RogueKiller V10.0.8.0 [Nov 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno : Normální režim
Uživatel : Dana [Práva správce]
Mód : Smazat -- Datum : 11/23/2014 09:48:55
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 16 ¤¤¤
[Hj.RegVal] HKEY_LOCAL_MACHINE\RK_Software_ON_D_CA53\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : cmd.exe /k start cmd.exe -> Nahrazeno (explorer.exe)
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD (\SystemRoot\system32\drivers\afd.sys) -> Nevybráno
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.yahoo.com -> Nevybráno
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nevybráno
[PUM.HomePage] HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://seznam.cz/ -> Nevybráno
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nevybráno
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.SearchPage] HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nevybráno
[PUM.StartMenu] HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Nevybráno
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\RK_Software_ON_D_CA53\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\RK_Software_ON_D_CA53\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nevybráno
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nevybráno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 8 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iastor.sys - IRP_MJ_CREATE[0] : Unknown @ 0x85f4e1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iastor.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x85f4e1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iastor.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x85f4e1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iastor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x85f4e1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iastor.sys - IRP_MJ_POWER[22] : Unknown @ 0x85f4e1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iastor.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x85f4e1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\iastor.sys - IRP_MJ_PNP[27] : Unknown @ 0x85f4e1f8
[IAT:Addr] (explorer.exe @ ole32.dll) msvcrt.dll - free : C:\Windows\AppPatch\AcSpecfc.DLL @ 0x69d4f3fb
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD1200BEVS-75UST0 +++++
--- User ---
[MBR] 1424de42bc77a2da81eb98fa323d7835
[BSP] e223061d7b1f736c4877938e9af93bcf : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 129024 | Size: 10240 MB
2 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 21100544 | Size: 101608 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 229195776 | Size: 2560 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_11222014_173829.log - RKreport_SCN_11232014_094754.log
kontrola logu Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
ten Zoek ještě běží...
Re: kontrola logu
tady je Zoek,ještě udělám ten Combofix..
Zoek.exe v5.0.0.0 Updated 21-11-2014
Tool run by Dana on ne 23.11.2014 at 9:54:02,00.
Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dana\Desktop\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
23.11.2014 9:56:25 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B2A04FD-A06E-4E9C-892C-AF7F9E9DEC15} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38D3EADA-2F1D-47C5-B716-1F9EB357FCC2} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{831CC1D9-745A-4E3C-AD43-7491CD8C6B41} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ED44B63-F3FB-45B2-9246-11FDF839B8A3} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\prefs.js:
Added to C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Dana\AppData\Roaming\Thunderbird\Profiles\wjwadtk1.default\prefs.js:
Added to C:\Users\Dana\AppData\Roaming\Thunderbird\Profiles\wjwadtk1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Windows\system32\appdata deleted
C:\Users\Dana\.android deleted
C:\Program Files\Yahoo! deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\Users\Dana\AppData\Roaming\WB.CFG deleted
C:\Users\Dana\AppData\Roaming\Yahoo! deleted
C:\PROGRA~2\Yahoo! Companion deleted
C:\PROGRA~2\ICQ deleted
C:\Users\Dana\AppData\Local\cache deleted
C:\Users\Dana\AppData\LocalLow\boost_interprocess deleted
C:\Windows\System32\PerfStringBackup.TMP deleted
C:\Program Files\Mozilla Firefox\components\AskSearch.js deleted
"C:\Users\Dana\AppData\Roaming\tmp" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [07.07.2014 16:16]
==== Firefox Extensions ======================
==== Firefox Plugins ======================
Profilepath: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default
323432BC92BF5F00CD6F7C034EED0616 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9
8B5EBBA931903B6200752CF8202A664B - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9
E2B1CAEE5DDA3A60DB4212BB12AFE1E3 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9
6C79088343E7D1A6E9239CDD21A94EEA - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9
ED5D191844D295959F82EB8C27546AC8 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9
8E324717EDBF12F7E005D26DF26A0F96 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9
6C859C6FCE6D694EAFD7EA3AE66D54DB - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
625D0A824F513CE1CABB8861E97F2142 - C:\Program Files\Google\Picasa3\npPicasa2.dll - Picasa
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
54BC55D3D9BD33A6CE38F811CF836794 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[07.07.2014 16:14]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 14:13]
Avast Online Security - Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
"Default_Search_URL"="http://www.google.com/ie"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yahoo.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{006ee092-9658-4fd6-bd8e-a21a348e59f5} Reimage Search Url="http://search.reimageplus.com/?sp=reimb&q={searchTerms}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rlz=1I7DKUS_cs&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
==== Reset Google Chrome ======================
C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Empty IE Cache ======================
C:\Users\Dana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=145 folders=34 2639008 bytes)
==== Empty Temp Folders ======================
C:\Users\Dana\AppData\Local\temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Dana\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Dana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on ne 23.11.2014 at 10:26:00,63 ======================
Zoek.exe v5.0.0.0 Updated 21-11-2014
Tool run by Dana on ne 23.11.2014 at 9:54:02,00.
Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dana\Desktop\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
23.11.2014 9:56:25 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B2A04FD-A06E-4E9C-892C-AF7F9E9DEC15} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38D3EADA-2F1D-47C5-B716-1F9EB357FCC2} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{831CC1D9-745A-4E3C-AD43-7491CD8C6B41} deleted successfully
HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ED44B63-F3FB-45B2-9246-11FDF839B8A3} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\prefs.js:
Added to C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Dana\AppData\Roaming\Thunderbird\Profiles\wjwadtk1.default\prefs.js:
Added to C:\Users\Dana\AppData\Roaming\Thunderbird\Profiles\wjwadtk1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Windows\system32\appdata deleted
C:\Users\Dana\.android deleted
C:\Program Files\Yahoo! deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\Users\Dana\AppData\Roaming\WB.CFG deleted
C:\Users\Dana\AppData\Roaming\Yahoo! deleted
C:\PROGRA~2\Yahoo! Companion deleted
C:\PROGRA~2\ICQ deleted
C:\Users\Dana\AppData\Local\cache deleted
C:\Users\Dana\AppData\LocalLow\boost_interprocess deleted
C:\Windows\System32\PerfStringBackup.TMP deleted
C:\Program Files\Mozilla Firefox\components\AskSearch.js deleted
"C:\Users\Dana\AppData\Roaming\tmp" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [07.07.2014 16:16]
==== Firefox Extensions ======================
==== Firefox Plugins ======================
Profilepath: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default
323432BC92BF5F00CD6F7C034EED0616 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9
8B5EBBA931903B6200752CF8202A664B - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9
E2B1CAEE5DDA3A60DB4212BB12AFE1E3 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9
6C79088343E7D1A6E9239CDD21A94EEA - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9
ED5D191844D295959F82EB8C27546AC8 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9
8E324717EDBF12F7E005D26DF26A0F96 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9
6C859C6FCE6D694EAFD7EA3AE66D54DB - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
625D0A824F513CE1CABB8861E97F2142 - C:\Program Files\Google\Picasa3\npPicasa2.dll - Picasa
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
54BC55D3D9BD33A6CE38F811CF836794 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[07.07.2014 16:14]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 14:13]
Avast Online Security - Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
"Default_Search_URL"="http://www.google.com/ie"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yahoo.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{006ee092-9658-4fd6-bd8e-a21a348e59f5} Reimage Search Url="http://search.reimageplus.com/?sp=reimb&q={searchTerms}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rlz=1I7DKUS_cs&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
==== Reset Google Chrome ======================
C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Empty IE Cache ======================
C:\Users\Dana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=145 folders=34 2639008 bytes)
==== Empty Temp Folders ======================
C:\Users\Dana\AppData\Local\temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Dana\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Dana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on ne 23.11.2014 at 10:26:00,63 ======================
Re: kontrola logu
ComboFix 14-11-18.01 - Dana 23.11.2014 10:39:08.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2549.1302 [GMT 1:00]
Spuštěný z: c:\users\Dana\Desktop\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ZipGenius 6.lnk
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-23 do 2014-11-23 )))))))))))))))))))))))))))))))
.
.
2014-11-23 09:51 . 2014-11-23 09:51 -------- d-----w- c:\users\Dana\AppData\Local\temp
2014-11-23 09:51 . 2014-11-23 09:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-23 09:32 . 2014-11-23 09:32 6746 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2014-11-23 09:19 . 2014-11-23 08:53 24064 ----a-w- c:\windows\zoek-delete.exe
2014-11-23 08:53 . 2014-11-23 09:16 -------- d-----w- C:\zoek_backup
2014-11-23 06:53 . 2014-11-23 06:53 -------- d-----w- C:\9b7ed0b5834c0dfb91687682
2014-11-23 06:52 . 2014-11-23 06:53 -------- d-----w- C:\5a4d7e47b4897d1712f80e
2014-11-22 16:33 . 2014-11-23 08:42 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-11-22 16:33 . 2014-11-22 16:33 -------- d-----w- c:\programdata\RogueKiller
2014-11-22 16:22 . 2014-11-22 16:22 -------- d-----w- c:\windows\ERUNT
2014-11-22 11:05 . 2014-11-22 11:05 -------- d-----w- c:\users\Dana\AppData\Local\Adobe
2014-11-22 10:42 . 2014-11-22 14:29 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-22 10:41 . 2014-11-22 10:41 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-11-22 10:41 . 2014-10-01 10:11 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-22 10:41 . 2014-10-01 10:11 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-22 10:41 . 2014-10-01 10:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-22 10:27 . 2014-11-22 16:14 -------- d-----w- C:\AdwCleaner
2014-11-22 08:01 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5010F8F5-F0C2-45B7-9AC3-CC1DB3E66A1A}\mpengine.dll
2014-11-20 17:41 . 2014-10-24 01:03 499200 ----a-w- c:\windows\system32\kerberos.dll
2014-11-15 07:47 . 2014-10-10 01:00 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-15 07:47 . 2014-10-09 23:22 619520 ----a-w- c:\windows\system32\adtschema.dll
2014-11-15 07:47 . 2014-10-10 01:01 449536 ----a-w- c:\windows\system32\termsrv.dll
2014-11-15 07:47 . 2014-10-10 01:00 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-15 07:46 . 2014-08-27 00:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-11-15 07:46 . 2014-08-27 00:55 1249280 ----a-w- c:\windows\system32\msxml3.dll
2014-11-15 07:45 . 2014-09-19 00:50 278528 ----a-w- c:\windows\system32\schannel.dll
2014-11-15 07:45 . 2014-10-24 01:04 67072 ----a-w- c:\windows\system32\packager.dll
2014-11-15 07:44 . 2014-08-12 02:25 729600 ----a-w- c:\windows\system32\IMJP10K.DLL
2014-11-15 07:40 . 2014-10-03 01:17 316928 ----a-w- c:\windows\system32\audiosrv.dll
2014-11-15 07:40 . 2014-10-03 01:18 274432 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-11-15 07:40 . 2014-10-03 01:17 396800 ----a-w- c:\windows\system32\AudioEng.dll
2014-11-15 07:40 . 2014-10-03 01:17 170496 ----a-w- c:\windows\system32\EncDump.dll
2014-11-15 07:40 . 2014-10-18 01:08 564224 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-15 07:20 . 2014-10-12 23:34 2054656 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-22 02:09 . 2011-05-19 17:05 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-12 18:11 . 2013-03-10 07:28 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-12 18:11 . 2011-11-17 15:45 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-04 13:30 . 2013-02-25 07:13 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-09-09 06:24 . 2014-09-24 16:38 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 23:27 . 2014-10-17 15:58 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-07 15:15 578240 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-12 3444736]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-18 39424]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-15 30192]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-07-31 4085896]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-01-17 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
.
c:\users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-7-26 113664]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-22 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-11-12 73728]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-10 18:11]
.
2014-11-16 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-23 07:37]
.
2014-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-20 06:33]
.
2014-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-20 06:33]
.
2014-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2738546233-1336636186-2414599549-1000Core.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-02 08:44]
.
2014-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2738546233-1336636186-2414599549-1000UA.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-02 08:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk - f:\office\OSA9.EXE -b -l
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Yahoo! Toolbar - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-23 10:51
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FSServer207Service]
"ImagePath"="c:\form studio server\nxServer207.exe /ServiceName:FSServer207Service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,c2,a7,f7,05,d3,20,4b,b6,5f,dc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,c2,a7,f7,05,d3,20,4b,b6,5f,dc,\
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2014-11-23 10:54:05
ComboFix-quarantined-files.txt 2014-11-23 09:54
.
Před spuštěním: Volných bajtů: 37 853 925 376
Po spuštění: Volných bajtů: 37 718 978 560
.
- - End Of File - - B7C629E46DA8FD6BE010261EBCFA70F2
5C616939100B85E558DA92B899A0FC36
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2549.1302 [GMT 1:00]
Spuštěný z: c:\users\Dana\Desktop\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ZipGenius 6.lnk
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-23 do 2014-11-23 )))))))))))))))))))))))))))))))
.
.
2014-11-23 09:51 . 2014-11-23 09:51 -------- d-----w- c:\users\Dana\AppData\Local\temp
2014-11-23 09:51 . 2014-11-23 09:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-23 09:32 . 2014-11-23 09:32 6746 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2014-11-23 09:19 . 2014-11-23 08:53 24064 ----a-w- c:\windows\zoek-delete.exe
2014-11-23 08:53 . 2014-11-23 09:16 -------- d-----w- C:\zoek_backup
2014-11-23 06:53 . 2014-11-23 06:53 -------- d-----w- C:\9b7ed0b5834c0dfb91687682
2014-11-23 06:52 . 2014-11-23 06:53 -------- d-----w- C:\5a4d7e47b4897d1712f80e
2014-11-22 16:33 . 2014-11-23 08:42 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-11-22 16:33 . 2014-11-22 16:33 -------- d-----w- c:\programdata\RogueKiller
2014-11-22 16:22 . 2014-11-22 16:22 -------- d-----w- c:\windows\ERUNT
2014-11-22 11:05 . 2014-11-22 11:05 -------- d-----w- c:\users\Dana\AppData\Local\Adobe
2014-11-22 10:42 . 2014-11-22 14:29 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-22 10:41 . 2014-11-22 10:41 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-11-22 10:41 . 2014-10-01 10:11 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-22 10:41 . 2014-10-01 10:11 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-22 10:41 . 2014-10-01 10:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-22 10:27 . 2014-11-22 16:14 -------- d-----w- C:\AdwCleaner
2014-11-22 08:01 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5010F8F5-F0C2-45B7-9AC3-CC1DB3E66A1A}\mpengine.dll
2014-11-20 17:41 . 2014-10-24 01:03 499200 ----a-w- c:\windows\system32\kerberos.dll
2014-11-15 07:47 . 2014-10-10 01:00 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-15 07:47 . 2014-10-09 23:22 619520 ----a-w- c:\windows\system32\adtschema.dll
2014-11-15 07:47 . 2014-10-10 01:01 449536 ----a-w- c:\windows\system32\termsrv.dll
2014-11-15 07:47 . 2014-10-10 01:00 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-15 07:46 . 2014-08-27 00:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-11-15 07:46 . 2014-08-27 00:55 1249280 ----a-w- c:\windows\system32\msxml3.dll
2014-11-15 07:45 . 2014-09-19 00:50 278528 ----a-w- c:\windows\system32\schannel.dll
2014-11-15 07:45 . 2014-10-24 01:04 67072 ----a-w- c:\windows\system32\packager.dll
2014-11-15 07:44 . 2014-08-12 02:25 729600 ----a-w- c:\windows\system32\IMJP10K.DLL
2014-11-15 07:40 . 2014-10-03 01:17 316928 ----a-w- c:\windows\system32\audiosrv.dll
2014-11-15 07:40 . 2014-10-03 01:18 274432 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-11-15 07:40 . 2014-10-03 01:17 396800 ----a-w- c:\windows\system32\AudioEng.dll
2014-11-15 07:40 . 2014-10-03 01:17 170496 ----a-w- c:\windows\system32\EncDump.dll
2014-11-15 07:40 . 2014-10-18 01:08 564224 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-15 07:20 . 2014-10-12 23:34 2054656 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-22 02:09 . 2011-05-19 17:05 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-12 18:11 . 2013-03-10 07:28 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-12 18:11 . 2011-11-17 15:45 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-04 13:30 . 2013-02-25 07:13 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-09-09 06:24 . 2014-09-24 16:38 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 23:27 . 2014-10-17 15:58 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Dana\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-07 15:15 578240 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-12 3444736]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-18 39424]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-15 30192]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-07-31 4085896]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-01-17 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
.
c:\users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-7-26 113664]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-22 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-11-12 73728]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-10 18:11]
.
2014-11-16 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-23 07:37]
.
2014-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-20 06:33]
.
2014-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-20 06:33]
.
2014-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2738546233-1336636186-2414599549-1000Core.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-02 08:44]
.
2014-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2738546233-1336636186-2414599549-1000UA.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-02 08:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk - f:\office\OSA9.EXE -b -l
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Yahoo! Toolbar - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-23 10:51
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FSServer207Service]
"ImagePath"="c:\form studio server\nxServer207.exe /ServiceName:FSServer207Service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,c2,a7,f7,05,d3,20,4b,b6,5f,dc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,c2,a7,f7,05,d3,20,4b,b6,5f,dc,\
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.SWUHTJRE4FYKLZXBCRB5MQJL5E"
.
[HKEY_USERS\S-1-5-21-2738546233-1336636186-2414599549-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2738546233-1336636186-2414599549-1000)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2014-11-23 10:54:05
ComboFix-quarantined-files.txt 2014-11-23 09:54
.
Před spuštěním: Volných bajtů: 37 853 925 376
Po spuštění: Volných bajtů: 37 718 978 560
.
- - End Of File - - B7C629E46DA8FD6BE010261EBCFA70F2
5C616939100B85E558DA92B899A0FC36
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Nedal si nový RK po smazaání....
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Vlož nový log z HJT + info o problémech.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Vlož nový log z HJT + info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-11-24 10:57:14
-----------------------------
10:57:14.589 OS Version: Windows 6.0.6002 Service Pack 2
10:57:14.589 Number of processors: 1 586 0x1601
10:57:14.590 ComputerName: DANA-PC UserName: Dana
10:57:51.710 Initialize success
10:57:51.743 VM: initialized successfully
10:57:51.744 VM: Intel CPU virtualization not supported
10:57:54.855 AVAST engine defs: 14112400
10:59:45.002 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
10:59:45.005 Disk 0 Vendor: WDC_WD12 01.0 Size: 114473MB BusType: 3
10:59:45.156 Disk 0 MBR read successfully
10:59:45.162 Disk 0 MBR scan
10:59:45.169 Disk 0 Windows VISTA default MBR code
10:59:45.174 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
10:59:45.223 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 129024
10:59:45.273 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 101608 MB offset 21100544
10:59:45.292 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 229195776
10:59:45.334 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 229197824
10:59:45.372 Disk 0 scanning sectors +234438656
10:59:45.636 Disk 0 scanning C:\Windows\system32\drivers
11:00:00.075 File: C:\Windows\system32\drivers\en-US\http.sys.mui **HIDDEN**
11:00:00.185 File: C:\Windows\system32\drivers\en-US\i8042prt.sys.mui **HIDDEN**
11:00:00.288 File: C:\Windows\system32\drivers\en-US\intelppm.sys.mui **HIDDEN**
11:00:00.400 File: C:\Windows\system32\drivers\en-US\IPMIDrv.sys.mui **HIDDEN**
11:00:00.533 File: C:\Windows\system32\drivers\en-US\ipnat.sys.mui **HIDDEN**
11:00:00.636 File: C:\Windows\system32\drivers\en-US\isapnp.sys.mui **HIDDEN**
11:00:00.762 File: C:\Windows\system32\drivers\en-US\kbdclass.sys.mui **HIDDEN**
11:00:00.840 File: C:\Windows\system32\drivers\en-US\kbdhid.sys.mui **HIDDEN**
11:00:00.950 File: C:\Windows\system32\drivers\en-US\ltmdmnt.sys.mui **HIDDEN**
11:00:01.052 File: C:\Windows\system32\drivers\en-US\luafv.sys.mui **HIDDEN**
11:00:01.158 File: C:\Windows\system32\drivers\en-US\modem.sys.mui **HIDDEN**
11:00:01.264 File: C:\Windows\system32\drivers\en-US\mouclass.sys.mui **HIDDEN**
11:00:01.402 File: C:\Windows\system32\drivers\en-US\mouhid.sys.mui **HIDDEN**
11:00:01.571 File: C:\Windows\system32\drivers\en-US\mpio.sys.mui **HIDDEN**
11:00:01.746 File: C:\Windows\system32\drivers\en-US\msdsm.sys.mui **HIDDEN**
11:00:01.881 File: C:\Windows\system32\drivers\en-US\mssmbios.sys.mui **HIDDEN**
11:00:02.014 File: C:\Windows\system32\drivers\en-US\ntfs.sys.mui **HIDDEN**
11:00:02.097 File: C:\Windows\system32\drivers\en-US\ntrigdigi.sys.mui **HIDDEN**
11:00:02.219 File: C:\Windows\system32\drivers\en-US\nv4_mini.sys.mui **HIDDEN**
11:00:02.326 File: C:\Windows\system32\drivers\en-US\NV_AGP.SYS.mui **HIDDEN**
11:00:02.428 File: C:\Windows\system32\drivers\en-US\ohci1394.sys.mui **HIDDEN**
11:00:02.545 File: C:\Windows\system32\drivers\en-US\pacer.sys.mui **HIDDEN**
11:00:02.648 File: C:\Windows\system32\drivers\en-US\parport.sys.mui **HIDDEN**
11:00:02.747 File: C:\Windows\system32\drivers\en-US\parvdm.sys.mui **HIDDEN**
11:00:02.855 File: C:\Windows\system32\drivers\en-US\pci.sys.mui **HIDDEN**
11:00:02.980 File: C:\Windows\system32\drivers\en-US\pcmcia.sys.mui **HIDDEN**
11:00:03.074 File: C:\Windows\system32\drivers\en-US\pnpmem.sys.mui **HIDDEN**
11:00:03.183 File: C:\Windows\system32\drivers\en-US\processr.sys.mui **HIDDEN**
11:00:03.289 File: C:\Windows\system32\drivers\en-US\pscr.sys.mui **HIDDEN**
11:00:03.384 File: C:\Windows\system32\drivers\en-US\qwavedrv.sys.mui **HIDDEN**
11:00:03.496 File: C:\Windows\system32\drivers\en-US\RNDISMP.sys.mui **HIDDEN**
11:00:03.634 File: C:\Windows\system32\drivers\en-US\rndismpx.sys.mui **HIDDEN**
11:00:03.738 File: C:\Windows\system32\drivers\en-US\scmstcs.sys.mui **HIDDEN**
11:00:03.851 File: C:\Windows\system32\drivers\en-US\SCR111.sys.mui **HIDDEN**
11:00:03.970 File: C:\Windows\system32\drivers\en-US\scsiport.sys.mui **HIDDEN**
11:00:04.047 File: C:\Windows\system32\drivers\en-US\serial.sys.mui **HIDDEN**
11:00:04.154 File: C:\Windows\system32\drivers\en-US\sermouse.sys.mui **HIDDEN**
11:00:04.250 File: C:\Windows\system32\drivers\en-US\serscan.sys.mui **HIDDEN**
11:00:04.388 File: C:\Windows\system32\drivers\en-US\SISAGP.SYS.mui **HIDDEN**
11:00:04.486 File: C:\Windows\system32\drivers\en-US\srv.sys.mui **HIDDEN**
11:00:04.591 File: C:\Windows\system32\drivers\en-US\stcusb.sys.mui **HIDDEN**
11:00:04.693 File: C:\Windows\system32\drivers\en-US\tpm.sys.mui **HIDDEN**
11:00:04.789 File: C:\Windows\system32\drivers\en-US\UAGP35.SYS.mui **HIDDEN**
11:00:04.916 File: C:\Windows\system32\drivers\en-US\ULIAGPKX.SYS.mui **HIDDEN**
11:00:04.998 File: C:\Windows\system32\drivers\en-US\umbus.sys.mui **HIDDEN**
11:00:05.104 File: C:\Windows\system32\drivers\en-US\VIAAGP.SYS.mui **HIDDEN**
11:00:05.212 File: C:\Windows\system32\drivers\en-US\viac7.sys.mui **HIDDEN**
11:00:05.312 File: C:\Windows\system32\drivers\en-US\volsnap.sys.mui **HIDDEN**
11:00:05.415 File: C:\Windows\system32\drivers\en-US\wacompen.sys.mui **HIDDEN**
11:00:05.515 File: C:\Windows\system32\drivers\en-US\wd.sys.mui **HIDDEN**
11:00:05.621 File: C:\Windows\system32\drivers\en-US\wdf01000.sys.mui **HIDDEN**
11:00:05.759 File: C:\Windows\system32\drivers\en-US\yk60x86.sys.mui **HIDDEN**
11:00:05.790 Service scanning
11:00:27.797 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
11:00:35.788 Modules scanning
11:00:35.835 Disk 0 trace - called modules:
11:00:35.855 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys spbv.sys hal.dll >>UNKNOWN [0x85f0c938]<<
11:00:35.862 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87185ac8]
11:00:35.869 3 CLASSPNP.SYS[8a3a48b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85fe6030]
11:00:36.422 AVAST engine scan C:\Windows
11:00:38.900 AVAST engine scan C:\Windows\system32
11:06:33.206 AVAST engine scan C:\Windows\system32\drivers
11:08:30.505 File: C:\Windows\system32\drivers\en-US\http.sys.mui **HIDDEN**
11:08:31.441 File: C:\Windows\system32\drivers\en-US\i8042prt.sys.mui **HIDDEN**
11:08:37.397 File: C:\Windows\system32\drivers\en-US\intelppm.sys.mui **HIDDEN**
11:08:38.386 File: C:\Windows\system32\drivers\en-US\IPMIDrv.sys.mui **HIDDEN**
11:08:39.338 File: C:\Windows\system32\drivers\en-US\ipnat.sys.mui **HIDDEN**
11:08:40.165 File: C:\Windows\system32\drivers\en-US\isapnp.sys.mui **HIDDEN**
11:08:41.092 File: C:\Windows\system32\drivers\en-US\kbdclass.sys.mui **HIDDEN**
11:08:46.965 File: C:\Windows\system32\drivers\en-US\kbdhid.sys.mui **HIDDEN**
11:08:47.910 File: C:\Windows\system32\drivers\en-US\ltmdmnt.sys.mui **HIDDEN**
11:08:48.891 File: C:\Windows\system32\drivers\en-US\luafv.sys.mui **HIDDEN**
11:08:49.816 File: C:\Windows\system32\drivers\en-US\modem.sys.mui **HIDDEN**
11:08:50.775 File: C:\Windows\system32\drivers\en-US\mouclass.sys.mui **HIDDEN**
11:08:51.757 File: C:\Windows\system32\drivers\en-US\mouhid.sys.mui **HIDDEN**
11:08:52.652 File: C:\Windows\system32\drivers\en-US\mpio.sys.mui **HIDDEN**
11:08:53.545 File: C:\Windows\system32\drivers\en-US\msdsm.sys.mui **HIDDEN**
11:08:54.620 File: C:\Windows\system32\drivers\en-US\mssmbios.sys.mui **HIDDEN**
11:08:55.533 File: C:\Windows\system32\drivers\en-US\ntfs.sys.mui **HIDDEN**
11:08:56.517 File: C:\Windows\system32\drivers\en-US\ntrigdigi.sys.mui **HIDDEN**
11:08:57.487 File: C:\Windows\system32\drivers\en-US\nv4_mini.sys.mui **HIDDEN**
11:08:58.385 File: C:\Windows\system32\drivers\en-US\NV_AGP.SYS.mui **HIDDEN**
11:08:59.339 File: C:\Windows\system32\drivers\en-US\ohci1394.sys.mui **HIDDEN**
11:09:00.245 File: C:\Windows\system32\drivers\en-US\pacer.sys.mui **HIDDEN**
11:09:01.201 File: C:\Windows\system32\drivers\en-US\parport.sys.mui **HIDDEN**
11:09:02.203 File: C:\Windows\system32\drivers\en-US\parvdm.sys.mui **HIDDEN**
11:09:03.168 File: C:\Windows\system32\drivers\en-US\pci.sys.mui **HIDDEN**
11:09:04.144 File: C:\Windows\system32\drivers\en-US\pcmcia.sys.mui **HIDDEN**
11:09:05.069 File: C:\Windows\system32\drivers\en-US\pnpmem.sys.mui **HIDDEN**
11:09:05.999 File: C:\Windows\system32\drivers\en-US\processr.sys.mui **HIDDEN**
11:09:06.959 File: C:\Windows\system32\drivers\en-US\pscr.sys.mui **HIDDEN**
11:09:07.892 File: C:\Windows\system32\drivers\en-US\qwavedrv.sys.mui **HIDDEN**
11:09:08.804 File: C:\Windows\system32\drivers\en-US\RNDISMP.sys.mui **HIDDEN**
11:09:09.867 File: C:\Windows\system32\drivers\en-US\rndismpx.sys.mui **HIDDEN**
11:09:10.810 File: C:\Windows\system32\drivers\en-US\scmstcs.sys.mui **HIDDEN**
11:09:11.776 File: C:\Windows\system32\drivers\en-US\SCR111.sys.mui **HIDDEN**
11:09:12.687 File: C:\Windows\system32\drivers\en-US\scsiport.sys.mui **HIDDEN**
11:09:13.649 File: C:\Windows\system32\drivers\en-US\serial.sys.mui **HIDDEN**
11:09:14.607 File: C:\Windows\system32\drivers\en-US\sermouse.sys.mui **HIDDEN**
11:09:15.501 File: C:\Windows\system32\drivers\en-US\serscan.sys.mui **HIDDEN**
11:09:16.535 File: C:\Windows\system32\drivers\en-US\SISAGP.SYS.mui **HIDDEN**
11:09:17.539 File: C:\Windows\system32\drivers\en-US\srv.sys.mui **HIDDEN**
11:09:18.538 File: C:\Windows\system32\drivers\en-US\stcusb.sys.mui **HIDDEN**
11:09:19.491 File: C:\Windows\system32\drivers\en-US\tpm.sys.mui **HIDDEN**
11:09:20.394 File: C:\Windows\system32\drivers\en-US\UAGP35.SYS.mui **HIDDEN**
11:09:21.305 File: C:\Windows\system32\drivers\en-US\ULIAGPKX.SYS.mui **HIDDEN**
11:09:22.197 File: C:\Windows\system32\drivers\en-US\umbus.sys.mui **HIDDEN**
11:09:23.109 File: C:\Windows\system32\drivers\en-US\VIAAGP.SYS.mui **HIDDEN**
11:09:24.181 File: C:\Windows\system32\drivers\en-US\viac7.sys.mui **HIDDEN**
11:09:25.130 File: C:\Windows\system32\drivers\en-US\volsnap.sys.mui **HIDDEN**
11:09:26.174 File: C:\Windows\system32\drivers\en-US\wacompen.sys.mui **HIDDEN**
11:09:27.156 File: C:\Windows\system32\drivers\en-US\wd.sys.mui **HIDDEN**
11:09:28.160 File: C:\Windows\system32\drivers\en-US\wdf01000.sys.mui **HIDDEN**
11:09:29.092 File: C:\Windows\system32\drivers\en-US\yk60x86.sys.mui **HIDDEN**
11:09:57.201 AVAST engine scan C:\Users\Dana
11:19:44.207 Disk 0 MBR has been saved successfully to "C:\Users\Dana\Desktop\MBR.dat"
11:19:44.224 The log file has been saved successfully to "C:\Users\Dana\Desktop\aswMBR.txt"
Run date: 2014-11-24 10:57:14
-----------------------------
10:57:14.589 OS Version: Windows 6.0.6002 Service Pack 2
10:57:14.589 Number of processors: 1 586 0x1601
10:57:14.590 ComputerName: DANA-PC UserName: Dana
10:57:51.710 Initialize success
10:57:51.743 VM: initialized successfully
10:57:51.744 VM: Intel CPU virtualization not supported
10:57:54.855 AVAST engine defs: 14112400
10:59:45.002 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
10:59:45.005 Disk 0 Vendor: WDC_WD12 01.0 Size: 114473MB BusType: 3
10:59:45.156 Disk 0 MBR read successfully
10:59:45.162 Disk 0 MBR scan
10:59:45.169 Disk 0 Windows VISTA default MBR code
10:59:45.174 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
10:59:45.223 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 129024
10:59:45.273 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 101608 MB offset 21100544
10:59:45.292 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 229195776
10:59:45.334 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 229197824
10:59:45.372 Disk 0 scanning sectors +234438656
10:59:45.636 Disk 0 scanning C:\Windows\system32\drivers
11:00:00.075 File: C:\Windows\system32\drivers\en-US\http.sys.mui **HIDDEN**
11:00:00.185 File: C:\Windows\system32\drivers\en-US\i8042prt.sys.mui **HIDDEN**
11:00:00.288 File: C:\Windows\system32\drivers\en-US\intelppm.sys.mui **HIDDEN**
11:00:00.400 File: C:\Windows\system32\drivers\en-US\IPMIDrv.sys.mui **HIDDEN**
11:00:00.533 File: C:\Windows\system32\drivers\en-US\ipnat.sys.mui **HIDDEN**
11:00:00.636 File: C:\Windows\system32\drivers\en-US\isapnp.sys.mui **HIDDEN**
11:00:00.762 File: C:\Windows\system32\drivers\en-US\kbdclass.sys.mui **HIDDEN**
11:00:00.840 File: C:\Windows\system32\drivers\en-US\kbdhid.sys.mui **HIDDEN**
11:00:00.950 File: C:\Windows\system32\drivers\en-US\ltmdmnt.sys.mui **HIDDEN**
11:00:01.052 File: C:\Windows\system32\drivers\en-US\luafv.sys.mui **HIDDEN**
11:00:01.158 File: C:\Windows\system32\drivers\en-US\modem.sys.mui **HIDDEN**
11:00:01.264 File: C:\Windows\system32\drivers\en-US\mouclass.sys.mui **HIDDEN**
11:00:01.402 File: C:\Windows\system32\drivers\en-US\mouhid.sys.mui **HIDDEN**
11:00:01.571 File: C:\Windows\system32\drivers\en-US\mpio.sys.mui **HIDDEN**
11:00:01.746 File: C:\Windows\system32\drivers\en-US\msdsm.sys.mui **HIDDEN**
11:00:01.881 File: C:\Windows\system32\drivers\en-US\mssmbios.sys.mui **HIDDEN**
11:00:02.014 File: C:\Windows\system32\drivers\en-US\ntfs.sys.mui **HIDDEN**
11:00:02.097 File: C:\Windows\system32\drivers\en-US\ntrigdigi.sys.mui **HIDDEN**
11:00:02.219 File: C:\Windows\system32\drivers\en-US\nv4_mini.sys.mui **HIDDEN**
11:00:02.326 File: C:\Windows\system32\drivers\en-US\NV_AGP.SYS.mui **HIDDEN**
11:00:02.428 File: C:\Windows\system32\drivers\en-US\ohci1394.sys.mui **HIDDEN**
11:00:02.545 File: C:\Windows\system32\drivers\en-US\pacer.sys.mui **HIDDEN**
11:00:02.648 File: C:\Windows\system32\drivers\en-US\parport.sys.mui **HIDDEN**
11:00:02.747 File: C:\Windows\system32\drivers\en-US\parvdm.sys.mui **HIDDEN**
11:00:02.855 File: C:\Windows\system32\drivers\en-US\pci.sys.mui **HIDDEN**
11:00:02.980 File: C:\Windows\system32\drivers\en-US\pcmcia.sys.mui **HIDDEN**
11:00:03.074 File: C:\Windows\system32\drivers\en-US\pnpmem.sys.mui **HIDDEN**
11:00:03.183 File: C:\Windows\system32\drivers\en-US\processr.sys.mui **HIDDEN**
11:00:03.289 File: C:\Windows\system32\drivers\en-US\pscr.sys.mui **HIDDEN**
11:00:03.384 File: C:\Windows\system32\drivers\en-US\qwavedrv.sys.mui **HIDDEN**
11:00:03.496 File: C:\Windows\system32\drivers\en-US\RNDISMP.sys.mui **HIDDEN**
11:00:03.634 File: C:\Windows\system32\drivers\en-US\rndismpx.sys.mui **HIDDEN**
11:00:03.738 File: C:\Windows\system32\drivers\en-US\scmstcs.sys.mui **HIDDEN**
11:00:03.851 File: C:\Windows\system32\drivers\en-US\SCR111.sys.mui **HIDDEN**
11:00:03.970 File: C:\Windows\system32\drivers\en-US\scsiport.sys.mui **HIDDEN**
11:00:04.047 File: C:\Windows\system32\drivers\en-US\serial.sys.mui **HIDDEN**
11:00:04.154 File: C:\Windows\system32\drivers\en-US\sermouse.sys.mui **HIDDEN**
11:00:04.250 File: C:\Windows\system32\drivers\en-US\serscan.sys.mui **HIDDEN**
11:00:04.388 File: C:\Windows\system32\drivers\en-US\SISAGP.SYS.mui **HIDDEN**
11:00:04.486 File: C:\Windows\system32\drivers\en-US\srv.sys.mui **HIDDEN**
11:00:04.591 File: C:\Windows\system32\drivers\en-US\stcusb.sys.mui **HIDDEN**
11:00:04.693 File: C:\Windows\system32\drivers\en-US\tpm.sys.mui **HIDDEN**
11:00:04.789 File: C:\Windows\system32\drivers\en-US\UAGP35.SYS.mui **HIDDEN**
11:00:04.916 File: C:\Windows\system32\drivers\en-US\ULIAGPKX.SYS.mui **HIDDEN**
11:00:04.998 File: C:\Windows\system32\drivers\en-US\umbus.sys.mui **HIDDEN**
11:00:05.104 File: C:\Windows\system32\drivers\en-US\VIAAGP.SYS.mui **HIDDEN**
11:00:05.212 File: C:\Windows\system32\drivers\en-US\viac7.sys.mui **HIDDEN**
11:00:05.312 File: C:\Windows\system32\drivers\en-US\volsnap.sys.mui **HIDDEN**
11:00:05.415 File: C:\Windows\system32\drivers\en-US\wacompen.sys.mui **HIDDEN**
11:00:05.515 File: C:\Windows\system32\drivers\en-US\wd.sys.mui **HIDDEN**
11:00:05.621 File: C:\Windows\system32\drivers\en-US\wdf01000.sys.mui **HIDDEN**
11:00:05.759 File: C:\Windows\system32\drivers\en-US\yk60x86.sys.mui **HIDDEN**
11:00:05.790 Service scanning
11:00:27.797 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
11:00:35.788 Modules scanning
11:00:35.835 Disk 0 trace - called modules:
11:00:35.855 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys spbv.sys hal.dll >>UNKNOWN [0x85f0c938]<<
11:00:35.862 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87185ac8]
11:00:35.869 3 CLASSPNP.SYS[8a3a48b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85fe6030]
11:00:36.422 AVAST engine scan C:\Windows
11:00:38.900 AVAST engine scan C:\Windows\system32
11:06:33.206 AVAST engine scan C:\Windows\system32\drivers
11:08:30.505 File: C:\Windows\system32\drivers\en-US\http.sys.mui **HIDDEN**
11:08:31.441 File: C:\Windows\system32\drivers\en-US\i8042prt.sys.mui **HIDDEN**
11:08:37.397 File: C:\Windows\system32\drivers\en-US\intelppm.sys.mui **HIDDEN**
11:08:38.386 File: C:\Windows\system32\drivers\en-US\IPMIDrv.sys.mui **HIDDEN**
11:08:39.338 File: C:\Windows\system32\drivers\en-US\ipnat.sys.mui **HIDDEN**
11:08:40.165 File: C:\Windows\system32\drivers\en-US\isapnp.sys.mui **HIDDEN**
11:08:41.092 File: C:\Windows\system32\drivers\en-US\kbdclass.sys.mui **HIDDEN**
11:08:46.965 File: C:\Windows\system32\drivers\en-US\kbdhid.sys.mui **HIDDEN**
11:08:47.910 File: C:\Windows\system32\drivers\en-US\ltmdmnt.sys.mui **HIDDEN**
11:08:48.891 File: C:\Windows\system32\drivers\en-US\luafv.sys.mui **HIDDEN**
11:08:49.816 File: C:\Windows\system32\drivers\en-US\modem.sys.mui **HIDDEN**
11:08:50.775 File: C:\Windows\system32\drivers\en-US\mouclass.sys.mui **HIDDEN**
11:08:51.757 File: C:\Windows\system32\drivers\en-US\mouhid.sys.mui **HIDDEN**
11:08:52.652 File: C:\Windows\system32\drivers\en-US\mpio.sys.mui **HIDDEN**
11:08:53.545 File: C:\Windows\system32\drivers\en-US\msdsm.sys.mui **HIDDEN**
11:08:54.620 File: C:\Windows\system32\drivers\en-US\mssmbios.sys.mui **HIDDEN**
11:08:55.533 File: C:\Windows\system32\drivers\en-US\ntfs.sys.mui **HIDDEN**
11:08:56.517 File: C:\Windows\system32\drivers\en-US\ntrigdigi.sys.mui **HIDDEN**
11:08:57.487 File: C:\Windows\system32\drivers\en-US\nv4_mini.sys.mui **HIDDEN**
11:08:58.385 File: C:\Windows\system32\drivers\en-US\NV_AGP.SYS.mui **HIDDEN**
11:08:59.339 File: C:\Windows\system32\drivers\en-US\ohci1394.sys.mui **HIDDEN**
11:09:00.245 File: C:\Windows\system32\drivers\en-US\pacer.sys.mui **HIDDEN**
11:09:01.201 File: C:\Windows\system32\drivers\en-US\parport.sys.mui **HIDDEN**
11:09:02.203 File: C:\Windows\system32\drivers\en-US\parvdm.sys.mui **HIDDEN**
11:09:03.168 File: C:\Windows\system32\drivers\en-US\pci.sys.mui **HIDDEN**
11:09:04.144 File: C:\Windows\system32\drivers\en-US\pcmcia.sys.mui **HIDDEN**
11:09:05.069 File: C:\Windows\system32\drivers\en-US\pnpmem.sys.mui **HIDDEN**
11:09:05.999 File: C:\Windows\system32\drivers\en-US\processr.sys.mui **HIDDEN**
11:09:06.959 File: C:\Windows\system32\drivers\en-US\pscr.sys.mui **HIDDEN**
11:09:07.892 File: C:\Windows\system32\drivers\en-US\qwavedrv.sys.mui **HIDDEN**
11:09:08.804 File: C:\Windows\system32\drivers\en-US\RNDISMP.sys.mui **HIDDEN**
11:09:09.867 File: C:\Windows\system32\drivers\en-US\rndismpx.sys.mui **HIDDEN**
11:09:10.810 File: C:\Windows\system32\drivers\en-US\scmstcs.sys.mui **HIDDEN**
11:09:11.776 File: C:\Windows\system32\drivers\en-US\SCR111.sys.mui **HIDDEN**
11:09:12.687 File: C:\Windows\system32\drivers\en-US\scsiport.sys.mui **HIDDEN**
11:09:13.649 File: C:\Windows\system32\drivers\en-US\serial.sys.mui **HIDDEN**
11:09:14.607 File: C:\Windows\system32\drivers\en-US\sermouse.sys.mui **HIDDEN**
11:09:15.501 File: C:\Windows\system32\drivers\en-US\serscan.sys.mui **HIDDEN**
11:09:16.535 File: C:\Windows\system32\drivers\en-US\SISAGP.SYS.mui **HIDDEN**
11:09:17.539 File: C:\Windows\system32\drivers\en-US\srv.sys.mui **HIDDEN**
11:09:18.538 File: C:\Windows\system32\drivers\en-US\stcusb.sys.mui **HIDDEN**
11:09:19.491 File: C:\Windows\system32\drivers\en-US\tpm.sys.mui **HIDDEN**
11:09:20.394 File: C:\Windows\system32\drivers\en-US\UAGP35.SYS.mui **HIDDEN**
11:09:21.305 File: C:\Windows\system32\drivers\en-US\ULIAGPKX.SYS.mui **HIDDEN**
11:09:22.197 File: C:\Windows\system32\drivers\en-US\umbus.sys.mui **HIDDEN**
11:09:23.109 File: C:\Windows\system32\drivers\en-US\VIAAGP.SYS.mui **HIDDEN**
11:09:24.181 File: C:\Windows\system32\drivers\en-US\viac7.sys.mui **HIDDEN**
11:09:25.130 File: C:\Windows\system32\drivers\en-US\volsnap.sys.mui **HIDDEN**
11:09:26.174 File: C:\Windows\system32\drivers\en-US\wacompen.sys.mui **HIDDEN**
11:09:27.156 File: C:\Windows\system32\drivers\en-US\wd.sys.mui **HIDDEN**
11:09:28.160 File: C:\Windows\system32\drivers\en-US\wdf01000.sys.mui **HIDDEN**
11:09:29.092 File: C:\Windows\system32\drivers\en-US\yk60x86.sys.mui **HIDDEN**
11:09:57.201 AVAST engine scan C:\Users\Dana
11:19:44.207 Disk 0 MBR has been saved successfully to "C:\Users\Dana\Desktop\MBR.dat"
11:19:44.224 The log file has been saved successfully to "C:\Users\Dana\Desktop\aswMBR.txt"
Re: kontrola logu
jinak ten laptop je mojí ženy ,tak ho moc neznám , ale pracuje hodně pomalu, občas se jí sám restartoval ,sám zapl ,nebo vypl, hodne se seká, zamrzá ,musím ted vypínat dost často na tvrdo, potom po spuštění to dlouho načítá ,přes nejakou kontrolu CHKDSK, pořád teď vyskakují okna s tím že něco přestalo fungovat ,nepracuje správně, průzkumník Windows se restartuje atd ....a pořád dokola, nejde zapnout brána firewall...píše: nepřístupný přístup k paměťovému místu....taky ted občas padne Windows,prostě celé nějaké rozhašené...
Hijacjthis nešel vůbec spustit, pořád to hlásí nějaké chyby , to bylo i u aswMBR, podařilo se to spustit tak na podesáté s nějakýma chybama,ale nejde uložit log,ani do dokumentů ,ani na plochu.....když se chci dostat do dokumentů ,nebo tento počítač,tak to nejde. nebo jen někdy a hned se to sekne, píše restartuje se průzkumník Windows........
musel jsem se vrátit v systéme ,abych vůbec Hijacjthis udělal
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:15:25, on 24.11.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16592)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Dana\Desktop\Nepoužívané\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Dropbox.lnk = Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/beta/SP.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FORMStudioServer207 (FSServer207Service) - Unknown owner - C:\FORM studio server\nxServer207.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1c9a981da0a4030) (gupdate1c9a981da0a4030) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: PandoraService (PanService) - Unknown owner - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8922 bytes
Hijacjthis nešel vůbec spustit, pořád to hlásí nějaké chyby , to bylo i u aswMBR, podařilo se to spustit tak na podesáté s nějakýma chybama,ale nejde uložit log,ani do dokumentů ,ani na plochu.....když se chci dostat do dokumentů ,nebo tento počítač,tak to nejde. nebo jen někdy a hned se to sekne, píše restartuje se průzkumník Windows........
musel jsem se vrátit v systéme ,abych vůbec Hijacjthis udělal
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:15:25, on 24.11.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16592)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Users\Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Dana\Desktop\Nepoužívané\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Dropbox.lnk = Dana\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/beta/SP.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FORMStudioServer207 (FSServer207Service) - Unknown owner - C:\FORM studio server\nxServer207.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1c9a981da0a4030) (gupdate1c9a981da0a4030) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: PandoraService (PanService) - Unknown owner - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8922 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Návod
Kód: Vybrat vše
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cabStáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
jsem do soboty mimo domov, hned jak se vrátím, tak to udělám....
mám to fixovat v novém scanu Hijackthis ??? nevím jestli ten poslední je ještě na ploše..
mám to fixovat v novém scanu Hijackthis ??? nevím jestli ten poslední je ještě na ploše..
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
OK , pak to zkus.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
----------------------------------------------------------------------------
CrystalDiskInfo 6.2.1 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Basic SP2 [6.0 Build 6002] (x86)
Date : 2014/11/29 9:27:57
-- Controller Map ----------------------------------------------------------
- Ricoh SD/MMC Host Controller [ATA]
- Ricoh Memory Stick Controller [ATA]
- Ricoh xD-Picture Card Controller [ATA]
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
+ IDE Channel (0)
- HL-DT-ST CDRW/DVD GCCT10N ATA Device
+ Intel(R) 82801HEM/HBM SATA AHCI Controller [ATA]
- WDC WD1200BEVS-75UST0
- Microsoft iSCSI Initiator [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD1200BEVS-75UST0 : 120,0 GB [0/1/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD1200BEVS-75UST0
----------------------------------------------------------------------------
Model : WDC WD1200BEVS-75UST0
Firmware : 01.01A01
Serial Number : WD-WXC308696388
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/150
Power On Hours : 7226 hod.
Power On Count : 3112 krát
Temperature : 38 C (100 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 161 160 _21 0000000003B6 Čas na roztočení ploten
04 _97 _97 __0 000000000DEE Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001C3A Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000C28 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000077 Počet vypnutí disku
C1 194 194 __0 000000004BE9 Počet cyklů načítání/vymazání
C2 105 _94 __0 000000000026 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000001 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000003 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4333 3038 3639 3633 3838
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3132 3030 4245 5653 2D37 3555 5354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0702 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 0018
090: 0000 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AC00 A77E 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 167A 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 58A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 A1 A0 B6 03 00 00 00 00 00 04 32 00 61 61 EE
020: 0D 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5B 5B 3A 1C 00 00 00 00 00 0A 12 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 28 0C 00 00 00 00 00 C0 32
070: 00 C8 C8 77 00 00 00 00 00 00 C1 32 00 C2 C2 E9
080: 4B 00 00 00 00 00 C2 22 00 69 5E 26 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 12
0A0: 00 C8 C8 01 00 00 00 00 00 00 C6 10 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 03 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 C0 12 01 7B
170: 03 00 01 00 02 3C 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E0
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 99
CrystalDiskInfo 6.2.1 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Basic SP2 [6.0 Build 6002] (x86)
Date : 2014/11/29 9:27:57
-- Controller Map ----------------------------------------------------------
- Ricoh SD/MMC Host Controller [ATA]
- Ricoh Memory Stick Controller [ATA]
- Ricoh xD-Picture Card Controller [ATA]
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
+ IDE Channel (0)
- HL-DT-ST CDRW/DVD GCCT10N ATA Device
+ Intel(R) 82801HEM/HBM SATA AHCI Controller [ATA]
- WDC WD1200BEVS-75UST0
- Microsoft iSCSI Initiator [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD1200BEVS-75UST0 : 120,0 GB [0/1/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD1200BEVS-75UST0
----------------------------------------------------------------------------
Model : WDC WD1200BEVS-75UST0
Firmware : 01.01A01
Serial Number : WD-WXC308696388
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/150
Power On Hours : 7226 hod.
Power On Count : 3112 krát
Temperature : 38 C (100 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 161 160 _21 0000000003B6 Čas na roztočení ploten
04 _97 _97 __0 000000000DEE Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001C3A Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000C28 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000077 Počet vypnutí disku
C1 194 194 __0 000000004BE9 Počet cyklů načítání/vymazání
C2 105 _94 __0 000000000026 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000001 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000003 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4333 3038 3639 3633 3838
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3132 3030 4245 5653 2D37 3555 5354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0702 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 0018
090: 0000 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AC00 A77E 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 167A 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 58A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 A1 A0 B6 03 00 00 00 00 00 04 32 00 61 61 EE
020: 0D 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5B 5B 3A 1C 00 00 00 00 00 0A 12 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 28 0C 00 00 00 00 00 C0 32
070: 00 C8 C8 77 00 00 00 00 00 00 C1 32 00 C2 C2 E9
080: 4B 00 00 00 00 00 C2 22 00 69 5E 26 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 12
0A0: 00 C8 C8 01 00 00 00 00 00 00 C6 10 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 03 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 C0 12 01 7B
170: 03 00 01 00 02 3C 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E0
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 99
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 23 hostů