Pro sudance - na požádání 2. počítač

Zpráva

petr0266 · #1 Příspěvek od **petr0266** » 17 lis 2010 15:09

Logfile of random's system information tool 1.08 (written by random/random)
Run by kikina at 2010-11-17 15:08:45
Microsoft® Windows Vista™ Home Basic
System drive C: has 52 GB (68%) free of 76 GB
Total RAM: 1015 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:08:48, on 17.11.2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\kikina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED3AD7FE-B98C-46A3-907E-C879C860F5D0}: NameServer = 192.168.10.1
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5205 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {D8A629E1-9910-4EA8-9D06-C8011870598C}
taskeng.exe {B7AC87C6-1AFB-4AE6-81F9-8FD82CA5985B}
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2648.6c6f120.1851359272 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 2648 plugin \\.\pipe\gecko-crash-server-pipe.2648
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot) " "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 65536 628
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\kikina\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-02 1579624]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-02-26 168728]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-02-26 135960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-02-26 186648]
"MSConfig"=C:\Windows\System32\msconfig.exe [2006-11-02 283136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2006-11-02 1513984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Users\kikina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-02-22 205312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-11-17 15:08:46 ----D---- C:\Program Files\trend micro
2010-11-17 15:06:14 ----D---- C:\Program Files (x86)\trend micro
2010-11-17 15:06:13 ----D---- C:\rsit
2010-11-11 22:57:41 ----D---- C:\Windows\pss
2010-11-04 17:36:23 ----D---- C:\Users\kikina\AppData\Roaming\WinRAR
2010-11-04 17:36:16 ----D---- C:\Program Files (x86)\WinRAR
2010-11-03 21:33:24 ----D---- C:\43f11f65260b207aeef925cf
2010-11-03 21:33:14 ----D---- C:\3738d12617d59033da4c89b59a3858aa
2010-11-03 16:53:31 ----D---- C:\ProgramData\Adobe
2010-11-03 16:53:29 ----D---- C:\Program Files (x86)\Adobe
2010-11-03 16:51:56 ----D---- C:\ProgramData\McAfee Security Scan
2010-11-03 16:51:55 ----D---- C:\ProgramData\McAfee
2010-11-03 16:51:54 ----D---- C:\Program Files (x86)\McAfee Security Scan
2010-10-30 16:45:36 ----D---- C:\ProgramData\Sun
2010-10-30 16:13:29 ----D---- C:\Users\kikina\AppData\Roaming\OpenOffice.org
2010-10-30 16:05:54 ----D---- C:\Program Files (x86)\OpenOffice.org 3

======List of files/folders modified in the last 1 months======

2010-11-17 15:08:48 ----D---- C:\Windows\Prefetch
2010-11-17 15:08:47 ----D---- C:\Windows\Temp
2010-11-17 15:08:46 ----RD---- C:\Program Files
2010-11-17 15:06:14 ----RD---- C:\Program Files (x86)
2010-11-17 14:05:46 ----D---- C:\Windows\System32
2010-11-17 14:05:46 ----D---- C:\Windows\inf
2010-11-17 14:05:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-12 08:10:39 ----D---- C:\Windows\system32\catroot2
2010-11-11 22:57:41 ----D---- C:\Windows
2010-11-10 21:44:59 ----SHD---- C:\System Volume Information
2010-11-06 11:14:16 ----D---- C:\Windows\system32\wbem
2010-11-06 11:13:40 ----D---- C:\Windows\system32\config
2010-11-06 11:13:20 ----D---- C:\Windows\Tasks
2010-11-06 11:13:20 ----D---- C:\Windows\system32\spool
2010-11-06 11:13:20 ----D---- C:\Windows\system32\drivers
2010-11-06 11:13:19 ----D---- C:\Windows\registration
2010-11-05 19:54:39 ----SD---- C:\Users\kikina\AppData\Roaming\Microsoft
2010-11-05 19:54:38 ----SD---- C:\ProgramData\Microsoft
2010-11-03 21:36:53 ----D---- C:\Windows\SoftwareDistribution
2010-11-03 19:52:23 ----HD---- C:\ProgramData
2010-11-03 16:58:14 ----D---- C:\Users\kikina\AppData\Roaming\Adobe
2010-11-03 16:57:25 ----SHD---- C:\Windows\Installer
2010-11-03 16:57:24 ----D---- C:\Windows\winsxs
2010-11-03 16:56:00 ----D---- C:\Program Files (x86)\Common Files
2010-11-03 16:55:46 ----D---- C:\Windows\SysWOW64
2010-10-30 16:08:27 ----RSD---- C:\Windows\assembly
2010-10-30 16:06:26 ----RSD---- C:\Windows\Fonts
2010-10-29 17:06:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2007-02-22 6628064]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2006-09-18 55640]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd64.sys [2007-02-22 6628064]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 7936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 108032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 17 lis 2010 15:55

Zdravim a pekny den preji

Kolega me poprosim o vypomoc

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

petr0266 · #3 Příspěvek od **petr0266** » 17 lis 2010 16:52

OTL.TXT

OTL logfile created on: 17.11.2010 16:38:36 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\kikina\Desktop
64bit-Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 272,00 Mb Available Physical Memory | 27,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,53 Gb Total Space | 50,01 Gb Free Space | 67,10% Space Free | Partition Type: NTFS

Computer Name: KIKINA-PC | User Name: kikina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2010.11.17 16:37:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\kikina\Desktop\OTL.exe
PRC - [2010.10.29 17:06:38 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.10.29 17:06:38 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.06.07 20:12:12 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.06.07 20:12:08 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

========== Modules (SafeList) ==========

MOD - [2010.11.17 16:37:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\kikina\Desktop\OTL.exe
MOD - [2006.11.02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2006.11.02 15:59:00 | 000,368,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2006.11.02 07:34:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2007.02.22 09:02:52 | 006,628,064 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2007.02.22 09:02:52 | 006,628,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (ialm)
DRV:64bit: - [2006.09.18 22:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006.09.18 22:27:33 | 000,055,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtnic64.sys -- (RTL8023x64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\S-1-5-21-2367453530-1740591176-2283908755-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2367453530-1740591176-2283908755-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2367453530-1740591176-2283908755-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.seznam.cz"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.29 17:06:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.11.03 16:56:50 | 000,000,000 | ---D | M]

[2010.09.22 20:48:51 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\Mozilla\Extensions
[2010.11.03 19:52:45 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\Mozilla\Firefox\Profiles\rv3vdn37.default\extensions
[2010.09.22 20:48:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.09.14 22:10:37 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.14 22:10:37 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.14 22:10:37 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.14 22:10:37 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.14 22:10:37 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\kikina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll ()
O24 - Desktop WallPaper: C:\Users\kikina\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\kikina\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2010.11.17 16:37:36 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\kikina\Desktop\OTL.exe
[2010.11.17 15:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.17 15:06:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010.11.17 15:06:13 | 000,000,000 | ---D | C] -- C:\rsit
[2010.11.11 22:57:41 | 000,000,000 | ---D | C] -- C:\Windows\pss

========== Files - Modified Within 7 Days ==========

[2010.11.17 16:37:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\kikina\Desktop\OTL.exe
[2010.11.17 16:27:39 | 000,609,944 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.17 16:27:39 | 000,473,360 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.11.17 16:27:39 | 000,103,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.17 16:27:39 | 000,081,198 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.11.17 16:27:38 | 001,259,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.17 16:23:26 | 000,003,552 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.17 16:23:26 | 000,003,552 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.17 16:23:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.17 16:22:56 | 1064,624,128 | -HS- | M] () -- C:\hiberfil.sys

========== Files Created - No Company Name ==========

[2010.11.11 22:58:45 | 000,001,771 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.11.11 22:58:45 | 000,001,070 | ---- | C] () -- C:\Users\kikina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.10.17 10:04:37 | 000,004,608 | ---- | C] () -- C:\Users\kikina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.11.02 13:20:47 | 000,055,858 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 13:18:05 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.10.30 16:13:29 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\OpenOffice.org
[2010.10.12 20:20:45 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\PDF Reading
[2010.11.17 16:22:17 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2006.11.02 16:00:41 | 001,513,984 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.03 16:58:14 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\Adobe
[2010.09.22 19:42:21 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\Identities
[2010.09.22 20:24:38 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\Macromedia
[2010.11.05 19:54:39 | 000,000,000 | --SD | M] -- C:\Users\kikina\AppData\Roaming\Microsoft
[2010.09.22 20:48:51 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\Mozilla
[2010.10.30 16:13:29 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\OpenOffice.org
[2010.10.12 20:20:45 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\PDF Reading
[2010.11.04 17:36:23 | 000,000,000 | ---D | M] -- C:\Users\kikina\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

< MD5 for: AUTOCHK.EXE >
[2006.11.02 12:15:40 | 000,730,112 | ---- | M] (Microsoft Corporation) MD5=B56DB371DC4C6F791B2708EAA4814BB7 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_3bdbc6d17d338351\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\SysWOW64\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\SysWOW64\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\SysWOW64\cryptsvc.dll
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\SysWOW64\cryptsvc.dll
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2006.11.02 12:16:52 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=4B48CC76EBFE97314EA64C3BDA983623 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_cfe772ec5641ae4b\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2006.11.02 12:15:52 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=5D768BEB711FF67ADC8FAD4E2F6ABB02 -- C:\Windows\explorer.exe
[2006.11.02 12:15:52 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=5D768BEB711FF67ADC8FAD4E2F6ABB02 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_ab9c809a352ecf21\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\SysWOW64\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\SysWOW64\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_b5f12aec698f911c\explorer.exe

< MD5 for: LSASS.EXE >
[2006.11.02 12:15:57 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=7B6AA93EEE1F354B3A4AC2ADE5EE334E -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_0032644a183d9898\lsass.exe

< MD5 for: NDIS.SYS >
[2006.11.02 12:52:20 | 000,641,128 | ---- | M] (Microsoft Corporation) MD5=CCA69C9493A13AF86DCF0AE272AFBB72 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_01af054ed7816d7a\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\SysWOW64\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\SysWOW64\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll
[2006.11.02 12:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.11.02 12:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\SysWOW64\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\SysWOW64\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll

< MD5 for: SMSS.EXE >
[2006.11.02 12:16:12 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=362C49C769D938B1FB6648D240BF5C76 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_06228184d4a4001c\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\SysWOW64\svchost.exe
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\SysWOW64\svchost.exe
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2006.11.02 12:16:13 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6B30067D55E10E4DEBDC842FB1911479 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_0fa33328c0c01e47\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.11.02 10:48:29 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=DB08D7CB8D64A07E4D59F8983CD13758 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_bb6d6f644acc0b1a\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\SysWOW64\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\SysWOW64\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 12:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.11.02 12:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\SysWOW64\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\SysWOW64\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\SysWOW64\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\SysWOW64\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2006.11.02 12:19:11 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_4c9f8a4a89c86626\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< End of report >

petr0266 · #4 Příspěvek od **petr0266** » 17 lis 2010 16:52

extras.txt

OTL Extras logfile created on: 17.11.2010 16:38:36 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\kikina\Desktop
64bit-Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 272,00 Mb Available Physical Memory | 27,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,53 Gb Total Space | 50,01 Gb Free Space | 67,10% Space Free | Partition Type: NTFS

Computer Name: KIKINA-PC | User Name: kikina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2367453530-1740591176-2283908755-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HDMI" = Intel(R) Graphics Media Accelerator Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.9.2010 14:38:08 | Computer Name = kikina-PC | Source = Windows Search Service | ID = 3026
Description =

Error - 22.9.2010 14:38:08 | Computer Name = kikina-PC | Source = Windows Search Service | ID = 3026
Description =

Error - 22.9.2010 14:38:08 | Computer Name = kikina-PC | Source = Windows Search Service | ID = 3026
Description =

Error - 22.9.2010 14:42:27 | Computer Name = kikina-PC | Source = ESENT | ID = 215
Description = WinMail (2572) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 26.9.2010 11:00:00 | Computer Name = kikina-PC | Source = Customer Experience Improvement Program | ID = 1006
Description =

Error - 12.10.2010 15:17:14 | Computer Name = kikina-PC | Source = iNOSSO(R) | ID = 0
Description =

Error - 30.10.2010 11:08:06 | Computer Name = kikina-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\OpenOffice.org
3\program\soffice.exe se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 30.10.2010 11:08:06 | Computer Name = kikina-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\OpenOffice.org
3\program\soffice.exe se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.11.2010 11:56:52 | Computer Name = kikina-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Reader
9.0\Reader\AcroRd32.exe se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 17.11.2010 10:08:00 | Computer Name = kikina-PC | Source = Application Hang | ID = 1002
Description =

[ System Events ]
Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 17.11.2010 9:02:55 | Computer Name = kikina-PC | Source = Service Control Manager | ID = 7001
Description =

< End of report >

petr0266 · #5 Příspěvek od **petr0266** » 17 lis 2010 17:25

MBAM LOG

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5137

Windows 6.0.6000
Internet Explorer 7.0.6000.16386

17.11.2010 17:24:24
mbam-log-2010-11-17 (17-24-24).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 184216
Uplynulý čas: 30 minuta(y), 3 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

#6 Příspěvek od **vyosek** » 17 lis 2010 22:38

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
E:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

petr0266 · #7 Příspěvek od **petr0266** » 18 lis 2010 13:37

All processes killed
========== OTL ==========
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\SysNative\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\SysNative\DRIVERS\ipinip.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1BBA.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP226E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP493F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9694.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB7CA.tmp folder moved successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC1ECB.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\065623097f7c74c9d93478be0a378de4\BIT2479.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\06595ebc5ba71c3f54bb214f531317cd\BIT5740.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\0a49d36f30f0dbb50e0726dee9380a6b\BIT7BD2.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\0c39ce9b091b2a8e435af6e0a5d058a8\BITDC65.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\0ee065d531a45e8e12b3be75598e666e\BIT2789.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\192622dbe768f7b79bab5c2ec094af22\BITDD83.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\1945be4fd67d0eb4d5b14c7cb40905cf\BIT4E57.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\1ce643a00acf83087d1175c4ac6ea2a0\BIT4A4A.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\1d6b559074a830eab7851fb5e97d067b\BITAA23.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\1e23055f54ba09836237695269fdb3a8\BIT47F8.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\1fa3ed60e8ee43c09ab8b9f62310f827\BIT3B00.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\215b05117c978fdf6c8a72d5341fdc8a\BITF233.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\2161695cc72215da48be9a92c41e6ac7\BIT4E44.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\264ad9c12b8c697782b29e917ffca75a\BIT5F61.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\27f5b9bf8bd3cde530e256e168f4fcf3\BITB2C.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\2940b3056c88498b15db4366e11ce50d\BIT333B.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\2c1bc4d687c7c1d38f4ed72e7d675245\BITD312.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\2d024b962cec8a7881cb8f4d07372422\BITA4DA.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\33ec2532906401c2b426415b00631e37\BIT28F2.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\3b209d29252d83d9e7348ade5c557bec\BITEB5C.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\3f080d36466818c8554b5df10e321137\BITE9B9.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\40390a60c036cd5ee35e070c9f1ddbf0\BIT723C.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\47d13950a8b7382b222298268c0d5619\BIT469F.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\559076e6a1969a2e90d44453b0c2907d\BIT6743.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\55e7ef2e6231d4a78f39219dd8a59856\BIT37E1.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\590a423ea98966bb8e1ce95a6db76d28\BIT58D7.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\5b3f1c0853417edf321f2b2f4926b467\BIT8F5C.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\5c921ff8e325b532a35b10a0eddd3ac5\BITD688.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\5db7d6cb82d78062fb49027756e7f05b\BIT3F21.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\5fc364bbdf85b76ea3cfe3c2dc628ea6\BIT25ED.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\632ad31c06c24b8c3e323bf13b0eceb5\BIT3F62.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\646884e1dd5bfb7c2db930fab981c16a\BIT7D30.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\64f31dd189035704f5809230cc14bac9\BIT25C2.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\65435ac184df8cb55ac452b5f8e2ad65\BIT67AC.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\67ccc7ca54cd28f1f40ed2dcbe6e4a92\BIT2DB9.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\68b5c9fc8c43ded54c631c94fe4cf9f6\BIT5E27.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\6aea472d2581ab3600fe713ad40cda16\inst\$dpx$.tmp folder moved successfully.
C:\Windows\SoftwareDistribution\Download\6b11d8a2fa5f332382f609ea2665b168\BIT3689.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\6b4f33ff6e431e63607151234c3b41a1\BIT2CCD.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\6bdc036ea0e1009527a4f324cd9d665e\BIT2AD7.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\6c6016ad2794812491f59567fb8ffcef\BITC47B.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\7493a52fd00c09bbc4f96d5672c25729\BIT1997.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\784d3cbd15790df1f2bee64b02123124\BIT853A.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\78c198864c41fa2653da61c9fde9b341\$dpx$.tmp folder moved successfully.
C:\Windows\SoftwareDistribution\Download\7ac9421253a85872372ef5bf8a7d5fc2\BIT5039.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\7bedaa146c11925e4b5f8ecb4a30e4d1\BIT1F6.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\82e0a83607f61ed2a4c8c926651fc329\BIT3988.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\84706e63db3061020047b791b6b9fff4\BIT4BC2.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\85c8c786a57647aa3cd06cb695ae601f\BIT2EE2.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\89b94f8d3b013facc1c14a5613203833\BITB110.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\8ee429a7fac330408a92e781cb6f48b0\BITE1D.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\946b06492bee12ea04cb135137bee77f\BIT5EF1.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\96e9016d614e56d3eaa9d75b638a7362\BITA530.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\96f3fef987c86c99e4f753741189b851\BIT834C.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\978498aa062e6c142157b1f83f8c59c7\BIT6AAB.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\990cc65ea37db13192aa4a39ebb8f0bf\BIT76F5.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\9d184288ab011139fd1fdd49f2b1e603\BITF449.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\a34f2b7e3ef5dcb3de4e3927729f5645\BITF9C5.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\a603df89156a39c508f9aab7246a8015\BIT32EE.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\a699ca842d5f98d4997e1b8e8a318af8\BITB522.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\b043e317ef018b62f083887490a04432\BIT5376.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\b28874e31f1680b823f12282a61362ae\BIT5BD6.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\b7ccd99a0715e273dde290ec064671b6\BITCA90.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\bef62b8d4f7ced470ed7c0f557520e97\BIT5683.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\c0e5d8aeb3450b6a4648211fc4e992fe\BIT983E.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\c4e43a1976ed8df4a9d8048a6c5fdea9\BIT2254.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\c8544ca7888a0453f42b51ba2b814e8c\BIT3C1A.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\d3c09180f0f4e663680eb3012512ecee\BIT30C8.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\d5aa31f4aa24461b1df24c8654031230\BIT907D.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\d6161853fed5d6c3b30394d15c4d3533\BITBB14.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\da5519704ae839a8848d7655e230706a\BITBA62.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\db12585c57d41c828dc0d38021d03b45\BIT31F2.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\e639e7eefd97876fc14e7182debc247d\BIT4257.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\e6795c42ea0b68e0f6a56bbea590f037\BIT268E.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\e735730e168f54a1534705a16b36c2d9\BIT47AE.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\e7f9233b19b034e8936b6b9f5cd66189\BIT3455.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\e969cacb73a84dc3af25e2e907cd01d5\BIT63A8.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\ead59b1b13d0e0d137415820a4f532c5\BITE446.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\ecab7adc6e7921e5f837beefc0fcecda\BIT1ADD.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\ed3c1f4dbd1d3c4e384a9463bfd4fab9\BIT34CF.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\ed910f2831f2e6add63fc88de7ae011e\BIT8996.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\ef1dc8085ed880f5df3c7f2c7388bb97\BITAFB2.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\f0b3287628758c904635c71f8e6f0d12\BIT237E.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\f2493a4f778b4f5f81264359dd53f8cc\BIT4556.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\f647134404443d32a1d5df2f75da6eed\BIT6D8D.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\fa59c8635637a60d074f3eafd0fce577\BITD0FA.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\fcd4aa20e848ca6dd0ae01ac510b99ed\BIT9F73.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\ff89ed4290e88d0630eb6549b2f04eb3\BIT71A5.tmp moved successfully.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: kikina
->Temp folder emptied: 134276348 bytes
->Temporary Internet Files folder emptied: 53920410 bytes
->FireFox cache emptied: 49571064 bytes
->Flash cache emptied: 10104 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 38759794 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 264,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: kikina
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.17.3 log created on 11182010_132322

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP00000016AB8DD59A6ED8D353 not found!
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFFR7MM5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UF4SCUAG\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUKYZH6I\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6B1NY2V3\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

DULEZITE

S timto pocitacem jsem mel vzdy problemy se pripojit ihned po startu pres DSL... kabel... wifi jde v pohode, pres hub... Nevím, kde je chyba, ale nikdy jsem to moc neresil... internet najede az treba na 5. restart, proste v centrumu sdileni siti mívám např..., že není pripojeno k internetu aní k mistni siti..., nekdy jen mistni sit... atd. V nouzovem rezimu to jede v pohode, nebo kdyz pres msconfig (konfig systemu) dám diagnosticke spusteni... stejnak, ale pochybuju, ze tohle mi shazuje druhy hlavni pocitac, ale kdyz se to vyresi... tak budu rad

#8 Příspěvek od **vyosek** » 18 lis 2010 13:45

Zkuste preinstalovat ovladac sitove karty

Stahnete Avenger (viz muj podpis)

Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize

Kód: Vybrat vše

Files to delete:
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFFR7MM5\desktop.ini
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UF4SCUAG\desktop.ini
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUKYZH6I\desktop.ini
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6B1NY2V3\desktop.ini
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini

Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt

petr0266 · #9 Příspěvek od **petr0266** » 18 lis 2010 13:50

ovladače sitove karty uz jsem davno zkousel, také jine sitove karty... format a install windowsu nacisto take nepomohl, jdu provest toho avengera

#10 Příspěvek od **vyosek** » 18 lis 2010 13:57

V tom pripade bych zkusil providera, pripadne jeste jiny router, pokud nejste pripojen primo do krabicky ve zdi...

petr0266 · #11 Příspěvek od **petr0266** » 18 lis 2010 13:59

Na internetu jsem se nedavno docetl neco o "bezejmenných routerech" s kterými W7 a VISTY neumí pracovat, ale XP (můj hlavní comp) ano. Za chvili to sem hodim...

#12 Příspěvek od **vyosek** » 18 lis 2010 14:00

Je mozne ze neni kompatibilni, i tam muze byt samozrejme problem

petr0266 · #13 Příspěvek od **petr0266** » 18 lis 2010 14:06

avenger na me po restartu zadny log nevyhodil, na disku C log také neni, jdu to zkusit znovu

#14 Příspěvek od **vyosek** » 18 lis 2010 14:10

OK, snad se nam podari to smaznout...

petr0266 · #15 Příspěvek od **petr0266** » 18 lis 2010 14:12

bohužel nic, zadny log mi to zase neukazalo, ani na C: není... když otevřu znovu avenger a dam tu polozku nahore v zalozka open log... tak mi to hodi hlasku, ze program nebyl bud jeste spusten nebo log nebyl ulozen. Nevím... Mám to zkusit v nouzovem rezimu spustit zadat a restart?

VIRY.CZ

Pro sudance - na požádání 2. počítač

Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač

Re: Pro sudance - na požádání 2. počítač