Kontrola logu

Příspěvekod **jaro3** » 03 lis 2011 16:35

Prosím Tě , kam na ty nákazy chodíš?? Pořiď si , nainstaluj si nějaký free firewall , ZA , Outpost ap..

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (MSWYM) -- File not found
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
[2011.03.08 13:54:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Extensions
[2011.03.08 13:54:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.10.12 15:00:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\extensions
[2011.10.16 09:39:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2011.10.27 14:54:33 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O18 - Protocol\Handler\msdaipp - No CLSID value found
[2011.11.02 14:41:12 | 000,546,394 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.02 14:41:12 | 000,544,024 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.11.02 14:41:12 | 000,125,186 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.11.02 14:41:12 | 000,110,242 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(9).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(8).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(7).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(6).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(5).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(4).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(3).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(2).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(11).dll
[2011.07.01 22:16:27 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd(10).dll
[2011.05.09 15:47:46 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2011.05.09 15:47:46 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2011.05.09 15:47:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2011.05.09 15:47:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.07.07 18:20:39 | 000,544,024 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2008.07.07 18:20:39 | 000,125,186 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2008.07.07 18:20:32 | 000,546,394 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.07.07 18:20:32 | 000,110,242 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\System32\x64
C:\Qoobox
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
C:\sqmdata09.sqm
C:\sqmnoopt09.sqm
C:\sqmdata08.sqm
C:\sqmnoopt08.sqm
C:\sqmdata07.sqm
C:\sqmnoopt07.sqm
C:\sqmdata06.sqm
C:\sqmnoopt06.sqm
C:\sqmdata05.sqm
C:\sqmnoopt05.sqm
C:\sqmdata04.sqm
C:\sqmnoopt04.sqm
C:\sqmdata03.sqm
C:\sqmnoopt03.sqm
C:\sqmdata02.sqm
C:\sqmnoopt02.sqm
C:\sqmdata01.sqm
C:\sqmnoopt01.sqm
C:\sqmdata00.sqm
C:\sqmnoopt00.sqm
C:\WINDOWS\System32\XFAXCZXRAEVF
C:\WINDOWS\System32\VSXGIHO
C:\WINDOWS\0278078drv.spi
C:\WINDOWS\1547429752
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\KGyGaAvL.sys
C:\sqmdata09.sqm
C:\sqmnoopt09.sqm
C:\hiberfil.sys
C:\sqmdata08.sqm
C:\sqmnoopt08.sqm
C:\sqmdata07.sqm
C:\sqmnoopt07.sqm
C:\sqmdata06.sqm
C:\sqmnoopt06.sqm
C:\sqmdata05.sqm
C:\sqmnoopt05.sqm
C:\sqmdata04.sqm
C:\sqmnoopt04.sqm
C:\sqmdata03.sqm
C:\sqmnoopt03.sqm
C:\sqmdata02.sqm
C:\sqmnoopt02.sqm
C:\sqmdata01.sqm
C:\sqmnoopt01.sqm
C:\sqmdata00.sqm
C:\sqmnoopt00.sqm
C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe
C:\WINDOWS\System32\ezsidmv.dat
C:\WINDOWS\INSTALLEEE.EXE
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\wklnhst.dat

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\System32\lcppn21.dll
C:\WINDOWS\System32\CSVSpecialProcessing.dll
C:\WINDOWS\SW_Win2000X1.DLL
C:\WINDOWS\System32\SARzilla.dll
C:\WINDOWS\System32\RegisterExe.exe
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Model6.env--pokud znáš , nemusíš
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Model7.env-pokud znáš , nemusíš
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Model6.env-pokud znáš , nemusíš
C:\NOTACER.ID-pokud znáš , nemusíš

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Stáhni si RootRepeal

Rozbal si archív třeba do C:\RootRepeal
Poklepej na RootRepeal.exe ke startu programu ( ve vistě pravým a vybrat spustit jako administrátor).
Klikni v dolní části na Files a potom na Scan .
Objeví se dialog.okno, dej zatržítko na disk, který chceš skenovat( nejčastěji na C:\) , a potom na OK.
Program začne skenovat zatržený disk. Když sken skončí , budou tam vypsané soubory, ale ne všechny musí být legitimní. Klikni na Save Report a ulož si log do dokumentů. Vlož sem prosím celý jeho obsah.

Reklama

ZHlavaty · Příspěvekod **ZHlavaty** » 04 lis 2011 11:50

Zdravím,
sám nevím,kde se to bere.Připojení k internetu mi stále nejde a tak to musí být schované nekde v PC.

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service MSWYM stopped successfully!
Service MSWYM deleted successfully!
File File not found not found.
Prefs.js: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1 removed from extensions.enabledItems
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16 removed from extensions.enabledItems
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Extensions folder moved successfully.
Folder C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
C:\WINDOWS\system32\PsisDecd.dll moved successfully.
C:\WINDOWS\system32\PsisDecd(9).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(8).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(7).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(6).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(5).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(4).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(3).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(2).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(11).dll moved successfully.
C:\WINDOWS\system32\PsisDecd(10).dll moved successfully.
C:\WINDOWS\system32\perfi005.dat moved successfully.
C:\WINDOWS\system32\perfd005.dat moved successfully.
C:\WINDOWS\system32\perfi009.dat moved successfully.
C:\WINDOWS\system32\perfd009.dat moved successfully.
File C:\WINDOWS\System32\perfh005.dat not found.
File C:\WINDOWS\System32\perfc005.dat not found.
File C:\WINDOWS\System32\perfh009.dat not found.
File C:\WINDOWS\System32\perfc009.dat not found.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\SET10F.tmp moved successfully.
C:\WINDOWS\System32\SET19.tmp moved successfully.
C:\WINDOWS\System32\SET219.tmp moved successfully.
C:\WINDOWS\System32\SET60.tmp moved successfully.
C:\WINDOWS\System32\SET74.tmp moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\User_Feed_Synchronization-{4199CB7F-1E72-477B-8BA5-CC6A4786ABD2}.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS\System32\x64 folder moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
File\Folder [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] not found.
File\Folder [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] not found.
C:\sqmdata09.sqm moved successfully.
C:\sqmnoopt09.sqm moved successfully.
C:\sqmdata08.sqm moved successfully.
C:\sqmnoopt08.sqm moved successfully.
C:\sqmdata07.sqm moved successfully.
C:\sqmnoopt07.sqm moved successfully.
C:\sqmdata06.sqm moved successfully.
C:\sqmnoopt06.sqm moved successfully.
C:\sqmdata05.sqm moved successfully.
C:\sqmnoopt05.sqm moved successfully.
C:\sqmdata04.sqm moved successfully.
C:\sqmnoopt04.sqm moved successfully.
C:\sqmdata03.sqm moved successfully.
C:\sqmnoopt03.sqm moved successfully.
C:\sqmdata02.sqm moved successfully.
C:\sqmnoopt02.sqm moved successfully.
C:\sqmdata01.sqm moved successfully.
C:\sqmnoopt01.sqm moved successfully.
C:\sqmdata00.sqm moved successfully.
C:\sqmnoopt00.sqm moved successfully.
C:\WINDOWS\System32\XFAXCZXRAEVF moved successfully.
C:\WINDOWS\System32\VSXGIHO moved successfully.
C:\WINDOWS\0278078drv.spi moved successfully.
C:\WINDOWS\1547429752 moved successfully.
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\System32\KGyGaAvL.sys moved successfully.
File\Folder C:\sqmdata09.sqm not found.
File\Folder C:\sqmnoopt09.sqm not found.
File move failed. C:\hiberfil.sys scheduled to be moved on reboot.
File\Folder C:\sqmdata08.sqm not found.
File\Folder C:\sqmnoopt08.sqm not found.
File\Folder C:\sqmdata07.sqm not found.
File\Folder C:\sqmnoopt07.sqm not found.
File\Folder C:\sqmdata06.sqm not found.
File\Folder C:\sqmnoopt06.sqm not found.
File\Folder C:\sqmdata05.sqm not found.
File\Folder C:\sqmnoopt05.sqm not found.
File\Folder C:\sqmdata04.sqm not found.
File\Folder C:\sqmnoopt04.sqm not found.
File\Folder C:\sqmdata03.sqm not found.
File\Folder C:\sqmnoopt03.sqm not found.
File\Folder C:\sqmdata02.sqm not found.
File\Folder C:\sqmnoopt02.sqm not found.
File\Folder C:\sqmdata01.sqm not found.
File\Folder C:\sqmnoopt01.sqm not found.
File\Folder C:\sqmdata00.sqm not found.
File\Folder C:\sqmnoopt00.sqm not found.
C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\WINDOWS\INSTALLEEE.EXE moved successfully.
C:\Documents and Settings\Zdeněk - Hlavaty\Data aplikací\wklnhst.dat moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Zdeněk - Hlavaty
->Temp folder emptied: 821560 bytes
->Temporary Internet Files folder emptied: 5324876 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 100856379 bytes
->Flash cache emptied: 685 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8439669 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3408485672 bytes

Total Files Cleaned = 3 361,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 11042011_094237

Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!
File\Folder C:\hiberfil.sys not found!
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Temp\WCESLog.log moved successfully.
File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Test na Virustotal
C:\WINDOWS\System32\lcppn21.dll jsem nenašel
http://www.virustotal.com/file-scan/rep ... 1320398610
http://www.virustotal.com/file-scan/rep ... 1320398857
http://www.virustotal.com/file-scan/rep ... 1320398940
http://www.virustotal.com/file-scan/rep ... 1320399035
http://www.virustotal.com/file-scan/rep ... 1320399442

Tohle jsou pracovní aplikace-test negativní
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Model6.
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Model7.
C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Model6.

Java oktualizovaná ostatní odebrány.

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2011/11/04 11:18
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\WINDOWS\$NtUninstallKB48196$\3132373340
Status: Locked to the Windows API!

Path: c:\program files\eliska3\mssql10.eliskaclient2008\mssql\log\log_1080.trc
Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Apps\2.0\0HPJTBX2.0XE\VQHWA1W1.0BG\manifests\clickonce_bootstrap.exe.cdf-ms
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Zdeněk - Hlavaty\Local Settings\Apps\2.0\0HPJTBX2.0XE\VQHWA1W1.0BG\manifests\clickonce_bootstrap.exe.manifest
Status: Locked to the Windows API!

bledulka · Příspěvekod **bledulka** » 06 lis 2011 23:13

Teď to s počítačem vypadá jak?

ZHlavaty · Příspěvekod **ZHlavaty** » 08 lis 2011 15:32

Dobrý den,
zdá se,že PC běží normálně,nicméně k internetu se stale nemohu připojit a složka na D:\D která je prázdná není přístupná nejde smazat.Odepřen přístup.

Příspěvekod **jaro3** » 08 lis 2011 18:46

Jaká složka na D:\D ??

Stáhni si Dial-a-fix

Klikni na kladívko-další možnosti:
FlushDNS - Resetuje DNS cache.
Reset networking interfaces - Opraví winsock a síťové nastavení.
Klikni na službu a potom na GO.

ZHlavaty · Příspěvekod **ZHlavaty** » 09 lis 2011 12:12

Dobrý den,
někdy při těch čistících operacích se mi na oddílu D vytvořila složka D,která je prázdná,ale nepřístupná a nejde smazat.
S Dial-a-fixem provedeno dle návodu,ale připojení stále nejde.Načítá síťovou adresu,ale nenačte.
Přemýšlím o přeinstalaci.

Příspěvekod **jaro3** » 09 lis 2011 15:21

Přeinstaluj ovladače k sít. kartě.

Napiš úplnou cestu s tím souborem ( složkou).

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Kdo je online