Připojování na 007guard.com

[Sasakr]

LOG:

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Vyhledávání videí ve službě YouTube" removed from browser.search.selectedEngine
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
File C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ not found.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.
File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
C:\Windows\SysNative\igfxdev.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\Users\Helena Sasová\Desktop\Pilcher - Srdce ve vetru TVRip cz.avi:TOC.WMV deleted successfully.
ADS C:\Users\Helena Sasová\Desktop\Pilcher - Srdce se nemyli TVRip cz.avi:TOC.WMV deleted successfully.
ADS C:\Users\Helena Sasová\Desktop\Pilcher - Slipy lasky TVRip cz.avi:TOC.WMV deleted successfully.
========== FILES ==========
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Toolbar\AppManager folder moved successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Toolbar\Applications folder moved successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Toolbar folder moved successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Firefox\components folder moved successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Firefox\Chrome folder moved successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Firefox folder moved successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0 folder moved successfully.
C:\Program Files (x86)\MSN Toolbar\Platform folder moved successfully.
C:\Program Files (x86)\MSN Toolbar folder moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC86C.tmp folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D2C.tmp folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\windows\Installer\MSIE8A9.tmp moved successfully.
C:\windows\temp\BIT7F6B.tmp moved successfully.
C:\windows\temp\BIT7FE9.tmp moved successfully.
C:\windows\temp\BITC1C8.tmp moved successfully.
C:\windows\temp\Cab11.tmp moved successfully.
C:\windows\temp\Cab19A7.tmp moved successfully.
C:\windows\temp\Cab1A91.tmp moved successfully.
C:\windows\temp\Cab2664.tmp moved successfully.
C:\windows\temp\Cab8061.tmp moved successfully.
C:\windows\temp\Cab9859.tmp moved successfully.
C:\windows\temp\CabA8AD.tmp moved successfully.
C:\windows\temp\CabBD99.tmp moved successfully.
C:\windows\temp\CabBDAA.tmp moved successfully.
C:\windows\temp\CabC522.tmp moved successfully.
C:\windows\temp\CabC753.tmp moved successfully.
C:\windows\temp\CabC82E.tmp moved successfully.
C:\windows\temp\CabD4DB.tmp moved successfully.
C:\windows\temp\CabD5B5.tmp moved successfully.
C:\windows\temp\CabD6BE.tmp moved successfully.
C:\windows\temp\CabDC4A.tmp moved successfully.
C:\windows\temp\CabDCF6.tmp moved successfully.
C:\windows\temp\CabDDD0.tmp moved successfully.
C:\windows\temp\CabDED9.tmp moved successfully.
C:\windows\temp\CabDEE9.tmp moved successfully.
C:\windows\temp\CabEB28.tmp moved successfully.
C:\windows\temp\CabEE53.tmp moved successfully.
C:\windows\temp\CabEEE0.tmp moved successfully.
C:\windows\temp\CabF114.tmp moved successfully.
C:\windows\temp\CabF3C0.tmp moved successfully.
C:\windows\temp\CabF5C3.tmp moved successfully.
C:\windows\temp\CabF8EE.tmp moved successfully.
C:\windows\temp\CabFA96.tmp moved successfully.
C:\windows\temp\CabFD51.tmp moved successfully.
C:\windows\temp\Tar12.tmp moved successfully.
C:\windows\temp\Tar19A8.tmp moved successfully.
C:\windows\temp\Tar1A92.tmp moved successfully.
C:\windows\temp\Tar2674.tmp moved successfully.
C:\windows\temp\Tar8062.tmp moved successfully.
C:\windows\temp\Tar985A.tmp moved successfully.
C:\windows\temp\TarA8BD.tmp moved successfully.
C:\windows\temp\TarBD9A.tmp moved successfully.
C:\windows\temp\TarBDAB.tmp moved successfully.
C:\windows\temp\TarC542.tmp moved successfully.
C:\windows\temp\TarC7D1.tmp moved successfully.
C:\windows\temp\TarC82F.tmp moved successfully.
C:\windows\temp\TarD4DC.tmp moved successfully.
C:\windows\temp\TarD5D5.tmp moved successfully.
C:\windows\temp\TarD71D.tmp moved successfully.
C:\windows\temp\TarDC4B.tmp moved successfully.
C:\windows\temp\TarDCF7.tmp moved successfully.
C:\windows\temp\TarDE00.tmp moved successfully.
C:\windows\temp\TarDEEA.tmp moved successfully.
C:\windows\temp\TarDEEB.tmp moved successfully.
C:\windows\temp\TarEB29.tmp moved successfully.
C:\windows\temp\TarEE54.tmp moved successfully.
C:\windows\temp\TarEEE1.tmp moved successfully.
C:\windows\temp\TarF115.tmp moved successfully.
C:\windows\temp\TarF3C1.tmp moved successfully.
C:\windows\temp\TarF6AE.tmp moved successfully.
C:\windows\temp\TarF8FF.tmp moved successfully.
C:\windows\temp\TarFA97.tmp moved successfully.
C:\windows\temp\TarFD52.tmp moved successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Helena Sasová
->Temp folder emptied: 4709543 bytes
->Temporary Internet Files folder emptied: 91777184 bytes
->Java cache emptied: 8720176 bytes
->FireFox cache emptied: 92960537 bytes
->Flash cache emptied: 1530513 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11155337 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68045 bytes
RecycleBin emptied: 22933892 bytes

Total Files Cleaned = 223.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Helena Sasová
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02102011_201335

Files\Folders moved on Reboot...
C:\Users\Helena Sasová\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


Zdá se, že už se to na 007guard nepřipojuje. Je tedy vyřešeno? Připojuje se to na různý jiný, ale to je asi normální, že.

[vyosek]

Zalezi na jaky "ruzny jiny" - ty adresy byste mel znat...byla tam chyba hosts souboru

[Sasakr]

Hm, tak že bych je znal, to říci nemůžu

http://piratesxxl.cz/obrazky/7638.jpg

[vyosek]

Jo ty jsou v pohode, toplist.cz pouzivaji tvurci ke sledovani navstevnosti, jsou to duverne adresy

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

[Sasakr]

Mňo, s ccleanerem nemám dobré zkušenosti. Jednou mi po něm (ještě na Vistách) nešel spustit systém a podruhý mi znemožnil spuštění některých programů.

Jinak opatření do budoucna, stačí mít MSE a tu a tam to projet malwarebytes? Jinak co se týče uživatelskýho účtu, jakej je rozdíl mezi tím, když jedu přes usera nebo tím, když jedu přes admina a mám zapnutý to upozorňování (dotazy před spuštěním programů atd.).

[vyosek]

Ja zas na CCleanera nemuzu nadavat, ale tak nutit Vam jej samozrejme nebudu

MSE je docela vhodna ochrana, MBAM na test staci - pozor na falesne detekce. Ale nejdulezitejsi je je rozum a hlava = neklikat na kdejakou blikajici a skakajici blbinu, temna zakouti webu (porno, warez)...

ja bych pouzival usera - pokud budete na adminovi, havet muze UAC(to upozornovani) vypnout a ma adminovske prava = neomezene prava...

[Sasakr]

OK, crap cleaner stejně není záležitost bezpečnosti ale běžné údržby. Až to bude nějak pomalý, tak ho tedy z nouze použiju, do té doby raději ne. Na toho Usera to tedy přehodím.

Chci moc poděkovat za pomoc, stálo vás to dost času a zdá se, že jsme to dotáhli do zdárného konce. Děkuji.

[vyosek]

Jsem rad ze se nam to povedlo, nerad prohravam a vzdavam to - ovsem dik patri i kolegyni motji se kterou jsem to konzultoval...

Nemate zac, rad jsem pomohl Zase nekdy

[Sasakr]

No nechci být nezdvořilý, ale snad už ne

[vyosek]

Jasny, chapu...tak na preventivku muzete prijit kdykoliv - my vypovedi nedavame a regulacni poplatek tez nevybirame