Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
koncovka lnk
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
koncovka lnk
zdravim,pritelkyne chtela nainstalovat "fotošop",ale nejak to pokonila a u vsech zastupcu je koncovka lnk a ja ted nevim jak to mam dat zpet.muzete mi prosim poradit?dekuji za kazdou radu.
Re: koncovka lnk
Zdravim 
Vsak zastupci jsou lnk, ale predpokladam, ze to tam nechcete videt
Start-Ovladaci panely - Moznosti slozky - karta Zobrazeni - Nezobrazovat zname typy pripon
Vsak zastupci jsou lnk, ale predpokladam, ze to tam nechcete videt Start-Ovladaci panely - Moznosti slozky - karta Zobrazeni - Nezobrazovat zname typy pripon"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: koncovka lnk
- plocha1 (600x337).jpg (190.53 KiB) Zobrazeno 2318 x
Re: koncovka lnk
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Spustte tradicne dvouklikem
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Pockejte na dokonceni PreScanu
- Zvolte moznost Prohledat (scan)
- Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
- Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: koncovka lnk
Shortcut Cleaner 1.2.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 04/19/2013 11:04:02 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\Toník\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\Toník\Desktop
0 bad shortcuts found.
Program finished at: 04/19/2013 11:04:07 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 04/19/2013 11:04:02 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\Toník\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\Toník\Desktop
0 bad shortcuts found.
Program finished at: 04/19/2013 11:04:07 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
Re: koncovka lnk
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Toník [Práva správce]
Mód : Kontrola -- Datum : 04/19/2013 23:08:21
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] ef53fe228d5101555f15a0cc90848713
[BSP] 69d5bcc677cd104e465a1380d5098d02 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 430658 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 882399232 | Size: 26080 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 935811072 | Size: 20001 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_04192013_02d2308.txt >>
RKreport[1]_S_04192013_02d2308.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Toník [Práva správce]
Mód : Kontrola -- Datum : 04/19/2013 23:08:21
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] ef53fe228d5101555f15a0cc90848713
[BSP] 69d5bcc677cd104e465a1380d5098d02 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 430658 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 882399232 | Size: 26080 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 935811072 | Size: 20001 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_04192013_02d2308.txt >>
RKreport[1]_S_04192013_02d2308.txt
Re: koncovka lnk
Spustte znovu RogueKiller
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
- Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: koncovka lnk
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Toník [Práva správce]
Mód : Odebrat -- Datum : 04/20/2013 11:19:32
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] ef53fe228d5101555f15a0cc90848713
[BSP] 69d5bcc677cd104e465a1380d5098d02 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 430658 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 882399232 | Size: 26080 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 935811072 | Size: 20001 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_04202013_02d1119.txt >>
RKreport[1]_S_04192013_02d2308.txt ; RKreport[2]_S_04202013_02d1118.txt ; RKreport[3]_D_04202013_02d1119.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Toník [Práva správce]
Mód : Odebrat -- Datum : 04/20/2013 11:19:32
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] ef53fe228d5101555f15a0cc90848713
[BSP] 69d5bcc677cd104e465a1380d5098d02 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 430658 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 882399232 | Size: 26080 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 935811072 | Size: 20001 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_04202013_02d1119.txt >>
RKreport[1]_S_04192013_02d2308.txt ; RKreport[2]_S_04202013_02d1118.txt ; RKreport[3]_D_04202013_02d1119.txt
Re: koncovka lnk
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Toník [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/20/2013 11:20:12
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[4]_H_04202013_02d1120.txt >>
RKreport[1]_S_04192013_02d2308.txt ; RKreport[2]_S_04202013_02d1118.txt ; RKreport[3]_D_04202013_02d1119.txt ; RKreport[4]_H_04202013_02d1120.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Toník [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/20/2013 11:20:12
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[4]_H_04202013_02d1120.txt >>
RKreport[1]_S_04192013_02d2308.txt ; RKreport[2]_S_04202013_02d1118.txt ; RKreport[3]_D_04202013_02d1119.txt ; RKreport[4]_H_04202013_02d1120.txt
Re: koncovka lnk
Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)
- Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
- Spustte a kliknete na Deletion
- Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: koncovka lnk
############################## | UsbFix V 7.096 | [Deletion]
User: Toník (Administrator) # TONDA-LENOVO
Updated 15/08/2012 by El Desaparecido
Started at 22:35:07 | 20/04/2013
Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com
PC: LENOVO (20157) (x64-based PC) # Notebook
CPU: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz (2100)
RAM -> [Total : 3941 | Free : 2344]
BIOS: Phoenix BIOS SC-T v2.2
BOOT: Normal boot
OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: ESET Smart Security 5.2 [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Fixed drive # 421 Gb (139 Mb free - 33%) [Windows7_OS] # NTFS
D:\ -> Fixed drive # 25 Gb (4 Mb free - 17%) [LENOVO] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> Removable drive # 2 Gb (1 Mb free - 64%) [] # FAT32
J:\ -> CD-ROM
################## | Active Processes |
C:\Windows\system32\csrss.exe (680)
C:\Windows\system32\wininit.exe (772)
C:\Windows\system32\csrss.exe (796)
C:\Windows\system32\services.exe (836)
C:\Windows\system32\lsass.exe (852)
C:\Windows\system32\lsm.exe (868)
C:\Windows\system32\winlogon.exe (884)
C:\Windows\system32\svchost.exe (1020)
C:\Windows\system32\nvvsvc.exe (600)
C:\Windows\system32\svchost.exe (696)
C:\Windows\System32\svchost.exe (952)
C:\Windows\System32\svchost.exe (1032)
C:\Windows\system32\svchost.exe (1076)
C:\Windows\system32\svchost.exe (1116)
C:\Windows\system32\svchost.exe (1204)
C:\Windows\system32\svchost.exe (1316)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1464)
C:\Windows\system32\nvvsvc.exe (1476)
C:\Windows\system32\WLANExt.exe (1636)
C:\Windows\system32\conhost.exe (1644)
C:\Windows\System32\spoolsv.exe (1800)
C:\Windows\system32\svchost.exe (1844)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1392)
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1740)
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (1044)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (2064)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (2120)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (2144)
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (2172)
C:\Windows\SysWOW64\NLSSRV32.EXE (2220)
C:\Windows\SysWOW64\PnkBstrA.exe (2300)
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (2440)
C:\Windows\system32\svchost.exe (2460)
C:\Windows\System32\svchost.exe (2512)
C:\Program Files\Launch Manager\WisLMSvc.exe (2680)
C:\Windows\system32\taskhost.exe (2904)
C:\Windows\system32\Dwm.exe (2988)
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (2376)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (2436)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (2416)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2412)
C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (2404)
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (1508)
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (2860)
C:\Windows\system32\svchost.exe (3156)
C:\Windows\system32\svchost.exe (3456)
C:\Program Files\ESET\ESET Smart Security\egui.exe (3576)
C:\Windows\System32\igfxtray.exe (3756)
C:\Windows\System32\hkcmd.exe (3768)
C:\Windows\System32\igfxpers.exe (3836)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3900)
C:\Windows\system32\taskeng.exe (4004)
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (3300)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (3592)
C:\Windows\system32\SearchIndexer.exe (3668)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3512)
C:\Windows\system32\svchost.exe (4248)
C:\Windows\System32\svchost.exe (4432)
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (4456)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (4772)
C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (4788)
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (4804)
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (4892)
C:\Program Files\Launch Manager\HotkeyApp.exe (5024)
C:\Windows\system32\wbem\wmiprvse.exe (2576)
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (5592)
C:\Windows\system32\DllHost.exe (5752)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (996)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (2960)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4548)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (4404)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2340)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5152)
C:\Program Files (x86)\Origin\Origin.exe (1132)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (6988)
C:\Windows\servicing\TrustedInstaller.exe (6124)
C:\Windows\System32\svchost.exe (7724)
C:\Windows\Explorer.exe (7236)
C:\Windows\System32\WUDFHost.exe (5060)
C:\UsbFix\Go.exe (3032)
C:\Windows\system32\wbem\wmiprvse.exe (7728)
C:\Windows\system32\taskeng.exe (3924)
################## | Stopped processes |
Stopped! C:\Windows\system32\nvvsvc.exe (600)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1464)
Stopped! C:\Windows\system32\nvvsvc.exe (1476)
Stopped! C:\Windows\system32\WLANExt.exe (1636)
Stopped! C:\Windows\System32\spoolsv.exe (1800)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1392)
Stopped! C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1740)
Stopped! C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (1044)
Stopped! C:\Program Files\Intel\iCLS Client\HeciServer.exe (2064)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (2120)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (2144)
Stopped! C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (2172)
Stopped! C:\Windows\SysWOW64\NLSSRV32.EXE (2220)
Stopped! C:\Windows\SysWOW64\PnkBstrA.exe (2300)
Stopped! C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (2440)
Stopped! C:\Program Files\Launch Manager\WisLMSvc.exe (2680)
Stopped! C:\Windows\system32\taskhost.exe (2904)
Stopped! C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (2376)
Stopped! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (2436)
Stopped! C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (2416)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2412)
Stopped! C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (2404)
Stopped! C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (1508)
Stopped! C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (2860)
Stopped! C:\Program Files\ESET\ESET Smart Security\egui.exe (3576)
Stopped! C:\Windows\System32\igfxtray.exe (3756)
Stopped! C:\Windows\System32\hkcmd.exe (3768)
Stopped! C:\Windows\System32\igfxpers.exe (3836)
Stopped! C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3900)
Stopped! C:\Windows\system32\taskeng.exe (4004)
Stopped! C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (3300)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (3592)
Stopped! C:\Windows\system32\SearchIndexer.exe (3668)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (3512)
Stopped! C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (4456)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (4772)
Stopped! C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (4788)
Stopped! C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (4804)
Stopped! C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (4892)
Stopped! C:\Program Files\Launch Manager\HotkeyApp.exe (5024)
Stopped! C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (5592)
Stopped! C:\Windows\system32\DllHost.exe (5752)
Stopped! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (996)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (2960)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4548)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (4404)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2340)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5152)
Stopped! C:\Program Files (x86)\Origin\Origin.exe (1132)
Stopped! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (6988)
Stopped! C:\Windows\System32\WUDFHost.exe (5060)
Stopped! C:\Windows\system32\taskeng.exe (3924)
Stopped! C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (7604)
Stopped! C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (6360)
Stopped! C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (6156)
Stopped! c:\program files\windows defender\MpCmdRun.exe (7868)
################## | Files # Infected Folders |
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-1001
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-1005
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-1001
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-1005
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-500
(!) Temporary files deleted.
################## | Registry |
Deleted ! HKCU\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[20/04/2013 - 22:50:18 | SHD ] C:\$RECYCLE.BIN
[16/10/2012 - 19:55:52 | D ] C:\2012_10_16_STARY_NTB
[24/02/2011 - 19:03:40 | D ] C:\Boot
[21/11/2010 - 05:23:51 | RASH | 383786] C:\bootmgr
[24/02/2011 - 19:03:41 | N | 8192] C:\BOOTSECT.BAK
[18/04/2013 - 23:02:04 | N | 22641] C:\ComboFix.txt
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[20/04/2013 - 22:18:00 | N | 1735366] C:\FaceProv.log
[20/04/2013 - 11:13:48 | ASH | 3099652096] C:\hiberfil.sys
[16/10/2012 - 19:21:38 | D ] C:\IDE
[29/01/2013 - 07:56:27 | N | 5310] C:\IFRToolLog.txt
[04/08/2012 - 02:09:49 | D ] C:\Intel
[04/08/2012 - 04:28:25 | N | 28] C:\IPGPLDOK.TXT
[16/01/2013 - 23:48:16 | D ] C:\ldiag
[18/10/2012 - 00:25:30 | N | 4] C:\lpview.dxt
[16/10/2012 - 19:20:33 | RD ] C:\MSOCache
[22/12/2012 - 16:36:30 | D ] C:\NVIDIA
[20/04/2013 - 11:13:50 | ASH | 4132872192] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[17/04/2013 - 23:04:47 | D ] C:\Program Files
[19/04/2013 - 10:24:43 | D ] C:\Program Files (x86)
[19/04/2013 - 10:24:56 | D ] C:\ProgramData
[18/04/2013 - 23:02:08 | D ] C:\Qoobox
[16/10/2012 - 16:12:15 | D ] C:\Recovery
[18/04/2013 - 00:42:11 | D ] C:\rsit
[19/04/2013 - 23:04:07 | N | 1796] C:\sc-cleaner.txt
[16/10/2012 - 18:34:17 | D ] C:\SWTOOLS
[04/08/2012 - 02:39:02 | D ] C:\SysPart
[19/04/2013 - 19:03:41 | SHD ] C:\System Volume Information
[26/12/2012 - 19:40:25 | D ] C:\Temp
[16/10/2012 - 19:35:01 | D ] C:\totalcmd
[20/04/2013 - 22:50:19 | D ] C:\UsbFix
[20/04/2013 - 22:37:30 | A | 11936] C:\UsbFix.txt
[04/08/2012 - 02:32:16 | D ] C:\UserGuidePDF
[07/12/2012 - 15:44:12 | D ] C:\Users
[20/04/2013 - 02:22:15 | D ] C:\Windows
[20/04/2013 - 22:50:19 | D ] D:\$RECYCLE.BIN
[04/08/2012 - 02:36:42 | D ] D:\Application
[04/08/2012 - 02:39:40 | D ] D:\drivers
[13/01/2013 - 01:24:10 | D ] D:\Games
[04/08/2012 - 04:28:25 | N | 28] D:\IPGPLDOK.TXT
[17/10/2012 - 11:59:25 | D ] D:\Lenovo
[04/08/2012 - 01:59:43 | SHD ] D:\System Volume Information
[16/11/2011 - 12:02:39 | D ] G:\Crack
[16/11/2011 - 12:03:46 | D ] G:\Game
[18/12/2011 - 16:10:24 | N | 12] I:\HDINFO.CFG
[29/11/2011 - 10:51:52 | N | 734255104] I:\A-zase-jedna-Popelka-CZ-URBI.avi
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | Upload |
Please send the file: C:\UsbFix_Upload_Me_TONDA-LENOVO.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.
################## | E.O.F |
User: Toník (Administrator) # TONDA-LENOVO
Updated 15/08/2012 by El Desaparecido
Started at 22:35:07 | 20/04/2013
Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com
PC: LENOVO (20157) (x64-based PC) # Notebook
CPU: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz (2100)
RAM -> [Total : 3941 | Free : 2344]
BIOS: Phoenix BIOS SC-T v2.2
BOOT: Normal boot
OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: ESET Smart Security 5.2 [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Fixed drive # 421 Gb (139 Mb free - 33%) [Windows7_OS] # NTFS
D:\ -> Fixed drive # 25 Gb (4 Mb free - 17%) [LENOVO] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> Removable drive # 2 Gb (1 Mb free - 64%) [] # FAT32
J:\ -> CD-ROM
################## | Active Processes |
C:\Windows\system32\csrss.exe (680)
C:\Windows\system32\wininit.exe (772)
C:\Windows\system32\csrss.exe (796)
C:\Windows\system32\services.exe (836)
C:\Windows\system32\lsass.exe (852)
C:\Windows\system32\lsm.exe (868)
C:\Windows\system32\winlogon.exe (884)
C:\Windows\system32\svchost.exe (1020)
C:\Windows\system32\nvvsvc.exe (600)
C:\Windows\system32\svchost.exe (696)
C:\Windows\System32\svchost.exe (952)
C:\Windows\System32\svchost.exe (1032)
C:\Windows\system32\svchost.exe (1076)
C:\Windows\system32\svchost.exe (1116)
C:\Windows\system32\svchost.exe (1204)
C:\Windows\system32\svchost.exe (1316)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1464)
C:\Windows\system32\nvvsvc.exe (1476)
C:\Windows\system32\WLANExt.exe (1636)
C:\Windows\system32\conhost.exe (1644)
C:\Windows\System32\spoolsv.exe (1800)
C:\Windows\system32\svchost.exe (1844)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1392)
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1740)
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (1044)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (2064)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (2120)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (2144)
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (2172)
C:\Windows\SysWOW64\NLSSRV32.EXE (2220)
C:\Windows\SysWOW64\PnkBstrA.exe (2300)
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (2440)
C:\Windows\system32\svchost.exe (2460)
C:\Windows\System32\svchost.exe (2512)
C:\Program Files\Launch Manager\WisLMSvc.exe (2680)
C:\Windows\system32\taskhost.exe (2904)
C:\Windows\system32\Dwm.exe (2988)
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (2376)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (2436)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (2416)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2412)
C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (2404)
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (1508)
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (2860)
C:\Windows\system32\svchost.exe (3156)
C:\Windows\system32\svchost.exe (3456)
C:\Program Files\ESET\ESET Smart Security\egui.exe (3576)
C:\Windows\System32\igfxtray.exe (3756)
C:\Windows\System32\hkcmd.exe (3768)
C:\Windows\System32\igfxpers.exe (3836)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3900)
C:\Windows\system32\taskeng.exe (4004)
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (3300)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (3592)
C:\Windows\system32\SearchIndexer.exe (3668)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3512)
C:\Windows\system32\svchost.exe (4248)
C:\Windows\System32\svchost.exe (4432)
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (4456)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (4772)
C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (4788)
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (4804)
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (4892)
C:\Program Files\Launch Manager\HotkeyApp.exe (5024)
C:\Windows\system32\wbem\wmiprvse.exe (2576)
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (5592)
C:\Windows\system32\DllHost.exe (5752)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (996)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (2960)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4548)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (4404)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2340)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5152)
C:\Program Files (x86)\Origin\Origin.exe (1132)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (6988)
C:\Windows\servicing\TrustedInstaller.exe (6124)
C:\Windows\System32\svchost.exe (7724)
C:\Windows\Explorer.exe (7236)
C:\Windows\System32\WUDFHost.exe (5060)
C:\UsbFix\Go.exe (3032)
C:\Windows\system32\wbem\wmiprvse.exe (7728)
C:\Windows\system32\taskeng.exe (3924)
################## | Stopped processes |
Stopped! C:\Windows\system32\nvvsvc.exe (600)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1464)
Stopped! C:\Windows\system32\nvvsvc.exe (1476)
Stopped! C:\Windows\system32\WLANExt.exe (1636)
Stopped! C:\Windows\System32\spoolsv.exe (1800)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1392)
Stopped! C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1740)
Stopped! C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (1044)
Stopped! C:\Program Files\Intel\iCLS Client\HeciServer.exe (2064)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (2120)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (2144)
Stopped! C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (2172)
Stopped! C:\Windows\SysWOW64\NLSSRV32.EXE (2220)
Stopped! C:\Windows\SysWOW64\PnkBstrA.exe (2300)
Stopped! C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (2440)
Stopped! C:\Program Files\Launch Manager\WisLMSvc.exe (2680)
Stopped! C:\Windows\system32\taskhost.exe (2904)
Stopped! C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (2376)
Stopped! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (2436)
Stopped! C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (2416)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2412)
Stopped! C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (2404)
Stopped! C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (1508)
Stopped! C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (2860)
Stopped! C:\Program Files\ESET\ESET Smart Security\egui.exe (3576)
Stopped! C:\Windows\System32\igfxtray.exe (3756)
Stopped! C:\Windows\System32\hkcmd.exe (3768)
Stopped! C:\Windows\System32\igfxpers.exe (3836)
Stopped! C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3900)
Stopped! C:\Windows\system32\taskeng.exe (4004)
Stopped! C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (3300)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (3592)
Stopped! C:\Windows\system32\SearchIndexer.exe (3668)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (3512)
Stopped! C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (4456)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (4772)
Stopped! C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (4788)
Stopped! C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (4804)
Stopped! C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (4892)
Stopped! C:\Program Files\Launch Manager\HotkeyApp.exe (5024)
Stopped! C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (5592)
Stopped! C:\Windows\system32\DllHost.exe (5752)
Stopped! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (996)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (2960)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4548)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (4404)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2340)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5152)
Stopped! C:\Program Files (x86)\Origin\Origin.exe (1132)
Stopped! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (6988)
Stopped! C:\Windows\System32\WUDFHost.exe (5060)
Stopped! C:\Windows\system32\taskeng.exe (3924)
Stopped! C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (7604)
Stopped! C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (6360)
Stopped! C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (6156)
Stopped! c:\program files\windows defender\MpCmdRun.exe (7868)
################## | Files # Infected Folders |
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-1001
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-1005
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-1001
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-1005
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1116153933-4013720544-830532652-500
(!) Temporary files deleted.
################## | Registry |
Deleted ! HKCU\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[20/04/2013 - 22:50:18 | SHD ] C:\$RECYCLE.BIN
[16/10/2012 - 19:55:52 | D ] C:\2012_10_16_STARY_NTB
[24/02/2011 - 19:03:40 | D ] C:\Boot
[21/11/2010 - 05:23:51 | RASH | 383786] C:\bootmgr
[24/02/2011 - 19:03:41 | N | 8192] C:\BOOTSECT.BAK
[18/04/2013 - 23:02:04 | N | 22641] C:\ComboFix.txt
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[20/04/2013 - 22:18:00 | N | 1735366] C:\FaceProv.log
[20/04/2013 - 11:13:48 | ASH | 3099652096] C:\hiberfil.sys
[16/10/2012 - 19:21:38 | D ] C:\IDE
[29/01/2013 - 07:56:27 | N | 5310] C:\IFRToolLog.txt
[04/08/2012 - 02:09:49 | D ] C:\Intel
[04/08/2012 - 04:28:25 | N | 28] C:\IPGPLDOK.TXT
[16/01/2013 - 23:48:16 | D ] C:\ldiag
[18/10/2012 - 00:25:30 | N | 4] C:\lpview.dxt
[16/10/2012 - 19:20:33 | RD ] C:\MSOCache
[22/12/2012 - 16:36:30 | D ] C:\NVIDIA
[20/04/2013 - 11:13:50 | ASH | 4132872192] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[17/04/2013 - 23:04:47 | D ] C:\Program Files
[19/04/2013 - 10:24:43 | D ] C:\Program Files (x86)
[19/04/2013 - 10:24:56 | D ] C:\ProgramData
[18/04/2013 - 23:02:08 | D ] C:\Qoobox
[16/10/2012 - 16:12:15 | D ] C:\Recovery
[18/04/2013 - 00:42:11 | D ] C:\rsit
[19/04/2013 - 23:04:07 | N | 1796] C:\sc-cleaner.txt
[16/10/2012 - 18:34:17 | D ] C:\SWTOOLS
[04/08/2012 - 02:39:02 | D ] C:\SysPart
[19/04/2013 - 19:03:41 | SHD ] C:\System Volume Information
[26/12/2012 - 19:40:25 | D ] C:\Temp
[16/10/2012 - 19:35:01 | D ] C:\totalcmd
[20/04/2013 - 22:50:19 | D ] C:\UsbFix
[20/04/2013 - 22:37:30 | A | 11936] C:\UsbFix.txt
[04/08/2012 - 02:32:16 | D ] C:\UserGuidePDF
[07/12/2012 - 15:44:12 | D ] C:\Users
[20/04/2013 - 02:22:15 | D ] C:\Windows
[20/04/2013 - 22:50:19 | D ] D:\$RECYCLE.BIN
[04/08/2012 - 02:36:42 | D ] D:\Application
[04/08/2012 - 02:39:40 | D ] D:\drivers
[13/01/2013 - 01:24:10 | D ] D:\Games
[04/08/2012 - 04:28:25 | N | 28] D:\IPGPLDOK.TXT
[17/10/2012 - 11:59:25 | D ] D:\Lenovo
[04/08/2012 - 01:59:43 | SHD ] D:\System Volume Information
[16/11/2011 - 12:02:39 | D ] G:\Crack
[16/11/2011 - 12:03:46 | D ] G:\Game
[18/12/2011 - 16:10:24 | N | 12] I:\HDINFO.CFG
[29/11/2011 - 10:51:52 | N | 734255104] I:\A-zase-jedna-Popelka-CZ-URBI.avi
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | Upload |
Please send the file: C:\UsbFix_Upload_Me_TONDA-LENOVO.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.
################## | E.O.F |
Re: koncovka lnk
Stahnete Deckard's Association File Tool http://vyosek.ic.cz/BE/daft.exe
- Ulozte nejlepe na plochu a spustte
- Klikne na Scan, probehne hledani
- Nasledne kliknete na Save Log, ulozte log daft.txt a dejte jej sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: koncovka lnk
DAFT Log saved on 2013-04-22 00:29:42
-----------------------------------------------------------------------
.chm - chm.file - shell\open\command - "%SystemRoot%\hh.exe" %1
.hlp - hlpfile - shell\open\command - %SystemRoot%\winhlp32.exe %1
.reg - regfile - shell\edit\command - %SystemRoot%\system32\notepad.exe "%1"
.vbs - VBSFile - shell\edit\command - "%SystemRoot%\System32\Notepad.exe" %1
-----------------------------------------------------------------------
.chm - chm.file - shell\open\command - "%SystemRoot%\hh.exe" %1
.hlp - hlpfile - shell\open\command - %SystemRoot%\winhlp32.exe %1
.reg - regfile - shell\edit\command - %SystemRoot%\system32\notepad.exe "%1"
.vbs - VBSFile - shell\edit\command - "%SystemRoot%\System32\Notepad.exe" %1
Re: koncovka lnk
Problemy s lnk pretrvavaji?
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: koncovka lnk
bohuzel ano,pretrvavaji
Přispějete na provoz fóra?