Zdravím a prosím o kontrolu. Předem díky

Zpráva

Ycek · #16 Příspěvek od **Ycek** » 28 lis 2012 20:15

Navíc nejde ani vypnout ve správci úloh

#17 Příspěvek od **vyosek** » 28 lis 2012 20:25

Restart do nouzoveho rezimu a spustte jej tam

Ycek · #18 Příspěvek od **Ycek** » 28 lis 2012 20:38

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
CCleaner
Java(TM) 6 Update 30
Java 7 Update 9
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

#19 Příspěvek od **vyosek** » 28 lis 2012 20:52

Stahnete Service Repair http://kb.eset.com/library/ESET/KB%20Te ... Repair.exe

Ulozte nejlepe na Plochu
Spustte a potvrdte Yes abyste potvrdil reinstalaci sluzeb
Nasledne kliknutim na Yes potvrdte restart PC
Na Plose vznikne slozka CC Support, najdete tam log SvcRepair.txt - mel by byt CC Support\Logs\SvcRepair.txt - vlozte mi jej sem

Ycek · #20 Příspěvek od **Ycek** » 28 lis 2012 21:01

Log Opened: 2012-11-28 @ 20:57:40
20:57:40 - -----------------
20:57:40 - | Begin Logging |
20:57:40 - -----------------
20:57:40 - Fix started on a WIN_7 X86 computer
20:57:40 - Prep in progress. Please Wait.
20:57:42 - Prep complete
20:57:42 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
20:57:44 - Services Repair Complete.
20:57:49 - Reboot Initiated

#21 Příspěvek od **vyosek** » 28 lis 2012 21:38

Znovu udelejte SecurityCheck

Ycek · #22 Příspěvek od **Ycek** » 28 lis 2012 21:43

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
CCleaner
Java(TM) 6 Update 30
Java 7 Update 9
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

#23 Příspěvek od **vyosek** » 28 lis 2012 23:17

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Ycek · #24 Příspěvek od **Ycek** » 29 lis 2012 16:27

ComboFix 12-11-29.02 - noname 29.11.2012 16:18:01.4.2 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3000.2190 [GMT 1:00]
Spuštěný z: d:\download\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Downloaded Installers
c:\program files\Downloaded Installers\{1E91951D-0114-4692-8F55-F95E1B2F3542}\setup.msi
c:\programdata\1350655345.bdinstall.bin
c:\programdata\1350891707.bdinstall.bin
c:\programdata\1350892004.bdinstall.bin
c:\programdata\1350893207.bdinstall.bin
c:\programdata\1350893480.bdinstall.bin
c:\programdata\Roaming
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-28 do 2012-11-29 )))))))))))))))))))))))))))))))
.
.
2012-11-29 15:23 . 2012-11-29 15:23 -------- d-----w- c:\users\noname\AppData\Local\temp
2012-11-29 15:23 . 2012-11-29 15:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-29 15:23 . 2012-11-29 15:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-29 15:23 . 2012-11-29 15:23 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-11-28 15:10 . 2012-11-28 15:10 512 ----a-w- C:\PhysicalMBR.bin
2012-11-25 16:39 . 2012-05-25 11:14 42864 ----a-w- c:\windows\system32\sbbd.exe
2012-11-25 16:39 . 2012-05-25 11:14 101112 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-11-25 16:39 . 2012-11-25 16:39 -------- d-----w- C:\VIPRERESCUE
2012-11-24 15:19 . 2012-11-24 15:19 -------- d-----w- c:\users\noname\AppData\Roaming\MOBILedit
2012-11-24 15:18 . 2012-11-24 15:18 -------- d-----w- c:\program files\Compiled Driver Disk (Nokia)
2012-11-24 15:17 . 2012-11-24 15:17 -------- d-----w- c:\program files\COMPELSON Labs
2012-11-15 10:52 . 2012-11-15 10:52 -------- d-----w- c:\programdata\F-Secure uninstallationtool
2012-11-15 10:31 . 2012-11-15 10:31 -------- d-----w- c:\program files\Common Files\Java
2012-11-15 10:30 . 2012-11-15 10:30 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-14 13:10 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 13:10 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 13:10 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 13:09 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 13:09 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 13:09 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 13:09 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 13:09 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 13:09 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 13:09 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 13:06 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-14 13:06 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-14 13:06 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-14 13:06 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-14 13:06 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-14 13:06 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-14 13:06 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-14 13:06 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-14 13:05 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-14 13:02 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 13:02 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-14 13:02 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-11 07:36 . 2012-11-11 07:36 -------- d-----w- c:\programdata\Sophos
2012-11-11 07:36 . 2012-11-11 07:36 73728 ----a-r- c:\users\noname\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-11-11 07:36 . 2012-11-11 07:36 73728 ----a-r- c:\users\noname\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-11-11 07:36 . 2012-11-11 07:36 73728 ----a-r- c:\users\noname\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2012-11-11 07:36 . 2012-11-11 07:36 -------- d-----w- c:\program files\Sophos
2012-11-06 13:11 . 2012-11-06 13:11 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3319972C-D596-4956-A09F-96BC72CE0C47}\offreg.dll
2012-11-06 10:31 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3319972C-D596-4956-A09F-96BC72CE0C47}\mpengine.dll
2012-11-04 12:27 . 2012-11-04 12:30 -------- d-----w- c:\programdata\Drivers For Free
2012-11-04 12:27 . 2012-11-04 12:27 -------- d-----w- c:\users\noname\AppData\Local\Drivers_For_Free
2012-11-04 12:26 . 2012-11-04 12:26 -------- d-----w- c:\programdata\UAB
2012-11-04 12:26 . 2012-11-04 12:30 -------- d-----w- c:\users\noname\AppData\Roaming\Drivers For Free
2012-11-04 09:58 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-04 09:58 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-04 09:58 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2012-11-04 09:58 . 2012-08-24 16:57 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-04 09:58 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-04 09:58 . 2012-06-02 04:45 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-11-02 13:17 . 2012-11-02 13:17 -------- d-----w- c:\users\Default\AppData\Local\Google
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-15 10:30 . 2012-07-18 17:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-15 10:30 . 2010-10-26 05:33 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-04 14:02 . 2009-12-24 13:31 18860 ----a-w- c:\windows\system32\Nmon7012K.dll
2012-11-04 13:56 . 2012-01-24 05:52 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-10-19 13:59 . 2012-10-19 13:59 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-10-05 16:42 . 2012-06-18 14:26 75776 ----a-w- c:\windows\cadkasdeinst01e.exe
2012-10-03 10:25 . 2012-10-03 10:25 9728 ----a-w- c:\windows\system32\yk62x86ver.dll
2012-09-26 16:33 . 2012-09-26 16:32 14017846 ----a-w- c:\windows\REGBK00.ZIP
2012-09-26 16:30 . 2012-09-26 16:30 23976 ----a-w- c:\windows\system32\drivers\eRootDrv.sys
2012-09-14 18:28 . 2012-10-10 11:35 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-10 09:51 . 2012-09-10 09:51 473248 ----a-w- c:\windows\system32\drivers\avckf.sys
2012-09-10 09:51 . 2012-09-10 09:51 617984 ----a-w- c:\windows\system32\drivers\avc3.sys
2012-09-10 09:50 . 2012-09-10 09:50 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
2012-09-10 09:50 . 2012-09-10 09:50 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
2012-08-31 17:18 . 2012-10-10 11:35 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-25 14:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-25 14:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-25 14:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-25 14:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-02 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-02 151064]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896]
"PC Suite Tray"="d:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
2012-10-25 14:45 16052192 ----a-w- c:\program files\Google\Drive\googledrivesync.exe
.
R0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x]
R0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [x]
R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
R1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x]
R1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [x]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [x]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
R3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys [x]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x]
R3 eRootDrv;eRootDrv;c:\windows\system32\DRIVERS\eRootDrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 hitmanpro36;HitmanPro 3.6 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [x]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
R3 NETw5s32;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x]
S0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\Netwsn00.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
GPSvcGroup REG_MULTI_SZ GPSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-29 11:30]
.
2012-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-29 11:30]
.
2012-11-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-639110540-3213493223-2817070946-1000Core.job
- c:\users\noname\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-16 06:37]
.
2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-639110540-3213493223-2817070946-1000UA.job
- c:\users\noname\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-16 06:37]
.
2012-11-26 c:\windows\Tasks\HPCeeScheduleFornoname.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 02:22]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8457558B-5624-4EFF-B3D2-CFCA63FF5A0B}\02960586F6E656: NameServer = 188.92.8.18,188.92.8.11
TCP: Interfaces\{8457558B-5624-4EFF-B3D2-CFCA63FF5A0B}\2416765647562796560264255454: NameServer = 188.92.8.18,188.92.8.11
TCP: Interfaces\{8457558B-5624-4EFF-B3D2-CFCA63FF5A0B}\24F6C6A716E6F66716E2E45647: NameServer = 188.92.8.18,188.92.8.11
TCP: Interfaces\{8457558B-5624-4EFF-B3D2-CFCA63FF5A0B}\36F627168424F5F46666963656: NameServer = 188.92.8.18,188.92.8.11
TCP: Interfaces\{8457558B-5624-4EFF-B3D2-CFCA63FF5A0B}\84F44554C40205F4440275147554C454D4020205: NameServer = 188.92.8.18,188.92.8.11
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-avgnt - d:\program files\Avira\AntiVir Desktop\avgnt.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2012-11-29 16:25:25
ComboFix-quarantined-files.txt 2012-11-29 15:25
.
Před spuštěním: 8 864 411 648
Po spuštění: Volných bajtů: 10 149 990 400
.
- - End Of File - - 53068CDA6ADE32551D47F5DDDEF90193

#25 Příspěvek od **vyosek** » 30 lis 2012 21:05

v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
MOD - [2012.11.28 15:57:40 | 001,024,024 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\windows._cacheinvalidation.pyd
MOD - [2012.11.28 15:57:40 | 000,792,576 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\wx._gdi_.pyd
MOD - [2012.11.28 15:57:40 | 000,571,392 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\pysqlite2._sqlite.pyd
MOD - [2012.11.28 15:57:40 | 000,263,168 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32com.shell.shell.pyd
MOD - [2012.11.28 15:57:40 | 000,096,256 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32api.pyd
MOD - [2012.11.28 15:57:40 | 000,086,016 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\_elementtree.pyd
MOD - [2012.11.28 15:57:40 | 000,070,656 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\wx._html2.pyd
MOD - [2012.11.28 15:57:40 | 000,040,448 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\_socket.pyd
MOD - [2012.11.28 15:57:40 | 000,023,040 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32ts.pyd
MOD - [2012.11.28 15:57:40 | 000,011,776 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32crypt.pyd
MOD - [2012.11.28 15:57:39 | 001,169,408 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\wx._core_.pyd
MOD - [2012.11.28 15:57:39 | 000,807,424 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\wx._windows_.pyd
MOD - [2012.11.28 15:57:39 | 000,731,136 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\wx._misc_.pyd
MOD - [2012.11.28 15:57:39 | 000,645,120 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\_ssl.pyd
MOD - [2012.11.28 15:57:39 | 000,354,304 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\pythoncom26.dll
MOD - [2012.11.28 15:57:39 | 000,311,808 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\_hashlib.pyd
MOD - [2012.11.28 15:57:39 | 000,121,856 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\wx._wizard.pyd
MOD - [2012.11.28 15:57:39 | 000,111,104 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32file.pyd
MOD - [2012.11.28 15:57:39 | 000,110,592 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32security.pyd
MOD - [2012.11.28 15:57:39 | 000,110,592 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\pywintypes26.dll
MOD - [2012.11.28 15:57:39 | 000,073,728 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\_ctypes.pyd
MOD - [2012.11.28 15:57:39 | 000,039,424 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32inet.pyd
MOD - [2012.11.28 15:57:39 | 000,036,352 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32process.pyd
MOD - [2012.11.28 15:57:39 | 000,022,528 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32pdh.pyd
MOD - [2012.11.28 15:57:39 | 000,017,920 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32profile.pyd
MOD - [2012.11.28 15:57:38 | 001,056,256 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\wx._controls_.pyd
MOD - [2012.11.28 15:57:38 | 000,585,728 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\unicodedata.pyd
MOD - [2012.11.28 15:57:38 | 000,153,088 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\pyexpat.pyd
MOD - [2012.11.28 15:57:38 | 000,017,920 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\win32event.pyd
MOD - [2012.11.28 15:57:38 | 000,011,776 | ---- | M] () -- C:\Users\noname\AppData\Local\Temp\_MEI10842\select.pyd
SRV - File not found [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)
SRV - [2012.10.06 17:01:48 | 003,084,176 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
DRV - [2011.05.19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2010.05.05 08:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)
DRV - [2009.11.02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-639110540-3213493223-2817070946-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-639110540-3213493223-2817070946-1000\..\SearchScopes\{B6F86392-1B41-46F9-907E-23D00B97D55D}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-639110540-3213493223-2817070946-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
CHR - homepage: http://www.ask.com/?l=dis&o=14597cr
CHR - homepage: http://www.ask.com/?l=dis&o=14597cr
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
[2011.07.23 11:08:39 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\AVG10
[2012.10.31 15:52:14 | 000,000,000 | ---D | M] -- C:\Users\noname\AppData\Roaming\Ad-Aware Antivirus
[2011.02.09 14:37:03 | 000,000,000 | ---D | M] -- C:\Users\noname\AppData\Roaming\AVG10
[2012.09.25 13:31:51 | 000,000,000 | ---D | M] -- C:\Users\noname\AppData\Roaming\ESET
[24 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[26 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[3 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]
[2012.06.26 15:03:16 | 000,106,960 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.06.26 15:03:16 | 000,101,328 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.07.02 16:12:50 | 000,183,736 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.07.02 16:12:50 | 000,021,432 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.07.02 16:12:52 | 003,742,648 | ---- | M] (Freeware) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.07.02 16:12:54 | 000,449,976 | ---- | M] (ml) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.08.07 06:25:02 | 000,960,440 | ---- | M] (Samsung) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.07 06:25:04 | 000,278,968 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.07.30 06:17:50 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.07 06:25:02 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.07 06:11:30 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.07 06:17:30 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.07 06:12:24 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.07 06:25:06 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.07.30 06:17:10 | 000,057,344 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.03 07:42:04 | 000,106,960 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.03 07:42:04 | 000,101,328 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.07 06:25:10 | 000,183,736 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.07 06:25:12 | 000,021,432 | ---- | M] () -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.07 06:25:12 | 003,742,648 | ---- | M] (Freeware) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.07.30 06:16:18 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\System32\muzapp.exe
[2012.08.07 06:25:14 | 000,593,848 | ---- | M] (ml) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.07.02 16:12:54 | 000,449,976 | ---- | M] (ml) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.07 06:25:14 | 000,593,848 | ---- | M] (ml) -- C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.11.28 15:57:31 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.28 16:33:04 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.11.25 09:51:12 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-639110540-3213493223-2817070946-1000Core.job
[2012.11.28 16:15:11 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-639110540-3213493223-2817070946-1000UA.job
[2012.11.26 15:01:32 | 000,000,324 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleFornoname.job
@Alternate Data Stream - 6248 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:0E08FC17

:files
C:\Program Files\Emsisoft Anti-Malware
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Ycek · #26 Příspěvek od **Ycek** » 02 pro 2012 10:51

All processes killed
========== OTL ==========
Error: No service named AVP was found to stop!
Service\Driver key AVP not found.
File C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe not found.
Error: No service named a2AntiMalware was found to stop!
Service\Driver key a2AntiMalware not found.
File C:\Program Files\Emsisoft Anti-Malware\a2service.exe not found.
Error: No service named A2DDA was found to stop!
Service\Driver key A2DDA not found.
File C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys not found.
Error: No service named a2util was found to stop!
Service\Driver key a2util not found.
File C:\Program Files\Emsisoft Anti-Malware\a2util32.sys not found.
Error: No service named klmouflt was found to stop!
Service\Driver key klmouflt not found.
File C:\Windows\System32\drivers\klmouflt.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-639110540-3213493223-2817070946-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-639110540-3213493223-2817070946-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B6F86392-1B41-46F9-907E-23D00B97D55D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6F86392-1B41-46F9-907E-23D00B97D55D}\ not found.
HKU\S-1-5-21-639110540-3213493223-2817070946-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to change the HomePage.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\emsisoft anti-malware not found.
File c:\program files\emsisoft anti-malware\a2guard.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
C:\Users\Guest\AppData\Roaming\AVG10\cfgall folder moved successfully.
C:\Users\Guest\AppData\Roaming\AVG10 folder moved successfully.
C:\Users\noname\AppData\Roaming\Ad-Aware Antivirus folder moved successfully.
C:\Users\noname\AppData\Roaming\AVG10\cfgall folder moved successfully.
C:\Users\noname\AppData\Roaming\AVG10 folder moved successfully.
C:\Users\noname\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
C:\Users\noname\AppData\Roaming\ESET folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3294.tmp\System.EnterpriseServices.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3294.tmp\System.EnterpriseServices.Wrapper.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3294.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP408D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP44BF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A2A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5634.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6336.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6D3D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP759C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP859E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8DB4.tmp\System.ServiceModel.Web.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8DB4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP962A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9684.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9B5E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9BFB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAC2D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAF91.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB38A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBD29.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCC18.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDA7C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFB10.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFE7A.tmp folder deleted successfully.
C:\Windows\Installer\MSI204D.tmp deleted successfully.
C:\Windows\Installer\MSI267.tmp deleted successfully.
C:\Windows\Installer\MSI2F13.tmp deleted successfully.
C:\Windows\Installer\MSI2F8A.tmp deleted successfully.
C:\Windows\Installer\MSI2FEF.tmp deleted successfully.
C:\Windows\Installer\MSI30D3.tmp deleted successfully.
C:\Windows\Installer\MSI31EE.tmp deleted successfully.
C:\Windows\Installer\MSI3863.tmp deleted successfully.
C:\Windows\Installer\MSI3AA9.tmp deleted successfully.
C:\Windows\Installer\MSI3B2B.tmp deleted successfully.
C:\Windows\Installer\MSI60C2.tmp deleted successfully.
C:\Windows\Installer\MSI80AB.tmp deleted successfully.
C:\Windows\Installer\MSI82DA.tmp deleted successfully.
C:\Windows\Installer\MSI8466.tmp deleted successfully.
C:\Windows\Installer\MSI8495.tmp deleted successfully.
C:\Windows\Installer\MSI8523.tmp deleted successfully.
C:\Windows\Installer\MSI864C.tmp deleted successfully.
C:\Windows\Installer\MSI8B73.tmp deleted successfully.
C:\Windows\Installer\MSI931C.tmp deleted successfully.
C:\Windows\Installer\MSIAAE.tmp deleted successfully.
C:\Windows\Installer\MSID4ED.tmp deleted successfully.
C:\Windows\Installer\MSID98F.tmp deleted successfully.
C:\Windows\Installer\MSIE9D8.tmp deleted successfully.
C:\Windows\Installer\MSIF089.tmp deleted successfully.
C:\Windows\Installer\MSIF850.tmp deleted successfully.
C:\Windows\Installer\MSIFB97.tmp deleted successfully.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cab55CC.tmp deleted successfully.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Tar55CD.tmp deleted successfully.
C:\Windows\System32\spool\PRINTERS\DSP2D01.tmp deleted successfully.
C:\Windows\System32\spool\PRINTERS\DSP2D02.tmp deleted successfully.
C:\Windows\System32\spool\PRINTERS\DSPDF1F.tmp deleted successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\System32\muzapp.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe moved successfully.
C:\Users\noname\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-639110540-3213493223-2817070946-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-639110540-3213493223-2817070946-1000UA.job moved successfully.
C:\Windows\Tasks\HPCeeScheduleFornoname.job moved successfully.
ADS C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh deleted successfully.
ADS C:\ProgramData\TEMP:CB0AACC9 deleted successfully.
ADS C:\ProgramData\TEMP:0E08FC17 deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\Emsisoft Anti-Malware not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 17782951 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 528 bytes

User: noname
->Temp folder emptied: 9045178 bytes
->Temporary Internet Files folder emptied: 77751943 bytes
->Java cache emptied: 1633602 bytes
->Google Chrome cache emptied: 148726091 bytes
->Flash cache emptied: 1051 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21048 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 991456212 bytes

Total Files Cleaned = 1 189,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: noname
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Guest
->Java cache emptied: 0 bytes

User: noname
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12022012_104843

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Ycek · #27 Příspěvek od **Ycek** » 02 pro 2012 14:51

Teď jsem zjistil, že mi po tom scriptu neběží Outlook a Office vůbec. Když ho chci spustit napíše mi to: systém připravuje instalaci a poté vyskočí chyba 25004Config.Xml not specified; A valid config.xml file must be authored when deploying '(null)'

#28 Příspěvek od **vyosek** » 02 pro 2012 19:44

My jsme ale ve skriptu nic co by melo souvislost s Office nedelali...

Tak vemte jejich instalacni CD a provedte opravu

Ycek · #29 Příspěvek od **Ycek** » 02 pro 2012 23:18

A podle toho logu z OTL už je vše v pořádku?

#30 Příspěvek od **vyosek** » 02 pro 2012 23:54

Ano, OTL udelalo co melo

VIRY.CZ

Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky

Re: Zdravím a prosím o kontrolu. Předem díky