Neviditelná Partition na rozděleném HDD - 4x (C,D,E,F)

Zpráva

Rejsek2 · #1 Příspěvek od **Rejsek2** » 09 pro 2012 09:21

Dobrý den,
mám zvláštní problém. Normálně jsem pracoval na notebooku (2.12.2012 asi kolem 17:00). Po restartování notebooku naskočil systém normálně, až po zhlednutí pár Ikonek a nasledném spuštění daného programu mne systém hlásil "cesta nenalezena". Zvláštné protože před restartem jsem v aplikaci pracoval. Po otevření Průzkumníka jsem najednou zjistil že Disk "D" neexistuje. Od výrobce byl disk rozdělen na C-systém, D-Data, E-skrytý Recovery, F-skrytý ???. V průzkumníkovi nebyl vidět kromě C žádnej. Přitom přes PartitionMagic je jasně vidět, že všechny vyjmenováné disky jsou přitomné včetně nepoškozených dat na nich.
Proto se obracím na Vás o nějakou radu.
Přikladám ComboFix.txt

DĚKUJI

=======================

ComboFix 12-12-07.01 - Jaroslav 09.12.2012 7:17.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3692.2164 [GMT 1:00]
Spuštěný z: c:\users\Jaroslav\Downloads\ComboFix.exe
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\Jaroslav\Documents\O2PP.log
c:\windows\IsUn0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-09 do 2012-12-09 )))))))))))))))))))))))))))))))
.
.
2012-12-09 07:19 . 2012-12-09 07:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-09 06:18 . 2012-12-09 06:18 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F8B18A0B-8C65-4EF1-A964-972FE537C4C2}\offreg.dll
2012-12-08 10:49 . 2012-12-08 10:49 -------- d-----w- c:\programdata\LogSaver
2012-12-08 05:06 . 2012-12-08 05:06 -------- d-----w- c:\programdata\redistpart
2012-12-08 00:27 . 2012-12-08 00:27 -------- d-----w- c:\programdata\explauncher
2012-12-08 00:27 . 2012-12-08 00:27 -------- d-----w- c:\programdata\launcher
2012-12-08 00:26 . 2012-12-08 00:26 -------- d-----w- c:\program files (x86)\Paragon Software
2012-12-08 00:19 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F8B18A0B-8C65-4EF1-A964-972FE537C4C2}\mpengine.dll
2012-12-02 16:50 . 2012-05-31 10:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-11-21 13:02 . 2012-11-22 00:43 165112 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2012-11-17 07:42 . 2012-11-17 07:42 40960 ----a-w- c:\windows\SysWow64\REGSVR32.728
2012-11-17 07:42 . 2001-04-29 12:17 942592 ----a-w- c:\windows\SysWow64\KuchDataProj1.ocx
2012-11-13 22:01 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-13 22:01 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-13 22:01 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-13 22:01 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-13 21:37 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-13 21:37 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-13 21:37 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-13 21:37 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-13 21:37 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-13 21:37 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-13 21:37 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-13 20:14 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-13 20:14 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-15 10:05 . 2012-04-30 18:28 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-15 10:05 . 2011-12-13 01:32 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-13 21:38 . 2012-05-01 03:21 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-29 09:14 . 2012-10-29 09:14 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-29 09:14 . 2012-06-19 04:23 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-29 09:14 . 2012-06-19 04:23 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-16 08:38 . 2012-12-02 16:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-02 16:50 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-02 16:50 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-07 18:42 . 2012-10-07 18:42 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-07 18:42 . 2012-10-07 18:42 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-07 18:42 . 2012-10-07 18:42 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-07 18:42 . 2012-10-07 18:42 188904 ----a-w- c:\windows\system32\java.exe
2012-10-07 18:42 . 2012-09-03 12:31 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-07 18:42 . 2012-09-03 12:31 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-14 19:19 . 2012-10-09 19:43 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-09 19:43 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Camera"="c:\program files (x86)\ASUS\SmartCamera\SmartCamera.exe" [2011-11-08 1883824]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-12-13 3331312]
"Rapoo 9200"="c:\program files (x86)\Rapoo\9200\9200_Mouse.exe" [2010-12-29 2622464]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2012-4-30 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="d:\programy\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"SAOB Monitor"=c:\program files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
"TrueImageMonitor.exe"="d:\programy\Acronis\TrueImageHome\TrueImageMonitor.exe"
"HotkeyMon"=AsusSender.exe c:\program files (x86)\ASUS\HotkeyService\HotKeyMon.exe
"HotkeyService"=AsusSender.exe c:\program files (x86)\ASUS\HotkeyService\HotkeyService.exe
"SuperHybridEngine"=AsusSender.exe c:\program files (x86)\ASUS\SHE\SuperHybridEngine.exe
"CapsHook"=AsusSender.exe c:\program files (x86)\ASUS\CapsHook\CapsHook.exe
"iSeriesCharge"=AsusSender.exe c:\program files (x86)\ASUS\USBChargeSetting\iSeriesCharge.exe
"AMD AVT"=Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files (x86)\AMD AVT\bin\kdbsync.exe" aml
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service;d:\programy\ESET\ESET Smart Security\x86\ekrn.exe [x]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\programy\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-10-22 46592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2012-02-20 615976]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-20 39976]
R3 DCDhcpService;DCDhcpService;c:\program files\WiSharing\DCDhcpService.exe [2011-09-16 108544]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2010-01-18 32768]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 rp24msdrv;2.4g Device;c:\windows\system32\drivers\rp24msdrv.sys [2010-12-01 28416]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\programy\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;d:\programy\IObit\Game Booster 350 Beta\Driver\WinRing0x64.sys [x]
R4 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe [2011-08-08 224680]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R4 TeamViewer7;TeamViewer 7;d:\programy\TeamViewer\Version7\TeamViewer_Service.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AiDriver;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiDriver.sys [2010-05-20 14464]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-12-12 82048]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-12-12 42624]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-05-26 132704]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-05-04 834544]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2012-05-26 1263200]
S0 vidsflt58;Acronis Disk Storage Filter (58);c:\windows\system32\DRIVERS\vsflt58.sys [2012-05-26 142944]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK WMIACPI\epcwmiacpi64.sys [2011-09-07 17536]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-05-26 3975088]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-05 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-12-18 44944]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-11-22 165112]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-05-26 279136]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2012-02-21 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2012-02-21 396776]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [2012-04-30 21568]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200]
S3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [2011-11-22 8213992]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2011-12-13 56448]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 10:05]
.
2012-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-10 11:10]
.
2012-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-10 11:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-21 323584]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2011-04-14 467120]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-04-30 7138816]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-05-28 12497552]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.mojedatovaschranka.cz/as/lo ... tatus=NCOO
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - d:\programy\MICROS~1\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stáhnout s IDM - d:\programy\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - d:\programy\Internet Download Manager\IEGetAll.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - d:\programy\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
FF - ProfilePath - c:\users\Jaroslav\AppData\Roaming\Mozilla\Firefox\Profiles\a112o68e.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/?utm_source=ch-toolbar&u ... paign=home
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.3&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-11-02 19:37; {800b5000-a755-47e1-992b-48a1c1357f07}; c:\users\Jaroslav\AppData\Roaming\Mozilla\Firefox\Profiles\a112o68e.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-IDMan - d:\programy\Internet Download Manager\IDMan.exe
Wow6432Node-HKCU-Run-ICQ - d:\programy\ICQ7.7\ICQ.exe
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{CDC95B92-E27C-4745-A8C5-64A52A78855D} - d:\programy\Internet Download Manager\IDMShellExt64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-egui - d:\programy\ESET\ESET Smart Security\egui.exe
AddRemove-7-Zip - d:\programy\7-Zip\Uninstall.exe
AddRemove-AU10_is1 - d:\programy\Innovative Solutions\Advanced Uninstaller PRO\unins000.exe
AddRemove-Drakensang_TRoT_is1 - d:\hry\Drakensang - The River of Time_new\unins000.exe
AddRemove-Game Booster_is1 - d:\programy\IObit\Game Booster 350 Beta\unins000.exe
AddRemove-HUAWEI DataCard Driver - d:\programy\HUAWEI Modem Driver\uninst.exe
AddRemove-Intel® Integrated Performance Primitives 1.1 - c:\windows\system32\UninstIPP.isu
AddRemove-Internet Download Manager - d:\programy\Internet Download Manager\Uninstall.exe
AddRemove-IrfanView - d:\programy\IrfanView\iv_uninstall.exe
AddRemove-IsoBuster_is1 - d:\programy\Smart Projects\IsoBuster\Uninst\unins000.exe
AddRemove-Mozilla Firefox 12.0 (x86 cs) - d:\programy\Mozilla Firefox\uninstall\helper.exe
AddRemove-Mzdy 2012_is1 - d:\programy\ZA office\Mzdy 2012\unins000.exe
AddRemove-O2CZ - d:\programy\O2\O2CZ\Uninstall.exe
AddRemove-PokerStars - d:\programy\PokerStars\PokerStarsUninstall.exe
AddRemove-Super Ovladač_is1 - d:\programy\Driver-Soft\SuperOvladac\unins000.exe
AddRemove-TeamViewer 7 - d:\programy\TeamViewer\Version7\uninstall.exe
AddRemove-{6767DFEE-8909-453A-B553-C7693912B2EB} - d:\programy\MF_ToolBox\Uninst.exe
AddRemove-Česká kuchařka - c:\windows\IsUn0405.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3976111897-1900076503-2752861854-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):5e,9b,90,61,27,7d,bc,da,e2,a3,37,18,f9,b5,b8,4c,ce,b0,c0,4e,a6,
37,23,5e,79,8c,b1,08,4d,3b,53,c9,6b,c8,16,6e,3f,09,f9,94,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3976111897-1900076503-2752861854-1001_Classes\Wow6432Node\CLSID\{e33f74a8-b774-4f6b-8557-6f3623053f59}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000010b
"Therad"=dword:0000001c
"MData"=hex(0):cb,64,79,2d,34,5d,bb,9c,cf,d8,c5,21,68,8c,79,f1,91,78,4f,74,f2,
7d,59,9f,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-12-09 08:35:16
ComboFix-quarantined-files.txt 2012-12-09 07:35
.
Před spuštěním: Volných bajtů: 52 003 557 376
Po spuštění: Volných bajtů: 51 584 524 288
.
- - End Of File - - CEA350BC751CE8618416295FEF8B149D

#2 Příspěvek od **Rudy** » 09 pro 2012 11:19

Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze odborníkům? Chcete si zbořit systém?
Zkuste obnovu systému k datu, kdy korektně fungoval.

Rejsek2 · #3 Příspěvek od **Rejsek2** » 10 pro 2012 09:15

Dobrý den,
tu obnovu systému jsem vyzkoušel hned 3. nebo 4.12 - nepomohlo to. Pořad byl vidět jen disk C: ze čtyř. Mezitím jsem si naklonoval disk a všechny pokusy provádím na tom naklonovaném disku. Důležité soukromé data jsou zachráněná a už nic mne nebrání před sformatováním disku a opětovné instalaci. Bohužel obnovu systému od výrobce z Recorvery disku se mne nedaří - pořad je to dokola a objednávat záchranný disk od ASUSu se mne nechce.

#4 Příspěvek od **Rudy** » 10 pro 2012 23:07

OK. V tom případě proveďte format a reinstal. Virový problém to není, půjde na 99% o chybu systému.

VIRY.CZ

Neviditelná Partition na rozděleném HDD - 4x (C,D,E,F)

Neviditelná Partition na rozděleném HDD - 4x (C,D,E,F)

Re: Neviditelná Partition na rozděleném HDD - 4x (C,D,E,F)

Re: Neviditelná Partition na rozděleném HDD - 4x (C,D,E,F)

Re: Neviditelná Partition na rozděleném HDD - 4x (C,D,E,F)