Prosím o kontrolu logu,problem s NB

Příspěvekod **Orcus** » 02 bře 2015 22:08

OK, ještě Combofix.

Reklama

Petr Kali · Příspěvekod **Petr Kali** » 02 bře 2015 22:10

ComboFix 15-03-01.01 - doma 02.03.2015 21:39:19.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1839 [GMT 1:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\doma\AppData\Local\Temp\{7FC673BA-274C-45BE-AA5D-34DEA56EDA5A}\ISRT.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-02 do 2015-03-02 )))))))))))))))))))))))))))))))
.
.
2015-03-02 20:50 . 2015-03-02 20:50 -------- d-----w- c:\users\doma\AppData\Local\temp
2015-03-02 20:50 . 2015-03-02 20:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-03-02 20:50 . 2015-03-02 20:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-02 19:21 . 2015-03-02 19:21 -------- d-----w- c:\programdata\Validity
2015-03-02 19:08 . 2015-03-02 18:25 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-02 14:08 . 2015-03-02 17:58 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-03-02 14:08 . 2015-03-02 17:54 -------- d-----w- c:\programdata\RogueKiller
2015-02-28 23:33 . 2015-03-01 10:02 -------- d-----w- C:\AdwCleaner
2015-02-28 19:10 . 2015-02-28 19:10 -------- d-----w- c:\program files\Mozilla Maintenance Service
2015-02-28 19:10 . 2015-02-23 13:01 923152 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2015-02-28 19:10 . 2015-02-23 10:50 169584 ----a-w- c:\program files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2015-02-28 19:10 . 2013-10-05 09:38 970912 ----a-w- c:\program files\Mozilla Firefox\msvcr120.dll
2015-02-28 19:10 . 2013-10-05 09:38 455328 ----a-w- c:\program files\Mozilla Firefox\msvcp120.dll
2015-02-28 19:10 . 2013-08-22 05:03 3466856 ----a-w- c:\program files\Mozilla Firefox\d3dcompiler_47.dll
2015-02-27 20:13 . 2015-02-16 03:21 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC7C2F55-460E-4E18-8DDD-BB1E607FDEF6}\mpengine.dll
2015-02-27 19:38 . 2014-11-13 13:18 291352 ----a-w- c:\windows\system32\aswBoot.exe
2015-02-27 19:13 . 2015-02-27 19:14 -------- d-----w- c:\program files\Mozilla Firefox(7)
2015-02-25 17:38 . 2015-02-25 17:38 -------- d-----w- c:\program files\Common Files\Skype
2015-02-23 06:41 . 2015-02-23 06:41 -------- d-----w- c:\windows\system32\vbox
2015-02-12 03:29 . 2015-01-23 03:00 1810944 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 10:01 . 2015-01-13 01:39 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-07 07:56 . 2015-02-07 08:56 5070512 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2015-02-02 17:40 . 2015-02-02 17:44 -------- d-----w- C:\totalcmd
2015-02-02 17:40 . 2015-02-02 17:40 -------- d-----w- c:\users\doma\AppData\Roaming\GHISLER
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-01 09:34 . 2014-09-13 10:18 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-07 08:56 . 2012-09-14 09:33 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-07 08:56 . 2012-07-22 13:31 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-21 20:22 . 2015-01-21 20:25 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-22 23:50 . 2010-02-27 08:58 249488 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-13 13:18 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2000-01-01 458844]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2014-11-17 448856]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-01-20 21:02 5496600 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2014-11-17 08:11 448856 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2014-01-10 05:26 1861968 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent]
2008-12-10 17:56 842816 ----a-w- c:\program files\DigitalPersona\Bin\DpAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3810265174-1972376959-2373567011-1000]
"EnableNotificationsRef"=dword:00000002
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2000-01-01 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 08:56]
.
2014-04-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-05 14:54]
.
.
------- Doplňkový sken -------
.
mStart Page = www.google.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\z0w8ru7i.default\
FF - prefs.js: browser.startup.homepage - about:home
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-03-02 21:50
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet011\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden]
"{6D31FCD2-64F7-4E43-8E18-5A2BBA7D13C9}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAaPXFd0N1bStp5Svcp82VdAAAAAASAAACgAAAAEAAAAB88aZEVqzKlOSkmAvkAa5gIAAAACjm4olc7AagUAAAAMbBA0xCZjUuDowoDd2+PoJ87tis="
"{2338F5D5-2437-4FC3-9005-A01804321264}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAkPXr4TPf5c4+DiZXO8pdkAAAAAASAAACgAAAAEAAAAAgWZEXKJPd5V74/xZ11JyIYAAAABk0pijJR8rspASSUL/vozSWHCfi51X/MFAAAAGSXAx75VwtjCdPXT/KMaq2vERqM"
.
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden\DeltaClock]
"LastSynchronizationClock"=hex(b):f0,c5,01,ee,80,b3,d1,08
"DeltaClock"=hex(b):49,cd,e9,fc,ff,ff,ff,ff
"LastNtpServer"="time.nist.gov"
.
[HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(764)
c:\windows\system32\DPPWDFLT.dll
.
Celkový čas: 2015-03-02 21:54:18
ComboFix-quarantined-files.txt 2015-03-02 20:54
.
Před spuštěním: 2 394 726 400
Po spuštění: 2 303 770 624
.
- - End Of File - - 91D5D4CBAEE4CF8619684919FE1AACEA
5C86ADEC17B739C437E145E3B3FC2E6D

Příspěvekod **Orcus** » 03 bře 2015 08:16

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::

KillAll::

File::
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\Adobe Flash Player Updater.job

RegLock::
.
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden]
"{6D31FCD2-64F7-4E43-8E18-5A2BBA7D13C9}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAaPXFd0N1bStp5Svcp82VdAAAAAASAAACgAAAAEAAAAB88aZEVqzKlOSkmAvkAa5gIAAAACjm4olc7AagUAAAAMbBA0xCZjUuDowoDd2+PoJ87tis="
"{2338F5D5-2437-4FC3-9005-A01804321264}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAkPXr4TPf5c4+DiZXO8pdkAAAAAASAAACgAAAAEAAAAAgWZEXKJPd5V74/xZ11JyIYAAAABk0pijJR8rspASSUL/vozSWHCfi51X/MFAAAAGSXAx75VwtjCdPXT/KMaq2vERqM"
.
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden\DeltaClock]
"LastSynchronizationClock"=hex(b):f0,c5,01,ee,80,b3,d1,08
"DeltaClock"=hex(b):49,cd,e9,fc,ff,ff,ff,ff
"LastNtpServer"="time.nist.gov"
.

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Petr Kali · Příspěvekod **Petr Kali** » 03 bře 2015 13:05

ComboFix 15-03-01.01 - doma 03.03.2015 12:20:05.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1786 [GMT 1:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\doma\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\Google Software Updater.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-03 do 2015-03-03 )))))))))))))))))))))))))))))))
.
.
2015-03-03 11:30 . 2015-03-03 11:45 -------- d-----w- c:\users\doma\AppData\Local\temp
2015-03-03 11:30 . 2015-03-03 11:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-03-03 11:30 . 2015-03-03 11:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-02 19:21 . 2015-03-02 19:21 -------- d-----w- c:\programdata\Validity
2015-03-02 19:08 . 2015-03-02 18:25 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-02 14:08 . 2015-03-02 17:58 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-03-02 14:08 . 2015-03-02 17:54 -------- d-----w- c:\programdata\RogueKiller
2015-02-28 23:33 . 2015-03-01 10:02 -------- d-----w- C:\AdwCleaner
2015-02-28 19:10 . 2015-02-28 19:10 -------- d-----w- c:\program files\Mozilla Maintenance Service
2015-02-28 19:10 . 2015-02-23 13:01 923152 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2015-02-28 19:10 . 2015-02-23 10:50 169584 ----a-w- c:\program files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2015-02-28 19:10 . 2013-10-05 09:38 970912 ----a-w- c:\program files\Mozilla Firefox\msvcr120.dll
2015-02-28 19:10 . 2013-10-05 09:38 455328 ----a-w- c:\program files\Mozilla Firefox\msvcp120.dll
2015-02-28 19:10 . 2013-08-22 05:03 3466856 ----a-w- c:\program files\Mozilla Firefox\d3dcompiler_47.dll
2015-02-27 19:38 . 2014-11-13 13:18 291352 ----a-w- c:\windows\system32\aswBoot.exe
2015-02-27 19:13 . 2015-02-27 19:14 -------- d-----w- c:\program files\Mozilla Firefox(7)
2015-02-25 17:38 . 2015-02-25 17:38 -------- d-----w- c:\program files\Common Files\Skype
2015-02-23 06:41 . 2015-02-23 06:41 -------- d-----w- c:\windows\system32\vbox
2015-02-12 03:29 . 2015-01-23 03:00 1810944 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 10:01 . 2015-01-13 01:39 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-07 07:56 . 2015-02-07 08:56 5070512 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2015-02-02 17:40 . 2015-02-02 17:44 -------- d-----w- C:\totalcmd
2015-02-02 17:40 . 2015-02-02 17:40 -------- d-----w- c:\users\doma\AppData\Roaming\GHISLER
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-01 09:34 . 2014-09-13 10:18 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-16 03:21 . 2015-02-27 20:13 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EC7C2F55-460E-4E18-8DDD-BB1E607FDEF6}\mpengine.dll
2015-02-07 08:56 . 2012-09-14 09:33 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-07 08:56 . 2012-07-22 13:31 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-21 20:22 . 2015-01-21 20:25 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-22 23:50 . 2010-02-27 08:58 249488 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-13 13:18 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2000-01-01 458844]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2014-11-17 448856]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-01-20 21:02 5496600 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2014-11-17 08:11 448856 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2014-01-10 05:26 1861968 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent]
2008-12-10 17:56 842816 ----a-w- c:\program files\DigitalPersona\Bin\DpAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3810265174-1972376959-2373567011-1000]
"EnableNotificationsRef"=dword:00000002
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2000-01-01 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 08:56]
.
2014-04-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-05 14:54]
.
.
------- Doplňkový sken -------
.
mStart Page = www.google.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\z0w8ru7i.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-03-03 12:45
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet011\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden]
"{6D31FCD2-64F7-4E43-8E18-5A2BBA7D13C9}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAaPXFd0N1bStp5Svcp82VdAAAAAASAAACgAAAAEAAAAB88aZEVqzKlOSkmAvkAa5gIAAAACjm4olc7AagUAAAAMbBA0xCZjUuDowoDd2+PoJ87tis="
"{2338F5D5-2437-4FC3-9005-A01804321264}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAkPXr4TPf5c4+DiZXO8pdkAAAAAASAAACgAAAAEAAAAAgWZEXKJPd5V74/xZ11JyIYAAAABk0pijJR8rspASSUL/vozSWHCfi51X/MFAAAAGSXAx75VwtjCdPXT/KMaq2vERqM"
.
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden\DeltaClock]
"LastSynchronizationClock"=hex(b):f0,c5,01,ee,80,b3,d1,08
"DeltaClock"=hex(b):49,cd,e9,fc,ff,ff,ff,ff
"LastNtpServer"="time.nist.gov"
.
[HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(700)
c:\windows\system32\DPPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(4108)
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\atiesrxx.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\Hpservice.exe
c:\program files\Realtek\Audio\HDA\RtkAudioService.exe
c:\program files\Realtek\Audio\HDA\RtHDVBg.exe
c:\windows\system32\vcsFPService.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\windows\System32\lpksetup.exe
c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\SMINST\BLService.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\msiexec.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\mcupdate.EXE
.
**************************************************************************
.
Celkový čas: 2015-03-03 12:56:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-03 11:53
ComboFix2.txt 2015-03-02 20:54
.
Před spuštěním: 3 153 571 840
Po spuštění: Volných bajtů: 12 975 267 840
.
- - End Of File - - FCD369A82B6FB0E8AFC402BE9F6A7955
5C86ADEC17B739C437E145E3B3FC2E6D

Petr Kali · Příspěvekod **Petr Kali** » 03 bře 2015 13:21

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-03-03 13:06:43
-----------------------------
13:06:43.967 OS Version: Windows 6.0.6002 Service Pack 2
13:06:43.968 Number of processors: 2 586 0x1706
13:06:43.969 ComputerName: DOMA-PC UserName: doma
13:06:46.673 Initialize success
13:06:46.683 VM: initialized successfully
13:06:46.685 VM: Intel CPU BiosDisabled
13:06:51.869 AVAST engine defs: 15030300
13:08:15.096 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
13:08:15.099 Disk 0 Vendor: ST9320320AS HP07 Size: 305245MB BusType: 3
13:08:15.501 Disk 0 MBR read successfully
13:08:15.506 Disk 0 MBR scan
13:08:15.511 Disk 0 unknown MBR code
13:08:21.579 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 296376 MB offset 2048
13:08:21.630 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8865 MB offset 606980096
13:08:21.777 Disk 0 scanning sectors +625135616
13:08:22.502 Disk 0 scanning C:\Windows\system32\drivers
13:09:51.065 Service scanning
13:10:25.290 Modules scanning
13:10:25.648 Disk 0 statistics 119702/0/0 @ 0,64 MB/s
13:10:25.662 Scan finished successfully
13:10:49.404 Disk 0 MBR has been saved successfully to "C:\Users\doma\Desktop\MBR.dat"
13:10:49.410 The log file has been saved successfully to "C:\Users\doma\Desktop\aswMBR.txt"

Neustále přetrvává problem s blikajícímy ikonamy na ploše. Firefox se chová nestabilně, někdy nenačte stránku někdy jo.Když v tomto stavu dám Správce úloh v zatížení CPU to lítá nahoru a dolu od5 do75%.

Příspěvekod **jaro3** » 03 bře 2015 18:23

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\Google Software Updater.job

Folder::
c:\program files\Spybot - Search & Destroy
c:\program files\Google\Common\Google Updater

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

RegNull::
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden]
"{6D31FCD2-64F7-4E43-8E18-5A2BBA7D13C9}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAaPXFd0N1bStp5Svcp82VdAAAAAASAAACgAAAAEAAAAB88aZEVqzKlOSkmAvkAa5gIAAAACjm4olc7AagUAAAAMbBA0xCZjUuDowoDd2+PoJ87tis="
"{2338F5D5-2437-4FC3-9005-A01804321264}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAkPXr4TPf5c4+DiZXO8pdkAAAAAASAAACgAAAAEAAAAAgWZEXKJPd5V74/xZ11JyIYAAAABk0pijJR8rspASSUL/vozSWHCfi51X/MFAAAAGSXAx75VwtjCdPXT/KMaq2vERqM"
.
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden\DeltaClock]
"LastSynchronizationClock"=hex(b):f0,c5,01,ee,80,b3,d1,08
"DeltaClock"=hex(b):49,cd,e9,fc,ff,ff,ff,ff
"LastNtpServer"="time.nist.gov"
.
[HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

RegLock::
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden]
"{6D31FCD2-64F7-4E43-8E18-5A2BBA7D13C9}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAaPXFd0N1bStp5Svcp82VdAAAAAASAAACgAAAAEAAAAB88aZEVqzKlOSkmAvkAa5gIAAAACjm4olc7AagUAAAAMbBA0xCZjUuDowoDd2+PoJ87tis="
"{2338F5D5-2437-4FC3-9005-A01804321264}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAARfnd/goQEU6ax4sWZWjAAgAAAAACAAAAAAADZgAAqAAAABAAAAAkPXr4TPf5c4+DiZXO8pdkAAAAAASAAACgAAAAEAAAAAgWZEXKJPd5V74/xZ11JyIYAAAABk0pijJR8rspASSUL/vozSWHCfi51X/MFAAAAGSXAx75VwtjCdPXT/KMaq2vERqM"
.
[HKEY_USERS\S-1-5-21-3810265174-1972376959-2373567011-1000_Classes\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden\DeltaClock]
"LastSynchronizationClock"=hex(b):f0,c5,01,ee,80,b3,d1,08
"DeltaClock"=hex(b):49,cd,e9,fc,ff,ff,ff,ff
"LastNtpServer"="time.nist.gov"
.
[HKEY_LOCAL_MACHINE\system\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Petr Kali · Příspěvekod **Petr Kali** » 04 bře 2015 00:11

ComboFix 15-03-01.01 - doma 03.03.2015 23:18:44.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1689 [GMT 1:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\doma\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Google Software Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Common\Google Updater
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy\advcheck.dll
c:\program files\Spybot - Search & Destroy\aports.dll
c:\program files\Spybot - Search & Destroy\blindman.exe
c:\program files\Spybot - Search & Destroy\DAKIKJMAA.scr
c:\program files\Spybot - Search & Destroy\Default configuration.ini
c:\program files\Spybot - Search & Destroy\DelZip179.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.dap.gif
c:\program files\Spybot - Search & Destroy\Dummies\dummy.data.xml
c:\program files\Spybot - Search & Destroy\Dummies\dummy.default.gif
c:\program files\Spybot - Search & Destroy\Dummies\dummy.related.htm
c:\program files\Spybot - Search & Destroy\Help\Brasil.license.txt
c:\program files\Spybot - Search & Destroy\Help\Cesky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Deutsch.license.txt
c:\program files\Spybot - Search & Destroy\Help\English.chm
c:\program files\Spybot - Search & Destroy\Help\English.license.txt
c:\program files\Spybot - Search & Destroy\Help\Espanol.license.txt
c:\program files\Spybot - Search & Destroy\Help\Francais.license.txt
c:\program files\Spybot - Search & Destroy\Help\Hellenic.license.txt
c:\program files\Spybot - Search & Destroy\Help\Italiano.license.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.ansi.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.txt
c:\program files\Spybot - Search & Destroy\Help\Korean.license.txt
c:\program files\Spybot - Search & Destroy\Help\Nederlands.license.txt
c:\program files\Spybot - Search & Destroy\Help\Polski.license.txt
c:\program files\Spybot - Search & Destroy\Help\Russkiy.license.txt
c:\program files\Spybot - Search & Destroy\Help\Slovensky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Srpski.license.txt
c:\program files\Spybot - Search & Destroy\Help\Suomi.license.txt
c:\program files\Spybot - Search & Destroy\Includes\Adware-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Adware-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\Adware-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\Adware.sbi
c:\program files\Spybot - Search & Destroy\Includes\AdwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Browserpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\CLSIDs.sbs
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbi
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbs
c:\program files\Spybot - Search & Destroy\Includes\Dialer-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Dialer-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\Dialer-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbi
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbs
c:\program files\Spybot - Search & Destroy\Includes\DialerC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Domains.sbs
c:\program files\Spybot - Search & Destroy\Includes\Fraud-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Fraud-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\Fraud-002.sbi
c:\program files\Spybot - Search & Destroy\Includes\Fraud-003.sbi
c:\program files\Spybot - Search & Destroy\Includes\HeavyDuty.sbi
c:\program files\Spybot - Search & Destroy\Includes\Hijackers-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Hijackers-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\Hijackers-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\Hijackers.sbi
c:\program files\Spybot - Search & Destroy\Includes\HijackersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\iPhone-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\iPhone.sbi
c:\program files\Spybot - Search & Destroy\Includes\Keyloggers-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Keyloggers-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\Keyloggers.sbi
c:\program files\Spybot - Search & Destroy\Includes\KeyloggersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Logs.uts
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbi
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbs
c:\program files\Spybot - Search & Destroy\Includes\Malware-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware-002.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware-003.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware-004.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware-005.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware-006.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware-007.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\Malware.sbi
c:\program files\Spybot - Search & Destroy\Includes\MalwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\OperaPlugins.sbs
c:\program files\Spybot - Search & Destroy\Includes\ProcWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\PUPS-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPS-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPS-002.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPS-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPS.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPSC.sbi
c:\program files\Spybot - Search & Destroy\Includes\RegWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\RegXLinks.sbs
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbi
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbs
c:\program files\Spybot - Search & Destroy\Includes\Searchpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\Security-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Security-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\Security.sbi
c:\program files\Spybot - Search & Destroy\Includes\SecurityC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Services.sbs
c:\program files\Spybot - Search & Destroy\Includes\Spybots.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpybotsC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Spyware-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Spyware-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\Spyware-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\Spyware.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpywareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Startup.tnfo
c:\program files\Spybot - Search & Destroy\Includes\Targets.nfo
c:\program files\Spybot - Search & Destroy\Includes\Tracks.uti
c:\program files\Spybot - Search & Destroy\Includes\Trojans-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-002.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-003.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-004.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-005.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-006.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-007.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-008.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-009.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-C.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-OG-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-TD-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-001.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-002.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-003.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-004.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-005.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-006.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-007.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-008.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-009.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-010.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-011.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-012.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-013.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-014.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-015.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-016.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-017.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-018.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-019.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-020.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-021.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-022.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-023.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-VM-024.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-ZB-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans-ZL-000.sbi
c:\program files\Spybot - Search & Destroy\Includes\Trojans.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-02.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-03.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-04.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-05.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC.sbi
c:\program files\Spybot - Search & Destroy\Includes\TTLASSH.sbs
c:\program files\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs
c:\program files\Spybot - Search & Destroy\Includes\X509White.sbs
c:\program files\Spybot - Search & Destroy\JSBEYELBJURK.scr
c:\program files\Spybot - Search & Destroy\Languages\Afrikaans.sbl
c:\program files\Spybot - Search & Destroy\Languages\Arabic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Azeri.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bahasa Indonesia.sbl
c:\program files\Spybot - Search & Destroy\Languages\Belarusskiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bosanski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Brasil.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bulgarski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Catalan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Cesky.sbl
c:\program files\Spybot - Search & Destroy\Languages\Dansk.sbl
c:\program files\Spybot - Search & Destroy\Languages\Deutsch.sbl
c:\program files\Spybot - Search & Destroy\Languages\Eesti.sbl
c:\program files\Spybot - Search & Destroy\Languages\English.sbl
c:\program files\Spybot - Search & Destroy\Languages\Espanol.sbl
c:\program files\Spybot - Search & Destroy\Languages\Esperanto.sbl
c:\program files\Spybot - Search & Destroy\Languages\Euskera.sbl
c:\program files\Spybot - Search & Destroy\Languages\Farsi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Francais.sbl
c:\program files\Spybot - Search & Destroy\Languages\Furlan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Galego.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hebrew.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hellenic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hindi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hrvatski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Chinese (simplified).sbl
c:\program files\Spybot - Search & Destroy\Languages\Chinese (traditional).sbl
c:\program files\Spybot - Search & Destroy\Languages\Islenska.sbl
c:\program files\Spybot - Search & Destroy\Languages\Italiano.sbl
c:\program files\Spybot - Search & Destroy\Languages\Japanese.sbl
c:\program files\Spybot - Search & Destroy\Languages\Korean.sbl
c:\program files\Spybot - Search & Destroy\Languages\Latvian.sbl
c:\program files\Spybot - Search & Destroy\Languages\Letzebuergesch.sbl
c:\program files\Spybot - Search & Destroy\Languages\Lietuviu.sbl
c:\program files\Spybot - Search & Destroy\Languages\Magyar.sbl
c:\program files\Spybot - Search & Destroy\Languages\Makedonski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Melayu.sbl
c:\program files\Spybot - Search & Destroy\Languages\Nederlands.sbl
c:\program files\Spybot - Search & Destroy\Languages\Norsk.sbl
c:\program files\Spybot - Search & Destroy\Languages\Polski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Portugues.sbl
c:\program files\Spybot - Search & Destroy\Languages\Romaneste.sbl
c:\program files\Spybot - Search & Destroy\Languages\Russkiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Shqip.sbl
c:\program files\Spybot - Search & Destroy\Languages\Slovenscina.sbl
c:\program files\Spybot - Search & Destroy\Languages\Slovensky.sbl
c:\program files\Spybot - Search & Destroy\Languages\Srpski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Suomi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Svenska.sbl
c:\program files\Spybot - Search & Destroy\Languages\Thai.sbl
c:\program files\Spybot - Search & Destroy\Languages\Turkce.sbl
c:\program files\Spybot - Search & Destroy\Languages\Ukrainian.sbl
c:\program files\Spybot - Search & Destroy\Languages\Uzbek.sbl
c:\program files\Spybot - Search & Destroy\messages.zres
c:\program files\Spybot - Search & Destroy\OptOut.ini
c:\program files\Spybot - Search & Destroy\Plugins\Fennel.dll
c:\program files\Spybot - Search & Destroy\Plugins\Chai.dll
c:\program files\Spybot - Search & Destroy\Plugins\Mate.dll
c:\program files\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
c:\program files\Spybot - Search & Destroy\QKDGOYJN.scr
c:\program files\Spybot - Search & Destroy\SDFiles.exe
c:\program files\Spybot - Search & Destroy\SDHelper.dll
c:\program files\Spybot - Search & Destroy\SDIZYPL.scr
c:\program files\Spybot - Search & Destroy\SDMain.exe
c:\program files\Spybot - Search & Destroy\SDShred.exe
c:\program files\Spybot - Search & Destroy\SDUpdate.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\Spybot - Search & Destroy\Skins\Colorblind.ini
c:\program files\Spybot - Search & Destroy\Skins\Italia.ini
c:\program files\Spybot - Search & Destroy\Skins\Italia.jpg
c:\program files\Spybot - Search & Destroy\Skins\Peace.ini
c:\program files\Spybot - Search & Destroy\Skins\Peace.jpg
c:\program files\Spybot - Search & Destroy\SpybotSD.exe
c:\program files\Spybot - Search & Destroy\sqlite3.dll
c:\program files\Spybot - Search & Destroy\TeaTimer.exe
c:\program files\Spybot - Search & Destroy\Tools.dll
c:\program files\Spybot - Search & Destroy\unins000.dat
c:\program files\Spybot - Search & Destroy\unins000.exe
c:\program files\Spybot - Search & Destroy\unins000.msg
c:\program files\Spybot - Search & Destroy\UninsSrv.dll
c:\program files\Spybot - Search & Destroy\Update.exe
c:\program files\Spybot - Search & Destroy\Updates\advcheck165.exe
c:\program files\Spybot - Search & Destroy\Updates\advcheck165.zip
c:\program files\Spybot - Search & Destroy\Updates\clsid.zip
c:\program files\Spybot - Search & Destroy\Updates\downloaded.ini
c:\program files\Spybot - Search & Destroy\Updates\lang.cesky.zip
c:\program files\Spybot - Search & Destroy\Updates\online.ini
c:\program files\Spybot - Search & Destroy\Updates\online.ini.uiz
c:\program files\Spybot - Search & Destroy\Updates\teatimer166.exe
c:\program files\Spybot - Search & Destroy\Updates\teatimer166.zip
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SBSDWSCService
-------\Service_SBSDWSCService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-03 do 2015-03-03 )))))))))))))))))))))))))))))))
.
.
2015-03-03 22:30 . 2015-03-03 22:30 -------- d-----w- c:\users\doma\AppData\Local\CrashDumps
2015-03-03 22:30 . 2015-03-03 22:58 -------- d-----w- c:\users\doma\AppData\Local\temp
2015-03-03 22:30 . 2015-03-03 22:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-03-03 22:30 . 2015-03-03 22:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-02 19:21 . 2015-03-02 19:21 -------- d-----w- c:\programdata\Validity
2015-03-02 19:08 . 2015-03-02 18:25 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-02 14:08 . 2015-03-02 17:58 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-03-02 14:08 . 2015-03-02 17:54 -------- d-----w- c:\programdata\RogueKiller
2015-02-28 23:33 . 2015-03-01 10:02 -------- d-----w- C:\AdwCleaner
2015-02-28 19:10 . 2015-02-28 19:10 -------- d-----w- c:\program files\Mozilla Maintenance Service
2015-02-28 19:10 . 2015-02-23 13:01 923152 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2015-02-28 19:10 . 2015-02-23 10:50 169584 ----a-w- c:\program files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2015-02-28 19:10 . 2013-10-05 09:38 970912 ----a-w- c:\program files\Mozilla Firefox\msvcr120.dll
2015-02-28 19:10 . 2013-10-05 09:38 455328 ----a-w- c:\program files\Mozilla Firefox\msvcp120.dll
2015-02-28 19:10 . 2013-08-22 05:03 3466856 ----a-w- c:\program files\Mozilla Firefox\d3dcompiler_47.dll
2015-02-27 19:38 . 2014-11-13 13:18 291352 ----a-w- c:\windows\system32\aswBoot.exe
2015-02-27 19:13 . 2015-02-27 19:14 -------- d-----w- c:\program files\Mozilla Firefox(7)
2015-02-25 17:38 . 2015-02-25 17:38 -------- d-----w- c:\program files\Common Files\Skype
2015-02-23 06:41 . 2015-02-23 06:41 -------- d-----w- c:\windows\system32\vbox
2015-02-12 03:29 . 2015-01-23 03:00 1810944 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 10:01 . 2015-01-13 01:39 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-07 07:56 . 2015-02-07 08:56 5070512 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2015-02-02 17:40 . 2015-02-02 17:44 -------- d-----w- C:\totalcmd
2015-02-02 17:40 . 2015-02-02 17:40 -------- d-----w- c:\users\doma\AppData\Roaming\GHISLER
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-01 09:34 . 2014-09-13 10:18 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-16 03:21 . 2015-03-03 22:04 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{51AC780B-0E2B-4EFE-BBC0-B761BCF051EB}\mpengine.dll
2015-02-07 08:56 . 2012-09-14 09:33 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-07 08:56 . 2012-07-22 13:31 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-21 20:22 . 2015-01-21 20:25 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-22 23:50 . 2010-02-27 08:58 249488 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-13 13:18 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2000-01-01 458844]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2014-11-17 448856]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-01-20 21:02 5496600 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2014-11-17 08:11 448856 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2014-01-10 05:26 1861968 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent]
2008-12-10 17:56 842816 ----a-w- c:\program files\DigitalPersona\Bin\DpAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3810265174-1972376959-2373567011-1000]
"EnableNotificationsRef"=dword:00000002
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2000-01-01 81920]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 08:56]
.
.
------- Doplňkový sken -------
.
mStart Page = www.google.com
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\z0w8ru7i.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet011\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(764)
c:\windows\system32\DPPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(5396)
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\atiesrxx.exe
c:\windows\system32\Hpservice.exe
c:\program files\Realtek\Audio\HDA\RtkAudioService.exe
c:\program files\Realtek\Audio\HDA\RtHDVBg.exe
c:\windows\system32\vcsFPService.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\SMINST\BLService.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\msiexec.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
.
**************************************************************************
.
Celkový čas: 2015-03-04 00:09:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-03 23:09
ComboFix2.txt 2015-03-03 11:56
ComboFix3.txt 2015-03-02 20:54
.
Před spuštěním: Volných bajtů: 13 393 911 808
Po spuštění: Volných bajtů: 12 101 410 816
.
- - End Of File - - 5D329BEFE179AE11828FA4BD64EC4676
5C86ADEC17B739C437E145E3B3FC2E6D

Petr Kali · Příspěvekod **Petr Kali** » 04 bře 2015 00:15

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:14:48, on 4.3.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Users\doma\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe

--
End of file - 8654 bytes

Příspěvekod **Orcus** » 04 bře 2015 06:17

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

Petr Kali · Příspěvekod **Petr Kali** » 04 bře 2015 12:42

# DelFix v10.9 - Logfile created 04/03/2015 at 12:35:59
# Updated 27/02/2015 by Xplode
# Username : doma - DOMA-PC
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\_OTL
Deleted : C:\_OTM
Deleted : C:\Combofix
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-01-14-215341.log
Deleted : C:\Users\doma\Desktop\HiJackThis.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #4635 [Odebrání jazykové sady | 02/24/2015 08:51:34]
Deleted : RP #4636 [Odebrání jazykové sady | 02/25/2015 06:02:20]
Deleted : RP #4637 [Windows Update | 02/25/2015 17:21:23]
Deleted : RP #4638 [Odebrání jazykové sady | 02/26/2015 07:56:02]
Deleted : RP #4639 [Odebrání jazykové sady | 02/27/2015 03:08:00]
Deleted : RP #4640 [Windows Update | 02/27/2015 09:19:24]
Deleted : RP #4642 [avast! antivirus system restore point | 02/27/2015 19:31:40]
Deleted : RP #4643 [Odebrání jazykové sady | 02/27/2015 19:51:53]
Deleted : RP #4644 [Windows Update | 02/27/2015 19:53:52]
Deleted : RP #4645 [Windows Update | 02/27/2015 20:12:23]
Deleted : RP #4646 [Odebrání jazykové sady | 02/28/2015 03:28:04]
Deleted : RP #4647 [Odebrání jazykové sady | 02/28/2015 03:54:12]
Deleted : RP #4648 [Odebrání jazykové sady | 02/28/2015 08:22:53]
Deleted : RP #4649 [Odebrání jazykové sady | 02/28/2015 10:56:45]
Deleted : RP #4650 [Odebrání jazykové sady | 02/28/2015 17:09:13]
Deleted : RP #4651 [Odebrání jazykové sady | 02/28/2015 18:20:20]
Deleted : RP #4652 [Odebrání jazykové sady | 02/28/2015 23:36:28]
Deleted : RP #4653 [Odebrání jazykové sady | 03/01/2015 08:26:44]
Deleted : RP #4654 [Odebrání jazykové sady | 03/01/2015 10:19:47]
Deleted : RP #4655 [Odebrání jazykové sady | 03/02/2015 07:24:15]
Deleted : RP #4656 [Odebrání jazykové sady | 03/02/2015 19:36:52]
Deleted : RP #4657 [Odebrání jazykové sady | 03/02/2015 21:16:09]
Deleted : RP #4658 [Odebrání jazykové sady | 03/03/2015 04:09:58]
Deleted : RP #4659 [Odebrání jazykové sady | 03/03/2015 11:13:27]
Deleted : RP #4660 [Odebrání jazykové sady | 03/03/2015 11:58:07]
Deleted : RP #4661 [Windows Update | 03/03/2015 21:56:12]
Deleted : RP #4662 [Odebrání jazykové sady | 03/03/2015 21:56:59]
Deleted : RP #4663 [Odebrání jazykové sady | 03/03/2015 23:11:52]
Deleted : RP #4664 [Odebrání jazykové sady | 03/04/2015 03:21:59]

New restore point created !

########## - EOF - ##########

Příspěvekod **jaro3** » 05 bře 2015 10:02

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Petr Kali · Příspěvekod **Petr Kali** » 05 bře 2015 12:10

To bych rád, ale ten problem se nějak nevyřešil.Ráno jsem zapnul notas a zamrznul hned u prvního zobrazení HP . Nešlo přepnout na žádnou F1-F12, ani vypnout tlačítkem. Musel jsem odpojit napájení a vyhodit baterii. U internettovho porhlížeče(Firefox) který pustím při poklepání na odkaz nereaguje(jenom načítá). Pomůže jenom restart a to ne vždy.Ikony na ploše občas blikají. Nebude problem někde v hardveru?

Prosím o kontrolu logu,problem s NB Vyřešeno

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Re: Prosím o kontrolu logu,problem s NB

Kdo je online