Extras.txt:
OTL Extras logfile created on: 14.10.2010 21:32:22 - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = D:\Documents and Settings\FckBoy\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 195,32 Gb Total Space | 38,28 Gb Free Space | 19,60% Space Free | Partition Type: NTFS
Drive D: | 37,56 Gb Total Space | 29,12 Gb Free Space | 77,52% Space Free | Partition Type: NTFS
Computer Name: SHITDUCK | User Name: FckBoy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- D:\Program Files\Opera\opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "D:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Metin2_CZ\metin2client.bin" = C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Defraggler" = Defraggler (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"Windows XP Service Pack" = Windows XP Service Pack 3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Meebo Notifier" = Meebo Notifier
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 14.10.2010 6:27:22 | Computer Name = SHITDUCK | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\WINDOWS\System32\psnppagnv.dll failed, 00000005.
[ Application Events ]
Error - 14.10.2010 5:54:46 | Computer Name = SHITDUCK | Source = MsiInstaller | ID = 1014
Description = Informace proxy pro službu Windows Installer není správně zaregistrován
Error - 14.10.2010 5:54:46 | Computer Name = SHITDUCK | Source = MsiInstaller | ID = 1014
Description = Informace proxy pro službu Windows Installer není správně zaregistrován
Error - 14.10.2010 5:54:46 | Computer Name = SHITDUCK | Source = MsiInstaller | ID = 1014
Description = Informace proxy pro službu Windows Installer není správně zaregistrován
Error - 14.10.2010 5:56:29 | Computer Name = SHITDUCK | Source = MsiInstaller | ID = 1014
Description = Informace proxy pro službu Windows Installer není správně zaregistrován
Error - 14.10.2010 5:56:46 | Computer Name = SHITDUCK | Source = MsiInstaller | ID = 1014
Description = Informace proxy pro službu Windows Installer není správně zaregistrován
Error - 14.10.2010 5:57:48 | Computer Name = SHITDUCK | Source = MsiInstaller | ID = 1014
Description = Informace proxy pro službu Windows Installer není správně zaregistrován
Error - 14.10.2010 5:58:08 | Computer Name = SHITDUCK | Source = MsiInstaller | ID = 1014
Description = Informace proxy pro službu Windows Installer není správně zaregistrován
Error - 14.10.2010 6:20:31 | Computer Name = SHITDUCK | Source = MsiInstaller | ID = 1014
Description = Informace proxy pro službu Windows Installer není správně zaregistrován
Error - 14.10.2010 6:41:28 | Computer Name = SHITDUCK | Source = iNOSSO(R) | ID = 0
Description =
Error - 14.10.2010 7:12:06 | Computer Name = SHITDUCK | Source = Application Error | ID = 1000
Description = Chybující aplikace mlqjaqek.exe, verze 0.0.0.0, chybující modul mlqjaqek.exe,
verze 0.0.0.0, adresa chyby 0x000103aa.
[ System Events ]
Error - 14.10.2010 5:35:44 | Computer Name = SHITDUCK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 14.10.2010 6:11:05 | Computer Name = SHITDUCK | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 14.10.2010 6:33:26 | Computer Name = SHITDUCK | Source = BITS | ID = 1654791
Description = Seznam úloh Služby inteligentního přenosu na pozadí (BITS) je v nerozpoznaném
formátu. Pravděpodobně byl vytvořen jinou verzí služby BITS. Seznam úloh byl vymazán.
Error - 14.10.2010 10:25:45 | Computer Name = SHITDUCK | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC90.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .
Error - 14.10.2010 10:25:45 | Computer Name = SHITDUCK | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC90.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .
Error - 14.10.2010 10:25:45 | Computer Name = SHITDUCK | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\hry\fva\fva.exe se nezdařila. Referenční
chybová zpráva: Operace byla dokončena úspěšně. .
Error - 14.10.2010 11:27:54 | Computer Name = SHITDUCK | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
Error - 14.10.2010 15:30:21 | Computer Name = SHITDUCK | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126
< End of report >
Pc hlasí Vir JS:ScriptSH-inf[Trj] Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43297
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Pc hlasí Vir JS:ScriptSH-inf[Trj]
Tys to dneska přeinstalovával ??? Formát si ale nedělal co?
D:\Documents and Settings\FckBoy\Plocha\remi.dll ---to znáš , co je to?
C:\WINDOWS\system32\wuauserv.dll File not found
D:\WINDOWS\System32\hidserv.dll File not found
chybí Ti tam soubory..
**************************************************************************************************************************************
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
**************************************************************************************************************************************
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
D:\Documents and Settings\FckBoy\Plocha\remi.dll ---to znáš , co je to?
C:\WINDOWS\system32\wuauserv.dll File not found
D:\WINDOWS\System32\hidserv.dll File not found
chybí Ti tam soubory..
**************************************************************************************************************************************
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
**************************************************************************************************************************************
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll File not found
SRV - (HidServ) -- D:\WINDOWS\System32\hidserv.dll File not found
DRV - (catchme) -- D:\DOCUME~1\FckBoy\LOCALS~1\Temp\catchme.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: DirectAnimation Java Classes file://D:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://D:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O32 - AutoRun File - [2010.08.13 08:12:32 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Autorun.inf
D:\WINDOWS\SWXCACLS.exe
D:\WINDOWS\SWREG.exe
D:\WINDOWS\SWSC.exe
D:\WINDOWS\NIRCMD.exe
D:\WINDOWS\ALCMTR.EXE
D:\WINDOWS\ativpsrm.bin
D:\WINDOWS\PEV.exe
D:\WINDOWS\sed.exe
D:\WINDOWS\grep.exe
D:\WINDOWS\System32\ChCfg.exe
:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Pc hlasí Vir JS:ScriptSH-inf[Trj]
Přeinstalovával :) FOrmatoval sem jen WIndows disk :) Jinak data nechaal :)
remi.dll to opravdu nevwím
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Process firefox.exe killed successfully!
Service wuauserv stopped successfully!
Service wuauserv deleted successfully!
File C:\WINDOWS\system32\wuauserv.dll File not found not found.
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File D:\WINDOWS\System32\hidserv.dll File not found not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File D:\DOCUME~1\FckBoy\LOCALS~1\Temp\catchme.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
File Animation Java Classes file://D:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://D:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
File not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
C:\msdownld.tmp folder moved successfully.
Folder move failed. C:\Autorun.inf scheduled to be moved on reboot.
File\Folder D:\WINDOWS\SWXCACLS.exe not found.
File\Folder D:\WINDOWS\SWREG.exe not found.
File\Folder D:\WINDOWS\SWSC.exe not found.
File\Folder D:\WINDOWS\NIRCMD.exe not found.
D:\WINDOWS\ALCMTR.EXE moved successfully.
D:\WINDOWS\ativpsrm.bin moved successfully.
File\Folder D:\WINDOWS\PEV.exe not found.
File\Folder D:\WINDOWS\sed.exe not found.
File\Folder D:\WINDOWS\grep.exe not found.
D:\WINDOWS\System32\ChCfg.exe moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
D:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes
User: FckBoy
->Temp folder emptied: 3103000 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 56147397 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 591 bytes
User: LocalService
->Temp folder emptied: 65716 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1119674 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98752 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 58,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: FckBoy
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.9.0 log created on 10152010_215555
Files\Folders moved on Reboot...
Folder move failed. C:\Autorun.inf scheduled to be moved on reboot.
File move failed. D:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder D:\WINDOWS\temp\Perflib_Perfdata_480.dat not found!
Registry entries deleted on Reboot...
remi.dll to opravdu nevwím
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Process firefox.exe killed successfully!
Service wuauserv stopped successfully!
Service wuauserv deleted successfully!
File C:\WINDOWS\system32\wuauserv.dll File not found not found.
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File D:\WINDOWS\System32\hidserv.dll File not found not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File D:\DOCUME~1\FckBoy\LOCALS~1\Temp\catchme.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
File Animation Java Classes file://D:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://D:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
File not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
C:\msdownld.tmp folder moved successfully.
Folder move failed. C:\Autorun.inf scheduled to be moved on reboot.
File\Folder D:\WINDOWS\SWXCACLS.exe not found.
File\Folder D:\WINDOWS\SWREG.exe not found.
File\Folder D:\WINDOWS\SWSC.exe not found.
File\Folder D:\WINDOWS\NIRCMD.exe not found.
D:\WINDOWS\ALCMTR.EXE moved successfully.
D:\WINDOWS\ativpsrm.bin moved successfully.
File\Folder D:\WINDOWS\PEV.exe not found.
File\Folder D:\WINDOWS\sed.exe not found.
File\Folder D:\WINDOWS\grep.exe not found.
D:\WINDOWS\System32\ChCfg.exe moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
D:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes
User: FckBoy
->Temp folder emptied: 3103000 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 56147397 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 591 bytes
User: LocalService
->Temp folder emptied: 65716 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1119674 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98752 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 58,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: FckBoy
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.9.0 log created on 10152010_215555
Files\Folders moved on Reboot...
Folder move failed. C:\Autorun.inf scheduled to be moved on reboot.
File move failed. D:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder D:\WINDOWS\temp\Perflib_Perfdata_480.dat not found!
Registry entries deleted on Reboot...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43297
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Pc hlasí Vir JS:ScriptSH-inf[Trj]
D:\Documents and Settings\FckBoy\Plocha\remi.dll ---tak ten soubor smaž.
Ještě Ti Avast něco hlásí?
Ještě Ti Avast něco hlásí?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Pc hlasí Vir JS:ScriptSH-inf[Trj] Vyřešeno
Jo a ten remi byl k jednomu programku :) Nepotřebny odinstaloval a smazal sem :)
Avast už nic nehlásí tak děkuji a dávám vyřešeno :)
Avast už nic nehlásí tak děkuji a dávám vyřešeno :)
Kdo je online
Uživatelé prohlížející si toto fórum: Seznam[Bot] a 63 hostů