VIRY.CZ

ok )

SystemLook 30.07.11 by jpshortstuff
Log created at 21:21 on 07/03/2012 by Spravca
Administrator - Elevation successful

========== filefind ==========

Searching for "*startsubst*.*"
C:\Qoobox\Quarantine\C\startsubst.bat.vir --a---- 26 bytes [11:34 25/08/2010] [11:35 25/08/2010] BD1EF871F1D1C7724F5840027B200CD6
C:\_OTM\MovedFiles\03072012_203307\c_documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Zástupce - startsubst.bat.lnk --a---- 728 bytes [11:35 25/08/2010] [19:10 07/03/2012] C33D851606FDCF656EB64317BF7C3DC1

-= EOF =-

Skript pro ComboFix, postup stejny jako minule

ComboFix 12-03-07.05 - Spravca . 03. 2012 21:38:36.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3454.2664 [GMT 1:00]
Running from: c:\documents and settings\Spravca\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Spravca\Plocha\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\_otm\MovedFiles\03072012_203307\c_documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Zástupce - startsubst.bat.lnk --> c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Zástupce - startsubst.bat.lnk
.
((((((((((((((((((((((((( Files Created from 2012-02-07 to 2012-03-07 )))))))))))))))))))))))))))))))
.
.
2012-03-07 20:38 . 2012-03-07 20:38 26 ----a-w- C:\startsubst.bat
2012-03-07 19:33 . 2012-03-07 19:33 -------- d-----w- C:\_OTM
2012-03-07 16:20 . 2012-03-07 16:20 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-07 12:02 . 2012-03-07 12:03 -------- d-----w- c:\program files\trend micro
2012-03-07 12:02 . 2012-03-07 12:03 -------- d-----w- C:\rsit
2012-03-06 06:45 . 2012-02-08 06:03 6552120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{431EC2D0-1600-47A0-AD9C-F7041EAF11A9}\mpengine.dll
2012-03-03 07:11 . 2012-03-03 07:12 -------- d-----w- C:\FONTY
2012-02-17 13:05 . 2012-02-17 13:05 -------- d-----w- c:\program files\Common Files\NSV
2012-02-16 06:24 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 06:24 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2011-04-16 09:11 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-08 06:03 . 2011-04-16 09:11 6552120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-01-12 17:20 . 2007-10-29 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-30 14:25 . 2011-01-06 08:00 63962 ----a-w- C:\badaboom_bb.zip
2011-12-25 12:47 . 2011-12-25 12:20 294168 ----a-w- c:\windows\system32\tcpip.dat
2011-12-17 19:42 . 2007-10-29 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2007-10-29 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2007-10-29 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2007-10-29 12:00 385024 ------w- c:\windows\system32\html.iec
2011-12-15 20:11 . 2011-12-15 20:11 65324 ----a-w- C:\beeline_alphagarden.zip
2010-01-26 09:11 . 2012-01-02 07:23 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Zástupce - startsubst.bat.lnk - c:\qoobox\Quarantine\C\startsubst.bat.vir [2010-8-25 26]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPLJ Config]
2003-03-31 16:32 28672 ----a-w- c:\program files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipConnect]
2011-08-25 12:22 13890872 ----a-w- c:\program files\VoipConnect.com\VoipConnect\voipconnect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\JustVoip.com\\JustVoip\\JustVoip.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"=
"c:\\Program Files\\CheapVoip.com\\CheapVoip\\CheapVoip.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\VoipConnect.com\\VoipConnect\\VoipConnect.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6271:TCP"= 6271:TCP:Services
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21. 12. 2010 14:04 115008]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 19:41 67656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12. 1. 2011 15:41 810144]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27. 1. 2010 3:09 50704]
R2 Opaplpt;Oki Application Parallel Device;c:\windows\system32\drivers\opaplpt.sys [26. 2. 2010 18:22 36896]
R2 PrintSuperVision Engine;PrintSuperVision Engine;c:\program files\PrintSuperVision\www\bin\PSVEngine.exe [29. 7. 2009 18:18 40960]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3. 11. 2006 18:19 13592]
S1 NmPar;MosChip Unusable Parallel Port;c:\windows\system32\drivers\NmPar.sys [5. 5. 2008 6:15 76416]
S1 nmserial;MosChip PCI Serial Port;c:\windows\system32\drivers\NmSerial.sys [5. 5. 2008 6:15 60032]
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.sk/
TCP: DhcpNameServer = 195.146.132.58 195.146.128.62
TCP: Interfaces\{12FF6E78-8E1E-4747-BE36-43FD7E271FAA}: NameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-07 21:46
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(828)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3412)
c:\windows\system32\webcheck.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\wdfmgr.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Completion time: 2012-03-07 21:49:53 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-07 20:49
ComboFix2.txt 2012-03-07 19:13
ComboFix3.txt 2012-03-07 17:46
C:\DeQuarantine.txt
.
Pre-Run: Volných bajtů: 174 934 831 104
Post-Run: Volných bajtů: 174 917 656 576
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 4F9B85515232555A697E79FE492BF99C

Jeden se nam neobnovil kam mel, takze jeste jeden skript

ComboFix 12-03-07.05 - Spravca . 03. 2012 22:12:30.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3454.2733 [GMT 1:00]
Running from: c:\documents and settings\Spravca\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Spravca\Plocha\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\qoobox\Quarantine\C\startsubst.bat.vir --> c:\startsubst.bat
.
((((((((((((((((((((((((( Files Created from 2012-02-07 to 2012-03-07 )))))))))))))))))))))))))))))))
.
.
2012-03-07 20:38 . 2012-03-07 20:38 26 ----a-w- C:\startsubst.bat
2012-03-07 19:33 . 2012-03-07 19:33 -------- d-----w- C:\_OTM
2012-03-07 16:20 . 2012-03-07 16:20 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-07 12:02 . 2012-03-07 12:03 -------- d-----w- c:\program files\trend micro
2012-03-07 12:02 . 2012-03-07 12:03 -------- d-----w- C:\rsit
2012-03-06 06:45 . 2012-02-08 06:03 6552120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{431EC2D0-1600-47A0-AD9C-F7041EAF11A9}\mpengine.dll
2012-03-03 07:11 . 2012-03-03 07:12 -------- d-----w- C:\FONTY
2012-02-17 13:05 . 2012-02-17 13:05 -------- d-----w- c:\program files\Common Files\NSV
2012-02-16 06:24 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 06:24 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2011-04-16 09:11 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-08 06:03 . 2011-04-16 09:11 6552120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-01-12 17:20 . 2007-10-29 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-30 14:25 . 2011-01-06 08:00 63962 ----a-w- C:\badaboom_bb.zip
2011-12-25 12:47 . 2011-12-25 12:20 294168 ----a-w- c:\windows\system32\tcpip.dat
2011-12-17 19:42 . 2007-10-29 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2007-10-29 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2007-10-29 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2007-10-29 12:00 385024 ------w- c:\windows\system32\html.iec
2011-12-15 20:11 . 2011-12-15 20:11 65324 ----a-w- C:\beeline_alphagarden.zip
2010-01-26 09:11 . 2012-01-02 07:23 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Zástupce - startsubst.bat.lnk - c:\qoobox\Quarantine\C\startsubst.bat.vir [2012-3-7 26]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPLJ Config]
2003-03-31 16:32 28672 ----a-w- c:\program files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipConnect]
2011-08-25 12:22 13890872 ----a-w- c:\program files\VoipConnect.com\VoipConnect\voipconnect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\JustVoip.com\\JustVoip\\JustVoip.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"=
"c:\\Program Files\\CheapVoip.com\\CheapVoip\\CheapVoip.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\VoipConnect.com\\VoipConnect\\VoipConnect.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21. 12. 2010 14:04 115008]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 19:41 67656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12. 1. 2011 15:41 810144]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27. 1. 2010 3:09 50704]
R2 Opaplpt;Oki Application Parallel Device;c:\windows\system32\drivers\opaplpt.sys [26. 2. 2010 18:22 36896]
R2 PrintSuperVision Engine;PrintSuperVision Engine;c:\program files\PrintSuperVision\www\bin\PSVEngine.exe [29. 7. 2009 18:18 40960]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3. 11. 2006 18:19 13592]
S1 NmPar;MosChip Unusable Parallel Port;c:\windows\system32\drivers\NmPar.sys [5. 5. 2008 6:15 76416]
S1 nmserial;MosChip PCI Serial Port;c:\windows\system32\drivers\NmSerial.sys [5. 5. 2008 6:15 60032]
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.sk/
TCP: DhcpNameServer = 195.146.132.58 195.146.128.62
TCP: Interfaces\{12FF6E78-8E1E-4747-BE36-43FD7E271FAA}: NameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-07 22:20
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(828)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3232)
c:\windows\system32\webcheck.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\wdfmgr.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Completion time: 2012-03-07 22:24:18 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-07 21:24
ComboFix2.txt 2012-03-07 20:49
ComboFix3.txt 2012-03-07 19:13
ComboFix4.txt 2012-03-07 17:46
.
Pre-Run: Volných bajtů: 174 919 159 808
Post-Run: Volných bajtů: 174 900 760 576
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 9804B4E2A6ACF2FCAD44FA7DB0402506

Sjuper, disk X uz je videt?

disk X: neexistuje

Zkuste spustit ten batak co je primo na disku c:\ zda-li se nacte

woow , uz to ide !


diiiik moc

Fajn, kdyz ale restartujete PC, nabehne pak taky

hned nenastartuje, musim spustit .bat z C:

Tak to zkusime osefovat

Otevrete si poznamkovy blok

• Start->spustit->notepad
• Vlozte text nize

• Kód: Vybrat vše

  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "disk X"="C:\startsubst.bat"

• Soubor ulozte jako oprava.reg
• Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
• 
• Zavrit notepad a spustit dvojklikem oprava.reg
• Pripadny dotaz na zmenu registru potvrdte
• Okno jen problikne a opravi regsitry - soubor muzete smazat

Restart PC a napiste zda-li nabiha sam

vypisuje chybu :
zadany sobour neni skript registru.
z editoru lze importovat pouze binarni soubory...

Ja blb, chybi mi hlavicka...

Tohle je regulerni obsah

to X: sa nesputilo ani po oprave.

ten starsubst.bat ma odkaz na zastupcu starsubst.bat.vir /je ulozeny v QUOOBOX-QUARAN-../ a tento sa spusta po starte, ale neotvori lebo .vir nepozna subor na spustenie. nemal by som ho vymazat ?