____ C:\WINDOWS\ocmsn.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00063494 _____ C:\WINDOWS\tabletoc.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00061477 _____ C:\WINDOWS\msgsocm.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00001374 _____ C:\WINDOWS\imsins.log
2013-07-12 00:18 - 2011-10-23 00:58 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-12 00:14 - 2013-07-12 00:13 - 00011391 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-12 00:14 - 2011-10-25 17:06 - 75699896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-07-12 00:14 - 2011-10-25 16:44 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-12 00:14 - 2011-10-23 09:50 - 00099243 _____ C:\WINDOWS\updspapi.log
2013-07-12 00:11 - 2011-10-25 17:18 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-07-05 17:14 - 2013-07-05 17:13 - 00034816 _____ C:\Documents and Settings\Doma\Plocha\excelovska-kalkulacka.xls
2013-07-02 22:43 - 2013-02-23 01:07 - 00000000 ____D C:\Documents and Settings\Doma\Plocha\Srnec
2013-07-02 05:26 - 2013-07-02 05:26 - 00066479 _____ C:\Documents and Settings\Doma\Plocha\Health Journal Green Coffee umožňuje spalovaní 5 kg za 6 dnů_ Akční nabídla pro naše čtenáře.htm
2013-07-02 05:25 - 2013-07-02 05:25 - 00067664 _____ C:\Documents and Settings\Doma\Dokumenty\Health Journal Green Coffee umožňuje spalovaní 5 kg za 6 dnů_ Akční nabídla pro naše čtenáře.htm
2013-07-02 05:25 - 2013-07-02 05:25 - 00000000 ____D C:\Documents and Settings\Doma\Dokumenty\Health Journal Green Coffee umožňuje spalovaní 5 kg za 6 dnů_ Akční nabídla pro naše čtenáře_soubory
2013-06-30 09:14 - 2013-06-29 17:22 - 00000000 ____D C:\Program Files\Robomoucha
2013-06-29 17:30 - 2013-06-29 17:29 - 00000000 ____D C:\Program Files\Alex Kočičák
2013-06-29 17:29 - 2013-06-29 17:29 - 00000736 _____ C:\Documents and Settings\Doma\Plocha\Alex Kočičák.lnk
2013-06-29 17:29 - 2013-06-29 17:29 - 00000000 ____D C:\Documents and Settings\Doma\Nabídka Start\Programy\Alex Kočičák
2013-06-29 17:29 - 2013-06-29 17:22 - 00001581 _____ C:\Documents and Settings\Doma\Plocha\Pohádky zdarma ke stažení.lnk
2013-06-29 17:29 - 2013-06-29 17:22 - 00001574 _____ C:\Documents and Settings\Doma\Plocha\Špidla Data Processing, s.r.o..lnk
2013-06-29 17:29 - 2013-06-29 17:22 - 00001549 _____ C:\Documents and Settings\Doma\Plocha\Hry zdarma ke stažení.lnk
2013-06-29 17:29 - 2011-10-22 23:15 - 00000000 ___RD C:\Documents and Settings\Doma\Nabídka Start\Programy
2013-06-29 17:22 - 2013-06-29 17:22 - 00000712 _____ C:\Documents and Settings\Doma\Plocha\Robomoucha.lnk
2013-06-29 17:22 - 2013-06-29 17:22 - 00000000 ____D C:\Documents and Settings\Doma\Nabídka Start\Programy\Robomoucha
2013-06-29 16:54 - 2012-01-15 13:12 - 00000000 ____D C:\WINDOWS\system32\cache
2013-06-29 16:54 - 2011-12-12 18:01 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-06-29 16:53 - 2012-08-30 22:43 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys

Files to move or delete:
====================
C:\Documents and Settings\Doma\firefox.exe
C:\Documents and Settings\Doma\flashplayer.exe
C:\Documents and Settings\Doma\opera.exe
C:\Documents and Settings\Doma\rundll32.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 14:00] - [2008-04-14 14:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
  HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
  HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
  HKLM\...\Run: [] - [x]
  HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1644680 2013-01-28] (Ask)
  HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2236080 2013-06-29] ()
  HKLM\...\Run: [ROC_roc_dec12] - C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe [928096 2012-01-15] ()
  HKLM\...\Run: [ROC_ROC_JULY_P1] - C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe [1022048 2012-08-30] ()
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
  HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKCU\...\Run: [ICQ] - "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 [x]
  HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-10] (Google Inc.)
  HKCU\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
  HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
  HKCU\...\Run: [Internet Security] - C:\Documents and Settings\All Users\Data aplikací\mldefender.exe [840192 2013-07-28] (Poly-enter-Software Solutions)
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
  URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
  URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  URLSearchHook: (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
  URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={767291DE-E383-48A4-8D7E-468EAC3F2D94}
  
  &mid=001c4502335347d1996ed16f5e56aa42-76c8dc17b120c27c460802205d4ac22a9d125071&lang=cz&ds=AVG&pr=fr&d=2011-12-12 17:00:53&v=14.2.0.1&pid=avg&sg=&sap=dsp&q=
  
  {searchTerms}
  SearchScopes: HKCU - {168d8a79-64a1-42ce-acd5-b75465f08cca} URL = http://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
  SearchScopes: HKCU - {1F69822F-ED12-4527-9C3F-83F9D18D3DF4} URL = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}
  
  &locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=18525B8B-6E7F-4AF6-9D7F-FABBC5548D07&apn_sauid=615450F1-A260-4283-89EA-B80FE4152CE5
  SearchScopes: HKCU - {277a24db-6e20-4a30-976c-d84d45487aae} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
  SearchScopes: HKCU - {3e22ce2e-a77b-47fc-a164-51023ce376f0} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
  SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
  SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={767291DE-E383-48A4-8D7E-468EAC3F2D94}
  
  &mid=001c4502335347d1996ed16f5e56aa42-76c8dc17b120c27c460802205d4ac22a9d125071&lang=cz&ds=AVG&pr=fr&d=2011-12-12 17:00:53&v=14.2.0.1&pid=avg&sg=&sap=dsp&q=
  
  {searchTerms}
  SearchScopes: HKCU - {d99bd502-d3e6-4a81-aaa6-a597c0f110cf} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=IE_5
  SearchScopes: HKCU - {DDE25753-2F4D-4403-A17F-6FF76DC55007} URL = http://www.webhledani.cz/results.aspx?i=39&tp=ie&q={searchTerms}
  BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
  BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
  Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG 
  
  Secure Search)
  Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
  Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
  Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
  Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  Toolbar: HKCU -No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
  Handler: ipp - No CLSID Value -
  Handler: msdaipp - No CLSID Value - 
  CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\ChromeExt\15.3.0.11\avg.crx
  CHR Extension: (AVG Safe Search) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0
  CHR Extension: (AVG Security Toolbar) - C:\DOCUME~1\Doma\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
  
  \15.2.0.5_0
  S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247608 2010-11-21] ()
  S2 vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [711112 2012-11-08] ()
  S2 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-29] (AVG Secure Search)
  S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
  2013-07-28 11:08 - 2013-07-28 11:08 - 00873472 _____ C:\Documents and Settings\Doma\firefox.exe
  2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\rundll32.exe
  2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\opera.exe
  2013-07-28 11:08 - 2013-07-28 11:08 - 00000000 _____ C:\Documents and Settings\Doma\flashplayer.exe
  2013-07-28 19:40 - 2011-12-09 00:50 - 00000232 _____ C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
  2013-07-28 19:02 - 2012-05-10 20:10 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  2013-07-28 19:04 - 2012-05-10 20:09 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  2013-07-28 19:02 - 2013-06-08 22:33 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
  C:\Program Files\AVG\AVG10\Toolbar
  C:\Program Files\ICQ6Toolbar
  C:\Documents and Settings\All Users\Data aplikací\mldefender.exe 
  C:\Program Files\AVG Secure Search
  C:\Program Files\Ask.com
  Hosts:
  CMD: shutdown -r
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny log na flashku k FRST

Spustte znovu FRST.exe na tom poskozenem PC

• Kliknete na Fix
• Probehne oprava a na flash disku se vytvori log Fixlog.txt

Pokuste se nastartovat do bezneho rezimu