VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

policejní vir

https://forum.viry.cz:443/viewtopic.php?t=136981

Stránka 1 z 1

policejní vir

Napsal: 20 bře 2014 20:36
od xmartinmx
ahoj, objevil se mi v počítači policejní vir.Projel jsem to s Nortonem...zatím vypadá, že je to ok, ale přesto prosím o kontrolu. díky moc!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Administrator (administrator) on LEHOVEC-AMD13 on 20-03-2014 20:33:02
Running from E:\
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13529088 2008-05-16] (NVIDIA Corporation)
HKLM\...\Run: [Control Center] - C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [1569280 2004-11-01] (ASUSTeK COMPUTER INC.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [gemstrmw] - C:\WINDOWS\system32\gemstrmw.exe [24576 2003-08-29] (Gemplus)
HKLM\...\Run: [Samsung PanelMgr] - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [507904 2007-01-22] ()
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [86016 2008-05-16] (NVIDIA Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20145368 2013-06-24] (Realtek Semiconductor Corp.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\forteManager.lnk
ShortcutTarget: forteManager.lnk -> C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe ()

==================== Internet (Whitelisted) ====================

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
DPF: {00000000-0000-0000-0000-123456789012} https://bezpecne.podani.gov.cz/ClientOb ... rNET35.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} https://ib24.csob.cz/Comp/IcaSignerCZ.cab
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 9985984127
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA} http://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

========================== Services (Whitelisted) =================

S2 AMD_RAIDXpert; C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe [131320 2012-03-15] (AMD)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-03] ()
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-16] (Oracle Corporation)
S2 NIS; C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [9096 2007-10-12] (Advanced Micro Devices)
S2 aslm75; C:\WINDOWS\system32\drivers\aslm75.sys [6272 1997-04-22] ()
S3 ASNDIS5; C:\WINDOWS\system32\ASNDIS5.SYS [16269 2002-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
S1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2014-02-14] (Symantec Corporation)
S1 ccHP; C:\WINDOWS\system32\drivers\NIS\1109000.00C\ccHPx86.sys [485512 2011-08-04] (Symantec Corporation)
R3 DumaNT; C:\WINDOWS\system32\Drivers\DumaNT.sys [333696 2003-05-02] (NVIDIA Corporation)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-03-05] (Symantec Corporation)
S3 EL90Xbc; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [74338 2002-08-13] (3Com Corporation)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2014-03-05] (Symantec Corporation)
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 GEMPC430; C:\WINDOWS\System32\DRIVERS\grclass.sys [82304 2001-08-17] (Gemplus)
S3 genmcmnUSB; C:\WINDOWS\System32\DRIVERS\gflmouhid.sys [6656 2004-04-19] ()
S3 GTwinUSB; C:\WINDOWS\System32\Drivers\GTwinUSB.sys [61776 2002-10-04] (Gemplus)
R0 hotcore3; C:\WINDOWS\System32\DRIVERS\hotcore3.sys [40464 2008-06-28] (Paragon Software Group)
S3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20140319.001\IDSxpx86.sys [383128 2014-02-25] (Symantec Corporation)
S3 LGDDCDevice; C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2008-03-27] ()
S3 LGII2CDevice; C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [13312 2008-03-27] ()
S2 MDC8021X; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [15781 2008-12-22] (Meetinghouse Data Communications)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20140320.001\NAVENG.SYS [93272 2014-03-05] (Symantec Corporation)
S3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20140320.001\NAVEX15.SYS [1612376 2014-03-05] (Symantec Corporation)
S3 NtApm; C:\WINDOWS\System32\DRIVERS\NtApm.sys [9344 2001-08-17] (Microsoft Corporation)
S3 nvax; C:\WINDOWS\System32\drivers\nvax.sys [48640 2004-05-25] (NVIDIA Corporation)
S3 NVENET; C:\WINDOWS\System32\DRIVERS\NVENET.sys [80896 2002-09-23] (NVIDIA Corporation)
S3 nvnforce; C:\WINDOWS\System32\drivers\nvapu.sys [396032 2004-05-25] (NVIDIA Corporation)
R0 nv_agp; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [13568 2002-09-06] (NVIDIA Corporation)
S3 RT2500USB; C:\WINDOWS\System32\DRIVERS\rt2500usb.sys [245376 2005-10-18] (Ralink Technology Inc.)
R0 si3112r; C:\WINDOWS\System32\drivers\si3112r.sys [116264 2007-08-29] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [19240 2007-08-29] (Silicon Image, Inc)
S1 SRTSP; C:\WINDOWS\System32\Drivers\NIS\1109000.00C\SRTSP.SYS [325680 2010-04-22] (Symantec Corporation)
S1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1109000.00C\SRTSPX.SYS [43696 2010-04-22] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\NIS\1109000.00C\SYMDS.SYS [328752 2009-11-05] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1109000.00C\SYMEFA.SYS [173176 2011-08-22] (Symantec Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124976 2009-11-26] (Symantec Corporation)
S1 SymIRON; C:\WINDOWS\system32\drivers\NIS\1109000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)
S1 SYMTDI; C:\WINDOWS\System32\Drivers\NIS\1109000.00C\SYMTDI.SYS [362360 2011-08-22] (Symantec Corporation)
S2 TBPanel; C:\WINDOWS\system32\Drivers\TBPanel.sys [5306 2002-07-25] (Windows (R) 2000 DDK provider)
S1 UimBus; C:\WINDOWS\System32\DRIVERS\UimBus.sys [33072 2008-06-28] (Paragon Software Group)
S1 Uim_IM; C:\WINDOWS\System32\Drivers\Uim_IM.sys [130688 2008-06-28] (Paragon Software Group)
S4 ACPI; No ImagePath
S4 ACPIEC; No ImagePath
S3 ASUSHWIO; \??\C:\WINDOWS\system32\drivers\ASUSHWIO.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-20 20:32 - 2014-03-20 20:33 - 00000000 ____D () C:\FRST
2014-03-20 20:31 - 2014-03-20 20:31 - 00000020 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-03-20 20:31 - 2014-03-20 20:31 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-03-20 20:31 - 2013-11-07 19:54 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2014-03-20 20:31 - 2009-10-14 22:07 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
2014-03-20 20:31 - 2008-12-22 21:10 - 00001599 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2014-03-20 20:31 - 2008-12-22 21:10 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-03-20 20:31 - 2008-12-22 21:10 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2014-03-20 20:01 - 2014-03-20 20:02 - 00003675 _____ () C:\WINDOWS\KB2929961.log
2014-03-20 20:00 - 2014-03-20 20:02 - 00004242 _____ () C:\WINDOWS\KB2930275.log
2014-03-20 20:00 - 2014-03-20 20:00 - 00000000 ____D () C:\WINDOWS\LastGood
2014-03-20 19:15 - 2014-03-20 19:15 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-20 19:15 - 2014-03-20 19:15 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-18 23:01 - 2014-03-18 23:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-18 23:00 - 2014-03-18 23:01 - 00004121 _____ () C:\WINDOWS\KB2934207.log
2014-03-18 20:46 - 2014-02-26 02:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-18 20:46 - 2014-02-26 02:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-03-03 22:35 - 2014-03-03 22:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-03-03 22:29 - 2014-03-03 22:30 - 00011125 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-03-03 22:28 - 2014-03-03 22:29 - 00004195 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-03-03 22:19 - 2014-03-03 22:35 - 00013121 _____ () C:\WINDOWS\KB2916036.log
2014-03-02 20:59 - 2014-03-02 20:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-03-02 20:58 - 2014-03-02 20:59 - 00004405 _____ () C:\WINDOWS\KB2914368.log

==================== One Month Modified Files and Folders =======

2014-03-20 20:33 - 2014-03-20 20:32 - 00000000 ____D () C:\FRST
2014-03-20 20:31 - 2014-03-20 20:31 - 00000020 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-03-20 20:31 - 2014-03-20 20:31 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-03-20 20:31 - 2006-02-28 13:00 - 00001374 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-20 20:28 - 2008-12-22 21:08 - 01095346 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-20 20:27 - 2013-11-24 23:51 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-03-20 20:27 - 2008-12-22 21:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-20 20:27 - 2008-12-22 21:14 - 00032524 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-20 20:27 - 2008-12-22 20:59 - 00000216 _____ () C:\WINDOWS\wiadebug.log
2014-03-20 20:23 - 2009-12-13 21:15 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F9BA3DFB-D4B7-43AD-AD3E-A7E662C01879}.job
2014-03-20 20:15 - 2002-01-01 00:13 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-113007714-854245398-1003UA.job
2014-03-20 20:02 - 2014-03-20 20:01 - 00003675 _____ () C:\WINDOWS\KB2929961.log
2014-03-20 20:02 - 2014-03-20 20:00 - 00004242 _____ () C:\WINDOWS\KB2930275.log
2014-03-20 20:00 - 2014-03-20 20:00 - 00000000 ____D () C:\WINDOWS\LastGood
2014-03-20 19:36 - 2013-08-27 21:14 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-20 19:15 - 2014-03-20 19:15 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-20 19:15 - 2014-03-20 19:15 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-20 19:15 - 2013-08-27 21:14 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-20 19:15 - 2008-12-22 20:59 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-18 23:01 - 2014-03-18 23:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-18 23:01 - 2014-03-18 23:00 - 00004121 _____ () C:\WINDOWS\KB2934207.log
2014-03-18 23:01 - 2008-12-22 20:56 - 01787674 _____ () C:\WINDOWS\iis6.log
2014-03-18 23:01 - 2008-12-22 20:56 - 01540931 _____ () C:\WINDOWS\FaxSetup.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00773917 _____ () C:\WINDOWS\ocgen.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00716450 _____ () C:\WINDOWS\tsoc.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00524491 _____ () C:\WINDOWS\comsetup.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00508036 _____ () C:\WINDOWS\msmqinst.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00319230 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00271033 _____ () C:\WINDOWS\netfxocm.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00107915 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00086496 _____ () C:\WINDOWS\ocmsn.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00078075 _____ () C:\WINDOWS\msgsocm.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00077645 _____ () C:\WINDOWS\tabletoc.log
2014-03-18 23:01 - 2008-12-22 20:56 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-18 22:15 - 2002-01-01 00:13 - 00000984 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-113007714-854245398-1003Core.job
2014-03-11 00:24 - 2008-12-22 21:15 - 00000000 ____D () C:\Documents and Settings\Martin
2014-03-04 21:44 - 2008-12-23 16:16 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-03 22:35 - 2014-03-03 22:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-03-03 22:35 - 2014-03-03 22:19 - 00013121 _____ () C:\WINDOWS\KB2916036.log
2014-03-03 22:35 - 2008-12-22 23:19 - 00267284 _____ () C:\WINDOWS\updspapi.log
2014-03-03 22:35 - 2008-12-22 20:56 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-03-03 22:34 - 2008-12-22 20:56 - 00502138 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-03 22:32 - 2013-08-27 22:10 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-03 22:30 - 2014-03-03 22:29 - 00011125 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-03-03 22:30 - 2008-12-23 01:00 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-03 22:29 - 2014-03-03 22:28 - 00004195 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-03-02 21:37 - 2013-08-27 21:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-03-02 21:13 - 2008-12-22 20:56 - 00045153 _____ () C:\WINDOWS\setupapi.log
2014-03-02 21:13 - 2002-01-01 00:05 - 00000521 _____ () C:\WINDOWS\nsw.log
2014-03-02 21:02 - 2008-12-22 23:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-03-02 20:59 - 2014-03-02 20:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-03-02 20:59 - 2014-03-02 20:58 - 00004405 _____ () C:\WINDOWS\KB2914368.log
2014-02-26 02:59 - 2014-03-18 20:46 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-02-26 02:59 - 2014-03-18 20:46 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe

Files to move or delete:
====================
C:\Documents and Settings\Tomáš\Application Data\swk.ini


Some content of TEMP:
====================
C:\Documents and Settings\Tomáš\Local Settings\Temp\rnsetup0.exe
C:\Documents and Settings\Tomáš\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Zuzana\Local Settings\Temp\setup_wm.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Re: policejní vir

Napsal: 20 bře 2014 20:53
od Rudy
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\Tomáš\Local Settings\Temp
C:\Documents and Settings\Zuzana\Local Settings\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: policejní vir

Napsal: 20 bře 2014 21:00
od xmartinmx
díky a posílám:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Martin at 2014-03-20 21:03:15 Run:1
Running from E:\
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\Tomáš\Local Settings\Temp
C:\Documents and Settings\Zuzana\Local Settings\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Documents and Settings\Tomáš\Local Settings\Temp => Moved successfully.
C:\Documents and Settings\Zuzana\Local Settings\Temp => Moved successfully.

==== End of Fixlog ====

Re: policejní vir

Napsal: 20 bře 2014 21:05
od Rudy
Smazáno. PC by mělo být čisté.

Re: policejní vir

Napsal: 20 bře 2014 21:07
od xmartinmx
moc děkuji!

Re: policejní vir

Napsal: 20 bře 2014 21:54
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz