Kontrola logu

Death at Comp · Příspěvekod **Death at Comp** » 07 bře 2010 18:02

Zdravím vás.Prosím o kontrolu logu.Stahnul jsem jeden soubor do složky a od té doby se do tý složky nemohu dostat, vždycky mi to napíše problém explorer.exe a vyhodí mi to odtamtud takže ani ten soubor nemůžu smáznout.Předem díky.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:54, on 7.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\vypalovani\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Virtual CD v8\System\VC8SecS.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\RAM Idle LE\RAM_XP.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\TRANSLAT\Wdict32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet\FirefoxPreloader\FirefoxPreloader.exe
C:\Program Files\System\101 Clips\101Clips.exe
C:\Program Files\System\CompControl 2.01\control.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\System\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: VirtualCamera IEMenu Class - {0246A1A7-820A-469A-85A7-7B7F01EB808C} - C:\Program Files\System\VirtualCamera\VirtualCameraMenu.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Net\NetXfer\NXIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Net\NetXfer\NXToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [VC8Player] ; C:\Program Files\Virtual CD v8\System\VC8Play.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [WDICT32] C:\TRANSLAT\Wdict32.exe /l
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AutoStartNPSAgent] ; C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [gStart] ; L:\Dokumenty 2\Navigace\gStart.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 101Clips.lnk = C:\Program Files\System\101 Clips\101Clips.exe
O4 - Startup: CompControl 2.01.lnk = C:\Program Files\System\CompControl 2.01\control.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files\Internet\FirefoxPreloader\FirefoxPreloader.exe
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: Hledej v &Seznamu - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v Seznam &Fulltextu - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Stáhnout pomocí NetXferu - C:\Program Files\Net\NetXfer\NXAddLink.html
O8 - Extra context menu item: Stáhnout vše pomocí Net&Xferu - C:\Program Files\Net\NetXfer\NXAddList.html
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.idnes.cz/
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - http://www.listicka.cz/toolbar.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1420445173
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DirMngr - Unknown owner - C:\Program Files\System\GnuPG\dirmngr.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\vypalovani\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\Sandra Lite XI.SP2\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\Sandra Lite XI.SP2\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Virtual CD v8 Management Service (VC8SecS) - H+H Software GmbH - C:\Program Files\Virtual CD v8\System\VC8SecS.exe

--
End of file - 13361 bytes

Jinak jsem comp projel antivirem a ruznejma scanerama, něco to našlo a odstranilo.

Reklama

Damned · Příspěvekod **Damned** » 07 bře 2010 18:35

Co je to za soubor, v jaké složce a zkontroluj ho na VT.

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Death at Comp · Příspěvekod **Death at Comp** » 07 bře 2010 20:03

Je to video a je v L:\Dokumenty 2\Filmy. Ve "VT" zkontrolovat nejde protože jak zvolim tu složku tak mi to hned vyhodí a zavře prohlížeč. A ten Combofix se kousnul a vyhodil tohle:

Damned · Příspěvekod **Damned** » 07 bře 2010 20:32

To by nemělo být ale ComboFixem.

Stáhni si SystemLook nebo: SystemLook na Plochu.
Spusť ho a do políčka vlož tento text:

Kód: Vybrat vše

:filefind 
L:\Dokumenty 2\Filmy

A zmáčkni "Look". Po kontrole se ti na Ploše objeví SystemLook.txt. Zkopíruj ho sem.

Death at Comp · Příspěvekod **Death at Comp** » 07 bře 2010 20:50

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 20:42 on 07/03/2010 by ase (Administrator - Elevation successful)

========== filefind ==========

Searching for "L:\Dokumenty 2\Filmy"
No files found.

-=End Of File=-

Damned · Příspěvekod **Damned** » 07 bře 2010 20:55

Zkus Combofix spustit v nouzovém režimu a napiš mi sem celý přesný název toho souboru včetně cesty.

Death at Comp · Příspěvekod **Death at Comp** » 07 bře 2010 23:13

Takže jsem spustil ComboFix v nouzáku a hodilo to tu samou obrazovku co předtím ale v C:\ComboFix jsem našel tenhle log:

s/^%ActiveX%/C:\\WINDOWS\\Downloaded Program Files/I;
s/^%ALLUSERSPROFILE%/C:\\Documents and Settings\\All Users/I;
s/^%APPDATA%/C:\\Documents and Settings\\ase\\Data aplikací/I;
s/^%Cache%/C:\\Documents and Settings\\ase\\Local Settings\\Temporary Internet Files/I;
s/^%CDBurning%/C:\\Documents and Settings\\ase\\Local Settings\\Data aplikací\\Microsoft\\Zápis na CD/I;
s/^%CommonAdministrativeTools%/C:\\Documents and Settings\\All Users\\Nabídka Start\\Programy\\Nástroje pro správu/I;
s/^%CommonAppData%/C:\\Documents and Settings\\All Users\\Data aplikací/I;
s/^%CommonDesktop%/C:\\Documents and Settings\\All Users\\Plocha/I;
s/^%CommonDocuments%/C:\\Documents and Settings\\All Users\\Dokumenty/I;
s/^%CommonFavorites%/C:\\Documents and Settings\\All Users\\Oblíbené položky/I;
s/^%CommonProgramFiles%/C:\\Program Files\\Common Files/I;
s/^%CommonPrograms%/C:\\Documents and Settings\\All Users\\Nabídka Start\\Programy/I;
s/^%CommonStartMenu%/C:\\Documents and Settings\\All Users\\Nabídka Start/I;
s/^%CommonStartup%/C:\\Documents and Settings\\All Users\\Nabídka Start\\Programy\\Po spuštění/I;
s/^%CommonTemplates%/C:\\Documents and Settings\\All Users\\Šablony/I;
s/^%Cookies%/C:\\Documents and Settings\\ase\\Cookies/I;
s/^%DefaultAppData%/C:\\WINDOWS\\system32\\config\\systemprofile\\Data aplikací/I;
s/^%DefaultCache%/C:\\Documents and Settings\\LocalService\\Local Settings\\Temporary Internet Files/I;
s/^%DefaultCookies%/C:\\Documents and Settings\\LocalService\\Cookies/I;
s/^%DefaultFonts%/C:\\WINDOWS\\Fonts/I;
s/^%DefaultHistory%/C:\\Documents and Settings\\LocalService\\Local Settings\\History/I;
s/^%DefaultLocalAppData%/C:\\Documents and Settings\\NetworkService\\Local Settings\\Data aplikací/I;
s/^%DefaultLocalSettings%/C:\\WINDOWS\\system32\\config\\systemprofile\\Local Settings/I;
s/^%DefaultStartMenu%/C:\\Documents and Settings\\NetworkService\\Nabídka Start/I;
s/^%Desktop%/C:\\Documents and Settings\\ase\\Plocha/I;
s/^%Fonts%/C:\\WINDOWS\\Fonts/I;
s/^%History%/C:\\Documents and Settings\\ase\\Local Settings\\History/I;
s/^%HOMEPATH%/\\Documents and Settings\\ase/I;
s/^%LocalAppData%/C:\\Documents and Settings\\ase\\Local Settings\\Data aplikací/I;
s/^%LocalSettings%/C:\\Documents and Settings\\ase\\Local Settings/I;
s/^%Personal%/C:\\Documents and Settings\\ase\\Dokumenty/I;
s/^%PrintHood%/C:\\Documents and Settings\\ase\\Okolní tiskárny/I;
s/^%ProfilesDirectory%/C:\\Documents and Settings/I;
s/^%ProgramFiles%/C:\\Program Files/I;
s/^%Programs%/C:\\Documents and Settings\\ase\\Nabídka Start\\Programy/I;
s/^%Recent%/C:\\Documents and Settings\\ase\\Recent/I;
s/^%SendTo%/C:\\Documents and Settings\\ase\\SendTo/I;
s/^%StartMenu%/C:\\Documents and Settings\\ase\\Nabídka Start/I;
s/^%Startup%/C:\\Documents and Settings\\ase\\Nabídka Start\\Programy\\Po spuštění/I;
s/^%SYSTEM%/C:\\WINDOWS\\system32/I;
s/^%SysTemp%/C:\\WINDOWS\\TEMP/I;
s/^%SystemRoot%/C:\\WINDOWS/I;
s/^%Tasks%/C:\\WINDOWS\\Tasks/I;
s/^%TEMP%/C:\\DOCUME~1\\ase\\LOCALS~1\\Temp/I;
s/^%Templates%/C:\\Documents and Settings\\ase\\Šablony/I;
s/^%Temp_LFN%/C:\\Documents and Settings\\ase\\Local Settings\\temp/I;
s/^%TMP%/C:\\DOCUME~1\\ase\\LOCALS~1\\Temp/I;
s/^%USERPROFILE%/C:\\Documents and Settings\\ase/I;
s/^%windir%/C:\\WINDOWS/I;
s/^%systemdrive%/C:/I;

Jo a ten soubor se jmenuje:District 9 2009 cz tit avi
Cesta k němu:L:\Dokumenty 2\Filmy\District 9 2009 cz tit avi

Damned · Příspěvekod **Damned** » 07 bře 2010 23:32

Vypni si Spybota!

Stáhni si OTL na Plochu.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

:Files
L:\Dokumenty 2\Filmy\District_9_2009_cz_tit.avi
:Files
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\327882R2FWJFW
C:\ComboFix
C:\Qoobox
C:\Combofix.txt
C:\Windows\PEV.exe
C:\Windows\SWXCACLS.exe
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\NIRCMD.exe
C:\ComboFix
C:\Qoobox
C:\Windows\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Zkontroluj jestli je ten název filmu správně. Musí být přesně tak jak je psán.

Death at Comp · Příspěvekod **Death at Comp** » 08 bře 2010 15:25

Tak jsem udělal vše co jsi napsal, problém poád přetrvává, tady je log:

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
========== FILES ==========
File\Folder L:\Dokumenty 2\Filmy\District_9_2009_cz_tit_avi not found.
========== FILES ==========
File\Folder C:\Windows\*.tmp not found.
File\Folder C:\Windows\System32\*.tmp not found.
C:\RECYCLER\S-1-5-21-2411705400-1126069726-1247597796-1005 folder moved successfully.
C:\RECYCLER folder moved successfully.
File\Folder C:\$RECYCLE.BIN not found.
File\Folder C:\327882R2FWJFW not found.
File\Folder C:\ComboFix not found.
File\Folder C:\Qoobox not found.
File\Folder C:\Combofix.txt not found.
File\Folder C:\Windows\PEV.exe not found.
File\Folder C:\Windows\SWXCACLS.exe not found.
File\Folder C:\Windows\SWREG.exe not found.
File\Folder C:\Windows\SWSC.exe not found.
File\Folder C:\Windows\sed.exe not found.
File\Folder C:\Windows\grep.exe not found.
File\Folder C:\Windows\NIRCMD.exe not found.
File\Folder C:\ComboFix not found.
File\Folder C:\Qoobox not found.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.N-458F113272504
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.N-458F113272504.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.N-458F113272504.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: ase
->Temp folder emptied: 761919 bytes
->Temporary Internet Files folder emptied: 53558 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 19752288 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 737 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: HRY

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16639 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 20,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.N-458F113272504

User: Administrator.N-458F113272504.000

User: Administrator.N-458F113272504.001

User: All Users

User: ase
->Flash cache emptied: 0 bytes

User: Default User

User: HRY

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.1.35.0 log created on 03082010_151325

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_3fc.dat moved successfully.

Registry entries deleted on Reboot...

Damned · Příspěvekod **Damned** » 08 bře 2010 15:38

Napsal, že film nenalezl. Psal jsem ti, aby si napsal přesný názen (tj. včetně mezer, stylu či znamének).

Tzn (podle logu), že tento soubor/složka:

L:\Dokumenty 2\Filmy\District_9_2009_cz_tit_avi

není v tvém PC.
Zopakuj znovu ten script:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

:Files
L:\Dokumenty 2\Filmy\District_9 2009 cz tit.avi

:Reg

:Commands
[purity]
[emptytemp]
[Reboot]

Klik na RunFix a povol restart.

Jen titul: L:\Dokumenty 2\Filmy\District_9_2009_cz_tit.avi změň na přený název a cestu. Zkontroluj háčky, čárky, pomlčky počet mezer atd....

Death at Comp · Příspěvekod **Death at Comp** » 08 bře 2010 18:54

Nemysli si že jsem to nezkoušel všelijak ten název ale je pořád tam (podívej na obr.), tady je log:

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
========== FILES ==========
File\Folder L:\Dokumenty 2\Filmy\District_9 2009 cz tit.avi not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.N-458F113272504
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.N-458F113272504.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.N-458F113272504.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: ase
->Temp folder emptied: 761919 bytes
->Temporary Internet Files folder emptied: 49794 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45437206 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 405 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: HRY

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17050 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 44,00 mb

OTL by OldTimer - Version 3.1.35.0 log created on 03082010_173618

Files\Folders moved on Reboot...
C:\Documents and Settings\ase\Local Settings\Temp\~DFAE44.tmp moved successfully.
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File move failed. C:\WINDOWS\temp\Perflib_Perfdata_3c4.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Damned · Příspěvekod **Damned** » 08 bře 2010 19:11

Nastav si zobrazení ve složkách na "Podrobnosti" (ne na "Miniatury"). V tý složce máš i další filmy?

Stáhni si program OTM (by OldTimer) a ulož si ho na disk C a spusť ho.

- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE

Kód: Vybrat vše

:Processes
explorer.exe

:Services

:Files
C:\WINDOWS\System32\*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
L:\Dokumenty 2\Filmy\District 9 2009 cz tit avi

:Commands
[purity]
[emptytemp]
[Reboot]

- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.

Kontrola logu Vyřešeno

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Kdo je online