PC se dokola restartuje

[Pawkin]

zde log z hjt


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:42:30, on 25.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Administrator.HOME\Plocha\Tomáš.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [24399] C:\WINDOWS\system32\B.tmp.exe
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\RunOnce: [OTL] "C:\Documents and Settings\Administrator.HOME\Plocha\OTL.exe"
O4 - HKLM\..\RunOnce: [OTM] "C:\DOCUME~1\ADMINI~1.HOM\LOCALS~1\Temp\Rar$EX01.718\OTMoveIt\OTM.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-73586283-789336058-682003330-500\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\Documents and Settings\Tomáš Pawera\reader_s.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [reader_s] C:\Documents and Settings\Tomáš Pawera\reader_s.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 4074 bytes

jo zajimalo by mne co se deje s temam procesama a registrama kdyz je fixuju??

[Reklama]

[Damned]

Při fixování se zastavuje proces a maže se záznam k jeho spouštění z registru.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O4 - HKLM\..\Run: [24399] C:\WINDOWS\system32\B.tmp.exe
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKUS\S-1-5-21-73586283-789336058-682003330-500\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\Documents and Settings\Tomáš Pawera\reader_s.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [reader_s] C:\Documents and Settings\Tomáš Pawera\reader_s.exe (User 'Default user')
O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
*****************************************************************************************************************************************
Spusť OTL
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe:ext.exe

:Files
C:\Documents and Settings\Tomáš Pawera\reader_s.exe
C:\WINDOWS\system32\svchost.exe:ext.exe
C:\WINDOWS\system32\B.tmp.exe
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\system32\regedit.exe
C:\WINDOWS\System32\*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\System32\drivers\zillecqgv3.sys
C:\WINDOWS\System32\sys64_nov.exe
C:\WINDOWS\System32\drivers\zwyqwtndia5.sys
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\System32\winulty.exe
C:\WINDOWS\tasks\SA.DAT
C:\Documents and Settings\Administrator.HOME\Dokumenty\poydrav.exe
C:\Documents and Settings\Administrator.HOME\Dokumenty\poydrav.cpp
C:\WINDOWS\System32\rmvirut.nt
C:\WINDOWS\System32\rmvirut.lst
C:\System Volume Information /s
C:\RECYCLER /s

:Services
C:\WINDOWS\System32\svchost.exe:ext.exe

:Reg

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Pawkin]

zde log z otl

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
========== FILES ==========
C:\Documents and Settings\Tomáš Pawera\reader_s.exe moved successfully.
File\Folder C:\WINDOWS\system32\svchost.exe:ext.exe not found.
File\Folder C:\WINDOWS\system32\B.tmp.exe not found.
C:\WINDOWS\System32\reader_s.exe moved successfully.
File\Folder C:\WINDOWS\system32\regedit.exe not found.
C:\WINDOWS\System32\10.tmp moved successfully.
C:\WINDOWS\System32\11.tmp moved successfully.
C:\WINDOWS\System32\14.tmp moved successfully.
C:\WINDOWS\System32\2.tmp moved successfully.
C:\WINDOWS\System32\3.tmp moved successfully.
C:\WINDOWS\System32\4.tmp moved successfully.
C:\WINDOWS\System32\5.tmp moved successfully.
C:\WINDOWS\System32\6.tmp moved successfully.
C:\WINDOWS\System32\7.tmp moved successfully.
C:\WINDOWS\System32\8.tmp moved successfully.
C:\WINDOWS\System32\9.tmp moved successfully.
C:\WINDOWS\System32\A.tmp moved successfully.
C:\WINDOWS\System32\B.tmp moved successfully.
C:\WINDOWS\System32\C.tmp moved successfully.
C:\WINDOWS\System32\D.tmp moved successfully.
C:\WINDOWS\System32\E.tmp moved successfully.
C:\WINDOWS\System32\F.tmp moved successfully.
C:\WINDOWS\temp\dwomastk.tmp moved successfully.
C:\WINDOWS\temp\hvwdnxjln.tmp moved successfully.
File move failed. C:\WINDOWS\temp\vcmtontb.tmp scheduled to be moved on reboot.
C:\WINDOWS\temp\VRT1.tmp moved successfully.
C:\WINDOWS\temp\VRT2.tmp moved successfully.
C:\WINDOWS\temp\VRT3.tmp moved successfully.
C:\WINDOWS\temp\VRT4.tmp moved successfully.
C:\WINDOWS\temp\VRT48.tmp moved successfully.
File move failed. C:\WINDOWS\temp\xmfnxhvo.tmp scheduled to be moved on reboot.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\zillecqgv3.sys not found.
C:\WINDOWS\System32\sys64_nov.exe moved successfully.
File\Folder C:\WINDOWS\System32\drivers\zwyqwtndia5.sys not found.
File\Folder C:\WINDOWS\System32\reader_s.exe not found.
File\Folder C:\WINDOWS\System32\winulty.exe not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
File\Folder C:\Documents and Settings\Administrator.HOME\Dokumenty\poydrav.exe not found.
File\Folder C:\Documents and Settings\Administrator.HOME\Dokumenty\poydrav.cpp not found.
File\Folder C:\WINDOWS\System32\rmvirut.nt not found.
File\Folder C:\WINDOWS\System32\rmvirut.lst not found.
C:\System Volume Information moved successfully.
C:\_OTL\MovedFiles\09252009_181658\System Volume Information moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\System Volume Information moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\System Volume Information moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\System Volume Information moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\System Volume Information moved successfully.
Folder move failed. C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\System Volume Information scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\System Volume Information scheduled to be moved on reboot.
C:\RECYCLER\S-1-5-21-73586283-789336058-682003330-500 moved successfully.
C:\RECYCLER moved successfully.
C:\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-21-73586283-789336058-682003330-500 moved successfully.
C:\_OTL\MovedFiles\09252009_181658\RECYCLER moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-21-73586283-789336058-682003330-500 moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-21-73586283-789336058-682003330-500 moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-21-73586283-789336058-682003330-500 moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-21-73586283-789336058-682003330-500 moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-21-73586283-789336058-682003330-500 moved successfully.
C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER moved successfully.
Folder move failed. C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-21-9014444902-9465049783-506293949-4771 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-21-6820224602-1650687283-069954509-5899 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER scheduled to be moved on reboot.
C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER moved successfully.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-F265~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-D695~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-C604~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-C2A1~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-9E95~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-824B~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~4 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~3 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~2 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER scheduled to be moved on reboot.
========== SERVICES/DRIVERS ==========
Service\Driver C:\WINDOWS\System32\svchost.exe:ext.exe not found.
Service\Driver C:\WINDOWS\System32\svchost.exe:ext.exe not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.HOME
->Temp folder emptied: 114688 bytes
->Temporary Internet Files folder emptied: 519086 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35114100 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Tomáš Pawera
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 148808 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1247051 bytes
->Google Chrome cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\WINDOWS\temp\vcmtontb.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\xmfnxhvo.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied: 1291896 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 36,69 mb


OTL by OldTimer - Version 3.0.14.0 log created on 09252009_181658

Files\Folders moved on Reboot...
C:\WINDOWS\temp\vcmtontb.tmp moved successfully.
C:\WINDOWS\temp\xmfnxhvo.tmp moved successfully.
Folder move failed. C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\System Volume Information scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\System Volume Information scheduled to be moved on reboot.
Folder move failed. C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER\S-1-5-~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\_OTL\MovedFiles\09252009_181658\RECYCLER scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-21-9014444902-9465049783-506293949-4771 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-21-6820224602-1650687283-069954509-5899 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-21-9014444902-9465049783-506293949-4771 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-21-6820224602-1650687283-069954509-5899 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-F265~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-D695~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-C604~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-C2A1~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-9E95~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-824B~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~4 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~3 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~2 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-F265~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-D695~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-C604~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-C2A1~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-9E95~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-824B~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~4 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~3 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~2 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER\S-1-5-~1 scheduled to be moved on reboot.
Folder move failed. C:\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\_OTM\MovedFiles\09242009_181840\RECYCLER scheduled to be moved on reboot.

Registry entries deleted on Reboot...


prc schvost exe,ece nebo jak to je neslo

[Damned]

Sáhni si Dr. Weba z této adresy. Nainstaluj ho a spusť.
http://www.spywareremovalblog.com/remov ... e-download

Co najde, zkus léčit, pokud nepůjde, smaž.

[Pawkin]

nevim co s tim je ale ten virut je asi moc chytry stranky ktere obsahuji slovo spyware antimalware atd. se mi nezobrazuji , !chyba při načitani stranky! fakt nevim mohl bys mi kdyžtak vykutit na e-downloadu naky soubor na stahnuti přejmenovany.

[Damned]

Zkusím něco najít.

[Damned]

Virut by se měl vyléčit.

Zkus si stáhnout nový AVG remover a spustit ho.

Pokud by neodstranil, zkus stáhnout Kasperskyho: http://www.softpedia.com/progDownload/K ... 90524.html , Spustit, aktualizovat a úplný sken.

Nebo u někoho stáhnout na flešku D.Weba a spustit z flešky, klidně i bez aktualizace.

[Pawkin]

nic z toho nefunguje je to na nic

[Pawkin]

svchosty se pořad spouštěji pls o radu

[Damned]

Zkusíme tedy už jen čítankový návod.
1 - Zazálohuj si své soukromé soubory. Doporučuji zálohovat pouze fotky, videa a texty. Našel jsem někde doporučení: Vytisknout si seznam a pak smazat přípony souborů.
Nezálohovat v žádném případě soubory typu *exe, *.dll, *scr, *html, *htm ani archívy(!)... atd, pomocí nich by se mohl virut objevit i v nové instalaci.
Pokud máš nějaké registrační čísla v programech, přepiš si je do textového souboru.
To vše odlož někam na net.
2- Spusť PC. Najdi tyto červené soubory: C:\windows\system32\reader_s.exe a C:\Documents and Settings\Tomáš Pawera\reader_s.exe a C:\WINDOWS\system32\regedit.exe a smaž je (pokud by nešly, zkontroluj jejich atributy ve Vlastnostech - pravý klik - a změň skryté a jen ke čtení)
3 - Ve složce C:\WINDOWS najdi a spusť regedit.exe. Otevře se ti Editor registru a v něm najdi a smaž klíče:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\reader_s.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\regedit.exe
HKEY_LOCAL_MACHINE\software\windows\currentversion\run\reader_s.exe
HKEY_LOCAL_MACHINE\software\windows\currentversion\run\regedit.exe
4 - Stáhni a použij AVG Remover (nebo stáhni zde: http://www.softpedia.com/progDownload/W ... 06366.html ). Při práci s tímto nástrojem musí být vypnuty všechny ostatní programy, prohlížeče atd (zkontroluj ve Správci úloh) a odpoj se od internetu! Vše co najde smazat!
5 - Stáhni si :Dr. Web CureItdej update , po aktualizaci dej start.
Tlačítky dole můzeš soubor léčit, smazat, přesunout nebo přejmenovat. Léčit nejdříve, pokud nepůjde tak smazat.
6 - Po skončení restartuj PC do normálního režimu. Pokud bude stále reader_s.exe přítomen v PC zbývá už jen formát a nová instalace OS.
*****************************************************************************************************************************************
Napiš zda se postup povedl.

[Pawkin]

hodnota regedit nejde z registru odstranit nekolikrat sem to skousel ale pokazde se to tam objevi znova jneexistuje naky program ktery by tu honotu nak zakazal?? nebo neco co by to vymazalo ??

[Damned]

Pokud nejde, tak pokračuj dál.