Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zaneřáděný PC

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
JerryMX
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 20
Registrován: 07 říj 2007 18:57

Zaneřáděný PC

#1 Příspěvek od JerryMX »

Dobrý den, mám tu švagrův PC a dávám ho do kupy. Antivir našel 2 viry AntiMalware bytes 120 spywerů. Výsledek z Combofixu je poté tento. Prosím o jeho kontrolu a řešení jak pokračovat. Nejde ani aktualizace OS. Děkuji

ComboFix 11-03-28.05 - Pepovo PC 29.03.2011 18:02:00.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1021.600 [GMT 2:00]
Spuštěný z: c:\documents and settings\Pepovo PC\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\advtool.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\advtool.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\dhcp.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\dhcp.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\hotspot.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\hotspot.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\ntp.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\ntp.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\ppp.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\ppp.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\roteros.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\roteros.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\routing.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\routing.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\secure.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\secure.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\system.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\system.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\wlan2.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\wlan2.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\wproxy2.crc
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\ns2.9.38\wproxy2.dll
c:\documents and settings\Pepovo PC\Data aplikací\Mikrotik\Winbox\winbox.cfg
c:\documents and settings\Pepovo PC\PlochaAyS4Sr_cfdg.exe
c:\documents and settings\Pepovo PC\PlochaLen8M2_cfdg.exe
c:\documents and settings\Pepovo PC\PlochaMaS3G9_cfdg.exe
c:\documents and settings\Pepovo PC\PlochaMqa6B8_cfdg.exe
c:\documents and settings\Pepovo PC\PlochaPpf7Qe_cfdg.exe
c:\documents and settings\Pepovo PC\PlochaSgn1Xt_cfdg.exe
c:\documents and settings\Pepovo PC\PlochaUia84x_cfdg.exe
c:\documents and settings\Pepovo PC\PlochaYwb15w_cfdg.exe
c:\windows\system32\348073536.dat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-28 do 2011-03-29 )))))))))))))))))))))))))))))))
.
.
2011-03-29 16:01 . 2011-03-29 16:01 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D5D31FB7-1A88-4DA8-B50D-D99B33547C25}\MpKslcf93442f.sys
2011-03-29 15:58 . 2009-03-12 10:53 483422 ----a-w- c:\windows\sttray.exe
2011-03-29 15:58 . 2009-03-12 10:53 3514368 ----a-w- c:\windows\system32\stlang.dll
2011-03-29 15:58 . 2009-03-12 10:53 254036 ----a-w- c:\windows\system32\stacsv.exe
2011-03-29 15:58 . 2009-03-12 10:53 8114268 ----a-w- c:\windows\system32\idtsg.cpl
2011-03-29 15:58 . 2011-03-29 15:58 -------- d-----w- c:\windows\LastGood
2011-03-29 15:58 . 2009-03-12 10:53 471140 ----a-w- c:\windows\system32\stacapi.dll
2011-03-29 15:58 . 2009-03-12 10:53 171520 ----a-w- c:\windows\system32\st322000.dll
2011-03-29 15:58 . 2009-03-12 10:53 1550613 ----a-w- c:\windows\system32\drivers\sthda.sys
2011-03-29 15:58 . 2011-03-29 15:58 -------- d-----w- c:\program files\IDT
2011-03-29 15:57 . 2004-07-15 22:18 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-03-29 15:56 . 2011-03-29 15:56 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D5D31FB7-1A88-4DA8-B50D-D99B33547C25}\MpKsl3fc03cab.sys
2011-03-29 15:56 . 2010-06-17 10:02 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-03-29 15:49 . 2011-03-29 15:49 -------- d-----w- C:\EbuDllTmpDir
2011-03-29 15:26 . 2011-03-29 15:26 -------- d-----w- c:\program files\Common Files\PCSuite
2011-03-29 15:26 . 2011-03-29 15:26 -------- d-----w- c:\program files\Common Files\Nokia
2011-03-29 15:25 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-03-29 15:24 . 2011-03-29 15:24 -------- d-----w- c:\program files\PC Connectivity Solution
2011-03-29 15:20 . 2011-03-29 15:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-03-29 15:16 . 2011-03-29 15:16 -------- d-----w- c:\documents and settings\Pepovo PC\Local Settings\Data aplikací\Temp
2011-03-29 15:16 . 2011-03-29 15:16 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-03-29 15:15 . 2011-03-29 15:15 -------- d-----w- c:\documents and settings\Pepovo PC\Data aplikací\skypePM
2011-03-29 15:15 . 2011-03-29 15:17 -------- d-----w- c:\documents and settings\Pepovo PC\Local Settings\Data aplikací\Google
2011-03-29 15:15 . 2011-03-29 15:17 -------- d-----w- c:\program files\Google
2011-03-29 15:15 . 2011-03-29 15:15 -------- d-----w- c:\program files\Common Files\Skype
2011-03-29 15:13 . 2011-03-29 15:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2011-03-29 15:11 . 2011-03-29 15:11 252080 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-03-29 15:11 . 2011-03-29 15:11 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-03-29 15:11 . 2011-03-29 15:11 252080 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-03-29 15:11 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-03-29 15:11 . 2011-01-08 03:27 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-03-29 15:11 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-03-29 15:11 . 2011-01-08 03:27 4980736 ----a-w- c:\windows\system32\nvcuda.dll
2011-03-29 15:11 . 2011-01-08 03:27 2916968 ----a-w- c:\windows\system32\nvcuvid.dll
2011-03-29 15:11 . 2011-01-08 03:27 2292678 ----a-w- c:\windows\system32\nvdata.bin
2011-03-29 15:11 . 2011-01-08 03:27 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-03-29 15:11 . 2011-01-08 03:27 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-03-29 15:10 . 2011-03-29 15:12 -------- d-----w- c:\program files\NVIDIA Corporation
2011-03-29 15:10 . 2011-03-29 15:10 -------- d-----w- C:\NVIDIA
2011-03-29 15:00 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D5D31FB7-1A88-4DA8-B50D-D99B33547C25}\mpengine.dll
2011-03-29 14:55 . 2011-02-11 06:54 5943120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-03-29 14:55 . 2011-03-29 14:57 -------- d-----w- c:\program files\Microsoft Security Client
2011-03-29 13:51 . 2011-03-29 13:51 -------- d-----w- c:\documents and settings\Administrator
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-11 06:54 . 2010-10-04 09:02 5943120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-02 16:11 . 2010-09-26 13:29 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-08 03:27 . 2006-02-15 11:07 14671872 ----a-w- c:\windows\system32\nvoglnt.dll
2011-01-08 03:27 . 2006-02-13 13:05 9888672 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-01-08 03:27 . 2006-02-13 13:05 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-08 03:27 . 2006-02-13 13:05 1958400 ----a-w- c:\windows\system32\nvapi.dll
2011-01-07 17:58 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-01-07 17:58 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-01-07 17:58 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-01-07 17:58 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-01-07 17:58 . 2011-01-07 17:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-01-07 17:58 . 2011-01-07 17:58 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-01-07 17:58 . 2011-01-07 17:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-01-07 17:58 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-01-07 17:58 . 2011-01-07 17:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-01-07 17:58 . 2011-01-07 17:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-01-07 17:58 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-01-07 17:58 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-01-07 17:58 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-01-07 17:58 . 2011-01-07 17:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-01-07 17:58 . 2011-01-07 17:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-01-07 17:58 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-01-07 17:58 . 2011-01-07 17:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-01-07 17:58 . 2011-01-07 17:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-01-07 17:58 . 2011-01-07 17:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-01-07 17:58 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-01-07 17:58 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-01-07 17:58 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-01-07 17:58 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-01-07 17:58 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-01-07 17:58 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-01-07 17:58 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-01-07 17:58 . 2011-01-07 17:58 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-01-07 17:58 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-01-07 17:58 . 2011-01-07 17:58 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-01-07 17:58 . 2011-01-07 17:58 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 17:58 . 2011-01-07 17:58 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-01-07 17:58 . 2011-01-07 17:58 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2011-01-07 17:58 . 2011-01-07 17:58 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-01-07 17:58 . 2011-01-07 17:58 13880424 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 17:58 . 2011-01-07 17:58 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP2005"="c:\program files\QIP\qip.exe" [2009-08-13 3276288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\sdc201\\StrongDC.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17262:TCP"= 17262:TCP:BitComet 17262 TCP
"17262:UDP"= 17262:UDP:BitComet 17262 UDP
.
R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);c:\windows\system32\drivers\pe3ah4nc.sys [18.5.2007 21:53 64880]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys [18.5.2007 21:52 55160]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.12.2006 14:13 682232]
R1 MpKsl3fc03cab;MpKsl3fc03cab;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D5D31FB7-1A88-4DA8-B50D-D99B33547C25}\MpKsl3fc03cab.sys [29.3.2011 17:56 28752]
R1 MpKslcf93442f;MpKslcf93442f;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D5D31FB7-1A88-4DA8-B50D-D99B33547C25}\MpKslcf93442f.sys [29.3.2011 18:01 28752]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29.3.2011 17:16 136176]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL3FC03CAB
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-29 15:15]
.
2011-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-29 15:15]
.
2011-03-29 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
2011-03-29 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {2A9914D9-30D9-4C8C-87C1-2375E3AA9103} = 10.77.16.1,10.109.255.254
FF - ProfilePath - c:\documents and settings\Pepovo PC\Data aplikací\Mozilla\Firefox\Profiles\ae80m0vf.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.3&q=
FF - Ext: Sothink Web Video Downloader for Firefox: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08} - %profile%\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SysTrayApp - %ProgramFiles%\IDT\WDM\sttray.exe
AddRemove-LifeGlobe Goldfish Aquarium 2.0_is1 - c:\program files\Prolific Publishing
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-29 18:07
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-796845957-926492609-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Celkový čas: 2011-03-29 18:09:17
ComboFix-quarantined-files.txt 2011-03-29 16:09
.
Před spuštěním: Volných bajtů: 78 008 205 312
Po spuštění: Volných bajtů: 78 248 120 320
.
- - End Of File - - 9D1BA5C48EA14DBB94EC12AC4097D890

a MB našel a odstranil toto:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

29.3.2011 17:52:11
mbam-log-2011-03-29 (17-52-11).txt

Typ skenu: Rychlý sken
Skenované objekty: 140734
Uplynulý čas: 44 minuta(y), 52 sekunda(y)

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče registru: 89
Infikované hodnoty registru: 5
Infikované datové položky registru: 5
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
c:\WINDOWS\system32\wuaucldt.exe (Trojan.Agent) -> Unloaded process successfully.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\niu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.Exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MicroAV (Rogue.MicroAntiVirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a2service.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arcacheck.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arcavir.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashdisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashenhcd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswupdsv.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcls.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz_se.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz4.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdinit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\caav.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\caavguiscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\casecuritycenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwadins.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drweb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\filemon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fpavserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fpscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fpwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsav32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsgk32st.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsma32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gfring3.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navigator.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navstub.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navwnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ollydbg.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\preupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pskdr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regtool.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sffnup.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vba32arkit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vba32ldr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zanda.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zlh.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zoneband.dll (Security.Hijack) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdAgent.exe\debugger (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe\debugger (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe\debugger (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Quarantined and deleted successfully.

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Documents and Settings\Pepovo PC\wuaucldt.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wuaucldt.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zaneřáděný PC

#2 Příspěvek od Rudy »

Myslím, že máte po virové stránce čisto. Pokuste se aktualizace opravit takto:

Otevřte poznámkový blok a zkopírujte do něj:
cd /d %SystemRoot%\system32
regsvr32 comcat.dll /s
regsvr32 shdoc401.dll /s
regsvr32 shdoc401.dll /i /s
regsvr32 asctrls.ocx /s
regsvr32 oleaut32.dll /s
regsvr32 shdocvw.dll /I /s
regsvr32 shdocvw.dll /s
regsvr32 browseui.dll /s
regsvr32 browseui.dll /I /s
regsvr32 msrating.dll /s
regsvr32 mlang.dll /s
regsvr32 hlink.dll /s
regsvr32 mshtmled.dll /s
regsvr32 urlmon.dll /s
regsvr32 plugin.ocx /s
regsvr32 sendmail.dll /s
regsvr32 scrobj.dll /s
regsvr32 mmefxe.ocx /s
regsvr32 corpol.dll /s
regsvr32 jscript.dll /s
regsvr32 msxml.dll /s
regsvr32 imgutil.dll /s
regsvr32 thumbvw.dll /s
regsvr32 cryptext.dll /s
regsvr32 rsabase.dll /s
regsvr32 inseng.dll /s
regsvr32 iesetup.dll /i /s
regsvr32 cryptdlg.dll /s
regsvr32 actxprxy.dll /s
regsvr32 dispex.dll /s
regsvr32 occache.dll /s
regsvr32 occache.dll /i /s
regsvr32 iepeers.dll /s
regsvr32 urlmon.dll /i /s
regsvr32 cdfview.dll /s
regsvr32 webcheck.dll /s
regsvr32 mobsync.dll /s
regsvr32 pngfilt.dll /s
regsvr32 licmgr10.dll /s
regsvr32 icmfilter.dll /s
regsvr32 hhctrl.ocx /s
regsvr32 inetcfg.dll /s
regsvr32 tdc.ocx /s
regsvr32 MSR2C.DLL /s
regsvr32 msident.dll /s
regsvr32 msieftp.dll /s
regsvr32 xmsconf.ocx /s
regsvr32 ils.dll /s
regsvr32 msoeacct.dll /s
regsvr32 inetcomm.dll /s
regsvr32 msdxm.ocx /s
regsvr32 dxmasf.dll /s
regsvr32 l3codecx.ax /s
regsvr32 acelpdec.ax /s
regsvr32 mpg4ds32.ax /s
regsvr32 voxmsdec.ax /s
regsvr32 danim.dll /s
regsvr32 Daxctle.ocx /s
regsvr32 lmrt.dll /s
regsvr32 datime.dll /s
regsvr32 dxtrans.dll /s
regsvr32 dxtmsft.dll /s
regsvr32 WEBPOST.DLL /s
regsvr32 WPWIZDLL.DLL /s
regsvr32 POSTWPP.DLL /s
regsvr32 CRSWPP.DLL /s
regsvr32 FTPWPP.DLL /s
regsvr32 FPWPP.DLL /s
regsvr32 WUAPI.DLL /s
regsvr32 WUAUENG.DLL /s
regsvr32 WUAUENG1.DLL /s
regsvr32 ATL.DLL /s
regsvr32 WUCLTUI.DLL /s
regsvr32 WUPS.DLL /s
regsvr32 WUPS2.DLL /s
regsvr32 WUWEB.DLL /s
regsvr32 wshom.ocx /s
regsvr32 wshext.dll /s
regsvr32 vbscript.dll /s
regsvr32 scrrun.dll mstinit.exe /setup /s
regsvr32 msnsspc.dll /SspcCreateSspiReg /s
regsvr32 msapsspc.dll /SspcCreateSspiReg /s
exit
Uložte na plochu jako IEReg.bat a dvouklikem rozbalte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JerryMX
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 20
Registrován: 07 říj 2007 18:57

Re: Zaneřáděný PC

#3 Příspěvek od JerryMX »

Děkuji za kontrolu, instalace aktualizací už taky jede. Díky
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zaneřáděný PC

#4 Příspěvek od Rudy »

Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Sekce pouze pro Vzorné návštěvníky“