"{C20A5184-E994-4CF4-A388-30236A94AD41}_is1" = Smarty Uninstaller Pro
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CDF0C6A0-2805-9728-D29B-3FD63345CA65}" = CCC Help Japanese
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D71F0439-3E87-C886-20A2-E129BA948781}" = CCC Help Italian
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E6A8430B-0EC2-73AB-07E4-C17A95DC6BB1}" = CCC Help Norwegian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F56F7786-DB7F-02DE-496A-7E37F28237F4}" = CCC Help Russian
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FC1328E5-FFFB-FD1D-CE50-7811F7267A5E}" = Catalyst Control Center Graphics Previews Common
"{FFA3A87C-2599-C5C5-2B50-49827A77A95C}" = CCC Help Finnish
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"Free Window Sweeper" = Free Window Sweeper
"Generic USB Card Reader Driver" = Generic USB Card Reader Driver v2.3
"GotClip" = GotClip Downloader
"InstallShield_{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PunkBusterSvc" = PunkBuster Services
"Sound Blaster Live!" = Sound Blaster Live!
"Speccy" = Speccy
"Ss Data Eraser_is1" = Ss Data Eraser 2.0
"STANDARD" = Microsoft Office Standard 2007
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.8.2012 5:01:17 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:01:17 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:01:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:13:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:13:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:13:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:13:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:36:08 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:36:08 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:36:45 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
[ Application Events ]
Error - 23.8.2012 5:01:17 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:01:17 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:01:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:13:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:13:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:13:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:13:18 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:36:08 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:36:08 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 23.8.2012 5:36:45 | Computer Name = MILAN | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
[ System Events ]
Error - 23.8.2012 5:06:45 | Computer Name = MILAN | Source = Service Control Manager | ID = 7034
Description = Služba Nalpeiron Licensing Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 23.8.2012 5:06:45 | Computer Name = MILAN | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error - 23.8.2012 5:06:45 | Computer Name = MILAN | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 23.8.2012 5:06:46 | Computer Name = MILAN | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 23.8.2012 5:06:46 | Computer Name = MILAN | Source = Service Control Manager | ID = 7034
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## byla neočekávaně
ukončena. Tento stav nastal již 1krát.
Error - 23.8.2012 5:06:46 | Computer Name = MILAN | Source = Service Control Manager | ID = 7034
Description = Služba Advanced SystemCare Service 5 byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 23.8.2012 5:12:08 | Computer Name = MILAN | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_CPUZ130\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.
Error - 23.8.2012 5:12:08 | Computer Name = MILAN | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_SPTD\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.
Error - 23.8.2012 5:12:08 | Computer Name = MILAN | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_XDVA394\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.
Error - 23.8.2012 5:13:23 | Computer Name = MILAN | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk0\D.
< End of report >
HiJackThis Preventivka -re Vyřešeno
-
helpmeboys
- Level 3.5
- Příspěvky: 909
- Registrován: červenec 12
- Pohlaví:
- Stav:
Offline
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: HiJackThis Preventivka -re
Aktualizuj javu:
Java SE Runtime Environment 7
Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Java SE Runtime Environment 7
Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (FUTUREX) -- C:\Documents and Settings\Milan Štrbík\Dokumenty\Downloads\aida32pe_375\aida32.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
IE - HKCU\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
CHR - default_search_provider: uTorrentControl2 Customized Web Search (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
[2012.08.23 09:10:49 | 000,496,936 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.23 09:10:49 | 000,491,692 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.08.23 09:10:49 | 000,085,420 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.08.23 09:10:48 | 000,099,220 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DF462FF6
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:888AFB86
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\Milan Štrbík\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\Twunk001.MTX
C:\WINDOWS\Twain001.Mtx
C:\WINDOWS\System32\d3d9caps.dat
C:\WINDOWS\System32\crash
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120819_233436.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120815_091212.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120813_185757.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133016.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133003.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120805_001205.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120804_233016.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120729_210206.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120819_233436.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120815_091212.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120813_185757.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133016.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133003.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120805_001205.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120804_233016.reg
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120729_210206.reg
C:\WINDOWS\System32\wbers.dat.dmp
C:\WINDOWS\System32\wbers.dat
C:\WINDOWS\ativpsrm.bin
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" =-
:Commands
[purity]
[emptytemp]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
[EMPTYJAVA]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
helpmeboys
- Level 3.5
- Příspěvky: 909
- Registrován: červenec 12
- Pohlaví:
- Stav:
Offline
Re: HiJackThis Preventivka -re
log:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service FUTUREX stopped successfully!
Service FUTUREX deleted successfully!
File C:\Documents and Settings\Milan Štrbík\Dokumenty\Downloads\aida32pe_375\aida32.sys File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\system32\drivers\EagleNT.sys File not found not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Search the Web\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DF462FF6 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:888AFB86 deleted successfully.
C:\WINDOWS\002197_.tmp deleted successfully.
C:\WINDOWS\005149_.tmp deleted successfully.
C:\WINDOWS\DUMP703e.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1965331169-682003330-1003Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1965331169-682003330-1003UA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\Milan Štrbík\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\Twunk001.MTX moved successfully.
C:\WINDOWS\Twain001.Mtx moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
C:\WINDOWS\System32\crash moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120819_233436.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120815_091212.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120813_185757.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133016.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133003.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120805_001205.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120804_233016.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120729_210206.reg moved successfully.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120819_233436.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120815_091212.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120813_185757.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133016.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133003.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120805_001205.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120804_233016.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120729_210206.reg not found.
C:\WINDOWS\System32\wbers.dat.dmp moved successfully.
C:\WINDOWS\System32\wbers.dat moved successfully.
C:\WINDOWS\ativpsrm.bin moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\DisableSR deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Fixw0w
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56924 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Milan ćtrbˇk
->Temporary Internet Files folder emptied: 67 bytes
User: Milan Štrbík
->Temp folder emptied: 34576 bytes
->Temporary Internet Files folder emptied: 2235471 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 45137367 bytes
->Flash cache emptied: 8211884 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 53,00 mb
Unable to stop System Restore Service. Error code 1722. Restore points not cleared.
Restore point Set: OTL Restore Point
Restore point Set: OTL Restore Point
[EMPTYJAVA]
User: All Users
User: Default User
User: Fixw0w
User: LocalService
User: Milan ćtrbˇk
User: Milan Štrbík
->Java cache emptied: 0 bytes
User: NetworkService
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.58.1 log created on 08232012_224224
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Milan Štrbík\Local Settings\Temp\Perflib_Perfdata_bec.dat not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service FUTUREX stopped successfully!
Service FUTUREX deleted successfully!
File C:\Documents and Settings\Milan Štrbík\Dokumenty\Downloads\aida32pe_375\aida32.sys File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\system32\drivers\EagleNT.sys File not found not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Search the Web\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DF462FF6 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:888AFB86 deleted successfully.
C:\WINDOWS\002197_.tmp deleted successfully.
C:\WINDOWS\005149_.tmp deleted successfully.
C:\WINDOWS\DUMP703e.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1965331169-682003330-1003Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1965331169-682003330-1003UA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\Milan Štrbík\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\Twunk001.MTX moved successfully.
C:\WINDOWS\Twain001.Mtx moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
C:\WINDOWS\System32\crash moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120819_233436.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120815_091212.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120813_185757.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133016.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133003.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120805_001205.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120804_233016.reg moved successfully.
C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120729_210206.reg moved successfully.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120819_233436.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120815_091212.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120813_185757.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133016.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120806_133003.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120805_001205.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120804_233016.reg not found.
File\Folder C:\Documents and Settings\Milan Štrbík\Dokumenty\cc_20120729_210206.reg not found.
C:\WINDOWS\System32\wbers.dat.dmp moved successfully.
C:\WINDOWS\System32\wbers.dat moved successfully.
C:\WINDOWS\ativpsrm.bin moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\DisableSR deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Fixw0w
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56924 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Milan ćtrbˇk
->Temporary Internet Files folder emptied: 67 bytes
User: Milan Štrbík
->Temp folder emptied: 34576 bytes
->Temporary Internet Files folder emptied: 2235471 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 45137367 bytes
->Flash cache emptied: 8211884 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 53,00 mb
Unable to stop System Restore Service. Error code 1722. Restore points not cleared.
Restore point Set: OTL Restore Point
Restore point Set: OTL Restore Point
[EMPTYJAVA]
User: All Users
User: Default User
User: Fixw0w
User: LocalService
User: Milan ćtrbˇk
User: Milan Štrbík
->Java cache emptied: 0 bytes
User: NetworkService
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.58.1 log created on 08232012_224224
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Milan Štrbík\Local Settings\Temp\Perflib_Perfdata_bec.dat not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: HiJackThis Preventivka -re
Spusť OTL a klikni na Vyčisti.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
helpmeboys
- Level 3.5
- Příspěvky: 909
- Registrován: červenec 12
- Pohlaví:
- Stav:
Offline
Re: HiJackThis Preventivka -re Vyřešeno
ok, takže Memphisto jaro a celý security team, díky moc - šlape to lépe než před operacemi 
Lock
LockKdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 96 hostů