Google End User License Agreement Vyřešeno

[Damned]

Log by měl být v "C:\ComboFix2.txt" o číslo víc než první log.

Ještě mi sem dej log z HijackThis ať to dokončíme.

[Reklama]

[tiskar]

ComboFix 09-09-28.01 - Ondra 30.09.2009 1:28:16.4.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.2939.1889 [GMT 2:00]
Spuštěný z: C:\Users\Ondra\Desktop\ComboFix.exe
Použité ovládací přepínače :: C:\Users\Ondra\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1229 [VPS 090704-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1229 [VPS 090704-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\users\Ondra\AppData\Local\Temp\catchme.dll"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CATCHME
-------\Service_catchme
-------\Legacy_CATCHME
-------\Service_catchme


((((((((((((((((((((((((( Soubory vytvořené od 2009-08-28 do 2009-09-29 )))))))))))))))))))))))))))))))
.

2009-09-29 23:32:37 . 2009-09-29 23:35:55 0 d-----w- C:\Users\Ondra\AppData\Local\temp
2009-09-29 23:32:37 . 2009-09-29 23:32:37 0 d-----w- C:\Users\Public\AppData\Local\temp
2009-09-29 23:32:37 . 2009-09-29 23:32:37 0 d-----w- C:\Users\Default\AppData\Local\temp
2009-09-29 11:58:44 . 2007-01-24 13:27:30 255848 ----a-w- C:\Windows\system32\xactengine2_6.dll
2009-09-29 11:58:43 . 2006-12-08 10:02:00 251672 ----a-w- C:\Windows\system32\xactengine2_5.dll
2009-09-29 11:58:43 . 2006-11-29 11:06:18 440080 ----a-w- C:\Windows\system32\d3dx10.dll
2009-09-29 11:58:42 . 2007-01-08 13:30:42 15128 ----a-w- C:\Windows\system32\x3daudio1_1.dll
2009-09-29 11:58:42 . 2006-09-28 14:05:56 237848 ----a-w- C:\Windows\system32\xactengine2_4.dll
2009-09-29 11:58:40 . 2006-07-28 07:30:32 236824 ----a-w- C:\Windows\system32\xactengine2_3.dll
2009-09-29 11:58:40 . 2006-07-28 07:30:14 62744 ----a-w- C:\Windows\system32\xinput1_2.dll
2009-09-29 11:41:57 . 2009-09-29 11:41:59 0 d-----w- C:\Program Files\CCleaner
2009-09-29 11:25:37 . 2009-09-29 11:25:37 0 d-----w- C:\Users\Ondra\AppData\Roaming\Leadertech
2009-09-29 11:17:43 . 2008-03-05 13:56:58 3786760 ----a-w- C:\Windows\system32\D3DX9_37.dll
2009-09-29 11:17:43 . 2007-07-19 16:14:42 3727720 ----a-w- C:\Windows\system32\d3dx9_35.dll
2009-09-29 11:17:43 . 2007-05-16 14:45:16 3497832 ----a-w- C:\Windows\system32\d3dx9_34.dll
2009-09-29 11:17:43 . 2007-04-04 16:53:42 81768 ----a-w- C:\Windows\system32\xinput1_3.dll
2009-09-29 11:17:42 . 2007-03-12 14:42:30 3495784 ----a-w- C:\Windows\system32\d3dx9_33.dll
2009-09-29 11:17:42 . 2006-09-28 14:05:20 2414360 ----a-w- C:\Windows\system32\d3dx9_31.dll
2009-09-29 11:17:34 . 2005-05-26 13:34:52 2297552 ----a-w- C:\Windows\system32\d3dx9_26.dll
2009-09-28 20:58:49 . 2008-06-20 01:14:34 97800 ----a-w- C:\Windows\system32\infocardapi.dll
2009-09-28 20:58:48 . 2008-06-20 01:14:45 105016 ----a-w- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-28 20:58:47 . 2008-06-20 01:14:45 43544 ----a-w- C:\Windows\system32\PresentationHostProxy.dll
2009-09-28 20:58:47 . 2008-06-20 01:14:34 11264 ----a-w- C:\Windows\system32\icardres.dll
2009-09-28 20:58:47 . 2008-06-20 01:14:33 622080 ----a-w- C:\Windows\system32\icardagt.exe
2009-09-28 20:58:45 . 2008-06-20 01:14:45 781344 ----a-w- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-28 20:58:43 . 2008-06-20 01:14:45 326160 ----a-w- C:\Windows\system32\PresentationHost.exe
2009-09-28 20:53:57 . 2008-07-27 18:03:16 96760 ----a-w- C:\Windows\system32\dfshim.dll
2009-09-28 20:53:55 . 2008-07-27 18:03:17 282112 ----a-w- C:\Windows\system32\mscoree.dll
2009-09-28 20:53:53 . 2008-07-27 18:03:17 41984 ----a-w- C:\Windows\system32\netfxperf.dll
2009-09-28 20:53:38 . 2008-07-27 18:03:17 158720 ----a-w- C:\Windows\system32\mscorier.dll
2009-09-28 20:53:31 . 2008-07-27 18:03:17 83968 ----a-w- C:\Windows\system32\mscories.dll
2009-09-11 13:46:37 . 2009-08-14 17:07:56 897608 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2009-09-11 13:46:36 . 2009-08-14 16:29:41 104960 ----a-w- C:\Windows\system32\netiohlp.dll
2009-09-11 13:46:36 . 2009-08-14 14:16:55 9728 ----a-w- C:\Windows\system32\TCPSVCS.EXE
2009-09-11 13:46:36 . 2009-08-14 14:16:55 17920 ----a-w- C:\Windows\system32\ROUTE.EXE
2009-09-11 13:46:36 . 2009-08-14 14:16:52 11264 ----a-w- C:\Windows\system32\MRINFO.EXE
2009-09-11 13:46:36 . 2009-08-14 14:16:51 27136 ----a-w- C:\Windows\system32\NETSTAT.EXE
2009-09-11 13:46:36 . 2009-08-14 14:16:50 19968 ----a-w- C:\Windows\system32\ARP.EXE
2009-09-11 13:46:36 . 2009-08-14 14:16:49 8704 ----a-w- C:\Windows\system32\HOSTNAME.EXE
2009-09-11 13:46:36 . 2009-08-14 14:16:49 10240 ----a-w- C:\Windows\system32\finger.exe
2009-09-11 13:46:35 . 2009-08-14 16:29:41 17920 ----a-w- C:\Windows\system32\netevent.dll
2009-09-11 13:46:17 . 2009-08-28 12:39:07 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll
2009-09-11 13:46:16 . 2009-08-28 10:15:30 4240384 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-11 13:45:31 . 2009-06-15 15:24:38 175104 ----a-w- C:\Windows\system32\wdigest.dll
2009-09-11 13:45:31 . 2009-06-15 15:24:02 270848 ----a-w- C:\Windows\system32\schannel.dll
2009-09-11 13:45:31 . 2009-06-15 15:23:47 1256448 ----a-w- C:\Windows\system32\lsasrv.dll
2009-09-11 13:45:31 . 2009-06-15 15:22:19 213504 ----a-w- C:\Windows\system32\msv1_0.dll
2009-09-11 13:45:31 . 2009-06-15 15:21:07 499712 ----a-w- C:\Windows\system32\kerberos.dll
2009-09-11 13:45:30 . 2009-06-15 18:20:59 439896 ----a-w- C:\Windows\system32\drivers\ksecdd.sys
2009-09-11 13:45:30 . 2009-06-15 15:24:05 72704 ----a-w- C:\Windows\system32\secur32.dll
2009-09-11 13:45:30 . 2009-06-15 12:57:59 9728 ----a-w- C:\Windows\system32\lsass.exe
2009-09-11 13:44:35 . 2009-07-11 19:32:52 513024 ----a-w- C:\Windows\system32\wlansvc.dll
2009-09-11 13:44:35 . 2009-07-11 19:32:52 302592 ----a-w- C:\Windows\system32\wlansec.dll
2009-09-11 13:44:35 . 2009-07-11 19:32:52 293376 ----a-w- C:\Windows\system32\wlanmsm.dll
2009-09-11 13:44:35 . 2009-07-11 19:29:04 127488 ----a-w- C:\Windows\system32\L2SecHC.dll
2009-09-11 13:44:29 . 2009-06-10 12:11:26 2868224 ----a-w- C:\Windows\system32\mf.dll
2009-09-09 17:46:42 . 2009-06-22 10:22:01 2048 ----a-w- C:\Windows\system32\tzres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-29 23:28:04 . 2008-01-21 06:46:38 598832 ----a-w- C:\Windows\system32\perfh005.dat
2009-09-29 23:28:04 . 2008-01-21 06:46:38 114992 ----a-w- C:\Windows\system32\perfc005.dat
2009-09-29 22:06:32 . 2008-07-16 17:18:57 0 d-----w- C:\Program Files\Google
2009-09-29 11:53:19 . 2008-07-16 16:45:00 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-09-15 10:59:36 . 2009-07-04 12:19:36 1279968 ----a-w- C:\Windows\system32\aswBoot.exe
2009-09-15 10:55:30 . 2009-07-04 12:19:47 114768 ----a-w- C:\Windows\system32\drivers\aswSP.sys
2009-09-15 10:55:19 . 2009-07-04 12:19:47 20560 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys
2009-09-15 10:55:09 . 2009-07-04 12:19:36 53328 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2009-09-15 10:54:30 . 2009-07-04 12:19:48 52368 ----a-w- C:\Windows\system32\drivers\aswTdi.sys
2009-09-15 10:54:21 . 2009-07-04 12:19:48 23152 ----a-w- C:\Windows\system32\drivers\aswRdr.sys
2009-09-15 10:53:01 . 2009-07-04 12:19:47 97480 ----a-w- C:\Windows\system32\AvastSS.scr
2009-09-11 01:07:02 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail
2009-08-29 06:36:53 . 2008-07-16 16:33:09 0 d-----w- C:\Program Files\Java
2009-07-25 03:23:00 . 2009-07-06 14:14:40 411368 ----a-w- C:\Windows\system32\deploytk.dll
2009-07-23 17:23:50 . 2009-07-23 11:09:37 720896 ----a-w- C:\Windows\iun6002.exe
2009-07-18 16:06:20 . 2009-08-29 06:32:06 827904 ----a-w- C:\Windows\system32\wininet.dll
2009-07-18 16:01:48 . 2009-08-29 06:32:05 78336 ----a-w- C:\Windows\system32\ieencode.dll
2009-07-18 09:46:14 . 2009-08-29 06:32:05 26624 ----a-w- C:\Windows\system32\ieUnatt.exe
2009-07-17 14:35:11 . 2009-08-29 06:32:34 71680 ----a-w- C:\Windows\system32\atl.dll
2009-07-14 13:00:17 . 2009-08-29 06:31:50 313344 ----a-w- C:\Windows\system32\wmpdxm.dll
2009-07-14 12:59:28 . 2009-08-29 06:31:49 4096 ----a-w- C:\Windows\system32\dxmasf.dll
2009-07-14 12:58:44 . 2009-08-29 06:31:50 7680 ----a-w- C:\Windows\system32\spwmp.dll
2009-07-14 10:59:56 . 2009-08-29 06:31:48 8147456 ----a-w- C:\Windows\system32\wmploc.DLL
2009-07-09 19:53:24 . 2009-06-29 11:10:40 114328 ----a-w- C:\Users\Ondra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-04 11:41:16 . 2009-07-04 11:41:16 721904 ----a-w- C:\Windows\system32\drivers\sptd.sys
2009-07-04 11:07:00 . 2009-07-04 11:07:00 0 ----a-w- C:\Windows\nsreg.dat
.

((((((((((((((((((((((((((((( SnapShot_2009-09-29_22.07.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58:01 . 2009-09-29 23:24:32 46544 C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05:11 . 2009-09-29 23:24:33 86216 C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-06-29 11:02:07 . 2009-09-29 23:32:45 32768 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-06-29 11:02:07 . 2009-09-29 21:59:04 32768 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-06-29 11:02:07 . 2009-09-29 23:32:45 32768 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-06-29 11:02:07 . 2009-09-29 21:59:04 32768 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-29 11:02:07 . 2009-09-29 23:32:45 16384 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-06-29 11:02:07 . 2009-09-29 21:59:04 16384 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-17 01:09:47 . 2009-09-29 23:20:26 4006 C:\Windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-06-29 11:21:24 . 2009-09-29 23:24:33 6662 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1214160204-2091967401-857059953-1000_UserData.bin
+ 2009-09-29 23:33:56 . 2009-09-29 23:33:56 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-29 21:53:09 . 2009-09-29 21:53:09 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-29 21:53:09 . 2009-09-29 21:53:09 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-09-29 23:33:56 . 2009-09-29 23:33:56 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2006-11-02 10:33:01 . 2009-09-29 21:58:10 587178 C:\Windows\System32\perfh009.dat
+ 2006-11-02 10:33:01 . 2009-09-29 23:28:04 587178 C:\Windows\System32\perfh009.dat
- 2006-11-02 10:33:01 . 2009-09-29 21:58:10 101250 C:\Windows\System32\perfc009.dat
+ 2006-11-02 10:33:01 . 2009-09-29 23:28:04 101250 C:\Windows\System32\perfc009.dat
- 2009-06-29 11:16:58 . 2009-09-29 21:52:02 942592 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-06-29 11:16:58 . 2009-09-29 23:33:03 942592 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 11:03:12 430080]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 12:18:46 202024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-21 02:23:32 1008184]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 16:12:44 1029416]
"ITSecMng"="C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 14:03:46 75136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 20:16:00 39792]
"topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 07:24:10 581632]
"Toshiba TEMPO"="C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 08:22:10 103824]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-06-25 13:06:10 150040]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-06-25 13:05:50 170520]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2008-06-25 13:06:02 145944]
"Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 08:33:28 417792]
"HDMICtrlMan"="C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 13:57:06 716800]
"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 14:27:52 431456]
"HSON"="C:\Program Files\TOSHIBA\TBS\HSON.exe" [2007-10-31 20:01:12 54608]
"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 11:33:50 509816]
"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 11:35:42 716800]
"Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 02:07:52 574864]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 12:57:24 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 06:51:46 1836328]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 10:56:48 81000]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 22:47:42 31016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-07-25 03:23:12 149280]
"RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2008-04-08 13:14:50 6037504]
"NDSTray.exe"="NDSTray.exe" [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1214160204-2091967401-857059953-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0FE22C46-0352-4FB2-99D0-83DE3EACB4E1}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{143A37B9-54E7-4722-BBEF-A76553B69F0E}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F40D8327-9C71-4874-9BDB-CE3155F67AF6}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{C9699598-8A85-45D9-BD3E-4D6226F0EAF8}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E09AA3ED-BD9E-4287-9F29-01F460F4C874}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 aswSP;avast! Self Protection;C:\Windows\System32\drivers\aswSP.sys [4.7.2009 14:19:47 114768]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [4.7.2009 14:19:47 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [4.7.2009 14:19:36 53328]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe [17.4.2008 0:19:48 40960]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [24.4.2008 10:21:56 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe [3.12.2007 17:03:52 126976]
R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [16.7.2008 19:03:28 7168]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [11.8.2008 15:27:33 112128]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit;C:\Windows\System32\drivers\NETw5v32.sys [16.7.2008 18:53:52 3658752]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [24.4.2008 18:35:46 73728]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSEA
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
TCP: {C85C1DFD-3CE2-43AF-955F-118F543AA396} = 81.19.5.10,81.19.5.11
FF - ProfilePath - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\bk0yhtgi.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

[Damned]

Ještě mi sem dej zbytek logu ComboFixu a nový log z HijackThis ať můžem jít do hajan

Odinstaluj ComboFix (nutné!).
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou ) na Plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři program a smaž ho.

[tiskar]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:33:17, on 30.9.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Users\Ondra\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{C85C1DFD-3CE2-43AF-955F-118F543AA396}: NameServer = 81.19.5.10,81.19.5.11
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8760 bytes

[tiskar]

a ten combofix víc už toho nemám poslal jsem ti vše

[Damned]

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni zbytečnosti (spustit HJT, "Do a system scan only", zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
*****************************************************************************************************************************************
Fixnutí se dělá proto, aby se neplatné, nebo zbytečné služby či programy nechtěli spouštět, nebo aby něco neblokovaly.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.

ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Kdyby něco, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.

[tiskar]

hotovo vše jsem udelal moc ti děkuju