Policejni vir, nejde nouzový režim s GUI (jen CMD)

[ViktorEyermann]

Dobrý den,

projel jsem forum a rovnou zasilám log z FRST, předem vám moc děkuju.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-06-2013
Ran by Administrator (administrator) on 07-06-2013 18:03:54
Running from G:\
Microsoft Windows XP Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947152 2013-01-27] (Microsoft Corporation)
Winlogon\Notify\TPSvc: TPSvc.dll [X]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [BrowserChoice] "C:\WINDOWS\system32\browserchoice.exe" /run [293376 2010-02-12] (Microsoft Corporation)
HKCU\...\Run: [ctfmon32.exe] C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe c:\docume~1\alluse~1\dataap~1\dor8je.dat,XFG00 [172032 2013-06-07] (?????????? ??????????)
HKU\misa\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\misa\...\Run: [ctfmon32.exe] C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe C:\DOCUME~1\ALLUSE~1\DATAAP~1\dor8je.dat,XFG00 [ 2013-06-07] (Microsoft Corporation)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
HKCU SearchScopes: DefaultScope {D8D23D42-07A1-4118-AF43-E0B498092B16} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
SearchScopes: HKCU - {D8D23D42-07A1-4118-AF43-E0B498092B16} URL = http://www.google.cz/search?q={searchTe ... {startPage}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
PDF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 5681465984
PDF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
PDF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
PDF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

========================== Services (Whitelisted) =================

S2 Ati HotKey Poller; C:\Windows\system32\Ati2evxx.exe [397312 2004-01-20] ()
S2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [135168 2003-09-12] (WIDCOMM, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.)
S2 winmgmt; C:\DOCUME~1\ALLUSE~1\DATAAP~1\dor8je.dat [172032 2013-06-07] (?????????? ??????????)
S2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

S3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [669696 2004-01-20] (ATI Technologies Inc.)
R0 BTKRNL; C:\Windows\System32\drivers\btkrnl.sys [1258138 2003-09-12] (WIDCOMM, Inc.)
S2 BTSERIAL; C:\WINDOWS\system32\drivers\btserial.sys [22183 2003-09-12] ()
S2 BTSLBCSP; C:\WINDOWS\system32\drivers\btslbcsp.sys [222876 2003-09-12] (WIDCOMM, Inc.)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [52888 2003-09-26] (WIDCOMM, Inc.)
S3 cmuda; C:\Windows\System32\drivers\cmuda.sys [1368000 2005-12-15] (C-Media Inc)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 MidiSyn; C:\Windows\System32\drivers\MidiSyn.sys [88960 2004-09-14] (Analog Devices, Inc.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
S1 MpKsl3b71f136; C:\Documents and Settings\All Users\Data aplikacÌ\Microsoft\Microsoft Antimalware\Definition Updates\{DCF71D95-34BC-4181-8B18-0C802DB53F08}\MpKsl3b71f136.sys [29904 2013-06-07] (Microsoft Corporation)
S3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)
R1 SBRE; C:\WINDOWS\system32\drivers\SBREdrv.sys [101112 2012-01-12] (GFI Software)
S3 senfilt; C:\Windows\System32\drivers\senfilt.sys [381056 2004-04-26] (Sensaura)
S3 SMCIRDA; C:\Windows\System32\DRIVERS\smcirda.sys [35913 2001-10-24] (SMC)
R0 viamraid; C:\Windows\System32\DRIVERS\viamraid.sys [60928 2005-04-26] (VIA Technologies inc,.ltd)
S3 w29n51; C:\Windows\System32\DRIVERS\w29n51.sys [2210048 2007-07-26] (IntelÆ Corporation)
R3 WBSD; C:\Windows\System32\Drivers\WBSD.SYS [26240 2003-05-06] (Winbond Electronics Corp.)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\DOCUME~1\misa\LOCALS~1\Temp\catchme.sys [x]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S3 WDICA; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\FRST
2013-06-07 17:57 - 2013-06-07 17:57 - 00000000 ____D C:\Windows\CSC
2013-05-14 21:49 - 2013-05-14 21:49 - 00011536 ____A C:\Windows\KB2829530-IE8.log
2013-05-14 21:45 - 2013-05-14 21:45 - 00006402 ____A C:\Windows\KB2820197.log
2013-05-14 21:45 - 2013-05-14 21:45 - 00005385 ____A C:\Windows\KB2847204-IE8.log
2013-05-14 21:45 - 2013-05-14 21:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-05-14 21:42 - 2013-05-14 21:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-05-14 19:18 - 2013-05-14 21:42 - 00009650 ____A C:\Windows\KB2829361.log
2013-05-10 15:36 - 2013-06-02 14:23 - 00000438 ___AH C:\Windows\Tasks\Norton Security Scan for misa.job
2013-05-10 15:36 - 2013-06-02 14:18 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-05-10 15:36 - 2013-05-10 15:36 - 00000000 ____D C:\Windows\System32\Drivers\NSS
2013-05-10 15:36 - 2013-05-10 15:36 - 00000000 ____D C:\Program Files\Norton Security Scan

==================== One Month Modified Files and Folders ========

2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\FRST
2013-06-07 18:02 - 2008-04-14 14:00 - 00012598 ____A C:\Windows\System32\wpa.dbl
2013-06-07 18:01 - 2009-10-16 13:22 - 00000062 __ASH C:\Documents and Settings\Administrator\Local Settings\desktop.ini
2013-06-07 18:00 - 2009-09-05 18:56 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2013-06-07 17:58 - 2009-10-16 13:22 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-06-07 17:58 - 2009-09-05 20:33 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikacÌ
2013-06-07 17:58 - 2009-09-05 18:49 - 01681870 ____A C:\Windows\WindowsUpdate.log
2013-06-07 17:57 - 2013-06-07 17:57 - 00000000 ____D C:\Windows\CSC
2013-06-07 17:57 - 2009-09-05 18:56 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2013-06-07 17:56 - 2011-07-10 08:48 - 00000178 __ASH C:\Documents and Settings\misa\ntuser.ini
2013-06-07 17:54 - 2012-12-22 20:54 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-07 17:54 - 2011-07-10 08:48 - 00000062 __ASH C:\Documents and Settings\misa\Local Settings\desktop.ini
2013-06-07 17:54 - 2009-09-05 20:38 - 00000157 ____A C:\Windows\wiadebug.log
2013-06-07 17:54 - 2009-09-05 20:38 - 00000048 ____A C:\Windows\wiaservc.log
2013-06-07 17:54 - 2009-09-05 18:56 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-07 17:26 - 2009-09-05 18:56 - 00032494 ____A C:\Windows\SchedLgU.Txt
2013-06-07 17:14 - 2012-12-22 20:54 - 00000936 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-07 15:46 - 2013-02-27 20:10 - 00000396 ___AH C:\Windows\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-06-04 21:44 - 2011-07-10 08:48 - 00000000 ___RD C:\Documents and Settings\misa\OblÌbenÈ poloûky
2013-06-02 14:23 - 2013-05-10 15:36 - 00000438 ___AH C:\Windows\Tasks\Norton Security Scan for misa.job
2013-06-02 14:18 - 2013-05-10 15:36 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-05-18 20:21 - 2011-07-10 08:48 - 00000000 ____D C:\Documents and Settings\misa\Plocha
2013-05-15 20:38 - 2009-10-16 10:29 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-15 20:33 - 2009-09-05 20:32 - 00135664 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-14 21:49 - 2013-05-14 21:49 - 00011536 ____A C:\Windows\KB2829530-IE8.log
2013-05-14 21:49 - 2012-06-05 21:18 - 00094848 ____A C:\Windows\msmqinst.log
2013-05-14 21:49 - 2009-10-16 10:54 - 00000000 ____D C:\Windows\ie8updates
2013-05-14 21:49 - 2009-10-16 10:42 - 00115761 ____A C:\Windows\updspapi.log
2013-05-14 21:49 - 2009-09-05 20:34 - 01617995 ____A C:\Windows\iis6.log
2013-05-14 21:49 - 2009-09-05 20:34 - 01439010 ____A C:\Windows\FaxSetup.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00709128 ____A C:\Windows\ocgen.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00670119 ____A C:\Windows\tsoc.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00488975 ____A C:\Windows\comsetup.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00296308 ____A C:\Windows\ntdtcsetup.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00253467 ____A C:\Windows\netfxocm.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00100324 ____A C:\Windows\MedCtrOC.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00089861 ____A C:\Windows\ocmsn.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00072824 ____A C:\Windows\tabletoc.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00072630 ____A C:\Windows\msgsocm.log
2013-05-14 21:49 - 2009-09-05 20:34 - 00001374 ____A C:\Windows\imsins.log
2013-05-14 21:48 - 2009-09-05 20:34 - 00980536 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-14 21:45 - 2013-05-14 21:45 - 00006402 ____A C:\Windows\KB2820197.log
2013-05-14 21:45 - 2013-05-14 21:45 - 00005385 ____A C:\Windows\KB2847204-IE8.log
2013-05-14 21:45 - 2013-05-14 21:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-05-14 21:45 - 2009-10-16 10:27 - 00000000 ___HD C:\Windows\$hf_mig$
2013-05-14 21:45 - 2009-09-05 20:34 - 00001374 ____A C:\Windows\imsins.BAK
2013-05-14 21:42 - 2013-05-14 21:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-05-14 21:42 - 2013-05-14 19:18 - 00009650 ____A C:\Windows\KB2829361.log
2013-05-14 21:42 - 2009-10-16 10:52 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-10 22:50 - 2009-09-05 20:33 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-05-10 15:36 - 2013-05-10 15:36 - 00000000 ____D C:\Windows\System32\Drivers\NSS
2013-05-10 15:36 - 2013-05-10 15:36 - 00000000 ____D C:\Program Files\Norton Security Scan
2013-05-10 15:26 - 2009-09-05 18:48 - 00000000 ____D C:\Windows\System32\Macromed

ZeroAccess:
C:\Windows\Installer\{1c9aba7d-eeeb-3764-d7bb-06f6a81f500e}
C:\Windows\Installer\{1c9aba7d-eeeb-3764-d7bb-06f6a81f500e}\L
C:\Windows\Installer\{1c9aba7d-eeeb-3764-d7bb-06f6a81f500e}\U

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 14:00] - [2008-04-14 14:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

[vyosek]

Zdravim

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  HKCU\...\Run: [ctfmon32.exe] C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe c:\docume~1\alluse~1\dataap~1\dor8je.dat,XFG00 [172032 2013-06-07] (?????????? ??????????)
  C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe c:\docume~1\alluse~1\dataap~1\dor8je.dat,XFG00
  HKU\misa\...\Run: [ctfmon32.exe] C:\DOCUME~1\ALLUSE~1\DATAAP~1\rundll32.exe C:\DOCUME~1\ALLUSE~1\DATAAP~1\dor8je.dat,XFG00 [ 2013-06-07] (Microsoft Corporation)
  SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  HKCU SearchScopes: DefaultScope {D8D23D42-07A1-4118-AF43-E0B498092B16} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
  SearchScopes: HKCU - {D8D23D42-07A1-4118-AF43-E0B498092B16} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  S2 winmgmt; C:\DOCUME~1\ALLUSE~1\DATAAP~1\dor8je.dat
  C:\DOCUME~1\ALLUSE~1\DATAAP~1\dor8je.dat
  S4 Abiosdsk; No ImagePath
  S4 abp480n5; No ImagePath
  S4 adpu160m; No ImagePath
  S4 Aha154x; No ImagePath
  S4 aic78u2; No ImagePath
  S4 aic78xx; No ImagePath
  S4 AliIde; No ImagePath
  S4 amsint; No ImagePath
  S4 asc; No ImagePath
  S4 asc3350p; No ImagePath
  S4 asc3550; No ImagePath
  S4 Atdisk; No ImagePath
  S3 catchme; \??\C:\DOCUME~1\misa\LOCALS~1\Temp\catchme.sys [x]
  S4 cd20xrnt; No ImagePath
  S1 Changer; No ImagePath
  S4 CmdIde; No ImagePath
  S4 Cpqarray; No ImagePath
  U4 dac2w2k; No ImagePath
  S4 dac960nt; No ImagePath
  S4 dpti2o; No ImagePath
  S4 hpn; No ImagePath
  S1 i2omgmt; No ImagePath
  S4 i2omp; No ImagePath
  S4 ini910u; No ImagePath
  S1 lbrtfdc; No ImagePath
  S4 mraid35x; No ImagePath
  S1 PCIDump; No ImagePath
  S3 PDCOMP; No ImagePath
  S3 PDFRAME; No ImagePath
  S3 PDRELI; No ImagePath
  S3 PDRFRAME; No ImagePath
  S4 perc2; No ImagePath
  S4 perc2hib; No ImagePath
  S4 ql1080; No ImagePath
  S4 Ql10wnt; No ImagePath
  S4 ql12160; No ImagePath
  S4 ql1240; No ImagePath
  S4 ql1280; No ImagePath
  S4 Simbad; No ImagePath
  S4 Sparrow; No ImagePath
  S4 symc810; No ImagePath
  S4 symc8xx; No ImagePath
  S4 sym_hi; No ImagePath
  S4 sym_u3; No ImagePath
  S4 TosIde; No ImagePath
  S4 ultra; No ImagePath
  S3 WDICA; No ImagePath
  C:\Windows\Installer\{1c9aba7d-eeeb-3764-d7bb-06f6a81f500e}
  C:\Windows\Installer\{1c9aba7d-eeeb-3764-d7bb-06f6a81f500e}\L
  C:\Windows\Installer\{1c9aba7d-eeeb-3764-d7bb-06f6a81f500e}\U
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny log na flashku k FRST

Spustte znovu FRST.exe na tom poskozenem PC

• Kliknete na Fix
• Probehne oprava a na flash disku se vytvori log Fixlog.txt

Pokuste se nastartovat do bezneho rezimu

[ViktorEyermann]

Start do běžného režimu zase ukázal vir,

mám opakovat test přes FRST?

-FIXlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-06-2013
Ran by Administrator at 2013-06-07 18:37:49 Run:1
Running from G:\
Boot Mode: Safe Mode (minimal)

==============================================

HKU\\cb3 HKU\\misa\\...\\Run: [ctfmon32.exe] C:\\DOCUME~1\\ALLUSE~1\\DATAAP~1\\rundll32.exe C:\\DOCUME~1\\ALLUSE~1\\DATAAP~1\\dor8je.dat,XFG00 [ 2013-06-07] (Microsoft Corporation)\cb1 \\Software\Microsoft\Windows\CurrentVersion\Run\\\cb3 ctfmon32.exe => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A\} => Key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A\} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A\} => Key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A\} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D8D23D42-07A1-4118-AF43-E0B498092B16\} => Key not found.
HKCR\CLSID\{D8D23D42-07A1-4118-AF43-E0B498092B16\} => Key not found.
\cb3 winmgmt => Service not found.
\cb3 Abiosdsk => Service not found.
\cb3 abp480n5 => Service not found.
\cb3 adpu160m => Service not found.
\cb3 Aha154x => Service not found.
\cb3 aic78u2 => Service not found.
\cb3 aic78xx => Service not found.
\cb3 AliIde => Service not found.
\cb3 amsint => Service not found.
\cb3 asc => Service not found.
\cb3 asc3350p => Service not found.
\cb3 asc3550 => Service not found.
\cb3 Atdisk => Service not found.
\cb3 catchme => Service not found.
\cb3 cd20xrnt => Service not found.
\cb3 Changer => Service not found.
\cb3 CmdIde => Service not found.
\cb3 Cpqarray => Service not found.
\cb3 dac2w2k => Service not found.
\cb3 dac960nt => Service not found.
\cb3 dpti2o => Service not found.
\cb3 hpn => Service not found.
\cb3 i2omgmt => Service not found.
\cb3 i2omp => Service not found.
\cb3 ini910u => Service not found.
\cb3 lbrtfdc => Service not found.
\cb3 mraid35x => Service not found.
\cb3 PCIDump => Service not found.
\cb3 PDCOMP => Service not found.
\cb3 PDFRAME => Service not found.
\cb3 PDRELI => Service not found.
\cb3 PDRFRAME => Service not found.
\cb3 perc2 => Service not found.
\cb3 perc2hib => Service not found.
\cb3 ql1080 => Service not found.
\cb3 Ql10wnt => Service not found.
\cb3 ql12160 => Service not found.
\cb3 ql1240 => Service not found.
\cb3 ql1280 => Service not found.
\cb3 Simbad => Service not found.
\cb3 Sparrow => Service not found.
\cb3 symc810 => Service not found.
\cb3 symc8xx => Service not found.
\cb3 sym_hi => Service not found.
\cb3 sym_u3 => Service not found.
\cb3 TosIde => Service not found.
\cb3 ultra => Service not found.
\cb3 WDICA => Service not found.

==== End of Fixlog ====

[vyosek]

Na zdravem PC stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ulozte na nejaky flash disk, primo na jeho koren

Na poskozenem PC nabootujte Nouzovy rezim s prikazovym radkem MS-DOS

Ted provedeme mazani

• Zadejte prikaz G:\RogueKiller.exe a odenterujte
• Spusti se RogueKiller
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava

Pokuste se nastartovat do bezneho rezimu


Pro nezajem resit tema na zaklade Pravidla o zamykani temat