VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Neskutečně zasekané a spomalené PC

https://forum.viry.cz:443/viewtopic.php?t=115322

Stránka 3 z 8

Re: Neskutečně zasekané a spomalené PC

Napsal: 17 zář 2011 21:15
od WiZARD_
Mám nadále pracovat v nouzovém režimu jako administrator?

Re: Neskutečně zasekané a spomalené PC

Napsal: 17 zář 2011 21:19
od chodnik74
Ano :)

Re: Neskutečně zasekané a spomalené PC

Napsal: 18 zář 2011 18:45
od WiZARD_
Takže po asi 2 hodinách, kdy se instaloval service pack 3 vyskočila chyba "přístup byl odepřen". Co s tím?

Re: Neskutečně zasekané a spomalené PC

Napsal: 18 zář 2011 18:57
od WiZARD_
Tak jsem požil OTL podle Vašeho návodu a po restaru se žádný log nezobrazil.
Už jsem z toho fakt na palici.. :cry:

Re: Neskutečně zasekané a spomalené PC

Napsal: 18 zář 2011 19:02
od WiZARD_
Už to na mě vyskočilo...


All processes killed
========== OTL ==========
Service xmlprov stopped successfully!
Service xmlprov deleted successfully!
Service wscsvc stopped successfully!
Service wscsvc deleted successfully!
Service PEVSystemStart stopped successfully!
Service PEVSystemStart deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\365dni deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\365dní deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft System Service deleted successfully.
C:\WINDOWS\system32\globalpatch.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows LoL Layer deleted successfully.
C:\WINDOWS\system32\xmlnhjl.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\windows updatess deleted successfully.
C:\WINDOWS\system32\svchots.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WMC_AutoUpdate deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Windows LoL Layer deleted successfully.
File C:\WINDOWS\System32\xmlnhjl.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\windows updatess deleted successfully.
File C:\WINDOWS\System32\svchots.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Windows LoL Layer not found.
File C:\WINDOWS\System32\xmlnhjl.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\windows updatess not found.
File C:\WINDOWS\System32\svchots.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\windows updatess deleted successfully.
File C:\WINDOWS\System32\svchots.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\RunNarrator deleted successfully.
C:\WINDOWS\system32\narrator.exe moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\windows updatess deleted successfully.
File C:\WINDOWS\System32\svchots.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\RunNarrator not found.
File C:\WINDOWS\System32\narrator.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\windows updatess not found.
File C:\WINDOWS\System32\svchots.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\Microsoft System Service deleted successfully.
File C:\WINDOWS\System32\globalpatch.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\Windows LoL Layer deleted successfully.
File C:\WINDOWS\System32\xmlnhjl.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\\windows updatess deleted successfully.
File C:\WINDOWS\System32\svchots.exe not found.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ICQ6.5.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32\ deleted successfully.
File C:\WINDOWS\System32\svchots.exe not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET145B.tmp deleted successfully.
C:\WINDOWS\System32\SET14F2.tmp deleted successfully.
C:\WINDOWS\System32\SET188.tmp deleted successfully.
C:\WINDOWS\System32\SET188E.tmp deleted successfully.
C:\WINDOWS\System32\SET1893.tmp deleted successfully.
C:\WINDOWS\System32\SET1897.tmp deleted successfully.
C:\WINDOWS\System32\SET189C.tmp deleted successfully.
C:\WINDOWS\System32\SET18A7.tmp deleted successfully.
C:\WINDOWS\System32\SET18A9.tmp deleted successfully.
C:\WINDOWS\System32\SET18AD.tmp deleted successfully.
C:\WINDOWS\System32\SET18B.tmp deleted successfully.
C:\WINDOWS\System32\SET18B1.tmp deleted successfully.
C:\WINDOWS\System32\SET18B7.tmp deleted successfully.
C:\WINDOWS\System32\SET18B9.tmp deleted successfully.
C:\WINDOWS\System32\SET18BB.tmp deleted successfully.
C:\WINDOWS\System32\SET18C5.tmp deleted successfully.
C:\WINDOWS\System32\SET18CE.tmp deleted successfully.
C:\WINDOWS\System32\SET18D.tmp deleted successfully.
C:\WINDOWS\System32\SET18D5.tmp deleted successfully.
C:\WINDOWS\System32\SET18E3.tmp deleted successfully.
C:\WINDOWS\System32\SET18E8.tmp deleted successfully.
C:\WINDOWS\System32\SET18EA.tmp deleted successfully.
C:\WINDOWS\System32\SET18EB.tmp deleted successfully.
C:\WINDOWS\System32\SET18ED.tmp deleted successfully.
C:\WINDOWS\System32\SET18F.tmp deleted successfully.
C:\WINDOWS\System32\SET18F0.tmp deleted successfully.
C:\WINDOWS\System32\SET18F1.tmp deleted successfully.
C:\WINDOWS\System32\SET18F2.tmp deleted successfully.
C:\WINDOWS\System32\SET18F4.tmp deleted successfully.
C:\WINDOWS\System32\SET18F5.tmp deleted successfully.
C:\WINDOWS\System32\SET18F8.tmp deleted successfully.
C:\WINDOWS\System32\SET18F9.tmp deleted successfully.
C:\WINDOWS\System32\SET18FE.tmp deleted successfully.
C:\WINDOWS\System32\SET1900.tmp deleted successfully.
C:\WINDOWS\System32\SET192A.tmp deleted successfully.
C:\WINDOWS\System32\SET192B.tmp deleted successfully.
C:\WINDOWS\System32\SET193E.tmp deleted successfully.
C:\WINDOWS\System32\SET1944.tmp deleted successfully.
C:\WINDOWS\System32\SET194A.tmp deleted successfully.
C:\WINDOWS\System32\SET195E.tmp deleted successfully.
C:\WINDOWS\System32\SET195F.tmp deleted successfully.
C:\WINDOWS\System32\SET1962.tmp deleted successfully.
C:\WINDOWS\System32\SET196A.tmp deleted successfully.
C:\WINDOWS\System32\SET197.tmp deleted successfully.
C:\WINDOWS\System32\SET1972.tmp deleted successfully.
C:\WINDOWS\System32\SET1973.tmp deleted successfully.
C:\WINDOWS\System32\SET198.tmp deleted successfully.
C:\WINDOWS\System32\SET1982.tmp deleted successfully.
C:\WINDOWS\System32\SET198D.tmp deleted successfully.
C:\WINDOWS\System32\SET19A2.tmp deleted successfully.
C:\WINDOWS\System32\SET19B1.tmp deleted successfully.
C:\WINDOWS\System32\SET19CE.tmp deleted successfully.
C:\WINDOWS\System32\SET19D.tmp deleted successfully.
C:\WINDOWS\System32\SET19DB.tmp deleted successfully.
C:\WINDOWS\System32\SET19DD.tmp deleted successfully.
C:\WINDOWS\System32\SET19E4.tmp deleted successfully.
C:\WINDOWS\System32\SET19EC.tmp deleted successfully.
C:\WINDOWS\System32\SET19F0.tmp deleted successfully.
C:\WINDOWS\System32\SET19F5.tmp deleted successfully.
C:\WINDOWS\System32\SET1A01.tmp deleted successfully.
C:\WINDOWS\System32\SET1A0B.tmp deleted successfully.
C:\WINDOWS\System32\SET1A0C.tmp deleted successfully.
C:\WINDOWS\System32\SET1A17.tmp deleted successfully.
C:\WINDOWS\System32\SET1A1D.tmp deleted successfully.
C:\WINDOWS\System32\SET1A23.tmp deleted successfully.
C:\WINDOWS\System32\SET1A25.tmp deleted successfully.
C:\WINDOWS\System32\SET1A27.tmp deleted successfully.
C:\WINDOWS\System32\SET1A28.tmp deleted successfully.
C:\WINDOWS\System32\SET1A2C.tmp deleted successfully.
C:\WINDOWS\System32\SET1A3A.tmp deleted successfully.
C:\WINDOWS\System32\SET1A3E.tmp deleted successfully.
C:\WINDOWS\System32\SET1A42.tmp deleted successfully.
C:\WINDOWS\System32\SET1A46.tmp deleted successfully.
C:\WINDOWS\System32\SET1A47.tmp deleted successfully.
C:\WINDOWS\System32\SET1A48.tmp deleted successfully.
C:\WINDOWS\System32\SET1A49.tmp deleted successfully.
C:\WINDOWS\System32\SET1A4B.tmp deleted successfully.
C:\WINDOWS\System32\SET1A56.tmp deleted successfully.
C:\WINDOWS\System32\SET1A57.tmp deleted successfully.
C:\WINDOWS\System32\SET1A5C.tmp deleted successfully.
C:\WINDOWS\System32\SET1A6F.tmp deleted successfully.
C:\WINDOWS\System32\SET1A70.tmp deleted successfully.
C:\WINDOWS\System32\SET1A77.tmp deleted successfully.
C:\WINDOWS\System32\SET1A8.tmp deleted successfully.
C:\WINDOWS\System32\SET1A85.tmp deleted successfully.
C:\WINDOWS\System32\SET1A86.tmp deleted successfully.
C:\WINDOWS\System32\SET1A8C.tmp deleted successfully.
C:\WINDOWS\System32\SET1A9.tmp deleted successfully.
C:\WINDOWS\System32\SET1A90.tmp deleted successfully.
C:\WINDOWS\System32\SET1A91.tmp deleted successfully.
C:\WINDOWS\System32\SET1A93.tmp deleted successfully.
C:\WINDOWS\System32\SET1A96.tmp deleted successfully.
C:\WINDOWS\System32\SET1A98.tmp deleted successfully.
C:\WINDOWS\System32\SET1A99.tmp deleted successfully.
C:\WINDOWS\System32\SET1A9A.tmp deleted successfully.
C:\WINDOWS\System32\SET1AA.tmp deleted successfully.
C:\WINDOWS\System32\SET1AA0.tmp deleted successfully.
C:\WINDOWS\System32\SET1AA6.tmp deleted successfully.
C:\WINDOWS\System32\SET1AA7.tmp deleted successfully.
C:\WINDOWS\System32\SET1AAC.tmp deleted successfully.
C:\WINDOWS\System32\SET1AB4.tmp deleted successfully.
C:\WINDOWS\System32\SET1AB5.tmp deleted successfully.
C:\WINDOWS\System32\SET1AB6.tmp deleted successfully.
C:\WINDOWS\System32\SET1AB8.tmp deleted successfully.
C:\WINDOWS\System32\SET1AB9.tmp deleted successfully.
C:\WINDOWS\System32\SET1ABA.tmp deleted successfully.
C:\WINDOWS\System32\SET1ABC.tmp deleted successfully.
C:\WINDOWS\System32\SET1ABD.tmp deleted successfully.
C:\WINDOWS\System32\SET1ABE.tmp deleted successfully.
C:\WINDOWS\System32\SET1ABF.tmp deleted successfully.
C:\WINDOWS\System32\SET1AC0.tmp deleted successfully.
C:\WINDOWS\System32\SET1AC3.tmp deleted successfully.
C:\WINDOWS\System32\SET1AC4.tmp deleted successfully.
C:\WINDOWS\System32\SET1ACB.tmp deleted successfully.
C:\WINDOWS\System32\SET1ACC.tmp deleted successfully.
C:\WINDOWS\System32\SET1AD.tmp deleted successfully.
C:\WINDOWS\System32\SET1AE.tmp deleted successfully.
C:\WINDOWS\System32\SET1AE6.tmp deleted successfully.
C:\WINDOWS\System32\SET1AEA.tmp deleted successfully.
C:\WINDOWS\System32\SET1AF.tmp deleted successfully.
C:\WINDOWS\System32\SET1AFA.tmp deleted successfully.
C:\WINDOWS\System32\SET1B0.tmp deleted successfully.
C:\WINDOWS\System32\SET1B0D.tmp deleted successfully.
C:\WINDOWS\System32\SET1B1.tmp deleted successfully.
C:\WINDOWS\System32\SET1B13.tmp deleted successfully.
C:\WINDOWS\System32\SET1B16.tmp deleted successfully.
C:\WINDOWS\System32\SET1B17.tmp deleted successfully.
C:\WINDOWS\System32\SET1B18.tmp deleted successfully.
C:\WINDOWS\System32\SET1B20.tmp deleted successfully.
C:\WINDOWS\System32\SET1B2A.tmp deleted successfully.
C:\WINDOWS\System32\SET1B2B.tmp deleted successfully.
C:\WINDOWS\System32\SET1B3.tmp deleted successfully.
C:\WINDOWS\System32\SET1B35.tmp deleted successfully.
C:\WINDOWS\System32\SET1B36.tmp deleted successfully.
C:\WINDOWS\System32\SET1B3E.tmp deleted successfully.
C:\WINDOWS\System32\SET1B3F.tmp deleted successfully.
C:\WINDOWS\System32\SET1B4.tmp deleted successfully.
C:\WINDOWS\System32\SET1B42.tmp deleted successfully.
C:\WINDOWS\System32\SET1B43.tmp deleted successfully.
C:\WINDOWS\System32\SET1B46.tmp deleted successfully.
C:\WINDOWS\System32\SET1B48.tmp deleted successfully.
C:\WINDOWS\System32\SET1B4D.tmp deleted successfully.
C:\WINDOWS\System32\SET1B6.tmp deleted successfully.
C:\WINDOWS\System32\SET1B61.tmp deleted successfully.
C:\WINDOWS\System32\SET1B62.tmp deleted successfully.
C:\WINDOWS\System32\SET1B63.tmp deleted successfully.
C:\WINDOWS\System32\SET1B7A.tmp deleted successfully.
C:\WINDOWS\System32\SET1B7B.tmp deleted successfully.
C:\WINDOWS\System32\SET1B81.tmp deleted successfully.
C:\WINDOWS\System32\SET1B83.tmp deleted successfully.
C:\WINDOWS\System32\SET1B8F.tmp deleted successfully.
C:\WINDOWS\System32\SET1B9F.tmp deleted successfully.
C:\WINDOWS\System32\SET1BA0.tmp deleted successfully.
C:\WINDOWS\System32\SET1BA1.tmp deleted successfully.
C:\WINDOWS\System32\SET1BA2.tmp deleted successfully.
C:\WINDOWS\System32\SET1BA8.tmp deleted successfully.
C:\WINDOWS\System32\SET1BA9.tmp deleted successfully.
C:\WINDOWS\System32\SET1BAC.tmp deleted successfully.
C:\WINDOWS\System32\SET1BAD.tmp deleted successfully.
C:\WINDOWS\System32\SET1BAE.tmp deleted successfully.
C:\WINDOWS\System32\SET1BB0.tmp deleted successfully.
C:\WINDOWS\System32\SET1BB7.tmp deleted successfully.
C:\WINDOWS\System32\SET1BB8.tmp deleted successfully.
C:\WINDOWS\System32\SET1BBA.tmp deleted successfully.
C:\WINDOWS\System32\SET1BBD.tmp deleted successfully.
C:\WINDOWS\System32\SET1BCD.tmp deleted successfully.
C:\WINDOWS\System32\SET1BCF.tmp deleted successfully.
C:\WINDOWS\System32\SET1BD0.tmp deleted successfully.
C:\WINDOWS\System32\SET1BD2.tmp deleted successfully.
C:\WINDOWS\System32\SET1BD3.tmp deleted successfully.
C:\WINDOWS\System32\SET1BD4.tmp deleted successfully.
C:\WINDOWS\System32\SET1BD5.tmp deleted successfully.
C:\WINDOWS\System32\SET1BD6.tmp deleted successfully.
C:\WINDOWS\System32\SET1BD8.tmp deleted successfully.
C:\WINDOWS\System32\SET1BD9.tmp deleted successfully.
C:\WINDOWS\System32\SET1BDA.tmp deleted successfully.
C:\WINDOWS\System32\SET1BE5.tmp deleted successfully.
C:\WINDOWS\System32\SET1BE8.tmp deleted successfully.
C:\WINDOWS\System32\SET1BE9.tmp deleted successfully.
C:\WINDOWS\System32\SET1BF1.tmp deleted successfully.
C:\WINDOWS\System32\SET1BF3.tmp deleted successfully.
C:\WINDOWS\System32\SET1BF5.tmp deleted successfully.
C:\WINDOWS\System32\SET1BF7.tmp deleted successfully.
C:\WINDOWS\System32\SET1BFB.tmp deleted successfully.
C:\WINDOWS\System32\SET1C6.tmp deleted successfully.
C:\WINDOWS\System32\SET1C9.tmp deleted successfully.
C:\WINDOWS\System32\SET1CC.tmp deleted successfully.
C:\WINDOWS\System32\SET1CD.tmp deleted successfully.
C:\WINDOWS\System32\SET1D4.tmp deleted successfully.
C:\WINDOWS\System32\SET1D7.tmp deleted successfully.
C:\WINDOWS\System32\SET1D8.tmp deleted successfully.
C:\WINDOWS\System32\SET1D9.tmp deleted successfully.
C:\WINDOWS\System32\SET1DC.tmp deleted successfully.
C:\WINDOWS\System32\SET1DD.tmp deleted successfully.
C:\WINDOWS\System32\SET1E5.tmp deleted successfully.
C:\WINDOWS\System32\SET1E6.tmp deleted successfully.
C:\WINDOWS\System32\SET1E7.tmp deleted successfully.
C:\WINDOWS\System32\SET1E8.tmp deleted successfully.
C:\WINDOWS\System32\SET1F5.tmp deleted successfully.
C:\WINDOWS\System32\SET200.tmp deleted successfully.
C:\WINDOWS\System32\SET202.tmp deleted successfully.
C:\WINDOWS\System32\SET208.tmp deleted successfully.
C:\WINDOWS\System32\SET209.tmp deleted successfully.
C:\WINDOWS\System32\SET22A.tmp deleted successfully.
C:\WINDOWS\System32\SET22B.tmp deleted successfully.
C:\WINDOWS\System32\SET22C.tmp deleted successfully.
C:\WINDOWS\System32\SET247.tmp deleted successfully.
C:\WINDOWS\System32\SET24E.tmp deleted successfully.
C:\WINDOWS\System32\SET250.tmp deleted successfully.
C:\WINDOWS\System32\SET253.tmp deleted successfully.
C:\WINDOWS\System32\SET254.tmp deleted successfully.
C:\WINDOWS\System32\SET257.tmp deleted successfully.
C:\WINDOWS\System32\SET258.tmp deleted successfully.
C:\WINDOWS\System32\SET262.tmp deleted successfully.
C:\WINDOWS\System32\SET263.tmp deleted successfully.
C:\WINDOWS\System32\SET26D.tmp deleted successfully.
C:\WINDOWS\System32\SET26E.tmp deleted successfully.
C:\WINDOWS\System32\SET278.tmp deleted successfully.
C:\WINDOWS\System32\SET280.tmp deleted successfully.
C:\WINDOWS\System32\SET281.tmp deleted successfully.
C:\WINDOWS\System32\SET282.tmp deleted successfully.
C:\WINDOWS\System32\SET286.tmp deleted successfully.
C:\WINDOWS\System32\SET28D.tmp deleted successfully.
C:\WINDOWS\System32\SET2A7.tmp deleted successfully.
C:\WINDOWS\System32\SET2B8.tmp deleted successfully.
C:\WINDOWS\System32\SET2BD.tmp deleted successfully.
C:\WINDOWS\System32\SET2D9.tmp deleted successfully.
C:\WINDOWS\System32\SET2DA.tmp deleted successfully.
C:\WINDOWS\System32\SET2E1.tmp deleted successfully.
C:\WINDOWS\System32\SET2E2.tmp deleted successfully.
C:\WINDOWS\System32\SET2E5.tmp deleted successfully.
C:\WINDOWS\System32\SET2E6.tmp deleted successfully.
C:\WINDOWS\System32\SET2E7.tmp deleted successfully.
C:\WINDOWS\System32\SET2E8.tmp deleted successfully.
C:\WINDOWS\System32\SET2E9.tmp deleted successfully.
C:\WINDOWS\System32\SET2EB.tmp deleted successfully.
C:\WINDOWS\System32\SET2EC.tmp deleted successfully.
C:\WINDOWS\System32\SET2ED.tmp deleted successfully.
C:\WINDOWS\System32\SET2F0.tmp deleted successfully.
C:\WINDOWS\System32\SET2F1.tmp deleted successfully.
C:\WINDOWS\System32\SET2F2.tmp deleted successfully.
C:\WINDOWS\System32\SET2F8.tmp deleted successfully.
C:\WINDOWS\System32\SET2FD.tmp deleted successfully.
C:\WINDOWS\System32\SET2FE.tmp deleted successfully.
C:\WINDOWS\System32\SET304.tmp deleted successfully.
C:\WINDOWS\System32\SET30A.tmp deleted successfully.
C:\WINDOWS\System32\SET30B.tmp deleted successfully.
C:\WINDOWS\System32\SET30C.tmp deleted successfully.
C:\WINDOWS\System32\SET30F.tmp deleted successfully.
C:\WINDOWS\System32\SET313.tmp deleted successfully.
C:\WINDOWS\System32\SET315.tmp deleted successfully.
C:\WINDOWS\System32\SET316.tmp deleted successfully.
C:\WINDOWS\System32\SET31B.tmp deleted successfully.
C:\WINDOWS\System32\SET327.tmp deleted successfully.
C:\WINDOWS\System32\SET328.tmp deleted successfully.
C:\WINDOWS\System32\SET337.tmp deleted successfully.
C:\WINDOWS\System32\SET33E.tmp deleted successfully.
C:\WINDOWS\System32\SET33F.tmp deleted successfully.
C:\WINDOWS\System32\SET350.tmp deleted successfully.
C:\WINDOWS\System32\SET355.tmp deleted successfully.
C:\WINDOWS\System32\SET356.tmp deleted successfully.
C:\WINDOWS\System32\SET361.tmp deleted successfully.
C:\WINDOWS\System32\SET363.tmp deleted successfully.
C:\WINDOWS\System32\SET364.tmp deleted successfully.
C:\WINDOWS\System32\SET365.tmp deleted successfully.
C:\WINDOWS\System32\SET366.tmp deleted successfully.
C:\WINDOWS\System32\SET36A.tmp deleted successfully.
C:\WINDOWS\System32\SET36E.tmp deleted successfully.
C:\WINDOWS\System32\SET373.tmp deleted successfully.
C:\WINDOWS\System32\SET381.tmp deleted successfully.
C:\WINDOWS\System32\SET384.tmp deleted successfully.
C:\WINDOWS\System32\SET385.tmp deleted successfully.
C:\WINDOWS\System32\SET387.tmp deleted successfully.
C:\WINDOWS\System32\SET389.tmp deleted successfully.
C:\WINDOWS\System32\SET390.tmp deleted successfully.
C:\WINDOWS\System32\SET391.tmp deleted successfully.
C:\WINDOWS\System32\SET399.tmp deleted successfully.
C:\WINDOWS\System32\SET3A8.tmp deleted successfully.
C:\WINDOWS\System32\SET3AD.tmp deleted successfully.
C:\WINDOWS\System32\SET3B1.tmp deleted successfully.
C:\WINDOWS\System32\SET3BB.tmp deleted successfully.
C:\WINDOWS\System32\SET3C2.tmp deleted successfully.
C:\WINDOWS\System32\SET3C4.tmp deleted successfully.
C:\WINDOWS\System32\SET3D1.tmp deleted successfully.
C:\WINDOWS\System32\SET3ED.tmp deleted successfully.
C:\WINDOWS\System32\SET3FD.tmp deleted successfully.
C:\WINDOWS\System32\SET414.tmp deleted successfully.
C:\WINDOWS\System32\SET41F.tmp deleted successfully.
C:\WINDOWS\System32\SET42B.tmp deleted successfully.
C:\WINDOWS\System32\SET42C.tmp deleted successfully.
C:\WINDOWS\System32\SET437.tmp deleted successfully.
C:\WINDOWS\System32\SET43D.tmp deleted successfully.
C:\WINDOWS\System32\SET440.tmp deleted successfully.
C:\WINDOWS\System32\SET441.tmp deleted successfully.
C:\WINDOWS\System32\SET457.tmp deleted successfully.
C:\WINDOWS\System32\SET45C.tmp deleted successfully.
C:\WINDOWS\System32\SET462.tmp deleted successfully.
C:\WINDOWS\System32\SET477.tmp deleted successfully.
C:\WINDOWS\System32\SET478.tmp deleted successfully.
C:\WINDOWS\System32\SET4AE.tmp deleted successfully.
C:\WINDOWS\System32\SET4B0.tmp deleted successfully.
C:\WINDOWS\System32\SET4B5.tmp deleted successfully.
C:\WINDOWS\System32\SET4BA.tmp deleted successfully.
C:\WINDOWS\System32\SET4BB.tmp deleted successfully.
C:\WINDOWS\System32\SET4BE.tmp deleted successfully.
C:\WINDOWS\System32\SET4BF.tmp deleted successfully.
C:\WINDOWS\System32\SET4C0.tmp deleted successfully.
C:\WINDOWS\System32\SET4C3.tmp deleted successfully.
C:\WINDOWS\System32\SET4C5.tmp deleted successfully.
C:\WINDOWS\System32\SET4C6.tmp deleted successfully.
C:\WINDOWS\System32\SET4C8.tmp deleted successfully.
C:\WINDOWS\System32\SET4CD.tmp deleted successfully.
C:\WINDOWS\System32\SET4E0.tmp deleted successfully.
C:\WINDOWS\System32\SET4EB.tmp deleted successfully.
C:\WINDOWS\System32\SET4F4.tmp deleted successfully.
C:\WINDOWS\System32\SET4FD.tmp deleted successfully.
C:\WINDOWS\System32\SET4FF.tmp deleted successfully.
C:\WINDOWS\System32\SET501.tmp deleted successfully.
C:\WINDOWS\System32\SET506.tmp deleted successfully.
C:\WINDOWS\System32\SET50A.tmp deleted successfully.
C:\WINDOWS\System32\SET50F.tmp deleted successfully.
C:\WINDOWS\System32\SET512.tmp deleted successfully.
C:\WINDOWS\System32\SET519.tmp deleted successfully.
C:\WINDOWS\System32\SET523.tmp deleted successfully.
C:\WINDOWS\System32\SET526.tmp deleted successfully.
C:\WINDOWS\System32\SET52D.tmp deleted successfully.
C:\WINDOWS\System32\SET78A.tmp deleted successfully.
C:\WINDOWS\System32\SET792.tmp deleted successfully.
C:\WINDOWS\System32\setb11.tmp deleted successfully.
C:\WINDOWS\System32\setb12.tmp deleted successfully.
C:\WINDOWS\002611_.tmp deleted successfully.
C:\WINDOWS\SET1739.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET598.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\WINDOWS\system32\o moved successfully.
C:\WINDOWS\system32\eras.fon moved successfully.
C:\WINDOWS\system32\nvapps.xml moved successfully.
C:\WINDOWS\system32\x moved successfully.
C:\WINDOWS\system32\smsc.exe moved successfully.
C:\WINDOWS\system32\csrsc.exe moved successfully.
C:\WINDOWS\system32\x.exe moved successfully.
File C:\WINDOWS\System32\globalpatch.exe not found.
C:\WINDOWS\system32\drenxr.dll moved successfully.
C:\WINDOWS\system32\irdvxc.exe moved successfully.
C:\WINDOWS\system32\.exe moved successfully.
C:\WINDOWS\system32\ftpupd.exe moved successfully.
C:\WINDOWS\system32\ortecnx.dll moved successfully.
C:\WINDOWS\system32\ortecnxr.dll moved successfully.
C:\WINDOWS\system32\crecnxr.dll moved successfully.
C:\WINDOWS\system32\erecnxr.dll moved successfully.
C:\WINDOWS\system32\brecnxr.dll moved successfully.
File C:\WINDOWS\System32\drenxr.dll not found.
C:\WINDOWS\hpoins36.dat.temp moved successfully.
C:\WINDOWS\hpomdl36.dat.temp moved successfully.
C:\WINDOWS\system32\shimg.dll moved successfully.
C:\WINDOWS\system32\zeqeqzd.exe moved successfully.
C:\WINDOWS\system32\seamzrd.exe moved successfully.
C:\WINDOWS\system32\ydchtad.exe moved successfully.
File C:\WINDOWS\System32\xmlnhjl.exe not found.
C:\WINDOWS\system32\Uharc.exe moved successfully.
C:\WINDOWS\system32\moveex.exe moved successfully.
C:\WINDOWS\system32\modifype.exe moved successfully.
C:\WINDOWS\CSC\csc1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1155.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3F4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3F5.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3F6.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3F7.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3F8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3F9.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3FA.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3FB.tmp deleted successfully.
C:\WINDOWS\Temp\56A4420A16B85C03.tmp deleted successfully.
C:\WINDOWS\Temp\852C5795BDE04053.tmp deleted successfully.
C:\WINDOWS\Temp\EFB1F9580BA813D3.tmp deleted successfully.
C:\WINDOWS\Temp\FC37CA455160F7E9.tmp deleted successfully.
C:\WINDOWS\Temp\HTT11.tmp deleted successfully.
C:\WINDOWS\Temp\HTT1A6D.tmp deleted successfully.
C:\WINDOWS\Temp\HTT1BD.tmp deleted successfully.
C:\WINDOWS\Temp\HTT6D6A.tmp deleted successfully.
C:\WINDOWS\Temp\WER1.tmp deleted successfully.
C:\WINDOWS\Temp\WER23BD.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\9CFEF50D54.sys moved successfully.
\Program Files\BitLord\Torrents\FL.Studio.9.XXL.mit.Crack.und.VSTi.Cracks.torrent moved successfully.
\Program Files\BitLord\Torrents\Fruity_Loops_Studio_9_&_Crack.torrent moved successfully.
\Program Files\BitLord\Torrents\Fruity_Loops_Studio_9_&_Crack[0].torrent moved successfully.
\Program Files\BitLord\Torrents\Sony Acid Music Studio 7.0a and crack.torrent moved successfully.
\Program Files\BitLord\Torrents\Sony Acid Music Studio 7.0a and crack[0].torrent moved successfully.
========== FILES ==========
C:\WINDOWS\system32\_000028_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000040_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000054_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000057_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000067_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000078_.tmp.dll moved successfully.
C:\WINDOWS\system32\_002982_.tmp.dll moved successfully.
C:\WINDOWS\system32\_002984_.tmp.dll moved successfully.
C:\WINDOWS\system32\_002992_.tmp.dll moved successfully.
C:\WINDOWS\system32\_002993_.tmp.dll moved successfully.
C:\WINDOWS\system32\_002994_.tmp.dll moved successfully.
C:\WINDOWS\system32\_002996_.tmp.dll moved successfully.
C:\WINDOWS\system32\_002997_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003000_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003001_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003004_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003007_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003010_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003011_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003016_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003018_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003021_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003024_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003025_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003026_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003027_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003030_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003031_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003032_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003033_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003034_.tmp.dll moved successfully.
C:\WINDOWS\system32\_003039_.tmp.dll moved successfully.
C:\WINDOWS\system32\drivers\_002956_.tmp.dll moved successfully.
C:\WINDOWS\system32\Setup\SET1CED.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CEE.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CEF.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF0.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF1.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF3.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF4.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF5.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF6.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF7.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF8.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CF9.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CFA.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CFB.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1CFC.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5C6.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5C7.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5C8.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5C9.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5CA.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5CB.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5CC.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5CD.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5CE.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5CF.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5D0.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5D1.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET5D2.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET7B9.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D19.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D1B.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D21.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D22.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D23.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D28.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D32.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D34.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D36.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D39.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D47.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D48.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D49.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D4B.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1D4C.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5D3.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5D4.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5D6.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5D7.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5D8.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5E8.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5EB.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5ED.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5EF.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5F7.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5FA.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5FB.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5FC.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET5FF.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET601.tmp moved successfully.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 861 bytes

User: All Users

User: Alů
->Flash cache emptied: 16866 bytes

User: Default User

User: Guest
->Flash cache emptied: 6939 bytes

User: LocalService

User: NetworkService

User: Viti

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 3548706 bytes
->Temporary Internet Files folder emptied: 33728 bytes
->FireFox cache emptied: 58793752 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Alů
->Temp folder emptied: 31078789 bytes
->Temporary Internet Files folder emptied: 327920193 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 152420063 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33728 bytes

User: Guest
->Temp folder emptied: 1251819 bytes
->Temporary Internet Files folder emptied: 36430801 bytes
->FireFox cache emptied: 46467961 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1002850 bytes
->FireFox cache emptied: 6625401 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Viti

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21324435 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 364314 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 655,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.28.0 log created on 09182011_195226

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Re: Neskutečně zasekané a spomalené PC

Napsal: 19 zář 2011 04:37
od chodnik74
Tak na service pack zatím prďte :) až bude pc odvirované,půjde zcela jistě lépe :)

:arrow: Stáhněte program RogueKiller
  • Spuste program
  • Stiskněte klávesu 2 a enter
  • Objeví se vám log a ten sem vložte
  • Stějně tak opakujte s volbou 3 a 4 a vložte logy

Re: Neskutečně zasekané a spomalené PC

Napsal: 20 zář 2011 19:39
od WiZARD_
Při spuštění opět chyba!

Vstupní bod procedury EncodePointer se nepodařilo v dynamicky propojované knihovně KERNEL32.dll nalézt.

Re: Neskutečně zasekané a spomalené PC

Napsal: 21 zář 2011 07:03
od chodnik74
Udělejte mi prosím úplnou kontrolu v malwarebytes a zase všechno smazat a vložte mi sem log :idea:

Re: Neskutečně zasekané a spomalené PC

Napsal: 21 zář 2011 21:38
od WiZARD_
Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 1 (Safe Mode)
Internet Explorer 6.0.2800.1106

21.9.2011 22:37:50
mbam-log-2011-09-21 (22-37-50).txt

Typ: Úplná kontrola (A:\|C:\|D:\|)
Kontrolované objekty: 289240
Uplynulý čas: 29 minut, 45 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 2
Infikované složky: 0
Infikované soubory: 17

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VMwareService (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_WINSPOOLSVC (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSpoolSvc (Trojan.Agent) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows LoL Layer (Backdoor.Bot) -> Value: Windows LoL Layer -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Windows LoL Layer (Backdoor.Bot) -> Value: Windows LoL Layer -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows LoL Layer (Backdoor.Bot) -> Value: Windows LoL Layer -> Quarantined and deleted successfully.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\System32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\WINDOWS\system\vmwareservice.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP8\A0003758.exe (CrypTool.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP8\A0003784.exe (CrypTool.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP8\A0003807.exe (Malware.Packer.u64) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP8\A0006808.dll (Trojan.CryptVI) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP8\A0008106.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP8\A0008108.exe (CrypTool.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP8\A0008110.exe (Malware.Packer.u64) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP8\A0008111.exe (Malware.Packer.u64) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5a02d41f-8332-493c-9036-a95593bd9a5d}\RP9\A0008768.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\local settings\temporary internet files\Content.IE5\94MQSIB8\tyf[1].jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\09182011_195226\c_windows\system32\csrsc.exe (Malware.Packer.u64) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\09182011_195226\c_windows\system32\globalpatch.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\09182011_195226\c_windows\system32\svchots.exe (CrypTool.Agent) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\09182011_195226\c_windows\system32\x (Worm.Conficker) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\09182011_195226\c_windows\system32\x.exe (Malware.Packer.u64) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\rmvxuxj.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

Re: Neskutečně zasekané a spomalené PC

Napsal: 22 zář 2011 04:53
od chodnik74
Vyčištěte pc podle návodu zde http://www.viry.cz/forum/viewtopic.php?f=11&t=6701 a poté znovu sken a vše smazat..vymyslím další postup :)

Re: Neskutečně zasekané a spomalené PC

Napsal: 22 zář 2011 05:15
od chodnik74
Nefungují vám automatické aktualizace,tak jdeme opravovat...

1) Resetování práv
:arrow: Stáhneme si program SWReg.exe
  • Soubor uložíme přímo na disk C:\
  • Otevřeme si Poznámkový blok Obrázek
    • (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
    • Vložíme do něj následující script:

      Kód: Vybrat vše

      @echo off
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\wuauserv" /RESET /Q
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\BITS" /RESET /Q
    • Soubor uložíme jako reset.bat (při ukládání nastavte Uložit jako typ:Všechny soubory)
    • Poté tento soubor spustíme a potvrdíme :)

2) Provedení opravy
:arrow: Stáhneme si na Plochu program OTLObrázek
  • Spustíme soubor OTL.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým tlačítkem myši a dejte ,,Spustit jako správce,,)
  • Do dolního okna Vlastní skenování/opravy vložíme následující skript a stiskneme tlačítko Opravit

    Kód: Vybrat vše

    :files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):"%systemroot%\system32\svchost.exe -k netsvcs"
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):"%systemroot%\system32\svchost.exe -k netsvcs"
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001

:Commands
[EmptyFlash]
[EmptyTemp]
[ResetHosts]
  • Po restartu pc se vám objeví log z OTL,ten mi sem prosím vložte..

3) Kontrola funkčnosti
:arrow: Otevřeme si Poznámkový blok Obrázek
  • (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
  • Vložíme do něj následující script:

    Kód: Vybrat vše

    net stop wuauserv >> "%userprofile%\plocha\kontrola.txt"
net STOP BITS >> "%userprofile%\plocha\kontrola.txt"

net start wuauserv >> "%userprofile%\plocha\kontrola.txt"
net start BITS >> "%userprofile%\plocha\kontrola.txt"

start notepad "%userprofile%\plocha\kontrola.txt"
  • Soubor uložíme jako reset.bat (při ukládání nastavte Uložit jako typ:Všechny soubory)
  • Poté tento soubor spustíme a potvrdíme,poté budete mít na ploše log kontrola.txt,ten mi sem prosím vložte

Re: Neskutečně zasekané a spomalené PC

Napsal: 24 zář 2011 22:05
od WiZARD_
All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ImagePath"|hex(2):"%systemroot%\system32\svchost.exe -k netsvcs" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ErrorControl"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ImagePath"|hex(2):"%systemroot%\system32\svchost.exe -k netsvcs" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ErrorControl"|dword:00000001 /E!
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 1123 bytes

User: All Users

User: Alů
->Flash cache emptied: 1018 bytes

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Viti

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 229376 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->FireFox cache emptied: 38728041 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Alů
->Temp folder emptied: 190115 bytes
->Temporary Internet Files folder emptied: 440246 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 70601674 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Viti

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13598 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 191637 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 105,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.28.0 log created on 09242011_230329

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Re: Neskutečně zasekané a spomalené PC

Napsal: 24 zář 2011 22:09
od WiZARD_
soubor kontrola.txt je prázdný

Re: Neskutečně zasekané a spomalené PC

Napsal: 24 zář 2011 23:01
od chodnik74
nepovedla se oprava..po první kroku SWReg jste počítač nerestartoval?

Zkuste znovu celý krok,počítač nesmíte restartovat :)

Re: Neskutečně zasekané a spomalené PC

Napsal: 25 zář 2011 11:01
od WiZARD_
Stále nic. Pořád pracuji v nouzovém režimu, není to chyba?
Všechny časy jsou v UTC+01:00
Stránka 3 z 8

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz