http://www.virustotal.com/cs/analisis/c ... 1276608729
http://www.virustotal.com/cs/analisis/1 ... 1276609204
C:\Windows\System32\rpcnetp.dll - nenalezen
C:\Windows\System32\rpcnetp.exe - nenalezen
Ještě shrnutí závad
- cca každé druhé zapnutí notebooku přestane jít myš (pomocí klávesnice pc jde ovládat), po restartu myš jde, po dalším zase ne
- nejde aktualizovat zabezpečení Microsoft NET framework SP1
- nejde použít normálně OTL (jen nouzový režim)
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: Preventivka
ještě spyware terminator:
Logfile of Spyware Terminator v2.7.2.125 (db:4.006.015.000)
Scan Time: 15.6.2010 16:09:21 length: 2366 s
Platform: W7 (6.1.0.7600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 91029 (Critical:2)
Filter: No System items, No Safe items, No Invalid items
Running Processes
VMCService.exe [Vodafone] : C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
igfxsrvc.exe [Intel Corporation] : C:\Windows\system32\igfxsrvc.exe
SSMMgr.exe : C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PCSuite.exe [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
ServiceLayer.exe [Nokia.] : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
wmpnetwk.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
NclUSBSrv.exe : C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
NclRSSrv.exe : C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
NclMSBTSrv.exe : C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
iexplore.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\iexplore.exe
FlashUtil10e.exe [Adobe Systems, Inc.] : C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
iexplore.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\iexplore.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PC Suite Tray : [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Samsung PanelMgr : : C:\Windows\Samsung\PanelMgr\SSMMgr.exe
Shell Extensions
MF ADTS Property Handler - {80009818-f38f-4af1-87b5-eadab9433e58} - [Microsoft Corporation] : C:\Windows\system32\mf.dll
Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
Protocol Handler
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - [Microsoft Corporation] : C:\Windows\system32\inetcomm.dll
Services
23 - [LSI Corp] : C:\Windows\system32\DRIVERS\AGRSM.sys
23 - [Advanced Micro Devices] : C:\Windows\system32\DRIVERS\amdxata.sys
23 - [AuthenTec, Inc.] : C:\Windows\system32\Drivers\ATSwpWDF.sys
23 - [Broadcom Corporation] : C:\Windows\system32\DRIVERS\b57nd60x.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\bowser.sys
23 - [Microsoft Corporation] : C:\Windows\system32\Drivers\dfsc.sys
23 - [Microsoft Corporation] : C:\Windows\system32\drivers\discache.sys
23 - [ESET] : C:\Windows\system32\DRIVERS\ehdrv.sys
23 - [ESET] : C:\Windows\system32\DRIVERS\epfwwfp.sys
23 - [Intel Corporation] : C:\Windows\system32\DRIVERS\igdkmd32.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\mrxsmb10.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\mssmbios.sys
23 - [Intel Corporation] : C:\Windows\system32\DRIVERS\netw5v32.sys
23 - [REDC] : C:\Windows\system32\DRIVERS\rimmptsk.sys
23 - [REDC] : C:\Windows\system32\DRIVERS\rimsptsk.sys
23 - [REDC] : C:\Windows\system32\DRIVERS\rixdptsk.sys
23 - [Nokia.] : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23 - [Samsung Electronics] : C:\Windows\system32\Drivers\SSPORT.sys
23 - [Vodafone] : C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
23 - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
23 - [Crawler.com] : C:\Windows\system32\drivers\sp_rsdrv2.sys
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\Windows\system32\igfxdev.dll
Threat Files
<Trojan.Dropper.Joiner.dc> : C:\SWTOOLS\APPS\cameracenter\vista3264\setup.exe
<Trojan.Dropper.Joiner.dc> : C:\SWTOOLS\APPS\cameracenter\vista3264-Silent\setup.exe
Advanced Files Report
%SYSDIR%\bzpdf.dll [Bullzip] [Bullzip PDF Writer] MD5=6D3475E2784CFBDDF345DFE736A842DA SIZE=194560
%SYSDIR%\sst1cl3.dll [Language Monitor for Status Monitor] MD5=6DED3515CAA2AB4EF0331BC73D91859B SIZE=22723
%SYSDIR%\spool\PRTPROCS\W32X86\hpzppWN7.dll [Hewlett-Packard Corporation] [HP Print Processor] MD5=C2A44C942EC023CF2D5CF144B0F5D146 SIZE=90624
%SYSDIR%\spool\PRTPROCS\W32X86\sst1cpc.dll [Windows (R) 2000 DDK provider] [Windows (R) 2000 DDK driver] MD5=DD0DA53D125F6BBFCEABBAFEBD70DAD1 SIZE=19968
%SYSDIR%\spool\DRIVERS\W32X86\3\sst1cdu.dll [Windows (R) 2000 DDK provider] [Windows (R) 2000 DDK driver] MD5=DF4E48A810EA19E2B09F3904F2A7F247 SIZE=409600
%SYSDIR%\igd10umd32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=4D0EC3F1B5C4E6549071C7FC74368123 SIZE=2551808
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\PhoneBrowser.dll [Nokia] [Phone Browser] MD5=273F96C16F6B4B4D1E7CA669BFCF4F28 SIZE=614400
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\NGSCM.DLL [Nokia] [Next Gen Suite Common Modules] MD5=6BD1F1E3856E2AF9BC8D82D62F23E28C SIZE=929792
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr [Nokia] [Nokia Phone Browser] MD5=E2FB13634D1810EA8AEB6DFD660E423B SIZE=27136
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr [Nokia] [Nokia Phone Browser] MD5=5058D323DDABFAD0D8D8BC2CAEF73070 SIZE=573440
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [Vodafone] [Vodafone Mobile Connect] MD5=60C4B117ED03861379B2EE54EBFC8581 SIZE=9216
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.WindowsService.Core.dll [Vodafone] [Vodafone Mobile Connect] MD5=D0E5AA3B5BF7C2CC00DE98865023E76A SIZE=67584
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.WindowsService.Messaging.dll [Vodafone] [Vodafone Mobile Connect] MD5=ACCF3726687777F198D293FFBA339362 SIZE=22528
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.DataAccessor.dll [Vodafone] [Vodafone Mobile Connect] MD5=C4DA1F04D8D6F4F496AD95DBB53DD43D SIZE=160256
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.ConnectionServicesInterface.dll [Vodafone] [Vodafone Mobile Connect] MD5=5572CC320021CEE038715BD54F6387A8 SIZE=153088
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.Platform.dll [Vodafone] [Vodafone Mobile Connect] MD5=ABF5595F122AEC9E2CD470DB58802F88 SIZE=290816
%SYSDIR%\hccutils.DLL [Intel Corporation] [Intel(R) Common User Interface] MD5=806D9BC9E5F12B0B6C0A700912270997 SIZE=94208
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=26EDDD650420C84A01CDBDC3545E881B SIZE=51712
%SYSDIR%\igfxrCSY.lrc [Intel Corporation] [Intel(R) Common User Interface] MD5=47421691C2F443A0A10F86A649DDD06D SIZE=282624
%SYSDIR%\igfxress.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=F698E901D6A52E70864ACE9CEC00579F SIZE=5702656
%SYSDIR%\igfxsrvc.exe [Intel Corporation] [Intel(R) Common User Interface] MD5=C8C452E5C8AECD04DA4A2A618399830C SIZE=252952
%SYSDIR%\igfxdev.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=06CC9ECBE18EE6E18B0EA759A763B710 SIZE=216576
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtCore4.dll [Trolltech ASA] [Qt4] MD5=285A5075F1973E9BEB8A12EE3641EEA4 SIZE=2023424
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtGui4.dll [Trolltech ASA] [Qt4] MD5=1CA1F99D167BB19F785F2D8582579CFB SIZE=7331840
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtXml4.dll [Trolltech ASA] [Qt4] MD5=B7AC803CF0DF5FF872DD45D48BBBDA6A SIZE=364544
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtNetwork4.dll [Trolltech ASA] [Qt4] MD5=C15230FC33B7FB9136C1F3FC93DD370C SIZE=806912
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\PCSL.dll [Nokia] [Nokia PCSL] MD5=75563FF603C40F0A5486750E0C486CC2 SIZE=4608
%PROGRAMFILES%\PC Connectivity Solution\ConnAPI.dll [Nokia.] [PC Connectivity Solution] MD5=60971D086DED56D49301F2F24F5B90F5 SIZE=590336
%PROGRAMFILES%\PC Connectivity Solution\DAAPI.dll [Nokia] [PC Connectivity Solution] MD5=1EBF511BA4B1175B41ED321158826042 SIZE=1281024
%PROGRAMFILES%\PC Connectivity Solution\PCCS_ABAPI.dll [Nokia] [PC Connectivity Solution] MD5=4C1A99C311949F0DFDD92BDBAE382F48 SIZE=270336
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\styles\NGLStyle.dll [Nokia] [Launch Application Style Plugin] MD5=17BB6FFE018D0A4EB5610653CEDCA06C SIZE=1184256
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll [Trolltech ASA] [Qt4] MD5=B6FAD59C92D1381D986CD7368A5291F4 SIZE=135168
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll [Trolltech ASA] [Qt4] MD5=CB3B04A1D5E1F32D5E38974B5E077EA6 SIZE=16384
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtSvg4.dll [Trolltech ASA] [Qt4] MD5=958BE76750B8B10750FB3DE7419588C1 SIZE=253952
%PROGRAMFILES%\PC Connectivity Solution\ConfServer.dll [Nokia] [PC Connectivity Solution] MD5=C2FDDF50807ED3013823CB418A44CA0C SIZE=191488
%PROGRAMFILES%\PC Connectivity Solution\ServiceLayer.exe [Nokia.] [PC Connectivity Solution] MD5=77FAA749C34193F003F666D2E368A1F8 SIZE=621056
%PROGRAMFILES%\PC Connectivity Solution\PCCS_DBEngine.dll [Nokia] [PC Connectivity Solution] MD5=C61BFFB47784365CC0CA08780E443346 SIZE=420864
%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=77FBD400984CF72BA0FC4B3489D65F74 SIZE=1121280
%PROGRAMFILES%\PC Connectivity Solution\Transports\NclUSBSrv.exe [PC Connectivity Solution] MD5=E31DDC076A4C4B7DF6AAED3A3F29B981 SIZE=130560
%PROGRAMFILES%\PC Connectivity Solution\Transports\NclRSSrv.exe [PC Connectivity Solution] MD5=F9F01DF53DB4FB1512959B896F03775F SIZE=119808
%PROGRAMFILES%\PC Connectivity Solution\Transports\NclMSBTSrv.exe [PC Connectivity Solution] MD5=F98E3A65876D41832B5B1B05E725A795 SIZE=128000
%PROGRAMFILES%\Internet Explorer\iexplore.exe [Microsoft Corporation] [Windows® Internet Explorer] MD5=2C32E3E596CFE660353753EABEFB0540 SIZE=673048
%SYSDIR%\igdumdx32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=FDC646B3126FC0956335013FC1C10111 SIZE=536576
%SYSDIR%\igdumd32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=5F50E20D770EC2F650781CEC49FA4D3A SIZE=3829760
%SYSDIR%\Macromed\Flash\Flash10e.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=C06E6E160F34CE092301BD2B29067F3F SIZE=3981080
%SYSDIR%\Macromed\Flash\FlashUtil10e.exe [Adobe Systems, Inc.] [Flash Player Helper] MD5=678F50CBC5537150CFDCCA7944130B6D SIZE=256280
%SYSDIR%\mf.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=80EFBCAFBD26956B69EE9CEFC93423B0 SIZE=3177984
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\DRIVERS\AGRSM.sys [LSI Corp] [LSI SoftModem Driver] MD5=7E10E3BB9B258AD8A9300F91214D67B9 SIZE=1035776
%SYSDIR%\DRIVERS\amdxata.sys [Advanced Micro Devices] [Storage Filter Driver] MD5=B81C2B5616F6420A9941EA093A92B150 SIZE=23616
%SYSDIR%\Drivers\ATSwpWDF.sys [AuthenTec, Inc.] [Swipe Fingerprint Sensor WBF WDF USB Driver] MD5=BEFE54E9BC648A3C79C917A63B6EE7DA SIZE=625224
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted
%SYSDIR%\DRIVERS\b57nd60x.sys [Broadcom Corporation] [Broadcom NetXtreme Gigabit Ethernet Driver] MD5=BD8869EB9CDE6BBE4508D869929869EE SIZE=229888
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork
%SYSDIR%\DRIVERS\bowser.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=FCAFAEF6798D7B51FF029F99A9898961 SIZE=69632
%SYSDIR%\svchost.exe -k bthsvcs
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k DcomLaunch
%SYSDIR%\Drivers\dfsc.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=8E09E52EE2E3CEB199EF3DD99CF9E3FB SIZE=78336
%SYSDIR%\drivers\discache.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=1A050B0274BFB3890703D490F330C0DA SIZE=32256
%SYSDIR%\DRIVERS\ehdrv.sys [ESET] [ESET Smart Security] MD5=6504D6AFB75FEF830DD99E8C4235D54D SIZE=108792
%SYSDIR%\DRIVERS\epfwwfp.sys [ESET] [ESET Smart Security] MD5=396CE762D1650387A2FE184E245FBBA1 SIZE=38240
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost.exe -k LocalServiceAndNoImpersonation
%SYSDIR%\DRIVERS\igdkmd32.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=C4097C4F60B7603B77E36715663D56EB SIZE=4756992
%SYSDIR%\DRIVERS\mrxsmb10.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=5613358B4050F46F5A9832DA8050D6E4 SIZE=221696
%SYSDIR%\DRIVERS\mssmbios.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=FC6B9FF600CC585EA38B12589BD4E246 SIZE=28240
%SYSDIR%\DRIVERS\netw5v32.sys [Intel Corporation] [Intel® Wireless WiFi Link Adapter] MD5=58218EC6B61B1169CF54AAB0D00F5FE2 SIZE=4231168
%SYSDIR%\svchost.exe -k NetworkServiceNetworkRestricted
%SYSDIR%\DRIVERS\rimmptsk.sys [REDC] [RICOH MMC Driver] MD5=7A6648B61661B1421FFAB762E391E33F SIZE=28928
%SYSDIR%\DRIVERS\rimsptsk.sys [REDC] [Ricoh Memorystick Controller] MD5=D0A35B7670AA3558EAAB483F64446496 SIZE=51840
%SYSDIR%\DRIVERS\rixdptsk.sys [REDC] [R5C852 Ricoh xD Controller] MD5=6C1F93C0760C9F79A1869D07233DF39D SIZE=37376
%SYSDIR%\svchost.exe -k RPCSS
%SYSDIR%\Drivers\SSPORT.sys [Samsung Electronics] [Port Contention Driver] MD5=EF3458337D7341A05169CEFC73709264 SIZE=5120
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\svchost.exe -k secsvcs
%SYSDIR%\SearchIndexer.exe \Embedding
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\mscoree.dll [Microsoft Corporation] [Microsoft® .NET Framework] MD5=3CDEDF4059A2BDBB9CD888EA1979D54C SIZE=278864
%SYSDIR%\inetcomm.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=2F1379FEB2798A5708CD157836B4E9CC SIZE=740864
End of Report
Průběh odstraňování:
Příprava struktur
Vytváření bodu pro obnovu systému
Odstranit Trojan.Dropper.Joiner.dc
Smazaný soubor: c:\SWTOOLS\APPS\cameracenter\vista3264\setup.exe
Smazaný soubor: c:\SWTOOLS\APPS\cameracenter\vista3264-Silent\setup.exe
Zavírání bodu pro obnovu systému
Hotovo
Logfile of Spyware Terminator v2.7.2.125 (db:4.006.015.000)
Scan Time: 15.6.2010 16:09:21 length: 2366 s
Platform: W7 (6.1.0.7600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 91029 (Critical:2)
Filter: No System items, No Safe items, No Invalid items
Running Processes
VMCService.exe [Vodafone] : C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
igfxsrvc.exe [Intel Corporation] : C:\Windows\system32\igfxsrvc.exe
SSMMgr.exe : C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PCSuite.exe [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
ServiceLayer.exe [Nokia.] : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
wmpnetwk.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
NclUSBSrv.exe : C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
NclRSSrv.exe : C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
NclMSBTSrv.exe : C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
iexplore.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\iexplore.exe
FlashUtil10e.exe [Adobe Systems, Inc.] : C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
iexplore.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\iexplore.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PC Suite Tray : [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Samsung PanelMgr : : C:\Windows\Samsung\PanelMgr\SSMMgr.exe
Shell Extensions
MF ADTS Property Handler - {80009818-f38f-4af1-87b5-eadab9433e58} - [Microsoft Corporation] : C:\Windows\system32\mf.dll
Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
Protocol Handler
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - [Microsoft Corporation] : C:\Windows\system32\inetcomm.dll
Services
23 - [LSI Corp] : C:\Windows\system32\DRIVERS\AGRSM.sys
23 - [Advanced Micro Devices] : C:\Windows\system32\DRIVERS\amdxata.sys
23 - [AuthenTec, Inc.] : C:\Windows\system32\Drivers\ATSwpWDF.sys
23 - [Broadcom Corporation] : C:\Windows\system32\DRIVERS\b57nd60x.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\bowser.sys
23 - [Microsoft Corporation] : C:\Windows\system32\Drivers\dfsc.sys
23 - [Microsoft Corporation] : C:\Windows\system32\drivers\discache.sys
23 - [ESET] : C:\Windows\system32\DRIVERS\ehdrv.sys
23 - [ESET] : C:\Windows\system32\DRIVERS\epfwwfp.sys
23 - [Intel Corporation] : C:\Windows\system32\DRIVERS\igdkmd32.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\mrxsmb10.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\mssmbios.sys
23 - [Intel Corporation] : C:\Windows\system32\DRIVERS\netw5v32.sys
23 - [REDC] : C:\Windows\system32\DRIVERS\rimmptsk.sys
23 - [REDC] : C:\Windows\system32\DRIVERS\rimsptsk.sys
23 - [REDC] : C:\Windows\system32\DRIVERS\rixdptsk.sys
23 - [Nokia.] : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23 - [Samsung Electronics] : C:\Windows\system32\Drivers\SSPORT.sys
23 - [Vodafone] : C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
23 - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
23 - [Crawler.com] : C:\Windows\system32\drivers\sp_rsdrv2.sys
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\Windows\system32\igfxdev.dll
Threat Files
<Trojan.Dropper.Joiner.dc> : C:\SWTOOLS\APPS\cameracenter\vista3264\setup.exe
<Trojan.Dropper.Joiner.dc> : C:\SWTOOLS\APPS\cameracenter\vista3264-Silent\setup.exe
Advanced Files Report
%SYSDIR%\bzpdf.dll [Bullzip] [Bullzip PDF Writer] MD5=6D3475E2784CFBDDF345DFE736A842DA SIZE=194560
%SYSDIR%\sst1cl3.dll [Language Monitor for Status Monitor] MD5=6DED3515CAA2AB4EF0331BC73D91859B SIZE=22723
%SYSDIR%\spool\PRTPROCS\W32X86\hpzppWN7.dll [Hewlett-Packard Corporation] [HP Print Processor] MD5=C2A44C942EC023CF2D5CF144B0F5D146 SIZE=90624
%SYSDIR%\spool\PRTPROCS\W32X86\sst1cpc.dll [Windows (R) 2000 DDK provider] [Windows (R) 2000 DDK driver] MD5=DD0DA53D125F6BBFCEABBAFEBD70DAD1 SIZE=19968
%SYSDIR%\spool\DRIVERS\W32X86\3\sst1cdu.dll [Windows (R) 2000 DDK provider] [Windows (R) 2000 DDK driver] MD5=DF4E48A810EA19E2B09F3904F2A7F247 SIZE=409600
%SYSDIR%\igd10umd32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=4D0EC3F1B5C4E6549071C7FC74368123 SIZE=2551808
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\PhoneBrowser.dll [Nokia] [Phone Browser] MD5=273F96C16F6B4B4D1E7CA669BFCF4F28 SIZE=614400
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\NGSCM.DLL [Nokia] [Next Gen Suite Common Modules] MD5=6BD1F1E3856E2AF9BC8D82D62F23E28C SIZE=929792
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr [Nokia] [Nokia Phone Browser] MD5=E2FB13634D1810EA8AEB6DFD660E423B SIZE=27136
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr [Nokia] [Nokia Phone Browser] MD5=5058D323DDABFAD0D8D8BC2CAEF73070 SIZE=573440
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [Vodafone] [Vodafone Mobile Connect] MD5=60C4B117ED03861379B2EE54EBFC8581 SIZE=9216
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.WindowsService.Core.dll [Vodafone] [Vodafone Mobile Connect] MD5=D0E5AA3B5BF7C2CC00DE98865023E76A SIZE=67584
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.WindowsService.Messaging.dll [Vodafone] [Vodafone Mobile Connect] MD5=ACCF3726687777F198D293FFBA339362 SIZE=22528
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.DataAccessor.dll [Vodafone] [Vodafone Mobile Connect] MD5=C4DA1F04D8D6F4F496AD95DBB53DD43D SIZE=160256
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.ConnectionServicesInterface.dll [Vodafone] [Vodafone Mobile Connect] MD5=5572CC320021CEE038715BD54F6387A8 SIZE=153088
%PROGRAMFILES%\Vodafone\Vodafone Mobile Connect\Bin\VMC.BaseServices.Platform.dll [Vodafone] [Vodafone Mobile Connect] MD5=ABF5595F122AEC9E2CD470DB58802F88 SIZE=290816
%SYSDIR%\hccutils.DLL [Intel Corporation] [Intel(R) Common User Interface] MD5=806D9BC9E5F12B0B6C0A700912270997 SIZE=94208
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=26EDDD650420C84A01CDBDC3545E881B SIZE=51712
%SYSDIR%\igfxrCSY.lrc [Intel Corporation] [Intel(R) Common User Interface] MD5=47421691C2F443A0A10F86A649DDD06D SIZE=282624
%SYSDIR%\igfxress.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=F698E901D6A52E70864ACE9CEC00579F SIZE=5702656
%SYSDIR%\igfxsrvc.exe [Intel Corporation] [Intel(R) Common User Interface] MD5=C8C452E5C8AECD04DA4A2A618399830C SIZE=252952
%SYSDIR%\igfxdev.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=06CC9ECBE18EE6E18B0EA759A763B710 SIZE=216576
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtCore4.dll [Trolltech ASA] [Qt4] MD5=285A5075F1973E9BEB8A12EE3641EEA4 SIZE=2023424
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtGui4.dll [Trolltech ASA] [Qt4] MD5=1CA1F99D167BB19F785F2D8582579CFB SIZE=7331840
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtXml4.dll [Trolltech ASA] [Qt4] MD5=B7AC803CF0DF5FF872DD45D48BBBDA6A SIZE=364544
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtNetwork4.dll [Trolltech ASA] [Qt4] MD5=C15230FC33B7FB9136C1F3FC93DD370C SIZE=806912
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\PCSL.dll [Nokia] [Nokia PCSL] MD5=75563FF603C40F0A5486750E0C486CC2 SIZE=4608
%PROGRAMFILES%\PC Connectivity Solution\ConnAPI.dll [Nokia.] [PC Connectivity Solution] MD5=60971D086DED56D49301F2F24F5B90F5 SIZE=590336
%PROGRAMFILES%\PC Connectivity Solution\DAAPI.dll [Nokia] [PC Connectivity Solution] MD5=1EBF511BA4B1175B41ED321158826042 SIZE=1281024
%PROGRAMFILES%\PC Connectivity Solution\PCCS_ABAPI.dll [Nokia] [PC Connectivity Solution] MD5=4C1A99C311949F0DFDD92BDBAE382F48 SIZE=270336
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\styles\NGLStyle.dll [Nokia] [Launch Application Style Plugin] MD5=17BB6FFE018D0A4EB5610653CEDCA06C SIZE=1184256
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll [Trolltech ASA] [Qt4] MD5=B6FAD59C92D1381D986CD7368A5291F4 SIZE=135168
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll [Trolltech ASA] [Qt4] MD5=CB3B04A1D5E1F32D5E38974B5E077EA6 SIZE=16384
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\QtSvg4.dll [Trolltech ASA] [Qt4] MD5=958BE76750B8B10750FB3DE7419588C1 SIZE=253952
%PROGRAMFILES%\PC Connectivity Solution\ConfServer.dll [Nokia] [PC Connectivity Solution] MD5=C2FDDF50807ED3013823CB418A44CA0C SIZE=191488
%PROGRAMFILES%\PC Connectivity Solution\ServiceLayer.exe [Nokia.] [PC Connectivity Solution] MD5=77FAA749C34193F003F666D2E368A1F8 SIZE=621056
%PROGRAMFILES%\PC Connectivity Solution\PCCS_DBEngine.dll [Nokia] [PC Connectivity Solution] MD5=C61BFFB47784365CC0CA08780E443346 SIZE=420864
%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=77FBD400984CF72BA0FC4B3489D65F74 SIZE=1121280
%PROGRAMFILES%\PC Connectivity Solution\Transports\NclUSBSrv.exe [PC Connectivity Solution] MD5=E31DDC076A4C4B7DF6AAED3A3F29B981 SIZE=130560
%PROGRAMFILES%\PC Connectivity Solution\Transports\NclRSSrv.exe [PC Connectivity Solution] MD5=F9F01DF53DB4FB1512959B896F03775F SIZE=119808
%PROGRAMFILES%\PC Connectivity Solution\Transports\NclMSBTSrv.exe [PC Connectivity Solution] MD5=F98E3A65876D41832B5B1B05E725A795 SIZE=128000
%PROGRAMFILES%\Internet Explorer\iexplore.exe [Microsoft Corporation] [Windows® Internet Explorer] MD5=2C32E3E596CFE660353753EABEFB0540 SIZE=673048
%SYSDIR%\igdumdx32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=FDC646B3126FC0956335013FC1C10111 SIZE=536576
%SYSDIR%\igdumd32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=5F50E20D770EC2F650781CEC49FA4D3A SIZE=3829760
%SYSDIR%\Macromed\Flash\Flash10e.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=C06E6E160F34CE092301BD2B29067F3F SIZE=3981080
%SYSDIR%\Macromed\Flash\FlashUtil10e.exe [Adobe Systems, Inc.] [Flash Player Helper] MD5=678F50CBC5537150CFDCCA7944130B6D SIZE=256280
%SYSDIR%\mf.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=80EFBCAFBD26956B69EE9CEFC93423B0 SIZE=3177984
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\DRIVERS\AGRSM.sys [LSI Corp] [LSI SoftModem Driver] MD5=7E10E3BB9B258AD8A9300F91214D67B9 SIZE=1035776
%SYSDIR%\DRIVERS\amdxata.sys [Advanced Micro Devices] [Storage Filter Driver] MD5=B81C2B5616F6420A9941EA093A92B150 SIZE=23616
%SYSDIR%\Drivers\ATSwpWDF.sys [AuthenTec, Inc.] [Swipe Fingerprint Sensor WBF WDF USB Driver] MD5=BEFE54E9BC648A3C79C917A63B6EE7DA SIZE=625224
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted
%SYSDIR%\DRIVERS\b57nd60x.sys [Broadcom Corporation] [Broadcom NetXtreme Gigabit Ethernet Driver] MD5=BD8869EB9CDE6BBE4508D869929869EE SIZE=229888
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork
%SYSDIR%\DRIVERS\bowser.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=FCAFAEF6798D7B51FF029F99A9898961 SIZE=69632
%SYSDIR%\svchost.exe -k bthsvcs
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k DcomLaunch
%SYSDIR%\Drivers\dfsc.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=8E09E52EE2E3CEB199EF3DD99CF9E3FB SIZE=78336
%SYSDIR%\drivers\discache.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=1A050B0274BFB3890703D490F330C0DA SIZE=32256
%SYSDIR%\DRIVERS\ehdrv.sys [ESET] [ESET Smart Security] MD5=6504D6AFB75FEF830DD99E8C4235D54D SIZE=108792
%SYSDIR%\DRIVERS\epfwwfp.sys [ESET] [ESET Smart Security] MD5=396CE762D1650387A2FE184E245FBBA1 SIZE=38240
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost.exe -k LocalServiceAndNoImpersonation
%SYSDIR%\DRIVERS\igdkmd32.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=C4097C4F60B7603B77E36715663D56EB SIZE=4756992
%SYSDIR%\DRIVERS\mrxsmb10.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=5613358B4050F46F5A9832DA8050D6E4 SIZE=221696
%SYSDIR%\DRIVERS\mssmbios.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=FC6B9FF600CC585EA38B12589BD4E246 SIZE=28240
%SYSDIR%\DRIVERS\netw5v32.sys [Intel Corporation] [Intel® Wireless WiFi Link Adapter] MD5=58218EC6B61B1169CF54AAB0D00F5FE2 SIZE=4231168
%SYSDIR%\svchost.exe -k NetworkServiceNetworkRestricted
%SYSDIR%\DRIVERS\rimmptsk.sys [REDC] [RICOH MMC Driver] MD5=7A6648B61661B1421FFAB762E391E33F SIZE=28928
%SYSDIR%\DRIVERS\rimsptsk.sys [REDC] [Ricoh Memorystick Controller] MD5=D0A35B7670AA3558EAAB483F64446496 SIZE=51840
%SYSDIR%\DRIVERS\rixdptsk.sys [REDC] [R5C852 Ricoh xD Controller] MD5=6C1F93C0760C9F79A1869D07233DF39D SIZE=37376
%SYSDIR%\svchost.exe -k RPCSS
%SYSDIR%\Drivers\SSPORT.sys [Samsung Electronics] [Port Contention Driver] MD5=EF3458337D7341A05169CEFC73709264 SIZE=5120
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\svchost.exe -k secsvcs
%SYSDIR%\SearchIndexer.exe \Embedding
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\mscoree.dll [Microsoft Corporation] [Microsoft® .NET Framework] MD5=3CDEDF4059A2BDBB9CD888EA1979D54C SIZE=278864
%SYSDIR%\inetcomm.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=2F1379FEB2798A5708CD157836B4E9CC SIZE=740864
End of Report
Průběh odstraňování:
Příprava struktur
Vytváření bodu pro obnovu systému
Odstranit Trojan.Dropper.Joiner.dc
Smazaný soubor: c:\SWTOOLS\APPS\cameracenter\vista3264\setup.exe
Smazaný soubor: c:\SWTOOLS\APPS\cameracenter\vista3264-Silent\setup.exe
Zavírání bodu pro obnovu systému
Hotovo
Re: Preventivka
Cao,
omlouvam se za zpozdeni, necekane pracovni ukoly me zdrzely...
Tak soubory dopadly OK - tam ty dva co maji jeden pozitivni vysledek beru tez OK - to je falesny poplach...
Z logu OTL mi vychazi jen par drobnosti
Spustte znovu OTL
omlouvam se za zpozdeni, necekane pracovni ukoly me zdrzely...
Tak soubory dopadly OK - tam ty dva co maji jeden pozitivni vysledek beru tez OK - to je falesny poplach...
Z logu OTL mi vychazi jen par drobnosti
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE - HKU\S-1-5-21-808423996-909295935-305634796-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 53 BF 14 69 75 63 CA 01 [binary data] O4 - HKLM..\Run: [] File not found O13 - gopher Prefix: missing O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O33 - MountPoints2\{b73abda7-5b33-11df-bc20-001f3afc4fd0}\Shell - "" = AutoRun O33 - MountPoints2\{b73abde4-5b33-11df-bc20-001e101fa1f5}\Shell - "" = AutoRun O33 - MountPoints2\{f6867b67-4d27-11df-bb31-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{f6867b8c-4d27-11df-bb31-001f3afc4fd0}\Shell - "" = AutoRun O33 - MountPoints2\E\Shell - "" = AutoRun :files C:\WINDOWS\system32\*.tmp.dll /s C:\WINDOWS\system32\SET*.tmp /s C:\WINDOWS\*.tmp /s :commands [EMPTYTEMP] [EMPTYFLASH] [CLEARALLRESTOREPOINTS]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
tak tohle otl už šlo normálně, po provedení restart, rolzišení obrazovky bylo na minimu, ale nešla mi zase myš, tak jsem znovu restartoval, rozlišení již normální, ale s tou myší problém pořád chjo
log zde:
All processes killed
========== OTL ==========
HKU\S-1-5-21-808423996-909295935-305634796-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b73abda7-5b33-11df-bc20-001f3afc4fd0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b73abda7-5b33-11df-bc20-001f3afc4fd0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b73abde4-5b33-11df-bc20-001e101fa1f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b73abde4-5b33-11df-bc20-001e101fa1f5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6867b67-4d27-11df-bb31-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f6867b67-4d27-11df-bb31-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6867b8c-4d27-11df-bb31-001f3afc4fd0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f6867b8c-4d27-11df-bb31-001f3afc4fd0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\7fe31c414a5d48ca4155a13268393343\BITF96C.tmp moved successfully.
C:\WINDOWS\Temp\TS_66E1.tmp moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Lenka
->Temp folder emptied: 1317990 bytes
->Temporary Internet Files folder emptied: 45481044 bytes
->Java cache emptied: 29691863 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 787 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 72440 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 665072 bytes
Total Files Cleaned = 74,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Lenka
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.6.0 log created on 06162010_161358
Files\Folders moved on Reboot...
File\Folder C:\Users\Lenka\AppData\Local\Temp\~DF0B61F6A7BB807EF7.TMP not found!
File\Folder C:\Users\Lenka\AppData\Local\Temp\~DF91BD9F43E7105116.TMP not found!
File\Folder C:\Users\Lenka\AppData\Local\Temp\~DFA8D83F4CF21A3734.TMP not found!
File\Folder C:\Users\Lenka\AppData\Local\Temp\~DFC16C0010BEB55D4B.TMP not found!
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\14AZIPDC\afr[1].htm moved successfully.
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
Registry entries deleted on Reboot...
log zde:
All processes killed
========== OTL ==========
HKU\S-1-5-21-808423996-909295935-305634796-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b73abda7-5b33-11df-bc20-001f3afc4fd0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b73abda7-5b33-11df-bc20-001f3afc4fd0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b73abde4-5b33-11df-bc20-001e101fa1f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b73abde4-5b33-11df-bc20-001e101fa1f5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6867b67-4d27-11df-bb31-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f6867b67-4d27-11df-bb31-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6867b8c-4d27-11df-bb31-001f3afc4fd0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f6867b8c-4d27-11df-bb31-001f3afc4fd0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\7fe31c414a5d48ca4155a13268393343\BITF96C.tmp moved successfully.
C:\WINDOWS\Temp\TS_66E1.tmp moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Lenka
->Temp folder emptied: 1317990 bytes
->Temporary Internet Files folder emptied: 45481044 bytes
->Java cache emptied: 29691863 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 787 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 72440 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 665072 bytes
Total Files Cleaned = 74,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Lenka
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.6.0 log created on 06162010_161358
Files\Folders moved on Reboot...
File\Folder C:\Users\Lenka\AppData\Local\Temp\~DF0B61F6A7BB807EF7.TMP not found!
File\Folder C:\Users\Lenka\AppData\Local\Temp\~DF91BD9F43E7105116.TMP not found!
File\Folder C:\Users\Lenka\AppData\Local\Temp\~DFA8D83F4CF21A3734.TMP not found!
File\Folder C:\Users\Lenka\AppData\Local\Temp\~DFC16C0010BEB55D4B.TMP not found!
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\14AZIPDC\afr[1].htm moved successfully.
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
Registry entries deleted on Reboot...
Re: Preventivka
tak provedeno pár pár zkušebních restartů a opravdu pravidelně každý druhý restart dojde k vypnutí myši, klávesnice normálně jde
Re: Preventivka
Mys pripojena pres USB 
pokud jo zkus reinstalovat drivery usb. v jinem pc mys funguje v pohode
pokud jo zkus reinstalovat drivery usb. v jinem pc mys funguje v pohode "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
tačped na notebooku, nefunguje ani připojená přes usb
Re: Preventivka
Zkus reinstal driveru pro touchpad a pokud tak i driver pro usbecka - pokud vis ze ta mys je OK...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
takže virus tam teda asi už žádnej není, jdu skusit win 7 manager, snad to pomůže
Re: Preventivka
jj, du na ty ovladače, snad to pomůže, ale je divný, že to dělá vždy každý druhý zapnutí 
divná choroba 
divná choroba Re: Preventivka
win 7 manager:
zbytečné soubory (junk file) - cca 9000ks
zbytečné registry - zjistím tak za 2 hoďky až to všechno smaže
lol, tak to je hustý, takovouhle dardu mi to ještě nikdy nenašlo
tohle jsou visty upradgovaný na 7mičky, očividně tam zůstává kopa ničeho, to se pak můžu divit, že testy trvají 5-8 hodin
zbytečné soubory (junk file) - cca 9000ks
zbytečné registry - zjistím tak za 2 hoďky až to všechno smaže
lol, tak to je hustý, takovouhle dardu mi to ještě nikdy nenašlo
tohle jsou visty upradgovaný na 7mičky, očividně tam zůstává kopa ničeho, to se pak můžu divit, že testy trvají 5-8 hodin
Re: Preventivka
Koukam ze win 7 manager vypada dobre, taky ho zkusim 
tomu se rika choroba microsoft 
uvidime, ale havet tam fakt uz nevidno....
tomu se rika choroba microsoft uvidime, ale havet tam fakt uz nevidno...."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
jj, je to skvělá věc, na XP a Visty úplně the best, na 7mičkách zatim moc ne, ale pracujou na něm, schválně někdy vyzkoušej na opravu problému s XP, zadej repair center a tam dej fix all windows něco funguje úplně skvěle, mám vyzkoušeno, na vistách sem to moc nezkoušel, ale už to maj taky vymáknutý, jenom na 7mách mi to zatím moc nesedí, ale určitě na tom pracujou, jediná chyba je že je to placený a máš jenom 15ti dení demo, ale na jednorázovou opravu to stačí
funguje úplně skvěle, mám vyzkoušeno, na vistách sem to moc nezkoušel, ale už to maj taky vymáknutý, jenom na 7mách mi to zatím moc nesedí, ale určitě na tom pracujou, jediná chyba je že je to placený a máš jenom 15ti dení demo, ale na jednorázovou opravu to stačí Re: Preventivka
jn, skoda ze je to placeny a jeste neni cz lokalizace
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
jj, ale cena není tak hrozná na to co to dělá, když si koupíš multilicenci pro tety, strejdy, rodiče, atd, tam to je ještě o dost levnější a čeština, taky bych jí uvítal, ale aspoň mě to nutí tu angličtinu se učit
Přispějete na provoz fóra?