kontrola logu HiJackThis

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 14:12

prosím o kontrolu logu vytižení CPU 100 procent i v klidu


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:09:48, on 16.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\uzivatel\Dokumenty\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_1.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_1.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [1016_1326109652054] "C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0002.tmp_r.bat"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 3480 bytes
Nahoru
Reklama
Top
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 14:58

skontroluje mi nekdo log
Nahoru
Uživatelský avatar
Stene
Level 6
Level 6
Příspěvky: 3124
Registrován: únor 09
Bydliště: Jihlava
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Stene

Re: kontrola logu HiJackThis

Příspěvekod Stene » 16 říj 2013 14:59

Vydrž, odborníci na hjt toho mají moc.. Hned jak budou mít chvilku, zkontrolují ti to..
Nahoru
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 15:13

diky moc
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod memphisto » 16 říj 2013 16:26

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 17:16

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.16.07

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 6.0.2900.5512
uzivatel :: UZIVATEL-52AE83 [administrátor]

Ochrana: Zakázána

16.10.2013 17:06:16
MBAM-log-2013-10-16 (17-15-20).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 204540
Uplynulý čas: 7 minut, 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 5
HKCR\Typelib\{0771C34F-730F-4535-AD4C-37B74D27188E} (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.BackgroundHostObject (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.BackgroundHostObject.1 (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 5
C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\zulagames (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\OpenCandy\6F292C186F754284987C25301A5764E5 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\File Scout (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 11
C:\Documents and Settings\uzivatel\Data aplikací\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\YTDSetup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\bsplayer265.1074-aoc-jd.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Conduit\CT1750559\BS_PlayerAutoUpdaterHelper.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\zulagames\zulagames.crx (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\zulagames\DeskTopIcon.ico (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\zulagames\install_helper.exe (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\OpenCandy\6F292C186F754284987C25301A5764E5\chrometest.html (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\uzivatel\Data aplikací\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.

(konec)
Nahoru
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 17:23

# AdwCleaner v3.007 - Report created 16/10/2013 at 17:17:52
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : uzivatel - UZIVATEL-52AE83
# Running from : C:\Documents and Settings\uzivatel\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\uzivatel\Data aplikací\speedanalysis.ico
File Found : C:\END
File Found : C:\WINDOWS\system32\conduitEngine.tmp
Folder Found : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Folder Found : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\Extensions\engine@conduit.com
Folder Found C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService
Folder Found C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found C:\Documents and Settings\uzivatel\Data aplikací\file scout
Folder Found C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\Conduit
Folder Found C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\ConduitEngine
Folder Found C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\CT1750559
Folder Found C:\Documents and Settings\uzivatel\Data aplikací\OpenCandy
Folder Found C:\Documents and Settings\uzivatel\Data aplikací\SpeedAnalysis3
Folder Found C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\BS_Player
Folder Found C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Conduit
Folder Found C:\Program Files\ICQ6Toolbar
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\MyPC Backup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\BS_Player
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\ICQ\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKCU\Toolbar
Key Found : HKLM\Software\BS_Player
Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{166D1428-6401-4F3A-8006-E17E84D84BE9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D46D4C8F-5121-4873-8C5F-ACC8E94F8B5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1294542C-5FDF-471B-9A3E-7710C8C3AFD7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E7A0850-D519-48A7-9799-C707EAAD7964}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D46D4C8F-5121-4873-8C5F-ACC8E94F8B5B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\prefs.js ]

Line Found : user_pref("CT1750559..clientLogIsEnabled", false);
Line Found : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT1750559.AppTrackingLastCheckTime", "Tue Oct 08 2013 20:15:51 GMT+0200");
Line Found : user_pref("CT1750559.CTID", "CT1750559");
Line Found : user_pref("CT1750559.CurrentServerDate", "10-10-2013");
Line Found : user_pref("CT1750559.DialogsAlignMode", "LTR");
Line Found : user_pref("CT1750559.DialogsGetterLastCheckTime", "Tue Oct 08 2013 20:15:46 GMT+0200");
Line Found : user_pref("CT1750559.DownloadReferralCookieData", "");
Line Found : user_pref("CT1750559.FirstServerDate", "15-2-2010");
Line Found : user_pref("CT1750559.FirstTime", true);
Line Found : user_pref("CT1750559.FirstTimeFF3", true);
Line Found : user_pref("CT1750559.FirstTimeSettingsDone", true);
Line Found : user_pref("CT1750559.FixPageNotFoundErrors", true);
Line Found : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT1750559.HasUserGlobalKeys", true);
Line Found : user_pref("CT1750559.Initialize", true);
Line Found : user_pref("CT1750559.InitializeCommonPrefs", true);
Line Found : user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT1750559.InstalledDate", "Sun Nov 29 2009 13:06:50 GMT+0100");
Line Found : user_pref("CT1750559.InvalidateCache", false);
Line Found : user_pref("CT1750559.IsGrouping", false);
Line Found : user_pref("CT1750559.IsMulticommunity", false);
Line Found : user_pref("CT1750559.IsOpenThankYouPage", true);
Line Found : user_pref("CT1750559.IsOpenUninstallPage", true);
Line Found : user_pref("CT1750559.LanguagePackLastCheckTime", "Thu Oct 10 2013 00:02:12 GMT+0200");
Line Found : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT1750559.LastLogin_2.1.0.19", "Mon Feb 15 2010 16:32:15 GMT+0100");
Line Found : user_pref("CT1750559.LastLogin_2.5.6.0", "Mon Aug 23 2010 21:59:27 GMT+0200");
Line Found : user_pref("CT1750559.LastLogin_2.7.2.0", "Mon Mar 21 2011 17:45:08 GMT+0100");
Line Found : user_pref("CT1750559.LastLogin_3.3.2.1", "Wed Mar 30 2011 22:01:15 GMT+0200");
Line Found : user_pref("CT1750559.LastLogin_3.3.3.2", "Thu Oct 10 2013 00:02:13 GMT+0200");
Line Found : user_pref("CT1750559.LatestVersion", "3.20.0.4");
Line Found : user_pref("CT1750559.Locale", "en-us");
Line Found : user_pref("CT1750559.LoginCache", 4);
Line Found : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT1750559.RadioIsPodcast", false);
Line Found : user_pref("CT1750559.RadioLastCheckTime", "Thu Oct 10 2013 00:02:14 GMT+0200");
Line Found : user_pref("CT1750559.RadioLastUpdateIPServer", "4");
Line Found : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Line Found : user_pref("CT1750559.RadioMediaID", "11237206");
Line Found : user_pref("CT1750559.RadioMediaType", "Media Player");
Line Found : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Line Found : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Line Found : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Line Found : user_pref("CT1750559.SHRINK_TOOLBAR", 1);
Line Found : user_pref("CT1750559.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1750559&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Found : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=");
Line Found : user_pref("CT1750559.SearchInNewTabEnabled", true);
Line Found : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Thu Oct 10 2013 00:02:12 GMT+0200");
Line Found : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Found : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT1750559.ServiceMapLastCheckTime", "Thu Oct 10 2013 00:02:12 GMT+0200");
Line Found : user_pref("CT1750559.SettingsCheckIntervalMin", 120);
Line Found : user_pref("CT1750559.SettingsLastCheckTime", "Thu Oct 10 2013 00:02:11 GMT+0200");
Line Found : user_pref("CT1750559.SettingsLastUpdate", "1381306211");
Line Found : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Tue Oct 08 2013 20:15:34 GMT+0200");
Line Found : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1331805997");
Line Found : user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1750559");
Line Found : user_pref("CT1750559.UserID", "UN37628828140930415");
Line Found : user_pref("CT1750559.ValidationData_Search", 2);
Line Found : user_pref("CT1750559.ValidationData_Toolbar", 2);
Line Found : user_pref("CT1750559.WeatherNetwork", "");
Line Found : user_pref("CT1750559.WeatherPollDate", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Found : user_pref("CT1750559.WeatherUnit", "C");
Line Found : user_pref("CT1750559.alertChannelId", "31130");
Line Found : user_pref("CT1750559.backendstorage.amazonnew_all", "343332303039312D312C343937343135312C343938303139312C323031333237374661545755487535514C2B4479714C627674754C4D512C32303133323737544666724368485054414[...]
Line Found : user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
Line Found : user_pref("CT1750559.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Line Found : user_pref("CT1750559.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
Line Found : user_pref("CT1750559.clientLogIsEnabled", false);
Line Found : user_pref("CT1750559.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT1750559.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Found : user_pref("CT1750559.globalFirstTimeInfoLastCheckTime", "Tue Oct 08 2013 20:15:46 GMT+0200");
Line Found : user_pref("CT1750559.isAppTrackingManagerOn", false);
Line Found : user_pref("CT1750559.myStuffEnabled", true);
Line Found : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT1750559.oldAppsList", "128515954179600320,128520273115419467,128799492822006721,128799492222006997,128799492477944433,128799493365913112,128799493660600615,128799493510443926,128798613156[...]
Line Found : user_pref("CT1750559.testingCtid", "");
Line Found : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Thu Oct 10 2013 00:02:12 GMT+0200");
Line Found : user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Tue Oct 08 2013 20:15:41 GMT+0200");
Line Found : user_pref("CT1750559.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT1750559.usagesFlag", 2);
Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT1750559", "\"5c3d7695578041d814f9e0a2f944ed333\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alert.services.conduit.com/Alert ... edId=30609", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/31130/30609/CZ", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/CZ", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1750559", "\"1357730213\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "b5I8zzzMgsg0XG/fawLlFw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =CT1750559", "b5I8zzzMgsg0XG/fawLlFw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "9uXRY86McHhmOreOHsv6MA==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =CT1750559", "9uXRY86McHhmOreOHsv6MA==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "I1tfz7EBg4DmNytL9x55lQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =CT1750559", "I1tfz7EBg4DmNytL9x55lQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "ZI41WLbm1fFgx4gn0bs99Q==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =CT1750559", "ZI41WLbm1fFgx4gn0bs99Q==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"380ff24abc2ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.2.1", "\"0652eeacc6cb1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.3.2", "\"9f8d2729abc2ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... er=3.3.2.1", "\"0652eeacc6cb1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... er=3.3.3.2", "\"9f8d2729abc2ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT1750559", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "634356118310000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =3/13/2011 11:17:11 AM", "634356118310000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1750559", "\"251ae431de5b7b8e8f44ca4b833462033\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... cale=en-us", "\"b6bc6a2fddacf78a7061a3376a714ec9\"");
Line Found : user_pref("CommunityToolbar.EngineOwner", "CT1750559");
Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bs_player");
Line Found : user_pref("CommunityToolbar.IsEngineShown", true);
Line Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1750559");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bs_player");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT1750559,ConduitEngine");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
Line Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Oct 08 2013 20:15:41 GMT+0200");
Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Oct 10 2013 00:02:19 GMT+0200");
Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.locale", "en");
Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Oct 10 2013 00:02:11 GMT+0200");
Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.alert.userId", "{5a1425f5-f930-4685-9705-b461d5140135}");
Line Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Oct 08 2013 20:15:39 GMT+0200");
Line Found : user_pref("CommunityToolbar.globalUserId", "27ed6757-206a-4bc9-a148-34b6cdc5b225");
Line Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Oct 08 2013 20:16:07 GMT+0200");
Line Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Oct 08 2013 20:15:55 GMT+0200");
Line Found : user_pref("ConduitEngine.FirstServerDate", "03/21/2011 19");
Line Found : user_pref("ConduitEngine.FirstTime", true);
Line Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Found : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Line Found : user_pref("ConduitEngine.Initialize", true);
Line Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Found : user_pref("ConduitEngine.InstalledDate", "Mon Mar 21 2011 18:55:16 GMT+0100");
Line Found : user_pref("ConduitEngine.IsMulticommunity", false);
Line Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Found : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Wed Mar 30 2011 22:01:35 GMT+0200");
Line Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Line Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Found : user_pref("ConduitEngine.UserID", "UN29163500421160116");
Line Found : user_pref("ConduitEngine.engineLocale", "cs");
Line Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Found : user_pref("ConduitEngine.initDone", true);
Line Found : user_pref("ConduitEngine.isAppTrackingManagerOn", false);
Line Found : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}");
Line Found : user_pref("extensions.enabledItems", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:3.3.3.2,engine@conduit.com:3.3.3.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.18");

-\\ Google Chrome v

[ File : C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [21766 octets] - [16/10/2013 17:17:52]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21827 octets] ##########
Nahoru
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 19:10

tady mate ty logy
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod memphisto » 16 říj 2013 20:00

V obou nech vše smazat a dodej logy

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 20:54

# AdwCleaner v3.007 - Report created 16/10/2013 at 20:50:57
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : uzivatel - UZIVATEL-52AE83
# Running from : C:\Documents and Settings\uzivatel\Dokumenty\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\BS_Player
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\DriverCure
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\file scout
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\ParetoLogic
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\SpeedAnalysis3
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\Conduit
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\ConduitEngine
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\CT1750559
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\Extensions\engine@conduit.com
Folder Deleted : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
File Deleted : C:\Documents and Settings\uzivatel\Data aplikací\speedanalysis.ico
File Deleted : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\searchplugins\Conduit.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D46D4C8F-5121-4873-8C5F-ACC8E94F8B5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E7A0850-D519-48A7-9799-C707EAAD7964}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1294542C-5FDF-471B-9A3E-7710C8C3AFD7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\BS_Player
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\yz7s1pkr.default\prefs.js ]

Line Deleted : user_pref("CT1750559..clientLogIsEnabled", false);
Line Deleted : user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT1750559.AppTrackingLastCheckTime", "Tue Oct 08 2013 20:15:51 GMT+0200");
Line Deleted : user_pref("CT1750559.CTID", "CT1750559");
Line Deleted : user_pref("CT1750559.CurrentServerDate", "10-10-2013");
Line Deleted : user_pref("CT1750559.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1750559.DialogsGetterLastCheckTime", "Tue Oct 08 2013 20:15:46 GMT+0200");
Line Deleted : user_pref("CT1750559.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT1750559.FirstServerDate", "15-2-2010");
Line Deleted : user_pref("CT1750559.FirstTime", true);
Line Deleted : user_pref("CT1750559.FirstTimeFF3", true);
Line Deleted : user_pref("CT1750559.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1750559.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT1750559.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT1750559.Initialize", true);
Line Deleted : user_pref("CT1750559.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT1750559.InstalledDate", "Sun Nov 29 2009 13:06:50 GMT+0100");
Line Deleted : user_pref("CT1750559.InvalidateCache", false);
Line Deleted : user_pref("CT1750559.IsGrouping", false);
Line Deleted : user_pref("CT1750559.IsMulticommunity", false);
Line Deleted : user_pref("CT1750559.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT1750559.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT1750559.LanguagePackLastCheckTime", "Thu Oct 10 2013 00:02:12 GMT+0200");
Line Deleted : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT1750559.LastLogin_2.1.0.19", "Mon Feb 15 2010 16:32:15 GMT+0100");
Line Deleted : user_pref("CT1750559.LastLogin_2.5.6.0", "Mon Aug 23 2010 21:59:27 GMT+0200");
Line Deleted : user_pref("CT1750559.LastLogin_2.7.2.0", "Mon Mar 21 2011 17:45:08 GMT+0100");
Line Deleted : user_pref("CT1750559.LastLogin_3.3.2.1", "Wed Mar 30 2011 22:01:15 GMT+0200");
Line Deleted : user_pref("CT1750559.LastLogin_3.3.3.2", "Thu Oct 10 2013 00:02:13 GMT+0200");
Line Deleted : user_pref("CT1750559.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT1750559.Locale", "en-us");
Line Deleted : user_pref("CT1750559.LoginCache", 4);
Line Deleted : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT1750559.RadioIsPodcast", false);
Line Deleted : user_pref("CT1750559.RadioLastCheckTime", "Thu Oct 10 2013 00:02:14 GMT+0200");
Line Deleted : user_pref("CT1750559.RadioLastUpdateIPServer", "4");
Line Deleted : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Line Deleted : user_pref("CT1750559.RadioMediaID", "11237206");
Line Deleted : user_pref("CT1750559.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Line Deleted : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Line Deleted : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Line Deleted : user_pref("CT1750559.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT1750559.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1750559&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=");
Line Deleted : user_pref("CT1750559.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Thu Oct 10 2013 00:02:12 GMT+0200");
Line Deleted : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT1750559.ServiceMapLastCheckTime", "Thu Oct 10 2013 00:02:12 GMT+0200");
Line Deleted : user_pref("CT1750559.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1750559.SettingsLastCheckTime", "Thu Oct 10 2013 00:02:11 GMT+0200");
Line Deleted : user_pref("CT1750559.SettingsLastUpdate", "1381306211");
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Tue Oct 08 2013 20:15:34 GMT+0200");
Line Deleted : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1750559");
Line Deleted : user_pref("CT1750559.UserID", "UN37628828140930415");
Line Deleted : user_pref("CT1750559.ValidationData_Search", 2);
Line Deleted : user_pref("CT1750559.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT1750559.WeatherNetwork", "");
Line Deleted : user_pref("CT1750559.WeatherPollDate", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Deleted : user_pref("CT1750559.WeatherUnit", "C");
Line Deleted : user_pref("CT1750559.alertChannelId", "31130");
Line Deleted : user_pref("CT1750559.backendstorage.amazonnew_all", "343332303039312D312C343937343135312C343938303139312C323031333237374661545755487535514C2B4479714C627674754C4D512C32303133323737544666724368485054414[...]
Line Deleted : user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
Line Deleted : user_pref("CT1750559.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Line Deleted : user_pref("CT1750559.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
Line Deleted : user_pref("CT1750559.clientLogIsEnabled", false);
Line Deleted : user_pref("CT1750559.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1750559.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT1750559.globalFirstTimeInfoLastCheckTime", "Tue Oct 08 2013 20:15:46 GMT+0200");
Line Deleted : user_pref("CT1750559.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT1750559.myStuffEnabled", true);
Line Deleted : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT1750559.oldAppsList", "128515954179600320,128520273115419467,128799492822006721,128799492222006997,128799492477944433,128799493365913112,128799493660600615,128799493510443926,128798613156[...]
Line Deleted : user_pref("CT1750559.testingCtid", "");
Line Deleted : user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Thu Oct 10 2013 00:02:12 GMT+0200");
Line Deleted : user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Tue Oct 08 2013 20:15:41 GMT+0200");
Line Deleted : user_pref("CT1750559.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1750559.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT1750559", "\"5c3d7695578041d814f9e0a2f944ed333\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alert.services.conduit.com/Alert ... edId=30609", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/31130/30609/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1750559", "\"1357730213\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "b5I8zzzMgsg0XG/fawLlFw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =CT1750559", "b5I8zzzMgsg0XG/fawLlFw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "9uXRY86McHhmOreOHsv6MA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =CT1750559", "9uXRY86McHhmOreOHsv6MA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "I1tfz7EBg4DmNytL9x55lQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =CT1750559", "I1tfz7EBg4DmNytL9x55lQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us", "ZI41WLbm1fFgx4gn0bs99Q==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... =CT1750559", "ZI41WLbm1fFgx4gn0bs99Q==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"380ff24abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.2.1", "\"0652eeacc6cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.3.2", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... er=3.3.2.1", "\"0652eeacc6cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... er=3.3.3.2", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT1750559", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =3/13/2011 11:17:11 AM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1750559", "\"251ae431de5b7b8e8f44ca4b833462033\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... cale=en-us", "\"b6bc6a2fddacf78a7061a3376a714ec9\"");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "CT1750559");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bs_player");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1750559");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bs_player");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1750559,ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Oct 08 2013 20:15:41 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Oct 10 2013 00:02:19 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Oct 10 2013 00:02:11 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "{5a1425f5-f930-4685-9705-b461d5140135}");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Oct 08 2013 20:15:39 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "27ed6757-206a-4bc9-a148-34b6cdc5b225");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Oct 08 2013 20:16:07 GMT+0200");
Line Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Oct 08 2013 20:15:55 GMT+0200");
Line Deleted : user_pref("ConduitEngine.FirstServerDate", "03/21/2011 19");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Mon Mar 21 2011 18:55:16 GMT+0100");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Wed Mar 30 2011 22:01:35 GMT+0200");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Deleted : user_pref("ConduitEngine.UserID", "UN29163500421160116");
Line Deleted : user_pref("ConduitEngine.engineLocale", "cs");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Oct 10 2013 00:02:16 GMT+0200");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", false);
Line Deleted : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.enabledItems", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:3.3.3.2,engine@conduit.com:3.3.3.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.18");

-\\ Google Chrome v

[ File : C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R1].txt - [21708 octets] - [16/10/2013 20:41:14]
AdwCleaner[S0].txt - [21988 octets] - [16/10/2013 20:50:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22049 octets] ##########
Nahoru
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 22:37

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.16.07

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 6.0.2900.5512
uzivatel :: UZIVATEL-52AE83 [administrátor]

Ochrana: Zakázána

16.10.2013 22:19:41
MBAM-log-2013-10-16 (22-34-14).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 202898
Uplynulý čas: 9 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 4
HKCR\Typelib\{0771C34F-730F-4535-AD4C-37B74D27188E} (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.BackgroundHostObject (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKCR\Zula Games.BackgroundHostObject.1 (PUP.Optional.Zulagames.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\YTDSetup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\bsplayer265.1074-aoc-jd.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)
Nahoru
martin krok
Level 1
Level 1
Příspěvky: 82
Registrován: srpen 13
Pohlaví: Nespecifikováno
Stav:
Offline

Re: kontrola logu HiJackThis

Příspěvekod martin krok » 16 říj 2013 22:40

RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : uzivatel [Práva správce]
Mód : Kontrola -- Datum : 10/16/2013 21:00:15
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 8 ¤¤¤
[NetworkService][SUSP UNIC] wrar420cz.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\wrar420cz.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] YTDSetup.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\YTDSetup.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] bsplayer265.1074-aoc-jd.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\bsplayer265.1074-aoc-jd.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] MSEInstall_x86_cs_cz.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\MSEInstall_x86_cs_cz.exe [x] -> NALEZENO
[LocalService][SUSP UNIC] wrar420cz.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\wrar420cz.exe [x] -> NALEZENO
[LocalService][SUSP UNIC] YTDSetup.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\YTDSetup.exe [x] -> NALEZENO
[LocalService][SUSP UNIC] bsplayer265.1074-aoc-jd.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\bsplayer265.1074-aoc-jd.exe [x] -> NALEZENO
[LocalService][SUSP UNIC] MSEInstall_x86_cs_cz.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\MSEInstall_x86_cs_cz.exe [x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[Faked][soubor] nwlnkspx.sys : C:\WINDOWS\system32\drivers\nwlnkspx.sys [-] --> NALEZENO
[Faked][soubor] rndismpx.sys : C:\WINDOWS\system32\drivers\rndismpx.sys [-] --> NALEZENO
[Faked][soubor] nv4_mini.sys : C:\WINDOWS\system32\drivers\nv4_mini.sys [-] --> NALEZENO
[Faked][soubor] hdaudbus.sys : C:\WINDOWS\system32\drivers\hdaudbus.sys [-] --> NALEZENO
[Faked][soubor] bthmodem.sys : C:\WINDOWS\system32\drivers\bthmodem.sys [-] --> NALEZENO
[Faked][soubor] ati1snxx.sys : C:\WINDOWS\system32\drivers\ati1snxx.sys [-] --> NALEZENO

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - IC35L040AVVA07-0 +++++
--- User ---
[MBR] a2cf5b2495eb4b4f72c68db1cbdaf4c0
[BSP] a13042defa6fd36fa70a73d64c3f1ddf : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 24999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 51199155 | Size: 14252 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) (Standardní diskové jednotky) - WDC WD200BB-00DEA0 +++++
--- User ---
[MBR] 4a4b9cc9eff7a36e41bd645f861e4760
[BSP] a6d16fe1661763da19732e120316321b : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 19085 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) (Standardní diskové jednotky) - Generic Flash Disk USB Device +++++
--- User ---
[MBR] 6100998672c6d56e14b790b53d663d38
[BSP] ab6f14b325971c7e72079fec54eb5706 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 2160 | Size: 7646 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_10162013_210015.txt >>
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 7 hostů