pro vyosek

[vyosek]

Neni treba na plose Nekde by byt byla

[fraha]

Prechádzam všetko, ale nič take tu nevidím.
Našiel som iba v priečinku Qoobox priečinok QUARANTINE z obsahom:
priečinok C
priečinok Registry_backups
text dokument Catchme

Spustil som službu vyhľadávania v NTB

[vyosek]

To je zaloha Combofixu...

Divne, ze TDSS neudelal zalohu

[fraha]

Som v núdzovom režime. Nemôže to byť tým?
Program TDSSKiller sa mi rovno spúštal, Vista mi nedovolila po stiahnutí súbor uložiť, ale musel som ho rovno spustiť. Nemôže to byť tým?

Že ja som sa dal ukecať na takú oštaru.

[fraha]

A keby som skúsil ešte raz spustiť TDSSKiller, ale z externého zdroja napr z USB kľúča?

[vyosek]

Program TDSSKiller sa mi rovno spúštal, Vista mi nedovolila po stiahnutí súbor uložiť, ale musel som ho rovno spustiť. Nemôže to byť tým?

No tohle by tim mohlo byt a nebyla tak asi i zarucena jeho celkova funkcnost...

S tim nabehem do normalniho rezimu zkusime neco udelat, asi nam bude muset pomoct i podpora HP

[fraha]

NTB je TOSHIBA Satellite L300

[vyosek]

Jo, chybka, zkusim pohledat...A jeste konzultuji s kolegou

[fraha]

aj z externého zdroja to urobí scan nič nenájde ani nevytvorí. Položka Quarantined je 0.
Nemohlo sa to zmazať po 1. kontrole pri reštarte NTB???

[vyosek]

Prosim o zabaleni a upload cele slozky c:\qoobox

TDSS pokud maze, dela zalohy

A ptal jsem se, jestli jste pouzil ComboFix jeste pred tim, nez jste sek k nam na forum

[fraha]

Prikladám link na celú zložku Qoobox:

http://www.ulozto.sk/12765510/qoobox-rar

[fraha]

Vďaka, ale zisťujem, že sa začínam pomaly strácať a nie vždy viem o čom je reč.

[fraha]

Obsah Bluescreenwiew:

Version=1
EventType=APPCRASH
EventTime=129706874952320000
ReportType=2
Consent=1
UploadTime=129706874953330000
Response.BucketId=645141428
Response.BucketTable=1
Response.Str=http:////oca.microsoft.com//resredir.aspx?SID=16255&iBucketTable=1&iBucket=645141428&BucketHash=795319c9a61d9f6e1da8b49a2aedbf47
Sig[0].Name=Názov aplikácie
Sig[0].Value=AcroRd32.exe
Sig[1].Name=Verzia aplikácie
Sig[1].Value=8.1.0.137
Sig[2].Name=Časová pečiatka aplikácie
Sig[2].Value=46444e37
Sig[3].Name=Názov chybného modulu
Sig[3].Value=AcroRd32.dll
Sig[4].Name=Verzia chybného modulu
Sig[4].Value=8.1.2.86
Sig[5].Name=Časová pečiatka chybného modulu
Sig[5].Value=478854a9
Sig[6].Name=Kód výnimky
Sig[6].Value=c0000005
Sig[7].Name=Odsadenie výnimky
Sig[7].Value=0009614a
DynamicSig[1].Name=Verzia OS
DynamicSig[1].Value=6.0.6002.2.2.0.768.3
DynamicSig[2].Name=Identifikácia miestneho nastavenia
DynamicSig[2].Value=1051
DynamicSig[22].Name=Ďalšie informácie 1
DynamicSig[22].Value=c4f1
DynamicSig[23].Name=Ďalšie informácie 2
DynamicSig[23].Value=f1661a6f5b6af02c03325d125e3b84a5
DynamicSig[24].Name=Ďalšie informácie 3
DynamicSig[24].Value=53e9
DynamicSig[25].Name=Ďalšie informácie 4
DynamicSig[25].Value=8a13ac5290d52203612aeae469982528
UI[2]=C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
UI[3]=Program Adobe Reader 8.1 prestal pracovať.
UI[4]=Systém Windows môže zistiť online dostupnosť riešenia problému.
UI[5]=Vyhľadať riešenie a skončiť program
UI[6]=Vyhľadať riešenie neskôr a skončiť program
UI[7]=Skončiť program
State[0].Key=Transport.DoneStage1
State[0].Value=1
FriendlyEventName=Program prestal pracovať
ConsentKey=APPCRASH
AppName=Adobe Reader 8.1
AppPath=C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe


To ďalšie hľadám...

[fraha]

Neviem ako Ti tu vložiť alebo dať subory iaStor.sys a ten druhý..

[fraha]

Kód: Vybrat vše

MBRScan v1.0.6

OS             : Windows Vista Service Pack 2 (32 bit)
PROCESSOR      : x86 Family 6 Model 15 Stepping 13, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/01/22 (ISO 8601) at 17:23:48
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST932032 0AS (SD56)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR3 __Kingston DataTraveler 2.0 (PMAP)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	298.1 Go  [Fixed] ==> Vista MBR Code.. ==> PARTITION TABLE FAKED !!

MBR_MD5   : 805247666D3FA8EC7F6713647BF94CDD
MBR_SHA1  : 3B934934E099B64295AAA404ECEF9DFF0D1AD51F

Device\Harddisk0\Partition1	1.46 Go  	0x27 RE Hidden partition 
Device\Harddisk0\Partition2	148.9 Go  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition3	147.7 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR3	1.86 Go  [Removable] ==> Unknown MBR Code

MBR_MD5   : CDAAE7BD2A7CA7F7F35B455389FAC3E2
MBR_SHA1  : 8500DCC74AC8D73DB7DC4EE3FB6254A1BCD61F60

Device\Harddisk1\Partition1	1.86 Go  	0x0B FAT32 [CHS] 
________________________________________________________________________________


_____FAKED   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 10 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1E FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 0F 85 0C 00 80 7E 00 80 0F 84 8A 00 B2 80   N......~......².
0x000000B0   EB 82 55 32 E4 8A 56 00 CD 13 5D EB 9C 81 3E FE   ë.U2ä.V.Í.]ë..>þ
0x000000C0   7D 55 AA 75 6E FF 76 00 E8 8A 00 0F 85 15 00 B0   }Uªun.v.è......°
0x000000D0   D1 E6 64 E8 7F 00 B0 DF E6 60 E8 78 00 B0 FF E6   Ñædè..°ßæ`èx.°.æ
0x000000E0   64 E8 71 00 B8 00 BB CD 1A 66 23 C0 75 3B 66 81   dèq.¸.»Í.f#Àu;f.
0x000000F0   FB 54 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07   ûTCPAu2.ù..r,fh.
0x00000100   BB 00 00 66 68 00 02 00 00 66 68 08 00 00 00 66   »..fh....fh....f
0x00000110   53 66 53 66 55 66 68 00 00 00 00 66 68 00 7C 00   SfSfUfh....fh.|.
0x00000120   00 66 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00   .fah...Í.Z2öê.|.
0x00000130   00 CD 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07   .Í..·.ë..¶.ë..µ.
0x00000140   32 E4 05 00 07 8B F0 AC 3C 00 74 FC BB 07 00 B4   2ä....ð¬<.tü»..´
0x00000150   0E CD 10 EB F2 2B C9 E4 64 EB 00 24 02 E0 F8 24   .Í.ëò+Éädë.$.àø$
0x00000160   02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 74   .ÃInvalid partit
0x00000170   69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 20   ion table.Error 
0x00000180   6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E   loading operatin
0x00000190   67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E 67   g system.Missing
0x000001A0   20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65    operating syste
0x000001B0   6D 00 00 00 00 62 7A 99 CB 84 28 1C 00 00 00 20   m....bz.Ë.(.... 
0x000001C0   21 00 27 59 1A BF 00 08 00 00 00 E0 2E 00 00 59   !.'Y.¿.....à...Y
0x000001D0   1B BF 07 FE FF FF 00 E8 2E 00 00 78 9C 12 00 FE   .¿.þ...è...x...þ
0x000001E0   FF FF 07 FE FF FF 00 60 CB 12 B0 82 77 12 80 FE   ...þ...`Ë.°.w..þ
0x000001F0   FF FF 17 FE FF FF B0 E2 42 25 F0 07 00 00 55 AA   ...þ..°âB%ð...Uª

__ORIGINAL   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 10 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1E FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 0F 85 0C 00 80 7E 00 80 0F 84 8A 00 B2 80   N......~......².
0x000000B0   EB 82 55 32 E4 8A 56 00 CD 13 5D EB 9C 81 3E FE   ë.U2ä.V.Í.]ë..>þ
0x000000C0   7D 55 AA 75 6E FF 76 00 E8 8A 00 0F 85 15 00 B0   }Uªun.v.è......°
0x000000D0   D1 E6 64 E8 7F 00 B0 DF E6 60 E8 78 00 B0 FF E6   Ñædè..°ßæ`èx.°.æ
0x000000E0   64 E8 71 00 B8 00 BB CD 1A 66 23 C0 75 3B 66 81   dèq.¸.»Í.f#Àu;f.
0x000000F0   FB 54 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07   ûTCPAu2.ù..r,fh.
0x00000100   BB 00 00 66 68 00 02 00 00 66 68 08 00 00 00 66   »..fh....fh....f
0x00000110   53 66 53 66 55 66 68 00 00 00 00 66 68 00 7C 00   SfSfUfh....fh.|.
0x00000120   00 66 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00   .fah...Í.Z2öê.|.
0x00000130   00 CD 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07   .Í..·.ë..¶.ë..µ.
0x00000140   32 E4 05 00 07 8B F0 AC 3C 00 74 FC BB 07 00 B4   2ä....ð¬<.tü»..´
0x00000150   0E CD 10 EB F2 2B C9 E4 64 EB 00 24 02 E0 F8 24   .Í.ëò+Éädë.$.àø$
0x00000160   02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 74   .ÃInvalid partit
0x00000170   69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 20   ion table.Error 
0x00000180   6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E   loading operatin
0x00000190   67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E 67   g system.Missing
0x000001A0   20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65    operating syste
0x000001B0   6D 00 00 00 00 62 7A 99 CB 84 28 1C 00 00 00 20   m....bz.Ë.(.... 
0x000001C0   21 00 27 59 1A BF 00 08 00 00 00 E0 2E 00 80 59   !.'Y.¿.....à...Y
0x000001D0   1B BF 07 FE FF FF 00 E8 2E 00 00 78 9C 12 00 FE   .¿.þ...è...x...þ
0x000001E0   FF FF 07 FE FF FF 00 60 CB 12 B0 82 77 12 00 00   ...þ...`Ë.°.w...
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR3  

0x00000000   FA BE 00 7C BF 00 7A B9 00 01 FC 0E 1F 0E 07 F3   ú¾.|¿.z¹..ü....ó
0x00000010   A5 EA 16 7A 00 00 BB BE 7B 33 C9 80 3F 80 75 06   ¥ê.z..»¾{3É.?.u.
0x00000020   FE C5 8B F3 EB 07 80 3F 00 75 02 FE C1 83 C3 10   þÅ.óë..?.u.þÁ.Ã.
0x00000030   81 FB FE 7B 72 E5 83 F9 04 74 0B 81 F9 03 01 74   .ûþ{rå.ù.t..ù..t
0x00000040   0A BB A5 7A EB 2C BB 87 7A EB 27 8B 4C 02 8B 14   .»¥zë,».zë'.L...
0x00000050   B8 01 02 BB 00 7C CD 13 73 05 BB BC 7A EB 13 2E   ¸..».|Í.s.»¼zë..
0x00000060   A1 FE 7D 3D 55 AA 74 05 BB BC 7A EB 05 EA 00 7C   ¡þ}=Uªt.»¼zë.ê.|
0x00000070   00 00 2E 8A 07 3C 00 74 0C 53 BB 07 00 B4 0E CD   .....<.t.S»..´.Í
0x00000080   10 5B 43 EB ED EB FE 4E 6F 20 62 6F 6F 74 61 62   .[CëíëþNo bootab
0x00000090   6C 65 20 70 61 72 74 69 74 6F 6E 20 69 6E 20 74   le partiton in t
0x000000A0   61 62 6C 65 00 49 6E 76 61 6C 69 64 20 50 61 72   able.Invalid Par
0x000000B0   74 69 74 6F 6E 20 74 61 62 6C 65 00 49 6E 76 61   titon table.Inva
0x000000C0   6C 69 64 20 6F 72 20 64 61 6D 61 67 65 64 20 42   lid or damaged B
0x000000D0   6F 6F 74 61 62 6C 65 20 70 61 72 74 69 74 69 6F   ootable partitio
0x000000E0   6E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   n...............
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01   ................
0x000001C0   01 00 0B 0F 60 C7 20 00 00 00 E0 8F 3B 00 00 00   ....`Ç ...à.;...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

Textak z MBRscanu:


Požadované súbory: stale neviem ako ich doručiť