Zdravím
Antivir mi našel vir win32:MBRoot-J
nejde odstrani žádným antivirem měl jsem Eset a zkoušel jsem i AVG a teď mám Avast
napadlo to mozilu když se chci někam přihlásit tak se sekne a musím jí ukončit
Prosím o pomoc
Děkuji
ComboFix 12-08-17.01 - PC 17.08.2012 13:31:58.3.2 - x86
Spuštěný z: c:\documents and settings\PC\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
.
.
\\.\PhysicalDrive0 - Bootkit Sinowal was found and disinfected
\\.\PhysicalDrive7 - Bootkit Sinowal was found and disinfected
.
\\.\PhysicalDrive0 - Bootkit Sinowal was found and disinfected
\\.\PhysicalDrive7 - Bootkit Sinowal was found and disinfected
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_xcpip
-------\Service_xpsec
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-17 do 2012-08-17 )))))))))))))))))))))))))))))))
.
.
2012-08-17 05:26 . 2012-08-17 11:10 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2012-08-17 05:09 . 2012-08-17 05:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2012-08-17 05:09 . 2009-01-25 11:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2012-08-17 05:09 . 2012-08-17 05:09 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-08-16 14:18 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-16 14:18 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-16 14:18 . 2012-07-03 16:21 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-16 14:18 . 2012-07-03 16:21 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-16 14:18 . 2012-07-03 16:21 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-16 14:18 . 2012-07-03 16:21 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-16 14:18 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-16 14:18 . 2012-07-03 16:21 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-16 14:17 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-08-16 14:17 . 2012-07-03 16:21 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-16 14:17 . 2012-08-16 14:17 -------- d-----w- c:\program files\AVAST Software
2012-08-16 14:17 . 2012-08-16 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-08-16 14:08 . 2012-07-14 02:30 866776 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-08-16 13:01 . 2012-08-16 13:01 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2012-08-15 14:57 . 2012-08-13 11:37 475736 ----a-w- c:\windows\system32\drivers\0048461drv.sys
2012-08-15 11:03 . 2012-08-15 11:03 -------- d-----w- c:\program files\CCleaner
2012-08-15 10:20 . 2012-08-15 10:23 -------- d-----w- c:\documents and settings\PC\Application Data\AVG
2012-08-15 09:58 . 2012-08-15 09:58 -------- d-----w- c:\program files\Xenocode
2012-08-15 09:58 . 2012-08-15 09:58 -------- d-----w- c:\documents and settings\PC\Impostazioni locali
2012-08-15 09:35 . 2012-08-15 09:35 -------- d-----w- c:\program files\AVG
2012-08-15 08:37 . 2012-08-15 08:37 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\Sun
2012-08-15 08:33 . 2012-08-15 08:33 -------- d-----w- c:\program files\Oracle
2012-08-15 08:33 . 2012-08-15 08:33 -------- d-----w- c:\documents and settings\PC\Application Data\Oracle
2012-08-14 16:32 . 2012-08-14 16:32 -------- d-----w- c:\documents and settings\PC\DoctorWeb
2012-08-14 11:43 . 2012-08-16 14:16 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2012-08-14 11:43 . 2012-08-14 11:43 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2012-08-11 17:02 . 2012-08-11 17:02 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\PackageAware
2012-08-01 14:18 . 2012-08-01 14:19 -------- d-----w- c:\program files\Ferrari Virtual Race
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 11:11 . 2012-04-02 14:41 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 11:11 . 2011-05-25 13:24 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-10 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-05 20:07 . 2009-08-05 15:09 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-05 20:06 . 2010-11-20 11:53 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-04 14:05 . 2009-08-06 00:13 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40 . 2004-08-10 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2004-08-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2004-08-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2004-08-10 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-10 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 18:58 . 2010-01-29 19:30 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-06-05 15:50 . 2009-08-19 16:07 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-10 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2008-10-16 21:09 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2009-08-06 00:22 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2009-08-06 00:22 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2009-08-06 00:22 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2008-10-16 21:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 00:22 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2009-08-06 00:22 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2008-10-16 21:09 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2008-10-16 21:07 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2008-10-16 21:07 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 00:22 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2009-08-06 00:22 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-12-03 06:40 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-12-03 06:40 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-12-03 06:40 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-10 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2004-06-30 12:20 . 2010-02-15 08:50 160768 ----a-w- c:\program files\fmod.dll
2012-07-14 00:15 . 2012-08-16 14:09 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-17_04.49.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-17 11:49 . 2012-08-17 11:49 16384 c:\windows\Temp\Perflib_Perfdata_2c8.dat
+ 2012-01-04 14:28 . 2012-01-04 14:28 16128 c:\windows\system32\drivers\gtkdrv.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\prxtbMyA0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2011-05-09 09:49 176936 ----a-w- c:\program files\MyAshampoo\prxtbMyA0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\prxtbMyA0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}"= "c:\program files\MyAshampoo\prxtbMyA0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kalendar"="c:\program files\Kalendar\kalendar.exe" [2005-11-09 580608]
"Steam"="c:\program files\Steam\steam.exe" [2012-08-11 1353080]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"RTHDCPL"="RTHDCPL.EXE" [2009-01-13 18084864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-25 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-25 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-25 136192]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-06-28 75048]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2011-10-05 3578272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
Rychlé spuštění aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-5-12 73728]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\amd driver updater, xp, 32 bit\\Setup.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Codemasters\\F1 2011\\F1_2011.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Codemasters\\GRID\\GRID.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\SteamApps\\jira767\\race\\SteamProxy.exe"=
"c:\\Program Files\\Steam\\SteamApps\\jira767\\race\\RaceConfig_Steam.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.8.2009 8:14 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16.8.2012 16:18 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16.8.2012 16:18 353688]
R1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:\program files\Spybot - Search & Destroy 2\SDHookDrv32.sys [17.8.2012 7:09 38504]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/01/25 17:59];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [28.6.2010 23:50 87536]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [1.5.2012 11:15 913752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.8.2012 16:18 21256]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [5.7.2012 18:41 3048136]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [8.8.2010 19:07 27632]
S1 0048461drv;0048461drv;c:\windows\system32\drivers\0048461drv.sys [15.8.2012 16:57 475736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.9.2009 8:15 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2.4.2012 16:41 250056]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [4.1.2010 19:33 36608]
S3 gda2amy7.sys;gda2amy7.sys;\??\c:\windows\system32\drivers\gda2amy7.sys --> c:\windows\system32\drivers\gda2amy7.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [5.9.2011 17:07 13224]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15.9.2009 8:15 133104]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys --> c:\windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [6.8.2009 3:48 110080]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [12.6.2011 11:15 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [16.8.2012 16:09 113120]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 22:37 4640000]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [24.2.2010 18:39 32377]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [5.9.2011 17:04 155320]
S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\drivers\gtkdrv.sys [4.1.2012 16:28 16128]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - xcpip
*Deregistered* - xpsec
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 11:11]
.
2012-05-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2012-08-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-08-16 16:21]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd62b475878164.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-15 06:15]
.
2012-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-15 06:15]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\v4nm9x8d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-17 13:51
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(896)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(5308)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
c:\program files\Google\Update\1.3.21.115\GoogleCrashHandler.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\dllhost.exe
c:\windows\RTHDCPL.EXE
c:\windows\eHome\ehmsas.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Sony\Sony PC Companion\PCCompanionInfo.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Celkový čas: 2012-08-17 13:55:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-17 11:55
ComboFix2.txt 2012-08-17 04:59
ComboFix3.txt 2012-08-14 15:53
.
Před spuštěním: 31 863 930 880 bytes free
Po spuštění: Volných bajtů: 31 860 109 312
.
- - End Of File - - 2B7B75CF3E47C3DEB058FD1ACC96E100
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nejde smazat vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: nejde smazat vir
[quote="Naughty"]Ahoj,
ještě antivir hlásí po aplikaci combofixu mbr rootkit? Pokud ano, proveď
to nevím
mám nechat projet avastem Pc?
ještě antivir hlásí po aplikaci combofixu mbr rootkit? Pokud ano, proveď
to nevím
mám nechat projet avastem Pc?
Kód: Vybrat vše
MBRScan v1.1.1
OS : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR : x86 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT : Normal Boot
DATE : 2012/08/17 (ISO 8601) at 14:34:04
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __WDC WD1200JS-00MHB0 (02.01C03)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 111.8 Go [Fixed] ==> Unknown MBR Code
MBR_MD5 : 046786BED0C170B354E5A07FEB233A57
MBR_SHA1 : 4CABA11483BD85CD0C7D13D075D6963196EE79F2
Device\Harddisk0\Partition1 111.8 Go 0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________
############################### Additional scan ################################
DRIVER : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xABC46000
SIZE : 96.0 Ko
DRIVER : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xBA626000
SIZE : 8.0 Ko
DRIVER : C:\WINDOWS\system32\drivers\xpsec.sys => Invisible on the disk
ADDRESS : 0xA901A000
SIZE : 76.0 Ko
DRIVER : C:\WINDOWS\system32\drivers\xcpip.sys => Invisible on the disk
ADDRESS : 0xA8FC1000
SIZE : 356.0 Ko
DRIVER : C:\ComboFix\catchme.sys => Invisible on the disk
ADDRESS : 0xBA4A8000
SIZE : 32.0 Ko
DRIVER : C:\WINDOWS\system32\Drivers\PROCEXP113.SYS => Invisible on the disk
ADDRESS : 0xBA5C2000
SIZE : 8.0 Ko
SystemStartOptions : NOEXECUTE=OPTIN FASTDETECT
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D8 8E C0 8E D0 BC 00 7C BE 1A 7C BF 00 3À.Ø.À.м.|¾.|¿.
0x00000010 06 B9 E6 01 50 57 FC F3 A4 CB BE A4 07 B1 04 90 .¹æ.PWüó¤Ë¾¤.±..
0x00000020 80 3C 80 74 0D 38 2C 0F 85 C0 00 83 C6 10 E2 F0 .<.t.8,..À..Æ.âð
0x00000030 CD 18 66 8B 44 08 8B 14 89 E3 B9 01 00 E8 64 00 Í.f.D....ã¹..èd.
0x00000040 73 0C 8B 4C 02 B8 01 02 CD 13 0F 82 B8 00 B9 55 s..L.¸..Í...¸.¹U
0x00000050 AA 2B 0E FE 7D 0F 85 CF 00 66 B8 00 00 00 00 66 ª+.þ}..Ï.f¸....f
0x00000060 39 44 08 72 08 66 8B 44 08 66 03 44 0C 83 C6 10 9D.r.f.D.f.D..Æ.
0x00000070 81 FE E4 07 72 E9 66 09 C0 74 1E B9 09 00 81 C3 .þä.réf.Àt.¹...Ã
0x00000080 00 02 E8 1F 00 72 12 89 DE 81 C6 0C 02 8D 54 F4 ..è..r..Þ.Æ...Tô
0x00000090 66 81 3C 75 2F F3 A4 74 05 EA 00 7C 00 00 89 DE f.<u/ó¤t.ê.|...Þ
0x000000A0 FF D2 EB F5 66 60 B2 80 BB AA 55 B4 41 CD 13 73 .Òëõf`².»ªU´AÍ.s
0x000000B0 04 F9 66 61 C3 81 FB 55 AA 75 F6 F6 C1 01 74 F1 .ùfaÃ.ûUªuööÁ.tñ
0x000000C0 66 61 66 60 6A 00 6A 00 66 50 06 53 51 6A 10 B4 faf`j.j.fP.SQj.´
0x000000D0 42 89 E6 CD 13 61 66 61 C3 5E AC 08 C0 74 FC 56 B.æÍ.afaÃ^¬.ÀtüV
0x000000E0 1E BB 07 00 B4 0E CD 10 1F EB EE E8 EB FF 49 6E .»..´.Í..ëîèë.In
0x000000F0 76 61 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 valid partition
0x00000100 74 61 62 6C 65 00 E8 D0 FF 45 72 72 6F 72 20 6C table.èÐ.Error l
0x00000110 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E 67 oading operating
0x00000120 20 73 79 73 74 65 6D 00 E8 AE FF 4D 69 73 73 69 system.è®.Missi
0x00000130 6E 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 ng operating sys
0x00000140 74 65 6D 00 00 00 00 00 00 00 00 00 00 00 00 00 tem.............
0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 63 98 69 98 69 00 00 80 01 .....,Dc.i.i....
0x000001C0 01 00 07 FE FF FF 3F 00 00 00 C1 F8 F8 0D 00 00 ...þ..?...Áøø...
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
Re: nejde smazat vir
Kód: Vybrat vše
MBRScan v1.1.1
OS : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR : x86 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT : Normal Boot
DATE : 2012/08/17 (ISO 8601) at 20:27:41
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __WDC WD1200JS-00MHB0 (02.01C03)
BUS_TYPE : (0x03) P-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 111.8 Go [Fixed] ==> Unknown MBR Code
MBR_MD5 : 046786BED0C170B354E5A07FEB233A57
MBR_SHA1 : 4CABA11483BD85CD0C7D13D075D6963196EE79F2
Device\Harddisk0\Partition1 111.8 Go 0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________
############################### Additional scan ################################
DRIVER : C:\WINDOWS\system32\drivers\xpsec.sys => Invisible on the disk
ADDRESS : 0xA90AD000
SIZE : 76.0 Ko
DRIVER : C:\WINDOWS\system32\drivers\xcpip.sys => Invisible on the disk
ADDRESS : 0xA9054000
SIZE : 356.0 Ko
SystemStartOptions : NOEXECUTE=OPTIN FASTDETECT
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D8 8E C0 8E D0 BC 00 7C BE 1A 7C BF 00 3À.Ø.À.м.|¾.|¿.
0x00000010 06 B9 E6 01 50 57 FC F3 A4 CB BE A4 07 B1 04 90 .¹æ.PWüó¤Ë¾¤.±..
0x00000020 80 3C 80 74 0D 38 2C 0F 85 C0 00 83 C6 10 E2 F0 .<.t.8,..À..Æ.âð
0x00000030 CD 18 66 8B 44 08 8B 14 89 E3 B9 01 00 E8 64 00 Í.f.D....ã¹..èd.
0x00000040 73 0C 8B 4C 02 B8 01 02 CD 13 0F 82 B8 00 B9 55 s..L.¸..Í...¸.¹U
0x00000050 AA 2B 0E FE 7D 0F 85 CF 00 66 B8 00 00 00 00 66 ª+.þ}..Ï.f¸....f
0x00000060 39 44 08 72 08 66 8B 44 08 66 03 44 0C 83 C6 10 9D.r.f.D.f.D..Æ.
0x00000070 81 FE E4 07 72 E9 66 09 C0 74 1E B9 09 00 81 C3 .þä.réf.Àt.¹...Ã
0x00000080 00 02 E8 1F 00 72 12 89 DE 81 C6 0C 02 8D 54 F4 ..è..r..Þ.Æ...Tô
0x00000090 66 81 3C 75 2F F3 A4 74 05 EA 00 7C 00 00 89 DE f.<u/ó¤t.ê.|...Þ
0x000000A0 FF D2 EB F5 66 60 B2 80 BB AA 55 B4 41 CD 13 73 .Òëõf`².»ªU´AÍ.s
0x000000B0 04 F9 66 61 C3 81 FB 55 AA 75 F6 F6 C1 01 74 F1 .ùfaÃ.ûUªuööÁ.tñ
0x000000C0 66 61 66 60 6A 00 6A 00 66 50 06 53 51 6A 10 B4 faf`j.j.fP.SQj.´
0x000000D0 42 89 E6 CD 13 61 66 61 C3 5E AC 08 C0 74 FC 56 B.æÍ.afaÃ^¬.ÀtüV
0x000000E0 1E BB 07 00 B4 0E CD 10 1F EB EE E8 EB FF 49 6E .»..´.Í..ëîèë.In
0x000000F0 76 61 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 valid partition
0x00000100 74 61 62 6C 65 00 E8 D0 FF 45 72 72 6F 72 20 6C table.èÐ.Error l
0x00000110 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E 67 oading operating
0x00000120 20 73 79 73 74 65 6D 00 E8 AE FF 4D 69 73 73 69 system.è®.Missi
0x00000130 6E 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 ng operating sys
0x00000140 74 65 6D 00 00 00 00 00 00 00 00 00 00 00 00 00 tem.............
0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 2C 44 63 98 69 98 69 00 00 80 01 .....,Dc.i.i....
0x000001C0 01 00 07 FE FF FF 3F 00 00 00 C1 F8 F8 0D 00 00 ...þ..?...Áøø...
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
__________________________16_BIT_ASM_CODE
0x0000 33c0 XOR AX, AX
0x0002 8ed8 MOV DS, AX
0x0004 8ec0 MOV ES, AX
0x0006 8ed0 MOV SS, AX
0x0008 bc 007c MOV SP, 0x7c00
0x000B be 1a7c MOV SI, 0x7c1a
0x000E bf 0006 MOV DI, 0x600
0x0011 b9 e601 MOV CX, 0x1e6
0x0014 50 PUSH AX
0x0015 57 PUSH DI
0x0016 fc CLD
0x0017 f3 a4 REP MOVSB
0x0019 cb RETF
0x001A be a407 MOV SI, 0x7a4
0x001D b1 04 MOV CL, 0x4
0x001F 90 NOP
0x0020 803c 80 CMP BYTE [SI], 0x80
0x0023 74 0d JZ 0x32
0x0025 382c CMP [SI], CH
0x0027 0f85 c000 JNZ 0xeb
0x002B 83c6 10 ADD SI, 0x10
0x002E e2 f0 LOOP 0x20
0x0030 cd 18 INT 0x18
0x0032 66 8b44 08 MOV EAX, [SI+0x8]
0x0036 8b14 MOV DX, [SI]
0x0038 89e3 MOV BX, SP
0x003A b9 0100 MOV CX, 0x1
0x003D e8 6400 CALL 0xa4
0x0040 73 0c JAE 0x4e
0x0042 8b4c 02 MOV CX, [SI+0x2]
0x0045 b8 0102 MOV AX, 0x201
0x0048 cd 13 INT 0x13
0x004A 0f82 b800 JB 0x106
0x004E b9 55aa MOV CX, 0xaa55
0x0051 2b0e fe7d SUB CX, [0x7dfe]
0x0055 0f85 cf00 JNZ 0x128
0x0059 66 b8 00000000 MOV EAX, 0x0
0x005F 66 3944 08 CMP [SI+0x8], EAX
0x0063 72 08 JB 0x6d
0x0065 66 8b44 08 MOV EAX, [SI+0x8]
0x0069 66 0344 0c ADD EAX, [SI+0xc]
0x006D 83c6 10 ADD SI, 0x10
0x0070 81fe e407 CMP SI, 0x7e4
0x0074 72 e9 JB 0x5f
0x0076 66 09c0 OR EAX, EAX
0x0079 74 1e JZ 0x99
0x007B b9 0900 MOV CX, 0x9
0x007E 81c3 0002 ADD BX, 0x200
0x0082 e8 1f00 CALL 0xa4
0x0085 72 12 JB 0x99
0x0087 89de MOV SI, BX
0x0089 81c6 0c02 ADD SI, 0x20c
0x008D 8d54 f4 LEA DX, [SI-0xc]
0x0090 66 813c 752ff3a4CMP DWORD [SI], 0xa4f32f75
0x0097 74 05 JZ 0x9e
0x0099 ea 007c 0000 JMP FAR 0x0:0x7c00
0x009E 89de MOV SI, BX
0x00A0 ffd2 CALL DX
0x00A2 eb f5 JMP 0x99
0x00A4 66 60 PUSHAD
0x00A6 b2 80 MOV DL, 0x80
0x00A8 bb aa55 MOV BX, 0x55aa
0x00AB b4 41 MOV AH, 0x41
0x00AD cd 13 INT 0x13
0x00AF 73 04 JAE 0xb5
0x00B1 f9 STC
0x00B2 66 61 POPAD
0x00B4 c3 RET
0x00B5 81fb 55aa CMP BX, 0xaa55
0x00B9 75 f6 JNZ 0xb1
0x00BB f6c1 01 TEST CL, 0x1
0x00BE 74 f1 JZ 0xb1
0x00C0 66 61 POPAD
0x00C2 66 60 PUSHAD
0x00C4 6a 00 PUSH 0x0
0x00C6 6a 00 PUSH 0x0
0x00C8 66 50 PUSH EAX
0x00CA 06 PUSH ES
0x00CB 53 PUSH BX
0x00CC 51 PUSH CX
0x00CD 6a 10 PUSH 0x10
0x00CF b4 42 MOV AH, 0x42
0x00D1 89e6 MOV SI, SP
0x00D3 cd 13 INT 0x13
0x00D5 61 POPA
0x00D6 66 61 POPAD
0x00D8 c3 RET
0x00D9 5e POP SI
0x00DA ac LODSB
0x00DB 08c0 OR AL, AL
0x00DD 74 fc JZ 0xdb
0x00DF 56 PUSH SI
0x00E0 1e PUSH DS
0x00E1 bb 0700 MOV BX, 0x7
0x00E4 b4 0e MOV AH, 0xe
0x00E6 cd 10 INT 0x10
0x00E8 1f POP DS
0x00E9 eb ee JMP 0xd9
0x00EB e8 ebff CALL 0xd9
0x00EE 49 DEC CX
0x00EF 6e OUTSB
0x00F0 76 61 JBE 0x153
0x00F2 6c INSB
0x00F3 6964 20 7061 IMUL SP, [SI+0x20], 0x6170
0x00F8 72 74 JB 0x16e
0x00FA 6974 69 6f6e IMUL SI, [SI+0x69], 0x6e6f
0x00FF 2074 61 AND [SI+0x61], DH
0x0102 626c 65 BOUND BP, [SI+0x65]
0x0105 00e8 ADD AL, CH
0x0107 d0ff SAR BH, 0x1
0x0109 45 INC BP
0x010A 72 72 JB 0x17e
0x010C 6f OUTSW
0x010D 72 20 JB 0x12f
0x010F 6c INSB
0x0110 6f OUTSW
0x0111 61 POPA
0x0112 64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20
0x0118 70 65 JO 0x17f
0x011A 72 61 JB 0x17d
0x011C 74 69 JZ 0x187
0x011E 6e OUTSB
0x011F 67 2073 79 AND [EBX+0x79], DH
0x0123 73 74 JAE 0x199
0x0125 65 6d INS WORD GS:[DI], DX
0x0127 00e8 ADD AL, CH
0x0129 ae SCASB
0x012A ff4d 69 DEC WORD [DI+0x69]
0x012D 73 73 JAE 0x1a2
0x012F 696e 67 206f IMUL BP, [BP+0x67], 0x6f20
0x0134 70 65 JO 0x19b
0x0136 72 61 JB 0x199
0x0138 74 69 JZ 0x1a3
0x013A 6e OUTSB
0x013B 67 2073 79 AND [EBX+0x79], DH
0x013F 73 74 JAE 0x1b5
0x0141 65 6d INS WORD GS:[DI], DX
0x0143 0000 ADD [BX+SI], AL
0x0145 0000 ADD [BX+SI], AL
0x0147 0000 ADD [BX+SI], AL
0x0149 0000 ADD [BX+SI], AL
0x014B 0000 ADD [BX+SI], AL
0x014D 0000 ADD [BX+SI], AL
0x014F 0000 ADD [BX+SI], AL
0x0151 0000 ADD [BX+SI], AL
0x0153 0000 ADD [BX+SI], AL
0x0155 0000 ADD [BX+SI], AL
0x0157 0000 ADD [BX+SI], AL
0x0159 0000 ADD [BX+SI], AL
0x015B 0000 ADD [BX+SI], AL
0x015D 0000 ADD [BX+SI], AL
0x015F 0000 ADD [BX+SI], AL
0x0161 0000 ADD [BX+SI], AL
0x0163 0000 ADD [BX+SI], AL
0x0165 0000 ADD [BX+SI], AL
0x0167 0000 ADD [BX+SI], AL
0x0169 0000 ADD [BX+SI], AL
0x016B 0000 ADD [BX+SI], AL
0x016D 0000 ADD [BX+SI], AL
0x016F 0000 ADD [BX+SI], AL
0x0171 0000 ADD [BX+SI], AL
0x0173 0000 ADD [BX+SI], AL
0x0175 0000 ADD [BX+SI], AL
0x0177 0000 ADD [BX+SI], AL
0x0179 0000 ADD [BX+SI], AL
0x017B 0000 ADD [BX+SI], AL
0x017D 0000 ADD [BX+SI], AL
0x017F 0000 ADD [BX+SI], AL
0x0181 0000 ADD [BX+SI], AL
0x0183 0000 ADD [BX+SI], AL
0x0185 0000 ADD [BX+SI], AL
0x0187 0000 ADD [BX+SI], AL
0x0189 0000 ADD [BX+SI], AL
0x018B 0000 ADD [BX+SI], AL
0x018D 0000 ADD [BX+SI], AL
0x018F 0000 ADD [BX+SI], AL
0x0191 0000 ADD [BX+SI], AL
0x0193 0000 ADD [BX+SI], AL
0x0195 0000 ADD [BX+SI], AL
0x0197 0000 ADD [BX+SI], AL
0x0199 0000 ADD [BX+SI], AL
0x019B 0000 ADD [BX+SI], AL
0x019D 0000 ADD [BX+SI], AL
0x019F 0000 ADD [BX+SI], AL
0x01A1 0000 ADD [BX+SI], AL
0x01A3 0000 ADD [BX+SI], AL
0x01A5 0000 ADD [BX+SI], AL
0x01A7 0000 ADD [BX+SI], AL
0x01A9 0000 ADD [BX+SI], AL
0x01AB 0000 ADD [BX+SI], AL
0x01AD 0000 ADD [BX+SI], AL
0x01AF 0000 ADD [BX+SI], AL
0x01B1 0000 ADD [BX+SI], AL
0x01B3 0000 ADD [BX+SI], AL
0x01B5 2c 44 SUB AL, 0x44
0x01B7 6398 6998 ARPL [BX+SI-0x6797], BX
0x01BB 6900 0080 IMUL AX, [BX+SI], 0x8000
0x01BF 0101 ADD [BX+DI], AX
0x01C1 0007 ADD [BX], AL
0x01C3 fe DB 0xfe
0x01C4 ff DB 0xff
0x01C5 ff DB 0xff
0x01C6 3f AAS
0x01C7 0000 ADD [BX+SI], AL
0x01C9 00c1 ADD CL, AL
0x01CB f8 CLC
0x01CC f8 CLC
0x01CD 0d 0000 OR AX, 0x0
0x01D0 0000 ADD [BX+SI], AL
0x01D2 0000 ADD [BX+SI], AL
0x01D4 0000 ADD [BX+SI], AL
0x01D6 0000 ADD [BX+SI], AL
0x01D8 0000 ADD [BX+SI], AL
0x01DA 0000 ADD [BX+SI], AL
0x01DC 0000 ADD [BX+SI], AL
0x01DE 0000 ADD [BX+SI], AL
0x01E0 0000 ADD [BX+SI], AL
0x01E2 0000 ADD [BX+SI], AL
0x01E4 0000 ADD [BX+SI], AL
0x01E6 0000 ADD [BX+SI], AL
0x01E8 0000 ADD [BX+SI], AL
0x01EA 0000 ADD [BX+SI], AL
0x01EC 0000 ADD [BX+SI], AL
0x01EE 0000 ADD [BX+SI], AL
0x01F0 0000 ADD [BX+SI], AL
0x01F2 0000 ADD [BX+SI], AL
0x01F4 0000 ADD [BX+SI], AL
0x01F6 0000 ADD [BX+SI], AL
0x01F8 0000 ADD [BX+SI], AL
0x01FA 0000 ADD [BX+SI], AL
0x01FC 0000 ADD [BX+SI], AL
0x01FE 55 PUSH BP
0x01FF aa STOSB
Re: nejde smazat vir
tak vypáleno
otevřeno reatogoMenu
co ten mbrfix to nemám
musíš na mě pomalu a česky nejsem žádnej expert
otevřeno reatogoMenu
co ten mbrfix to nemám
musíš na mě pomalu a česky nejsem žádnej expert
Re: nejde smazat vir
vůbec mi to nejde
nabootovat???
to okno nemám
poradí nekdo?
nabootovat???
to okno nemám
poradí nekdo?
Re: nejde smazat vir
může mi prosím někdo pomoct????
Moc děkiji
Moc děkiji
Re: nejde smazat vir
Zdravim
Omlouvam se kolegovi za vstup
Musite si v BIOSu nastavit bootovani z CD http://www.tipypropc.cz/jak-zmenit-poradi-bootovani/ a mit samozrejme ono vypalene CD v mechanice
Omlouvam se kolegovi za vstup
Musite si v BIOSu nastavit bootovani z CD http://www.tipypropc.cz/jak-zmenit-poradi-bootovani/ a mit samozrejme ono vypalene CD v mechanice
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: nejde smazat vir
Podle toho návodu mám uplne jinej bios
Co mam delat?
Co mam delat?
Re: nejde smazat vir
Kazdy BIOS je jiny ale principielne stejny, musite najit kde se meni poradi bootovani
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: nejde smazat vir
mám XP
VŮBEC NEVÍM POD ČÍM TO BLEDAT NECHCI NĚCO POKAZI
VŮBEC NEVÍM POD ČÍM TO BLEDAT NECHCI NĚCO POKAZI
Re: nejde smazat vir
XP na to nema vubec vliv, do BIOSu se leze hned pri startu PC mackanim vetsinou klavesy Del (delete) ci F2 vetsinou je to tam napsano (Pres XX to run to Setup) ja se tez loucim, rano brzy vstavam 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: nejde smazat vir
tak přehozeno
musí být to CD v mechanice když to přehazuju?
musí být to CD v mechanice když to přehazuju?
Re: nejde smazat vir
Tak jsem to v biosu prehodil a nechal v mechanice cd a začal nabyhat nejakej system Reatongo to je normalni??
Radeji jsem to ukončil.
Co s tím?
Radeji jsem to ukončil.
Co s tím?
Re: nejde smazat vir
Ctete prosim dukladne postupy a nase rady, to retango je v poradku, to je prave ten system co vam ma nabehnout
Naughty píše:Nabootuj z CD, spustí se prostředi "rategoo" (poznáš hravě).
Takze jej nabootojte a provedte co psal kolega http://forum.viry.cz/viewtopic.php?f=13 ... 0#p1138049"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?