VIRY.CZ

Zkuste ještě co TB v nouzovém režimu.

no v nouzovem rezimu to vypada ok. Ale jak jsem psal drive neni to problem TB, deje se to u vetsiny aplikaci a i v systemu. Napr. nelze pretahnout ikonu z plochy do kose (respektive tahnout lze, ale ona tam nespadne - musim pravym tlacitkem - odstranit), nebo pretahnout na aplikaci aby se otevrel soubor (musim do menu - soubor - otevrit).
Mezi aplikacemi musim prepinat spravcem uloh, protoze mysi ovladam "tu vzadu" misto "te vepredu".

Pak je to chvilku dobry, pak to zase blbne, zkousel jsem jinou mys - to same. Dekuji za snahu pomoci, ale nevim jestli na zaklade techto priznaku se da neco vypozorovat.

Ještě zkusím něco domazat, ale nevím, zda to pomůže

Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde



Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.

vse probehlo v poradku, krome restartu. Otl zahlasil processing complete, restartovat jsem dal "ano" ale po 5 min. jsem restartoval rucne. log nize. dekuji.

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
ADS C:\Program Files\Common Files\Microsoft Shared:RuptKa8AYzw4kyadQt4AwMD3 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Microsoft:ksSUsjZlqsG5GTVMo2BqO deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Microsoft:7QVzxPeekAsfFwMiRq0rWvT deleted successfully.
ADS C:\Documents and Settings\Lukas Hajek\Cookies:0Xj8JhIA9doa3spDEKRO5S2B deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-329068152-1580818891-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002753_.tmp moved successfully.
C:\WINDOWS\SET21.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP118.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP173.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DD.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP210.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP214.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP240.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP273.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP28.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BD.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP346.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP35C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP417.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP43.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP63.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFC.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI1BF.tmp moved successfully.
C:\WINDOWS\Installer\MSI20.tmp moved successfully.
C:\WINDOWS\Installer\MSI9E.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\spool\PRINTERS\spl3E.tmp moved successfully.
C:\Documents and Settings\Lukas Hajek\Data aplikací\TrojanHunter folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Lukas Hajek
->Temp folder emptied: 83888134 bytes
->Temporary Internet Files folder emptied: 327706 bytes
->Java cache emptied: 100410800 bytes
->FireFox cache emptied: 414720066 bytes
->Flash cache emptied: 16045 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2014 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 76335025 bytes

Total Files Cleaned = 645,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: Lukas Hajek
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.61.0 log created on 09062012_093441

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

A co Tdss killer?

Nasel 1 podezreni:
service:sptd

Medium risk,
service type: Kernel driver (0x1)
Service start:boot(0x0)
File: C:/windows/system32/drivers/sptd.sys

Nevim co s tim? dekuji.

To je v pořádku, falešná detekce na driver od Daemonu,který používá techniku rootkitu.
CO počítač?

Moc dekuji za pomoc, bohuzel to stale zlobi. Asi to budu muset vyresit reinstalaci OS.

Jeste jednou diky.

Přeinstaloval jste OS?

Vzhledem k tomu, že toto vlákno je neaktivní, zamykám