Forum.hr - Pogledaj jedan post

ante83 · 08.08.2010., 23:08

All processes killed
========== OTL ==========
No active process named updater.exe was found!
Service PCToolsSSDMonitorSvc stopped successfully!
Service PCToolsSSDMonitorSvc deleted successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8 A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D2F8F91 9-690B-4EA2-9FA7-A203D1E04F75}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7 F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\Driver Control Manager v2.8 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\updater.exe deleted successfully.
C:\WINDOWS\updater.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\0x017 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\Driver Control Manager v2.8 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\updater.exe deleted successfully.
File C:\WINDOWS\updater.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AE067D 3-9AFB-48E0-853A-EBB7F4A000DA}\ deleted successfully.
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\homepg.cmd moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{be56257c-699f-11df-a86a-0810743ba3f0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be56257 c-699f-11df-a86a-0810743ba3f0}\ not found.
File H:\cold\hott\updater.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{be56257c-699f-11df-a86a-0810743ba3f0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be56257 c-699f-11df-a86a-0810743ba3f0}\ not found.
File H:\cold\hott\updater.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{be56257c-699f-11df-a86a-0810743ba3f0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be56257 c-699f-11df-a86a-0810743ba3f0}\ not found.
File H:\cold\hott\updater.exe not found.
File C:\WINDOWS\updater.exe not found.
C:\WINDOWS\System32\System32 folder moved successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\NV4282012.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV4282012.TMP folder deleted successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\svchost.dat moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 31888866 bytes
->Temporary Internet Files folder emptied: 5426152 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 50775239 bytes
->Flash cache emptied: 1492 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33932 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98420 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 63983486 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 145,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.9.1 log created on 08082010_222837

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Combofix

http://pastebin.com/AMjnqjJh

08.08.2010., 23:08	#5
ante83 Registrirani korisnik Registracija: May 2010. Lokacija: Zagreb Postova: 144	All processes killed ========== OTL ========== No active process named updater.exe was found! Service PCToolsSSDMonitorSvc stopped successfully! Service PCToolsSSDMonitorSvc deleted successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages\| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page\| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8 A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D2F8F91 9-690B-4EA2-9FA7-A203D1E04F75}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7 F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\Driver Control Manager v2.8 deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\\updater.exe deleted successfully. C:\WINDOWS\updater.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\0x017 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\Driver Control Manager v2.8 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\\updater.exe deleted successfully. File C:\WINDOWS\updater.exe not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AE067D 3-9AFB-48E0-853A-EBB7F4A000DA}\ deleted successfully. C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\homepg.cmd moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{be56257c-699f-11df-a86a-0810743ba3f0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be56257 c-699f-11df-a86a-0810743ba3f0}\ not found. File H:\cold\hott\updater.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{be56257c-699f-11df-a86a-0810743ba3f0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be56257 c-699f-11df-a86a-0810743ba3f0}\ not found. File H:\cold\hott\updater.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{be56257c-699f-11df-a86a-0810743ba3f0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be56257 c-699f-11df-a86a-0810743ba3f0}\ not found. File H:\cold\hott\updater.exe not found. File C:\WINDOWS\updater.exe not found. C:\WINDOWS\System32\System32 folder moved successfully. C:\WINDOWS\System32\CONFIG.TMP deleted successfully. C:\WINDOWS\NV4282012.TMP\nvtcp.sys deleted successfully. C:\WINDOWS\NV4282012.TMP folder deleted successfully. C:\WINDOWS\tasks\At1.job moved successfully. C:\WINDOWS\svchost.dat moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 31888866 bytes ->Temporary Internet Files folder emptied: 5426152 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 50775239 bytes ->Flash cache emptied: 1492 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41620 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33932 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 98420 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 63983486 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 145,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYFLASH] User: Administrator ->Flash cache emptied: 0 bytes User: All Users User: Default User ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb Restore points cleared and new OTL Restore Point set! OTL by OldTimer - Version 3.2.9.1 log created on 08082010_222837 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Combofix http://pastebin.com/AMjnqjJh