VIRY.CZ

Zdravím , Mam dva problémy ,které bych potřeboval vyřešit.

1.Problém je ,že nemůžu Nainstalovat programy.Píše mi to : Instalace selhala kód 1601,služba Windows Instalater není dostupná.

2.Problém je ,že mam Avast a Spyware Terminator a oba tyto antiviry jsou zastaveny tudíž nemůžu spustit kontrolu souboru.

Byl bych rád kdyby mi někdo pomohl tyto problémy vyřešit.

1. Stáhněte a nainstalujte: http://www.slunecnice.cz/sw/windows-installer/ .
2. Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .

1.Stáhnul jsem to ale pořád dokola mi to píše Soubor c:\windows\system32\msiexec.exe je otevřen nebo používán jinou aplikací.

2. Logfile of random's system information tool 1.08 (written by random/random)
Run by rodina at 2010-10-10 18:31:09
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 6 GB (8%) free of 80 GB
Total RAM: 2046 MB (58% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-2052111302-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-2052111302-839522115-1003UA.job
C:\WINDOWS\tasks\Install_NSS.job
C:\WINDOWS\tasks\NSSstub.job
C:\WINDOWS\tasks\PCConfidential.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll [2005-04-13 327748]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2007-10-05 1136640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF}]
PCCBHO.CPCCBHO - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll [2008-04-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\rodina\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-07-26 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\rodina\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-07-26 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\YouTube Downloader Toolbar\SearchSettings.dll [2010-02-19 1109504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll [2010-02-19 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\HyperCam Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll [2005-04-13 327748]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2007-10-05 1136640]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll [2010-02-19 700416]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - HyperCam Toolbar - C:\Program Files\HyperCam Toolbar\tbcore3.dll [2010-02-16 2495488]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-10-04 1049912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"36X Raid Configurer"=C:\WINDOWS\System32\JMRaidSetup.exe [2007-02-06 1953792]
"EPSON Stylus DX4000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-12 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-09-19 1783808]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
"Make A Voozie"=C:\Documents and Settings\All Users\Data aplikací\Make A Voozie\VoozieMaker.exe [2008-02-20 64000]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-04-27 282624]
"SearchSettings"=C:\Program Files\YouTube Downloader Toolbar\SearchSettings.exe [2010-02-19 974848]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-01-07 495616]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-09-07 1871872]
"Google Update"=C:\Documents and Settings\rodina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-06-29 136176]
"QIP Internet Guardian"=C:\Documents and Settings\rodina\Data aplikací\QipGuard\QipGuard.exe [2010-07-26 190928]
"Infium"=C:\Program Files\QIP 2010\qip.exe [2010-07-26 5841360]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-08-22 133432]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Documents and Settings\rodina\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Advent.lnk - C:\Documents and Settings\rodina\Local Settings\Temp\Rar$EX03.047\Advent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-09-30 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 183808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=C:\WINDOWS\system32\lsass.exe [2004-08-18 13312]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:Orb"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ Library"
"D:\Hry\Valve\hl.exe"="D:\Hry\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Hry\Counter-Strike Source\hl2.exe"="D:\Hry\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Hry\Valve\hlds.exe"="D:\Hry\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Counter-Strike Source\srcds.exe"="C:\Program Files\Counter-Strike Source\srcds.exe:*:Enabled:srcds"
"D:\Hry\Metin 2\metin2.bin"="D:\Hry\Metin 2\metin2.bin:*:Enabled:metin2"
"D:\Hry\GOTCHA!\Gotcha.exe"="D:\Hry\GOTCHA!\Gotcha.exe:*:Enabled:Gotcha!"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"D:\Hry\SecondLife\SLVoice.exe"="D:\Hry\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"D:\Hry\Warcraft III\Warcraft III.exe"="D:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\WINCMD\WINCMD32.EXE"="C:\Program Files\WINCMD\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows"
"C:\Documents and Settings\rodina\Plocha\pokemon\Pokemon Game.exe"="C:\Documents and Settings\rodina\Plocha\pokemon\Pokemon Game.exe:*:Enabled:Pokemon Game"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\rodina\Plocha\Pokemon_World_Online_9021\Pokemon Game.exe"="C:\Documents and Settings\rodina\Plocha\Pokemon_World_Online_9021\Pokemon Game.exe:*:Enabled:Pokemon Game"
"D:\Hry\Worms 4 totální nařez\Worms 4 Mayhem.exe"="D:\Hry\Worms 4 totální nařez\Worms 4 Mayhem.exe:*:Enabled:Worms 4 Mayhem"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Hry\Valve\Steam\Steam.exe"="D:\Hry\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\Hry\EA GAMES\Battlefield 2\BF2.exe"="D:\Hry\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 months======

2010-10-10 18:31:09 ----D---- C:\rsit
2010-10-10 18:31:09 ----D---- C:\Program Files\trend micro
2010-10-09 22:06:11 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-10-09 22:06:11 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-10-09 22:06:10 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-10-09 22:06:09 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-10-09 22:06:08 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-10-09 22:06:08 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-10-09 22:06:08 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-10-09 22:05:57 -

Dejte ještě log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Omlouvám se ale píše mi to přístup Odepřen.

krymat píše:Omlouvám se ale píše mi to přístup Odepřen.

Tomu nerozumím. Jako na odkaz ke stažení, nebo při spuštění?

Jako při spuštění.Spustím to a napíše mi to přístup odepřen a to je vše.

Zkuste to v nouzovém režimu. Účet, ve kterém CF spouštíte, musí mít práva admina. Pokud by to nešlo ani potom, soubor CF přejmenujte třeba na cokoli.com . Případně udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 .