"Policejní virus" :-)

Zpráva

SuD ml · #1 Příspěvek od **SuD ml** » 14 dub 2014 20:22

Dobrý večer,

dostal se ke mě notebook s Win7 a když naběhne systém tak se místo plochy objeví ona známá tapeta o zaplacení určité částky.
Měl jsem tento problém na XP a s Vaší pomocí jsem se ho bez problémů zbavil,ale zde bohužel nemůžu do notebooku nic nainstalovat aby jsem mohl zaslat logy.Prostě se nedostanu nikam.
Když při bootování dám stav nouze tak proběhne restart.

Nevěděl by někdo jak na tenhle "druh"

?

#2 Příspěvek od **Rudy** » 14 dub 2014 20:42

Zdravím!
Zkuste toto: http://forum.viry.cz/viewtopic.php?f=24&t=130783 .

SuD ml · #3 Příspěvek od **SuD ml** » 14 dub 2014 21:31

Tak povedlo se.
Zde log z FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by lubos (administrator) on LUBOS-PC on 14-04-2014 22:01:53
Running from C:\Users\lubos\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Essentials\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\system32\DeviceDisplayObjectProvider.exe
(U3 LLC) C:\Users\lubos\AppData\Roaming\U3\453082163811618C\LaunchPad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSSE] => c:\Program Files\Microsoft Security Essentials\msseces.exe [1448568 2010-09-15] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [162328 2011-02-11] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [386584 2011-02-11] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [417304 2011-02-11] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-4189299555-548978827-3029997808-1000\...\MountPoints2: {f4eae9b3-c404-11e3-9d7e-002454ea2d01} - F:\LaunchU3.exe -a
Startup: C:\Users\lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gafah1.lnk
ShortcutTarget: gafah1.lnk -> C:\ProgramData\2992199F9A\1hafag.cpp (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

==================== Services (Whitelisted) =================

R2 MsMpSvc; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [17424 2010-03-25] (Microsoft Corporation)
S2 Winmgmt; C:\ProgramData\2992199F9A\gafah1.faa [332036 2014-04-06] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [173984 2010-03-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-14 22:01 - 2014-04-14 22:02 - 00004711 _____ () C:\Users\lubos\Desktop\FRST.txt
2014-04-14 22:00 - 2014-04-14 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\lubos\Desktop\FRSTLauncher.exe
2014-04-14 22:00 - 2014-04-14 20:57 - 02054144 _____ (Farbar) C:\Users\lubos\Desktop\FRST64.exe
2014-04-14 21:59 - 2014-04-14 22:01 - 00000000 ____D () C:\FRST
2014-04-14 21:59 - 2014-04-14 21:59 - 00000000 ____D () C:\Users\lubos\AppData\Roaming\U3
2014-04-06 06:18 - 2014-04-14 21:46 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-03-23 11:50 - 2014-03-23 11:50 - 00000000 ____D () C:\Users\lubos\Desktop\Nová složka
2014-03-23 11:41 - 2014-03-23 11:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

2014-04-14 22:02 - 2014-04-14 22:01 - 00004711 _____ () C:\Users\lubos\Desktop\FRST.txt
2014-04-14 22:01 - 2014-04-14 21:59 - 00000000 ____D () C:\FRST
2014-04-14 22:01 - 2013-10-07 12:21 - 01418650 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 21:59 - 2014-04-14 21:59 - 00000000 ____D () C:\Users\lubos\AppData\Roaming\U3
2014-04-14 21:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-14 21:46 - 2014-04-06 06:18 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-04-14 21:21 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 21:21 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-14 21:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 21:14 - 2009-07-14 06:51 - 00041008 _____ () C:\Windows\setupact.log
2014-04-14 20:58 - 2014-04-14 22:00 - 00112640 _____ (forum.viry.cz) C:\Users\lubos\Desktop\FRSTLauncher.exe
2014-04-14 20:57 - 2014-04-14 22:00 - 02054144 _____ (Farbar) C:\Users\lubos\Desktop\FRST64.exe
2014-04-06 06:18 - 2013-10-07 12:29 - 00000000 ___RD () C:\Users\lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 10:33 - 2011-04-12 10:34 - 00622660 _____ () C:\Windows\system32\perfh005.dat
2014-04-05 10:33 - 2011-04-12 10:34 - 00118810 _____ () C:\Windows\system32\perfc005.dat
2014-04-05 10:33 - 2009-07-14 07:13 - 01445734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-23 11:50 - 2014-03-23 11:50 - 00000000 ____D () C:\Users\lubos\Desktop\Nová složka
2014-03-23 11:41 - 2014-03-23 11:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-23 00:36 - 2009-07-14 07:08 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-19 07:06 - 2013-10-07 15:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 07:05 - 2013-10-07 15:06 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\lubos\AppData\Local\Temp\ExPromo.exe
C:\Users\lubos\AppData\Local\Temp\mUN5.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-04 08:02

==================== End Of Log ============================

#4 Příspěvek od **Rudy** » 14 dub 2014 21:39

Otevřte poznámkový blok a zkopírujte do něj:

Start
Startup: C:\Users\lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gafah1.lnk
C:\Users\lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gafah1.lnk
HKU\S-1-5-21-4189299555-548978827-3029997808-1000\...\MountPoints2: {f4eae9b3-c404-11e3-9d7e-002454ea2d01} - F:\LaunchU3.exe -a
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
C:\ProgramData\2992199F9A\gafah1.faa
S2 Winmgmt; C:\ProgramData\2992199F9A\gafah1.faa [332036 2014-04-06] (Microsoft Corporation)
C:\Users\lubos\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

SuD ml · #5 Příspěvek od **SuD ml** » 14 dub 2014 21:46

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2014
Ran by lubos at 2014-04-14 22:43:30 Run:1
Running from C:\Users\lubos\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
Startup: C:\Users\lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gafah1.lnk
C:\Users\lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gafah1.lnk
HKU\S-1-5-21-4189299555-548978827-3029997808-1000\...\MountPoints2: {f4eae9b3-c404-11e3-9d7e-002454ea2d01} - F:\LaunchU3.exe -a
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
C:\ProgramData\2992199F9A\gafah1.faa
S2 Winmgmt; C:\ProgramData\2992199F9A\gafah1.faa [332036 2014-04-06] (Microsoft Corporation)
C:\Users\lubos\AppData\Local\Temp
End
*****************

C:\Users\lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gafah1.lnk => Moved successfully.
"C:\Users\lubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\gafah1.lnk" => File/Directory not found.
HKU\S-1-5-21-4189299555-548978827-3029997808-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4eae9b3-c404-11e3-9d7e-002454ea2d01} => Key deleted successfully.
HKCR\CLSID\{f4eae9b3-c404-11e3-9d7e-002454ea2d01} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
C:\ProgramData\2992199F9A\gafah1.faa => Moved successfully.
Winmgmt => Service restored successfully.

"C:\Users\lubos\AppData\Local\Temp" directory move:

C:\Users\lubos\AppData\Local\Temp\1639E343-DC4F-4A24-B9B3-297FA096B86B.Diagnose.Admin.0.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\2FF51933-576B-49AC-A846-2EE587B5E8E9.Diagnose.Admin.0.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\2FF51933-576B-49AC-A846-2EE587B5E8E9.Repair.Admin.1.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\5EFE4E7F-973D-442A-8C69-746202535C0E.Diagnose.Admin.0.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\74CDD147-633E-4BEF-A9AB-1ECB0BA573E3.Repair.Admin.1.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\74CDD147-633E-4BEF-A9AB-1ECB0BA573E3.Verify.Admin.2.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\AdobeSFX.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\B105A3BF-0FA1-4D45-9EB0-AE70992F2B90.Diagnose.Admin.0.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\B105A3BF-0FA1-4D45-9EB0-AE70992F2B90.Repair.Admin.1.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\CBA2D040-6794-4A49-B0F6-BB56F63DB91E.Diagnose.Admin.0.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\CBA2D040-6794-4A49-B0F6-BB56F63DB91E.Repair.Admin.1.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\CBA2D040-6794-4A49-B0F6-BB56F63DB91E.Verify.Admin.2.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\datF50.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\DMIF93C.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\EA4ED557-FADB-485E-A801-B1E94E452BF3.Diagnose.Admin.3.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\EE16E849-8ECB-4C47-9011-70723AFF6F9D.Diagnose.Admin.0.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\EE16E849-8ECB-4C47-9011-70723AFF6F9D.Verify.Admin.2.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\ExPromo.exe => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\F9991751-9593-4BC1-97F2-BB9386465545.Diagnose.Admin.0.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\F9991751-9593-4BC1-97F2-BB9386465545.Repair.Admin.1.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\F9991751-9593-4BC1-97F2-BB9386465545.Verify.Admin.2.etl => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\fla1CA1.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\fla1FCD.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\fla3B4A.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\fla7C7C.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\fla86AB.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\flaA965.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\flaA9C3.tmp => Moved successfully.
Could not move "C:\Users\lubos\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\lubos\AppData\Local\Temp\gomtemp.smi => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\java_install_sp.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\lubos.bmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\mUN5.dll => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\RDFF26.tmp => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\Silverlight0.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\SilverlightMSI.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\U3Launcher.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog02.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog03.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog04.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog05.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog06.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog07.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog08.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog09.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog10.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog11.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog12.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog13.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog14.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog15.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog16.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog17.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog18.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmplog19.sqm => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF12AEF013E89ABE9B.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF1936D08CF65C48B3.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF31FEC7861F466E60.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF3781A2633ED320FF.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF3931AD453E305ADD.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF431A4DDC46AF8A10.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF4DA414BCD78AAD3E.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF5FACD4B3CB6682A7.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF61BA9B40DFD28665.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF7A30EECF2E933F87.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF7D6A2D203537798A.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF8537C414A5CF336B.TMP => Moved successfully.
Could not move "C:\Users\lubos\AppData\Local\Temp\~DF8F04F784DE3EE76A.TMP" => Scheduled to move on reboot.
C:\Users\lubos\AppData\Local\Temp\~DF9364374A00CF3935.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF956A24B145A36718.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFA16C02DC5B91434A.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFA8CA83852A7CE6A9.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFAE4EDF51D1A604F9.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFB74A7BC542F2C673.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFC2CFD5B956DBE0F7.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFC33D1906BF609599.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFC7D6B16E2B2678E3.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFC874E413BA18D02F.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFCDCBC2E213444E34.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFD28973A3B4546ED0.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFD536D00F6210C8CF.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFD8CBA5017151353C.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFDC91C84FEB3AB924.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DFFA82CA67C4AEECE8.TMP => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\amloc-cs-cz.msi => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\eula.rtf => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\mp_ambits.msi => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\msse.msi => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\MSSEUpdateInstall-amd64fre-CS-CZ-vista-Win7.exe => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\setup.exe => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\setup.ini => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\setupres.dll => Moved successfully.
C:\Users\lubos\AppData\Local\Temp\{ACE89D70-91C3-4D2F-8F08-AFD34F71E75E}\UpdateCache\cs-cz\setupres.dll.mui => Moved successfully.
Could not move "C:\Users\lubos\AppData\Local\Temp" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-14 22:44:31)<=

C:\Users\lubos\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\lubos\AppData\Local\Temp\~DF8F04F784DE3EE76A.TMP => Is moved successfully.
C:\Users\lubos\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

SuD ml · #6 Příspěvek od **SuD ml** » 15 dub 2014 15:07

Dobrý den,
Ntb nabíhá normálně,již se nezobrazuje ten "nesmysl"

a běží vcelku v pořádku.
Je ještě nutné to něčím projet nebo je to vše ?

#7 Příspěvek od **Rudy** » 15 dub 2014 18:19

Pokud vše funguje normálně, není třeba.

SuD ml · #8 Příspěvek od **SuD ml** » 16 dub 2014 05:37

Mnohokrát děkuji za pomoc.

Přeji pěkný den.

#9 Příspěvek od **Rudy** » 16 dub 2014 17:56

Hezký den i vám a nemáte zač!

VIRY.CZ

"Policejní virus" :-)

"Policejní virus" :-)

Re: "Policejní virus" :-)

Re: "Policejní virus" :-)

Re: "Policejní virus" :-)

Re: "Policejní virus" :-)

Re: "Policejní virus" :-)

Re: "Policejní virus" :-)

Re: "Policejní virus" :-)

Re: "Policejní virus" :-)