VIRY.CZ

Dobrý den,

prosím o radu, při spuštění jakékoliv instalované aplikace, mi napíše hlášku: "není platná aplikace typu Win32"

Nelze ani spusti RSIT pro vytvoření logu.

Děkuji za jakoukoliv pomoc

ahoj
pre zaciatok premenuj RSIT.exe na cudo.com a skus spustit

Přejmenoval, spustit sel, dal jsem test a hodilo to hlasku:

C:\Program files\trend micro\imac.exe
není platná aplikace typu Win32

a pak druhou:
Line 3601 (File"C:\documents and settings\imac\plocha(cudo.com"):
Error: Subscript used with non-Array variable

pak uz se nic dalsiho nedelo.

tak inac - skusime to s CF - premenuj ho na brekeke.com - ostatne podla navodu:
stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim


akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)

Dal jsem combo a probihal scan, po cca. 30min jsem zkusil pohnout mysi a nesla, tak jsem jeste chvili pockal a nic se nedelo, tak jsem PC restartoval. Po najeti Win se vse chova normalne a vse jde spustit. Zkusil jsem tedy dat RSIT, ale opet se objevila hlaska: Line 3601 (File"C:\documents and settings\imac\plocha(cudo.com"):
Error: Subscript used with non-Array variable

Dal jsem tedy znova Combo, ale system po chvili opet zamrzl. Takze opet restart a RSIT porad hlasi tu samou hlasku.

hlavne, ze nastal nejaky pokrok
stiahni a spust HijackThis - predtym ho premenuj napr. hj.com >> log vloz

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:49:09, on 25.3.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\AppleTimeSrv.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\IRW.exe
C:\Program Files\Apple Keyboard Support\KbdMgr.exe
C:\WINDOWS\system32\Brightness.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\TV IR\TV IR.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WRYKRYS\WRYKRYS.exe
C:\WRYKRYS\VKATBANF.EXE
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\imac\Plocha\hj.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOff ... &p2=5&p3=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IRW] C:\WINDOWS\system32\IRW.exe
O4 - HKLM\..\Run: [Apple_KbdMgr] "C:\Program Files\Apple Keyboard Support\KbdMgr.exe"
O4 - HKLM\..\Run: [Brightness] C:\WINDOWS\system32\Brightness.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TVPro Control] C:\Program Files\TV IR\TV IR.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\imac\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office Outlook 2007.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit poekladae - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Poeložit &oznaeený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Poeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5584094155
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} (Gif89 Lite Class) - http://192.168.32.106/xplugLite.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8FC8914-F323-4580-95C6-D02306B19604}: NameServer = 192.168.32.51
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Time Service (AppleTimeSrv) - Apple Inc. - C:\WINDOWS\system32\AppleTimeSrv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: OKI OPHC DCS Loader - Oki Data Corporation - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE
O23 - Service: PEVSystemStart - Unknown owner - C:\brekeke\PEV.cfxxe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

--
End of file - 9539 bytes

1. preventivne otestuj subor C:\WINDOWS\system32\IRW.exe na www.virustotal.com
2. prescanuj PC s MBAM

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: IRW.exe
Submission date: 2011-03-25 07:53:26 (UTC)
Current status: queued (#9) queued (#9) analysing finished


Result: 0/ 41 (0.0%)
VT Community

not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.03.23.01 2011.03.23 -
AntiVir 7.11.5.43 2011.03.23 -
Antiy-AVL 2.0.3.7 2011.03.22 -
Avast 4.8.1351.0 2011.03.23 -
Avast5 5.0.677.0 2011.03.23 -
AVG 10.0.0.1190 2011.03.23 -
BitDefender 7.2 2011.03.23 -
CAT-QuickHeal 11.00 2011.03.23 -
ClamAV 0.96.4.0 2011.03.23 -
Commtouch 5.2.11.5 2011.03.22 -
Comodo 8073 2011.03.23 -
DrWeb 5.0.2.03300 2011.03.23 -
eSafe 7.0.17.0 2011.03.22 -
eTrust-Vet 36.1.8231 2011.03.23 -
F-Prot 4.6.2.117 2011.03.22 -
F-Secure 9.0.16440.0 2011.03.23 -
Fortinet 4.2.254.0 2011.03.23 -
GData 21 2011.03.23 -
Ikarus T3.1.1.97.0 2011.03.23 -
Jiangmin 13.0.900 2011.03.23 -
K7AntiVirus 9.94.4188 2011.03.23 -
McAfee 5.400.0.1158 2011.03.23 -
McAfee-GW-Edition 2010.1C 2011.03.23 -
Microsoft 1.6603 2011.03.23 -
NOD32 5977 2011.03.23 -
Norman 6.07.03 2011.03.22 -
nProtect 2011-02-10.01 2011.02.15 -
Panda 10.0.3.5 2011.03.22 -
PCTools 7.0.3.5 2011.03.21 -
Prevx 3.0 2011.03.25 -
Rising 23.50.01.06 2011.03.22 -
Sophos 4.63.0 2011.03.23 -
SUPERAntiSpyware 4.40.0.1006 2011.03.23 -
Symantec 20101.3.0.103 2011.03.23 -
TheHacker 6.7.0.1.155 2011.03.23 -
TrendMicro 9.200.0.1012 2011.03.23 -
TrendMicro-HouseCall 9.200.0.1012 2011.03.23 -
VBA32 3.12.14.3 2011.03.23 -
VIPRE 8790 2011.03.23 -
ViRobot 2011.3.23.4372 2011.03.23 -
VirusBuster 13.6.264.0 2011.03.22 -
Additional informationShow all
MD5 : ac71a4692c95fcc29930e4839dba8cd8
SHA1 : cdcc870c2a17151ba99f0235f193834828c8cd80
SHA256: 97ab1842ed3498b4a26f65bb260130da0a496cd2df9965a9b370bde8f7f654fc
ssdeep: 768:9PqeH3SXb9+yV2QbYSnY9kRiiaEzklmE69ekEjBqVL5CJX59j:EeSLEuVbFekRoEzk4E6gk
OwlQ5t
File size : 106496 bytes
First seen: 2009-05-13 14:31:05
Last seen : 2011-03-25 07:53:26
TrID:
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
sigcheck:
publisher....: Apple Inc.
copyright....: Copyright (c) 2006-2007 Apple Inc. All Rights Reserved.
product......: Boot Camp
description..: IR Remote Application
original name: IRW.exe
internal name: IRW
file version.: 1.2.0.5
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x1C97
timedatestamp....: 0x45D11647 (Tue Feb 13 01:37:11 2007)
machinetype......: 0x14c (I386)

[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x72E4, 0x8000, 6.23, ebd98f4dabcf2266468cee6cb5119026
.rdata, 0x9000, 0x2006, 0x3000, 4.15, 73891128228eb5b638153e60c6911e71
.data, 0xC000, 0x1B5C, 0x1000, 2.11, a6d63f647567a4e10130f4098b77554c
.rsrc, 0xE000, 0xC170, 0xD000, 0.51, 9058c8050d7dec30086b1df5e99dfaa5

[[ 3 import(s) ]]
KERNEL32.dll: Process32FirstW, Process32NextW, GetLastError, WaitForMultipleObjects, CreateFileW, CreateEventW, DeviceIoControl, GetCurrentThreadId, CreateThread, TerminateThread, CloseHandle, CreateToolhelp32Snapshot, HeapSize, RtlUnwind, HeapReAlloc, VirtualAlloc, InitializeCriticalSection, LoadLibraryA, GetLocaleInfoA, Sleep, EnterCriticalSection, LeaveCriticalSection, GetStringTypeW, GetStringTypeA, LCMapStringW, WideCharToMultiByte, LCMapStringA, GetSystemTimeAsFileTime, GetCurrentProcessId, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, GetStartupInfoW, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage, GetModuleHandleA, GetProcAddress, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, GetModuleFileNameW, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetCommandLineW, SetHandleCount, GetFileType, GetStartupInfoA, DeleteCriticalSection, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount
USER32.dll: EndDialog, PostQuitMessage, EndPaint, BeginPaint, DefWindowProcW, DestroyWindow, DialogBoxParamW, UpdateWindow, ShowWindow, CreateWindowExW, RegisterClassExW, LoadCursorW, SetFocus, DispatchMessageW, SetForegroundWindow, TranslateMessage, AttachThreadInput, TranslateAcceleratorW, GetParent, GetMessageW, GetWindowThreadProcessId, GetForegroundWindow, MessageBoxW, LoadAcceleratorsW, LoadStringW, EnumWindows, LoadIconW
SHELL32.dll: ShellExecuteExW

ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 32768
CompanyName: Apple Inc.
EntryPoint: 0x1c97
FileDescription: IR Remote Application
FileFlagsMask: 0x0017
FileOS: Win32
FileSize: 104 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 1.2.0.5
FileVersionNumber: 1.2.0.5
ImageVersion: 0.0
InitializedDataSize: 73728
InternalName: IRW
LanguageCode: English (U.S.)
LegalCopyright: Copyright 2006-2007 Apple Inc. All Rights Reserved.
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
ObjectFileType: Executable application
OriginalFilename: IRW.exe
PEType: PE32
ProductName: Boot Camp
ProductVersion: 1.2 beta
ProductVersionNumber: 1.2.0.0
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2007:02:13 02:37:11+01:00
UninitializedDataSize: 0

Symantec reputation:Suspicious.Insight


VT Community









Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 6164

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

25.3.2011 9:05:48
mbam-log-2011-03-25 (09-05-45).txt

Typ kontroly: Rychlý test
Testované objekty: 150394
Uplynulý čas: 4 minut, 22 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\WINDOWS\svchost.com (Virus.Neshta) -> No action taken.

fiiiha, nechaj virus vymazat v MBAM - restart - zopakuj kontrolu - daj uplny scan - ak nic nenajde hotovo

Tak po 3,5h kontroly to shledalo jako ciste. PC funguje bez problemu.

Moc dekuji za velmi rychlou pomoc .

rado sa stalo
doporucujem doinstalovat ServicePack 3