Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zástupci namísto složek

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Zástupci namísto složek

#1 Příspěvek od Lakso »

Dobrý den,
mám menší problém na externím disku a flashce. Dříve jsem tam měl klasické soubory a teď se místo těch souborů udělaly zástupci se stejným jménem, po dvojkliku na zástupce naskočí okno s tou složkou. Když si vytvořím na disku novou složku a překopíruji si tam ty soubory, tak je vše v pořádku dokud se disk neodpojí a nepřipojí se znova - vytvoří se další zástupce na nově vytvořenou složku. Flashku jsem zkoušel formátovat, ale stále se to opakuje, zkoušel jsem i přeinstalovat systém a to stejné - proto nevkládám log. Děkuji

edit:/ exterňák dělá to stejné, jen jsem ho ještě nezkoušel formátovat - plnej 1tb disk je těžké nechat formátovat :(
e2:/ složky tam normálně jsou avšak zakryté systémem odkrýt (vlastnosti a odškrtnutí) mi nejde
Naposledy upravil(a) Lakso dne 14 led 2012 20:00, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zástupci namísto složek

#2 Příspěvek od vyosek »

Zdravim a pekny vecer preji :)

:arrow: Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#3 Příspěvek od Lakso »

############################## | UsbFix 7.059 | [Deletion]

User: Nyen (Administrator) # NYEN-ECE80A648E [ ]
Updated 16/09/2011 by El Desaparecido
Started at 20:10:57 | 14/01/2012
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: Intel(R) Pentium(R) 4 CPU 3.20GHz
CPU 2: Intel(R) Pentium(R) 4 CPU 3.20GHz
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512

Windows Firewall: Enabled
RAM -> 639 Mb
C:\ (%systemdrive%) -> Fixed drive # 112 Gb (2 Mb free - 2%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 932 Gb (317 Mb free - 34%) [SAMSUNG] # NTFS
F:\ -> Removable drive # 15 Gb (85 Mb free - 1%) [KINGSTON] # FAT32
G:\ -> Removable drive # 469 Mb (385 Mb free - 82%) [] # FAT

################## | Files # Infected Folders |

Deleted ! E:\100OLYMP.lnk
Deleted ! E:\19 - adele.lnk
Deleted ! E:\21 - Adele.lnk
Deleted ! E:\530bf25998eeab16cc2d53b5.lnk
Deleted ! E:\Adele - 19.lnk
Deleted ! E:\Adele - 21.lnk
Deleted ! E:\autocad 2010.lnk
Deleted ! E:\Autodesk Inventor Suite 2011.lnk
Deleted ! E:\cad.lnk
Deleted ! E:\chemie.lnk
Deleted ! E:\chrome downloads.lnk
Deleted ! E:\Corel _12_CZ+Key.lnk
Deleted ! E:\delphi.lnk
Deleted ! E:\dkas.lnk
Deleted ! E:\Documents.lnk
Deleted ! E:\dona rockforpeople.lnk
Deleted ! E:\Downloads.lnk
Deleted ! E:\dudes.lnk
Deleted ! E:\dukazy bible.lnk
Deleted ! E:\early spring.lnk
Deleted ! E:\ex.lnk
Deleted ! E:\F1.lnk
Deleted ! E:\faling skies.lnk
Deleted ! E:\falling skies.lnk
Deleted ! E:\filmy.lnk
Deleted ! E:\flash.lnk
Deleted ! E:\fotky hory.lnk
Deleted ! E:\fotky obrazky.lnk
Deleted ! E:\FS serial.lnk
Deleted ! E:\GAYGAYGAYGAYGAYGAY.lnk
Deleted ! E:\hayjoe.lnk
Deleted ! E:\HeyJoe.lnk
Deleted ! E:\hory.lnk
Deleted ! E:\Hudba.lnk
Deleted ! E:\inventor cad.lnk
Deleted ! E:\koncerty paramore.lnk
Deleted ! E:\Lyžák.lnk
Deleted ! E:\materialy chemie.lnk
Deleted ! E:\mc office.lnk
Deleted ! E:\mcoffice.lnk
Deleted ! E:\metr nom.lnk
Deleted ! E:\metronom.lnk
Deleted ! E:\MK4.lnk
Deleted ! E:\MK5.lnk
Deleted ! E:\mobil drivery.lnk
Deleted ! E:\mobil.lnk
Deleted ! E:\movies.lnk
Deleted ! E:\moviies.lnk
Deleted ! E:\Mr Nobody 2009 Extended 720p BluRay x264-CiNEFiLE.lnk
Deleted ! E:\muc.lnk
Deleted ! E:\music.lnk
Deleted ! E:\musiic.lnk
Deleted ! E:\Nová složka (2).lnk
Deleted ! E:\Nová složka.lnk
Deleted ! E:\obr.lnk
Deleted ! E:\obrazky fotky.lnk
Deleted ! E:\office.lnk
Deleted ! E:\paramore concerts.lnk
Deleted ! E:\Paramore live concert.lnk
Deleted ! E:\Paramore Live in Argentina 2011.lnk
Deleted ! E:\Paramore.The.Final.Riot..DD5.1.lnk
Deleted ! E:\phone.lnk
Deleted ! E:\poslane.lnk
Deleted ! E:\prodlouzena (Tom).lnk
Deleted ! E:\prodlouzena[TOM].lnk
Deleted ! E:\programovani delphi.lnk
Deleted ! E:\QIP 2010 PafoPack.lnk
Deleted ! E:\qip.lnk
Deleted ! E:\qipik.lnk
Deleted ! E:\RcvdFiles.lnk
Deleted ! E:\rfp dona.lnk
Deleted ! E:\rfp od dony.lnk
Deleted ! E:\Riot Games.lnk
Deleted ! E:\SamsungSoftware.lnk
Deleted ! E:\SecretZone.lnk
Deleted ! E:\serialky.lnk
Deleted ! E:\serialy.lnk
Deleted ! E:\skola.lnk
Deleted ! E:\skripta.lnk
Deleted ! E:\spring betas.lnk
Deleted ! E:\Star.Wars.Episode-I.The.Phantom.Menace.1999.BluRay.720p.x264.DTS-ES-HDChina.lnk
Deleted ! E:\Star.Wars.Episode-II.Attack.of.the.Clones.2002.BluRay.720p.x264.DTS-ES-HDChina.lnk
Deleted ! E:\System Volume Information.lnk
Deleted ! E:\tes.lnk
Deleted ! E:\thor.lnk
Deleted ! E:\tomas.lnk
Deleted ! E:\z flashky.lnk
Deleted ! E:\zaloha.lnk
Deleted ! E:\záloha pc.lnk
Deleted ! F:\chang.lnk
Deleted ! F:\mk5.lnk
Deleted ! F:\drivery.lnk
Deleted ! F:\muc.lnk
Deleted ! F:\2006 - Skillet - Comatose.lnk
Deleted ! F:\2009 Awake.lnk
Deleted ! F:\hor.lnk
Deleted ! F:\Paramore - All We Know is Falling.lnk
Deleted ! F:\Paramore - MTV Unplugged.lnk
Deleted ! F:\Paramore - Riot.lnk
Deleted ! F:\Paramore - The Final Riot!.lnk
Deleted ! F:\Paramore Brand New Eyes.lnk
Deleted ! F:\Od Nelči.lnk
Deleted ! F:\Od Zuzky.lnk
Deleted ! F:\Pendulum - Hold Your Colour.lnk
Deleted ! F:\Pendulum - Immersion.lnk
Deleted ! F:\Pendulum - In Silico.lnk
Deleted ! F:\Serj Tankian - Elect The Dead (2007).lnk
Deleted ! F:\System of a Down.lnk
Deleted ! F:\poslane.lnk
Deleted ! F:\prodlouzena tom.lnk
Deleted ! F:\d5as.lnk
Deleted ! F:\skripta.lnk
Deleted ! F:\Adaptační kurz TLA1, září 2009.lnk
Deleted ! F:\bredlyho prodlouzena.lnk
Deleted ! F:\hory010.lnk
Deleted ! F:\MP Navigator EX.lnk
Deleted ! F:\Obrázky.lnk
Deleted ! F:\novy.lnk
Deleted ! G:\DCIM.lnk
Deleted ! G:\MP3.lnk
Deleted ! G:\MSSEMC.lnk
Deleted ! E:\Recycler\0xA25D5DBD.exe
Deleted ! F:\Recycler\0xA25D5DBD.exe
Deleted ! G:\Recycler\0xA25D5DBD.exe
Deleted ! E:\Recycler\S-1-5-21-1202660629-1078145449-1606980848-1004
Deleted ! E:\Recycler\S-1-5-21-1482476501-1326574676-1177238915-1004
Deleted ! E:\Recycler\S-1-5-21-1482476501-1326574676-1177238915-1005
Deleted ! E:\Recycler\S-1-5-21-1547161642-1482476501-725345543-1003
Deleted ! E:\Recycler\S-1-5-21-1708537768-1580818891-1606980848-1006
Deleted ! E:\Recycler\S-1-5-21-329068152-1482476501-1177238915-1004
Deleted ! E:\Recycler\S-1-5-21-343818398-287218729-1644491937-1004
Deleted ! E:\F1

(!) Temporary files deleted.


################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[14/01/2012 - 12:49:17 | N | 0] C:\AUTOEXEC.BAT
[14/01/2012 - 12:42:58 | N | 211] C:\boot.ini
[14/04/2008 - 13:00:00 | N | 4952] C:\Bootfont.bin
[14/01/2012 - 12:49:17 | N | 0] C:\CONFIG.SYS
[14/01/2012 - 12:54:01 | D ] C:\Documents and Settings
[14/01/2012 - 18:40:25 | ASH | 670617600] C:\hiberfil.sys
[14/01/2012 - 12:49:17 | N | 0] C:\IO.SYS
[14/01/2012 - 13:40:41 | D ] C:\League of Legends
[14/01/2012 - 12:49:17 | N | 0] C:\MSDOS.SYS
[14/04/2008 - 13:00:00 | N | 47564] C:\NTDETECT.COM
[14/04/2008 - 13:00:00 | N | 250576] C:\ntldr
[14/01/2012 - 18:40:25 | ASH | 1006632960] C:\pagefile.sys
[14/01/2012 - 13:52:06 | D ] C:\Program Files
[14/01/2012 - 20:12:22 | SHD ] C:\RECYCLER
[14/01/2012 - 12:53:07 | SHD ] C:\System Volume Information
[14/01/2012 - 18:39:13 | ASH | 204800] C:\Thumbs.db
[14/01/2012 - 18:48:55 | D ] C:\totalcmd
[14/01/2012 - 20:12:22 | D ] C:\UsbFix
[14/01/2012 - 20:12:23 | A | 5389] C:\UsbFix.txt
[14/01/2012 - 18:48:46 | D ] C:\WINDOWS
[14/01/2012 - 11:04:24 | D ] E:\100OLYMP
[14/01/2012 - 11:06:24 | D ] E:\19 - adele
[14/01/2012 - 11:07:16 | D ] E:\21 - Adele
[14/01/2012 - 11:05:12 | D ] E:\530bf25998eeab16cc2d53b5
[14/01/2012 - 11:06:24 | D ] E:\Adele - 19
[14/01/2012 - 11:07:24 | D ] E:\Adele - 21
[14/01/2012 - 11:16:15 | D ] E:\autocad 2010
[14/01/2012 - 11:15:21 | D ] E:\Autodesk Inventor Suite 2011
[13/01/2012 - 14:49:52 | D ] E:\cad
[14/01/2012 - 11:20:51 | D ] E:\chemie
[14/01/2012 - 11:14:58 | D ] E:\chrome downloads
[14/01/2012 - 14:03:35 | D ] E:\Corel _12_CZ+Key
[14/01/2012 - 14:06:27 | D ] E:\delphi
[14/01/2012 - 14:12:48 | D ] E:\dkas
[13/01/2012 - 21:49:20 | D ] E:\Documents
[13/01/2012 - 21:49:41 | D ] E:\dona rockforpeople
[14/01/2012 - 11:14:56 | D ] E:\Downloads
[14/01/2012 - 11:16:57 | D ] E:\dudes
[14/01/2012 - 14:13:39 | D ] E:\dukazy bible
[14/01/2012 - 11:17:41 | D ] E:\early spring
[14/01/2012 - 14:57:51 | D ] E:\ex
[14/01/2012 - 11:19:37 | D ] E:\faling skies
[13/01/2012 - 21:50:18 | D ] E:\falling skies
[13/01/2012 - 21:51:36 | D ] E:\filmy
[14/01/2012 - 11:20:07 | D ] E:\flash
[14/01/2012 - 11:20:28 | D ] E:\fotky hory
[14/01/2012 - 17:42:25 | D ] E:\fotky obrazky
[14/01/2012 - 15:08:29 | D ] E:\FS serial
[13/01/2012 - 21:51:56 | D ] E:\GAYGAYGAYGAYGAYGAY
[14/01/2012 - 11:14:12 | D ] E:\hayjoe
[14/01/2012 - 11:14:12 | D ] E:\HeyJoe
[14/01/2012 - 11:20:28 | D ] E:\hory
[13/01/2012 - 21:52:27 | D ] E:\Hudba
[14/01/2012 - 11:16:16 | D ] E:\inventor cad
[14/01/2012 - 13:48:47 | D ] E:\koncerty paramore
[13/01/2012 - 21:52:55 | D ] E:\Lyžák
[14/01/2012 - 11:20:51 | D ] E:\materialy chemie
[14/01/2012 - 13:47:30 | D ] E:\mc office
[14/01/2012 - 11:22:00 | D ] E:\mcoffice
[14/01/2012 - 11:22:17 | D ] E:\metr nom
[14/01/2012 - 11:22:17 | D ] E:\metronom
[13/01/2012 - 22:40:55 | D ] E:\MK4
[14/01/2012 - 11:06:49 | D ] E:\MK5
[14/01/2012 - 11:22:37 | D ] E:\mobil
[14/01/2012 - 11:22:37 | D ] E:\mobil drivery
[14/01/2012 - 11:23:04 | D ] E:\movies
[14/01/2012 - 16:09:43 | D ] E:\moviies
[13/01/2012 - 21:53:18 | D ] E:\Mr Nobody 2009 Extended 720p BluRay x264-CiNEFiLE
[14/01/2012 - 11:06:50 | D ] E:\muc
[14/01/2012 - 11:10:36 | D ] E:\music
[14/01/2012 - 15:42:56 | D ] E:\musiic
[14/01/2012 - 18:51:52 | D ] E:\novy
[13/01/2012 - 21:53:31 | D ] E:\Nová složka
[14/01/2012 - 11:18:52 | D ] E:\Nová složka (2)
[13/01/2012 - 21:53:54 | D ] E:\obr
[14/01/2012 - 11:23:33 | D ] E:\obrazky fotky
[13/01/2012 - 21:54:40 | D ] E:\office
[14/01/2012 - 11:24:00 | D ] E:\paramore concerts
[13/01/2012 - 21:55:10 | D ] E:\Paramore live concert
[13/01/2012 - 21:55:28 | D ] E:\Paramore Live in Argentina 2011
[13/01/2012 - 21:55:40 | D ] E:\Paramore.The.Final.Riot..DD5.1
[13/01/2012 - 21:56:04 | D ] E:\phone
[14/01/2012 - 11:24:18 | D ] E:\poslane
[14/01/2012 - 15:57:11 | D ] E:\prodlouzena (Tom)
[14/01/2012 - 11:08:56 | D ] E:\prodlouzena[TOM]
[14/01/2012 - 15:57:27 | D ] E:\programovani delphi
[14/01/2012 - 11:09:58 | D ] E:\qip
[13/01/2012 - 21:56:50 | D ] E:\QIP 2010 PafoPack
[14/01/2012 - 11:09:58 | D ] E:\qipik
[14/01/2012 - 11:24:18 | D ] E:\RcvdFiles
[14/01/2012 - 20:12:22 | SHD ] E:\RECYCLER
[14/01/2012 - 11:24:33 | D ] E:\rfp dona
[14/01/2012 - 11:24:33 | D ] E:\rfp od dony
[14/01/2012 - 13:40:45 | D ] E:\Riot Games
[08/10/2010 - 08:57:08 | D ] E:\SamsungSoftware
[26/07/2011 - 17:27:17 | D ] E:\SecretZone
[14/01/2012 - 11:24:57 | D ] E:\serialky
[14/01/2012 - 11:24:57 | D ] E:\serialy
[14/01/2012 - 11:25:18 | D ] E:\skola
[14/01/2012 - 11:12:17 | D ] E:\skripta
[14/01/2012 - 11:17:59 | D ] E:\spring betas
[14/01/2012 - 11:25:39 | D ] E:\Star.Wars.Episode-I.The.Phantom.Menace.1999.BluRay.720p.x264.DTS-ES-HDChina
[14/01/2012 - 11:25:53 | D ] E:\Star.Wars.Episode-II.Attack.of.the.Clones.2002.BluRay.720p.x264.DTS-ES-HDChina
[14/09/2011 - 18:34:33 | SHD ] E:\System Volume Information
[14/01/2012 - 16:46:43 | D ] E:\tes
[14/01/2012 - 11:13:04 | D ] E:\thor
[14/01/2012 - 13:48:24 | ASH | 237346] E:\Thumbs.db
[14/01/2012 - 11:12:17 | D ] E:\tomas
[14/01/2012 - 16:48:52 | D ] E:\z flashky
[14/01/2012 - 16:52:20 | D ] E:\zaloha
[14/01/2012 - 11:11:39 | D ] E:\záloha pc
[05/10/2011 - 16:13:02 | N | 949810] F:\otazky-J.pdf
[07/07/2011 - 17:29:52 | N | 86289] F:\Limitless.srt
[13/01/2012 - 23:15:26 | N | 243284] F:\atto_241.zip
[05/01/2012 - 11:22:00 | N | 256512] F:\f1.ipt
[05/12/2011 - 19:51:44 | N | 19648] F:\technickaaa.docx
[03/08/2011 - 09:25:44 | N | 4986295] F:\Tyler Ward ft. Alex G - I'm Falling.mp3
[23/12/2011 - 13:53:30 | N | 75236] F:\Mr-Nobody(0000158370).srt
[21/07/2011 - 16:18:42 | N | 612979413] F:\MTV Unplugged - Paramore.mkv
[12/01/2012 - 10:59:58 | N | 157696] F:\řemenice.ipt
[26/12/2011 - 16:18:24 | N | 1099189870] F:\Tajemství staré bambitky (2011) DVB-TRip CZ.avi
[25/10/2011 - 18:57:44 | N | 60490] F:\Vývojové diagramy a Pascal - Nguyen,TLA3.pptx
[03/08/2011 - 09:23:08 | N | 10039192] F:\The Chillers-Violins-Decepticons Remix.mp3
[03/08/2011 - 09:20:24 | N | 2302642] F:\We are the In Crowd - Never Be What you Want.mp3
[03/08/2011 - 09:21:52 | N | 2988124] F:\We Are The In Crowd - Never Be What You Want (Acoustic).mp3
[04/08/2011 - 19:26:08 | N | 4863948] F:\Monster - Paramore (Little Eye Cover).mp3
[02/07/2011 - 15:17:26 | N | 3134416896] F:\Limitless.UNRATED.2011.720p.BRRip.XviD.AC3-FLAWL3SS.avi
[04/01/2012 - 01:11:30 | N | 645120] F:\sF1.ipt
[20/12/2011 - 18:37:50 | N | 26677] F:\Nový objekt - Dokument aplikace Microsoft Office Word.docx
[06/12/2011 - 13:54:56 | N | 429056] F:\Fa.ipt
[22/11/2009 - 16:47:10 | N | 194829] F:\DSC00119.JPG
[16/03/2010 - 19:28:54 | N | 352862] F:\DSC00214.JPG
[29/12/2011 - 17:57:14 | N | 758999] F:\PC290003.JPG
[10/01/2012 - 22:27:48 | N | 176640] F:\Polotovar F1.ipt
[29/04/2010 - 14:41:52 | N | 509447] F:\DSC00223.JPG
[29/04/2010 - 14:42:26 | N | 89501] F:\DSC00224.JPG
[29/04/2010 - 14:42:44 | N | 87565] F:\DSC00225.JPG
[29/04/2010 - 14:42:56 | N | 73097] F:\DSC00226.JPG
[12/06/2010 - 19:29:26 | N | 34522] F:\DSC00228.JPG
[12/06/2010 - 19:30:02 | N | 44684] F:\DSC00231.JPG
[17/08/2010 - 22:05:40 | N | 397532] F:\DSC00288.JPG
[13/09/2010 - 20:18:12 | N | 346935] F:\DSC00370.JPG
[12/09/2009 - 11:16:48 | N | 202083] F:\1280x1024_HD_Wallpaper_165_Zixpk.jpg
[12/09/2009 - 11:15:48 | N | 187105] F:\1280x1024_HD_Wallpaper_182_Zixpk.jpg
[12/09/2009 - 11:13:52 | N | 175554] F:\1280x1024_HD_Wallpaper_197_Zixpk.jpg
[12/09/2009 - 11:12:02 | N | 304654] F:\1280x1024_Zixpk_HD_Wallpaper_218.jpg
[12/09/2009 - 11:12:30 | N | 140881] F:\1280x1024_Zixpk_HD_Wallpaper_222.jpg
[12/09/2009 - 11:12:48 | N | 196447] F:\1280x1024_Zixpk_HD_Wallpaper_224.jpg
[12/09/2009 - 11:11:52 | N | 233212] F:\1280x1024_Zixpk_HD_Wallpaper_225.jpg
[25/08/2010 - 11:58:58 | N | 41648] F:\38375_120397288008287_109204525794230_120860_7535505_n.jpg
[24/06/2010 - 14:50:14 | N | 927648] F:\221199-original1-jbfdk.jpg
[24/06/2010 - 14:52:48 | N | 448445] F:\221200-original1-o29mn.jpg
[24/06/2010 - 14:52:18 | N | 377498] F:\221201-original1-fdqnu.jpg
[06/07/2011 - 19:28:52 | N | 612502] F:\02072011272.jpg
[30/08/2011 - 21:02:06 | N | 20036] F:\24877621300139538842610.jpg
[13/09/2010 - 20:48:32 | N | 365985] F:\DSC00439.JPG
[16/09/2010 - 09:26:26 | N | 409637] F:\DSC00440.JPG
[16/09/2010 - 09:27:26 | N | 376693] F:\DSC00441.JPG
[16/09/2010 - 09:27:42 | N | 423379] F:\DSC00442.JPG
[16/09/2010 - 09:27:50 | N | 393862] F:\DSC00443.JPG
[25/09/2010 - 21:53:16 | N | 445189] F:\DSC00447.JPG
[28/09/2010 - 16:24:36 | N | 289065] F:\DSC00448.JPG
[28/09/2010 - 16:24:54 | N | 241735] F:\DSC00449.JPG
[28/09/2010 - 16:40:36 | N | 278297] F:\DSC00450.JPG
[28/09/2010 - 16:45:54 | N | 237568] F:\DSC00451.JPG
[28/09/2010 - 16:59:40 | N | 331188] F:\DSC00454.JPG
[28/09/2010 - 17:03:24 | N | 283915] F:\DSC00455.JPG
[28/09/2010 - 17:03:36 | N | 263006] F:\DSC00456.JPG
[28/09/2010 - 17:03:44 | N | 252211] F:\DSC00457.JPG
[28/09/2010 - 17:03:56 | N | 256048] F:\DSC00458.JPG
[28/09/2010 - 17:04:08 | N | 292711] F:\DSC00459.JPG
[04/10/2010 - 16:06:54 | N | 1122543] F:\DSC00464.JPG
[14/10/2010 - 08:46:42 | N | 276859] F:\DSC00502.JPG
[26/10/2010 - 13:15:34 | N | 332466] F:\DSC00533.JPG
[02/11/2010 - 20:59:24 | N | 218672] F:\DSC00557.JPG
[08/11/2010 - 13:44:32 | N | 289845] F:\DSC00559.JPG
[08/11/2010 - 13:48:22 | N | 62656] F:\DSC00560.JPG
[08/11/2010 - 13:48:30 | N | 60495] F:\DSC00561.JPG
[17/11/2010 - 21:46:06 | N | 229847] F:\DSC00563.JPG
[08/11/2010 - 13:50:14 | N | 55641] F:\DSC00564.JPG
[16/11/2010 - 12:29:06 | N | 50029] F:\DSC00568.JPG
[16/11/2010 - 12:29:28 | N | 67454] F:\DSC00569.JPG
[18/11/2010 - 10:05:42 | N | 56835] F:\DSC00570.JPG
[19/11/2010 - 12:16:14 | N | 61282] F:\DSC00571.JPG
[21/11/2010 - 19:19:06 | N | 39009] F:\DSC00573.JPG
[23/11/2010 - 09:28:04 | N | 44990] F:\DSC00575.JPG
[23/11/2010 - 09:28:24 | N | 56467] F:\DSC00576.JPG
[23/11/2010 - 09:28:34 | N | 56130] F:\DSC00577.JPG
[23/11/2010 - 09:28:40 | N | 48842] F:\DSC00578.JPG
[23/11/2010 - 09:28:48 | N | 46642] F:\DSC00579.JPG
[01/12/2010 - 14:48:32 | N | 547584] F:\DSC00580.JPG
[01/12/2010 - 14:48:48 | N | 533652] F:\DSC00581.JPG
[02/12/2010 - 13:21:10 | N | 311461] F:\DSC00585.JPG
[02/12/2010 - 13:21:16 | N | 303392] F:\DSC00586.JPG
[04/12/2010 - 23:01:04 | N | 485164] F:\DSC00587.JPG
[04/12/2010 - 23:11:28 | N | 410253] F:\DSC00588.JPG
[06/12/2010 - 13:29:32 | N | 348622] F:\DSC00589.JPG
[08/12/2010 - 15:16:48 | N | 261496] F:\DSC00591.JPG
[08/12/2010 - 15:17:02 | N | 291939] F:\DSC00592.JPG
[08/12/2010 - 15:17:26 | N | 291955] F:\DSC00594.JPG
[08/12/2010 - 15:17:32 | N | 289739] F:\DSC00595.JPG
[08/12/2010 - 15:18:14 | N | 278533] F:\DSC00597.JPG
[14/12/2010 - 11:42:12 | N | 284193] F:\DSC00599.JPG
[14/12/2010 - 12:07:58 | N | 373927] F:\DSC00600.JPG
[18/12/2010 - 23:06:38 | N | 428544] F:\DSC00601.JPG
[18/12/2010 - 23:41:06 | N | 450517] F:\DSC00602.JPG
[18/12/2010 - 23:48:40 | N | 399286] F:\DSC00605.JPG
[18/12/2010 - 23:48:54 | N | 423898] F:\DSC00606.JPG
[19/12/2010 - 00:29:34 | N | 520178] F:\DSC00608.JPG
[19/12/2011 - 22:15:34 | N | 365757] F:\DSC00810.JPG
[04/01/2012 - 10:49:18 | N | 258308] F:\DSC00839.JPG
[04/01/2012 - 10:49:28 | N | 248873] F:\DSC00840.JPG
[04/01/2012 - 10:50:16 | N | 224189] F:\DSC00841.JPG
[29/08/2011 - 18:37:52 | N | 388814] F:\DSC01674.JPG
[03/05/2011 - 06:31:48 | N | 1465200] F:\IMG.jpg
[20/04/2011 - 16:00:42 | N | 1022938] F:\IMGaa.jpg
[24/02/2010 - 11:18:30 | N | 1327293] F:\PIC_0090.JPG
[05/10/2011 - 16:13:10 | N | 1348350] F:\otazky-S.pdf
[05/12/2011 - 19:49:08 | N | 58880] F:\technika.doc
[10/03/2011 - 20:53:20 | N | 265362773] F:\x-art_silvie_morning_to_remember_hd.wmv
[23/12/2010 - 00:47:36 | N | 306031835] F:\Leila_X-art_Sex_on_the_Beach_HD.wmv
[11/03/2011 - 16:18:16 | N | 401733167] F:\[X-Art] Mutual Orgasm - Tiffany [720p].mov
[10/03/2011 - 16:41:14 | N | 591128805] F:\X-Art - Tiffany (Sex with a Supermodel)1080 full HDBB.mov
[14/01/2012 - 18:52:50 | D ] F:\novy
[14/01/2012 - 15:45:04 | D ] F:\Paramore - The Final Riot!
[14/01/2012 - 15:45:30 | D ] F:\Paramore Brand New Eyes
[14/01/2012 - 15:46:18 | D ] F:\Pendulum - Hold Your Colour
[14/01/2012 - 15:46:54 | D ] F:\Pendulum - Immersion
[14/01/2012 - 15:47:36 | D ] F:\Pendulum - In Silico
[14/01/2012 - 15:49:20 | D ] F:\poslane
[14/01/2012 - 15:52:52 | D ] F:\prodlouzena tom
[14/01/2012 - 15:28:30 | HD ] F:\RECYCLER
[14/01/2012 - 15:47:58 | D ] F:\Serj Tankian - Elect The Dead (2007)
[14/01/2012 - 16:01:00 | D ] F:\skripta
[14/01/2012 - 15:48:32 | D ] F:\System of a Down
[14/01/2012 - 18:53:30 | D ] F:\2006 - Skillet - Comatose
[14/01/2012 - 18:53:44 | D ] F:\2009 Awake
[14/01/2012 - 17:11:48 | D ] F:\Adaptační kurz TLA1, září 2009
[14/01/2012 - 17:12:34 | D ] F:\bredlyho prodlouzena
[14/01/2012 - 15:57:56 | D ] F:\d5as
[14/01/2012 - 15:29:48 | D ] F:\drivery
[14/01/2012 - 17:09:10 | D ] F:\hor
[14/01/2012 - 17:12:52 | D ] F:\hory010
[13/01/2012 - 23:00:50 | D ] F:\chang
[14/01/2012 - 15:28:58 | D ] F:\mk5
[14/01/2012 - 17:16:16 | D ] F:\MP Navigator EX
[14/01/2012 - 15:33:40 | D ] F:\muc
[14/01/2012 - 17:17:06 | D ] F:\Obrázky
[14/01/2012 - 17:10:44 | D ] F:\Od Nelči
[14/01/2012 - 17:10:52 | D ] F:\Od Zuzky
[14/01/2012 - 15:44:14 | D ] F:\Paramore - All We Know is Falling
[14/01/2012 - 15:44:28 | D ] F:\Paramore - MTV Unplugged
[14/01/2012 - 15:44:38 | D ] F:\Paramore - Riot
[16/12/2009 - 16:29:22 | D ] G:\DCIM
[16/12/2009 - 16:29:22 | D ] G:\MP3
[16/12/2009 - 16:29:24 | D ] G:\MSSEMC
[16/12/2009 - 16:25:58 | N | 0] G:\MEMSTICK.IND
[14/09/2009 - 23:31:28 | N | 41] G:\pmp_usb.ini
[14/09/2009 - 23:31:28 | N | 474] G:\winamp_cache_0001.xml
[28/11/2008 - 07:17:08 | N | 1312] G:\BOOTEX.LOG
[16/12/2009 - 16:27:44 | N | 0] G:\MSTK_PRO.IND
[14/01/2012 - 10:57:04 | HD ] G:\RECYCLER

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
F:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
G:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_NYEN-ECE80A648E.zip
http://eldesaparecido.com/support.php
Thank you for your contribution.

################## | E.O.F |
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#4 Příspěvek od Lakso »

Tak to fungovalo, než jsem disk odpojil a zase připojit - opět se vytvoří zástupci
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zástupci namísto složek

#5 Příspěvek od vyosek »

:arrow: Pripojte disk a nechte jej tam

:arrow: Znovu USBFix s volnou Deletion - log sem

:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost 2 a potvrte enterem
  • Utilita provede svou cinnost a da log - ten sem vlozte
  • Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#6 Příspěvek od Lakso »

log z usbfix

############################## | UsbFix 7.059 | [Deletion]

User: Nyen (Administrator) # NYEN-ECE80A648E [ ]
Updated 16/09/2011 by El Desaparecido
Started at 20:44:11 | 14/01/2012
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: Intel(R) Pentium(R) 4 CPU 3.20GHz
CPU 2: Intel(R) Pentium(R) 4 CPU 3.20GHz
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512

Windows Firewall: Enabled
RAM -> 639 Mb
C:\ (%systemdrive%) -> Fixed drive # 112 Gb (2 Mb free - 2%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 932 Gb (317 Mb free - 34%) [SAMSUNG] # NTFS
F:\ -> Removable drive # 15 Gb (85 Mb free - 1%) [KINGSTON] # FAT32
G:\ -> Removable drive # 469 Mb (385 Mb free - 82%) [] # FAT
H:\ -> Removable drive # 124 Mb (124 Mb free - 100%) [] # FAT

################## | Files # Infected Folders |

Deleted ! E:\100OLYMP.lnk
Deleted ! E:\19 - adele.lnk
Deleted ! E:\21 - Adele.lnk
Deleted ! E:\530bf25998eeab16cc2d53b5.lnk
Deleted ! E:\Adele - 19.lnk
Deleted ! E:\Adele - 21.lnk
Deleted ! E:\autocad 2010.lnk
Deleted ! E:\Autodesk Inventor Suite 2011.lnk
Deleted ! E:\cad.lnk
Deleted ! E:\chemie.lnk
Deleted ! E:\chrome downloads.lnk
Deleted ! E:\Corel _12_CZ+Key.lnk
Deleted ! E:\delphi.lnk
Deleted ! E:\dkas.lnk
Deleted ! E:\Documents.lnk
Deleted ! E:\dona rockforpeople.lnk
Deleted ! E:\Downloads.lnk
Deleted ! E:\dudes.lnk
Deleted ! E:\dukazy bible.lnk
Deleted ! E:\early spring.lnk
Deleted ! E:\ex.lnk
Deleted ! E:\faling skies.lnk
Deleted ! E:\falling skies.lnk
Deleted ! E:\filmy.lnk
Deleted ! E:\flash.lnk
Deleted ! E:\fotky hory.lnk
Deleted ! E:\fotky obrazky.lnk
Deleted ! E:\FS serial.lnk
Deleted ! E:\GAYGAYGAYGAYGAYGAY.lnk
Deleted ! E:\hayjoe.lnk
Deleted ! E:\HeyJoe.lnk
Deleted ! E:\hory.lnk
Deleted ! E:\Hudba.lnk
Deleted ! E:\inventor cad.lnk
Deleted ! E:\koncerty paramore.lnk
Deleted ! E:\Lyžák.lnk
Deleted ! E:\materialy chemie.lnk
Deleted ! E:\mc office.lnk
Deleted ! E:\mcoffice.lnk
Deleted ! E:\metr nom.lnk
Deleted ! E:\metronom.lnk
Deleted ! E:\MK4.lnk
Deleted ! E:\MK5.lnk
Deleted ! E:\mobil drivery.lnk
Deleted ! E:\mobil.lnk
Deleted ! E:\movies.lnk
Deleted ! E:\moviies.lnk
Deleted ! E:\Mr Nobody 2009 Extended 720p BluRay x264-CiNEFiLE.lnk
Deleted ! E:\muc.lnk
Deleted ! E:\music.lnk
Deleted ! E:\musiic.lnk
Deleted ! E:\novy.lnk
Deleted ! E:\Nová složka (2).lnk
Deleted ! E:\Nová složka.lnk
Deleted ! E:\obr.lnk
Deleted ! E:\obrazky fotky.lnk
Deleted ! E:\office.lnk
Deleted ! E:\paramore concerts.lnk
Deleted ! E:\Paramore live concert.lnk
Deleted ! E:\Paramore Live in Argentina 2011.lnk
Deleted ! E:\Paramore.The.Final.Riot..DD5.1.lnk
Deleted ! E:\phone.lnk
Deleted ! E:\poslane.lnk
Deleted ! E:\prodlouzena (Tom).lnk
Deleted ! E:\prodlouzena[TOM].lnk
Deleted ! E:\programovani delphi.lnk
Deleted ! E:\QIP 2010 PafoPack.lnk
Deleted ! E:\qip.lnk
Deleted ! E:\qipik.lnk
Deleted ! E:\RcvdFiles.lnk
Deleted ! E:\rfp dona.lnk
Deleted ! E:\rfp od dony.lnk
Deleted ! E:\Riot Games.lnk
Deleted ! E:\SamsungSoftware.lnk
Deleted ! E:\SecretZone.lnk
Deleted ! E:\serialky.lnk
Deleted ! E:\serialy.lnk
Deleted ! E:\skola.lnk
Deleted ! E:\skripta.lnk
Deleted ! E:\spring betas.lnk
Deleted ! E:\Star.Wars.Episode-I.The.Phantom.Menace.1999.BluRay.720p.x264.DTS-ES-HDChina.lnk
Deleted ! E:\Star.Wars.Episode-II.Attack.of.the.Clones.2002.BluRay.720p.x264.DTS-ES-HDChina.lnk
Deleted ! E:\System Volume Information.lnk
Deleted ! E:\tes.lnk
Deleted ! E:\thor.lnk
Deleted ! E:\tomas.lnk
Deleted ! E:\z flashky.lnk
Deleted ! E:\zaloha.lnk
Deleted ! E:\záloha pc.lnk
Deleted ! F:\Paramore - MTV Unplugged.lnk
Deleted ! F:\Paramore - Riot.lnk
Deleted ! F:\novy.lnk
Deleted ! F:\Paramore - The Final Riot!.lnk
Deleted ! F:\Paramore Brand New Eyes.lnk
Deleted ! F:\Pendulum - Hold Your Colour.lnk
Deleted ! F:\Pendulum - Immersion.lnk
Deleted ! F:\Pendulum - In Silico.lnk
Deleted ! F:\poslane.lnk
Deleted ! F:\prodlouzena tom.lnk
Deleted ! F:\Serj Tankian - Elect The Dead (2007).lnk
Deleted ! F:\skripta.lnk
Deleted ! F:\System of a Down.lnk
Deleted ! F:\2006 - Skillet - Comatose.lnk
Deleted ! F:\2009 Awake.lnk
Deleted ! F:\Adaptační kurz TLA1, září 2009.lnk
Deleted ! F:\bredlyho prodlouzena.lnk
Deleted ! F:\d5as.lnk
Deleted ! F:\drivery.lnk
Deleted ! F:\hor.lnk
Deleted ! F:\hory010.lnk
Deleted ! F:\chang.lnk
Deleted ! F:\mk5.lnk
Deleted ! F:\MP Navigator EX.lnk
Deleted ! F:\muc.lnk
Deleted ! F:\Obrázky.lnk
Deleted ! F:\Od Nelči.lnk
Deleted ! F:\Od Zuzky.lnk
Deleted ! F:\Paramore - All We Know is Falling.lnk
Deleted ! G:\DCIM.lnk
Deleted ! G:\MP3.lnk
Deleted ! G:\MSSEMC.lnk
Deleted ! H:\RECYCLER.lnk
Deleted ! E:\Recycler\0xA25D5DBD.exe
Deleted ! F:\Recycler\0xA25D5DBD.exe
Deleted ! G:\Recycler\0xA25D5DBD.exe
Deleted ! H:\Recycler\0xA25D5DBD.exe
Deleted ! C:\Recycler\S-1-5-21-329068152-1482476501-1177238915-1004
Deleted ! E:\Recycler\S-1-5-21-329068152-1482476501-1177238915-1004

(!) Temporary files deleted.


################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[14/01/2012 - 12:49:17 | N | 0] C:\AUTOEXEC.BAT
[14/01/2012 - 20:14:30 | RASHD ] C:\Autorun.inf
[14/01/2012 - 12:42:58 | N | 211] C:\boot.ini
[14/04/2008 - 13:00:00 | N | 4952] C:\Bootfont.bin
[14/01/2012 - 12:49:17 | N | 0] C:\CONFIG.SYS
[14/01/2012 - 12:54:01 | D ] C:\Documents and Settings
[14/01/2012 - 20:40:23 | ASH | 670617600] C:\hiberfil.sys
[14/01/2012 - 12:49:17 | N | 0] C:\IO.SYS
[14/01/2012 - 13:40:41 | D ] C:\League of Legends
[14/01/2012 - 12:49:17 | N | 0] C:\MSDOS.SYS
[14/04/2008 - 13:00:00 | N | 47564] C:\NTDETECT.COM
[14/04/2008 - 13:00:00 | N | 250576] C:\ntldr
[14/01/2012 - 20:40:21 | ASH | 1006632960] C:\pagefile.sys
[14/01/2012 - 13:52:06 | D ] C:\Program Files
[14/01/2012 - 20:46:50 | SHD ] C:\RECYCLER
[14/01/2012 - 12:53:07 | SHD ] C:\System Volume Information
[14/01/2012 - 18:39:13 | ASH | 204800] C:\Thumbs.db
[14/01/2012 - 18:48:55 | D ] C:\totalcmd
[14/01/2012 - 20:46:50 | D ] C:\UsbFix
[14/01/2012 - 20:46:50 | A | 5154] C:\UsbFix.txt
[14/01/2012 - 20:14:35 | N | 642766] C:\UsbFix_Upload_Me_NYEN-ECE80A648E.zip
[14/01/2012 - 20:40:40 | D ] C:\WINDOWS
[14/01/2012 - 11:04:24 | D ] E:\100OLYMP
[14/01/2012 - 11:06:24 | D ] E:\19 - adele
[14/01/2012 - 11:07:16 | D ] E:\21 - Adele
[14/01/2012 - 11:05:12 | D ] E:\530bf25998eeab16cc2d53b5
[14/01/2012 - 11:06:24 | D ] E:\Adele - 19
[14/01/2012 - 11:07:24 | D ] E:\Adele - 21
[14/01/2012 - 11:16:15 | D ] E:\autocad 2010
[14/01/2012 - 11:15:21 | D ] E:\Autodesk Inventor Suite 2011
[14/01/2012 - 20:14:30 | D ] E:\Autorun.inf
[13/01/2012 - 14:49:52 | D ] E:\cad
[14/01/2012 - 11:20:51 | D ] E:\chemie
[14/01/2012 - 11:14:58 | D ] E:\chrome downloads
[14/01/2012 - 14:03:35 | D ] E:\Corel _12_CZ+Key
[14/01/2012 - 14:06:27 | D ] E:\delphi
[14/01/2012 - 14:12:48 | D ] E:\dkas
[13/01/2012 - 21:49:20 | D ] E:\Documents
[13/01/2012 - 21:49:41 | D ] E:\dona rockforpeople
[14/01/2012 - 11:14:56 | D ] E:\Downloads
[14/01/2012 - 11:16:57 | D ] E:\dudes
[14/01/2012 - 14:13:39 | D ] E:\dukazy bible
[14/01/2012 - 11:17:41 | D ] E:\early spring
[14/01/2012 - 14:57:51 | D ] E:\ex
[14/01/2012 - 11:19:37 | D ] E:\faling skies
[13/01/2012 - 21:50:18 | D ] E:\falling skies
[13/01/2012 - 21:51:36 | D ] E:\filmy
[14/01/2012 - 11:20:07 | D ] E:\flash
[14/01/2012 - 11:20:28 | D ] E:\fotky hory
[14/01/2012 - 17:42:25 | D ] E:\fotky obrazky
[14/01/2012 - 15:08:29 | D ] E:\FS serial
[13/01/2012 - 21:51:56 | D ] E:\GAYGAYGAYGAYGAYGAY
[14/01/2012 - 11:14:12 | D ] E:\hayjoe
[14/01/2012 - 11:14:12 | D ] E:\HeyJoe
[14/01/2012 - 11:20:28 | D ] E:\hory
[13/01/2012 - 21:52:27 | D ] E:\Hudba
[14/01/2012 - 11:16:16 | D ] E:\inventor cad
[14/01/2012 - 13:48:47 | D ] E:\koncerty paramore
[13/01/2012 - 21:52:55 | D ] E:\Lyžák
[14/01/2012 - 11:20:51 | D ] E:\materialy chemie
[14/01/2012 - 13:47:30 | D ] E:\mc office
[14/01/2012 - 11:22:00 | D ] E:\mcoffice
[14/01/2012 - 11:22:17 | D ] E:\metr nom
[14/01/2012 - 11:22:17 | D ] E:\metronom
[13/01/2012 - 22:40:55 | D ] E:\MK4
[14/01/2012 - 11:06:49 | D ] E:\MK5
[14/01/2012 - 11:22:37 | D ] E:\mobil
[14/01/2012 - 11:22:37 | D ] E:\mobil drivery
[14/01/2012 - 11:23:04 | D ] E:\movies
[14/01/2012 - 16:09:43 | D ] E:\moviies
[13/01/2012 - 21:53:18 | D ] E:\Mr Nobody 2009 Extended 720p BluRay x264-CiNEFiLE
[14/01/2012 - 11:06:50 | D ] E:\muc
[14/01/2012 - 11:10:36 | D ] E:\music
[14/01/2012 - 15:42:56 | D ] E:\musiic
[14/01/2012 - 18:51:52 | D ] E:\novy
[13/01/2012 - 21:53:31 | D ] E:\Nová složka
[14/01/2012 - 11:18:52 | D ] E:\Nová složka (2)
[13/01/2012 - 21:53:54 | D ] E:\obr
[14/01/2012 - 11:23:33 | D ] E:\obrazky fotky
[13/01/2012 - 21:54:40 | D ] E:\office
[14/01/2012 - 11:24:00 | D ] E:\paramore concerts
[13/01/2012 - 21:55:10 | D ] E:\Paramore live concert
[13/01/2012 - 21:55:28 | D ] E:\Paramore Live in Argentina 2011
[13/01/2012 - 21:55:40 | D ] E:\Paramore.The.Final.Riot..DD5.1
[13/01/2012 - 21:56:04 | D ] E:\phone
[14/01/2012 - 11:24:18 | D ] E:\poslane
[14/01/2012 - 15:57:11 | D ] E:\prodlouzena (Tom)
[14/01/2012 - 11:08:56 | D ] E:\prodlouzena[TOM]
[14/01/2012 - 15:57:27 | D ] E:\programovani delphi
[14/01/2012 - 11:09:58 | D ] E:\qip
[13/01/2012 - 21:56:50 | D ] E:\QIP 2010 PafoPack
[14/01/2012 - 11:09:58 | D ] E:\qipik
[14/01/2012 - 11:24:18 | D ] E:\RcvdFiles
[14/01/2012 - 20:46:50 | SHD ] E:\RECYCLER
[14/01/2012 - 11:24:33 | D ] E:\rfp dona
[14/01/2012 - 11:24:33 | D ] E:\rfp od dony
[14/01/2012 - 13:40:45 | D ] E:\Riot Games
[08/10/2010 - 08:57:08 | D ] E:\SamsungSoftware
[26/07/2011 - 17:27:17 | D ] E:\SecretZone
[14/01/2012 - 11:24:57 | D ] E:\serialky
[14/01/2012 - 11:24:57 | D ] E:\serialy
[14/01/2012 - 11:25:18 | D ] E:\skola
[14/01/2012 - 11:12:17 | D ] E:\skripta
[14/01/2012 - 11:17:59 | D ] E:\spring betas
[14/01/2012 - 11:25:39 | D ] E:\Star.Wars.Episode-I.The.Phantom.Menace.1999.BluRay.720p.x264.DTS-ES-HDChina
[14/01/2012 - 11:25:53 | D ] E:\Star.Wars.Episode-II.Attack.of.the.Clones.2002.BluRay.720p.x264.DTS-ES-HDChina
[14/09/2011 - 18:34:33 | SHD ] E:\System Volume Information
[14/01/2012 - 16:46:43 | D ] E:\tes
[14/01/2012 - 11:13:04 | D ] E:\thor
[14/01/2012 - 13:48:24 | ASH | 237346] E:\Thumbs.db
[14/01/2012 - 11:12:17 | D ] E:\tomas
[14/01/2012 - 16:48:52 | D ] E:\z flashky
[14/01/2012 - 16:52:20 | D ] E:\zaloha
[14/01/2012 - 11:11:39 | D ] E:\záloha pc
[05/10/2011 - 16:13:02 | N | 949810] F:\otazky-J.pdf
[07/07/2011 - 17:29:52 | N | 86289] F:\Limitless.srt
[13/01/2012 - 23:15:26 | N | 243284] F:\atto_241.zip
[05/01/2012 - 11:22:00 | N | 256512] F:\f1.ipt
[05/12/2011 - 19:51:44 | N | 19648] F:\technickaaa.docx
[03/08/2011 - 09:25:44 | N | 4986295] F:\Tyler Ward ft. Alex G - I'm Falling.mp3
[23/12/2011 - 13:53:30 | N | 75236] F:\Mr-Nobody(0000158370).srt
[21/07/2011 - 16:18:42 | N | 612979413] F:\MTV Unplugged - Paramore.mkv
[12/01/2012 - 10:59:58 | N | 157696] F:\řemenice.ipt
[26/12/2011 - 16:18:24 | N | 1099189870] F:\Tajemství staré bambitky (2011) DVB-TRip CZ.avi
[25/10/2011 - 18:57:44 | N | 60490] F:\Vývojové diagramy a Pascal - Nguyen,TLA3.pptx
[03/08/2011 - 09:23:08 | N | 10039192] F:\The Chillers-Violins-Decepticons Remix.mp3
[03/08/2011 - 09:20:24 | N | 2302642] F:\We are the In Crowd - Never Be What you Want.mp3
[03/08/2011 - 09:21:52 | N | 2988124] F:\We Are The In Crowd - Never Be What You Want (Acoustic).mp3
[04/08/2011 - 19:26:08 | N | 4863948] F:\Monster - Paramore (Little Eye Cover).mp3
[02/07/2011 - 15:17:26 | N | 3134416896] F:\Limitless.UNRATED.2011.720p.BRRip.XviD.AC3-FLAWL3SS.avi
[04/01/2012 - 01:11:30 | N | 645120] F:\sF1.ipt
[20/12/2011 - 18:37:50 | N | 26677] F:\Nový objekt - Dokument aplikace Microsoft Office Word.docx
[06/12/2011 - 13:54:56 | N | 429056] F:\Fa.ipt
[22/11/2009 - 16:47:10 | N | 194829] F:\DSC00119.JPG
[16/03/2010 - 19:28:54 | N | 352862] F:\DSC00214.JPG
[29/12/2011 - 17:57:14 | N | 758999] F:\PC290003.JPG
[10/01/2012 - 22:27:48 | N | 176640] F:\Polotovar F1.ipt
[29/04/2010 - 14:41:52 | N | 509447] F:\DSC00223.JPG
[29/04/2010 - 14:42:26 | N | 89501] F:\DSC00224.JPG
[29/04/2010 - 14:42:44 | N | 87565] F:\DSC00225.JPG
[29/04/2010 - 14:42:56 | N | 73097] F:\DSC00226.JPG
[12/06/2010 - 19:29:26 | N | 34522] F:\DSC00228.JPG
[12/06/2010 - 19:30:02 | N | 44684] F:\DSC00231.JPG
[17/08/2010 - 22:05:40 | N | 397532] F:\DSC00288.JPG
[13/09/2010 - 20:18:12 | N | 346935] F:\DSC00370.JPG
[12/09/2009 - 11:16:48 | N | 202083] F:\1280x1024_HD_Wallpaper_165_Zixpk.jpg
[12/09/2009 - 11:15:48 | N | 187105] F:\1280x1024_HD_Wallpaper_182_Zixpk.jpg
[12/09/2009 - 11:13:52 | N | 175554] F:\1280x1024_HD_Wallpaper_197_Zixpk.jpg
[12/09/2009 - 11:12:02 | N | 304654] F:\1280x1024_Zixpk_HD_Wallpaper_218.jpg
[12/09/2009 - 11:12:30 | N | 140881] F:\1280x1024_Zixpk_HD_Wallpaper_222.jpg
[12/09/2009 - 11:12:48 | N | 196447] F:\1280x1024_Zixpk_HD_Wallpaper_224.jpg
[12/09/2009 - 11:11:52 | N | 233212] F:\1280x1024_Zixpk_HD_Wallpaper_225.jpg
[25/08/2010 - 11:58:58 | N | 41648] F:\38375_120397288008287_109204525794230_120860_7535505_n.jpg
[24/06/2010 - 14:50:14 | N | 927648] F:\221199-original1-jbfdk.jpg
[24/06/2010 - 14:52:48 | N | 448445] F:\221200-original1-o29mn.jpg
[24/06/2010 - 14:52:18 | N | 377498] F:\221201-original1-fdqnu.jpg
[06/07/2011 - 19:28:52 | N | 612502] F:\02072011272.jpg
[30/08/2011 - 21:02:06 | N | 20036] F:\24877621300139538842610.jpg
[13/09/2010 - 20:48:32 | N | 365985] F:\DSC00439.JPG
[16/09/2010 - 09:26:26 | N | 409637] F:\DSC00440.JPG
[16/09/2010 - 09:27:26 | N | 376693] F:\DSC00441.JPG
[16/09/2010 - 09:27:42 | N | 423379] F:\DSC00442.JPG
[16/09/2010 - 09:27:50 | N | 393862] F:\DSC00443.JPG
[25/09/2010 - 21:53:16 | N | 445189] F:\DSC00447.JPG
[28/09/2010 - 16:24:36 | N | 289065] F:\DSC00448.JPG
[28/09/2010 - 16:24:54 | N | 241735] F:\DSC00449.JPG
[28/09/2010 - 16:40:36 | N | 278297] F:\DSC00450.JPG
[28/09/2010 - 16:45:54 | N | 237568] F:\DSC00451.JPG
[28/09/2010 - 16:59:40 | N | 331188] F:\DSC00454.JPG
[28/09/2010 - 17:03:24 | N | 283915] F:\DSC00455.JPG
[28/09/2010 - 17:03:36 | N | 263006] F:\DSC00456.JPG
[28/09/2010 - 17:03:44 | N | 252211] F:\DSC00457.JPG
[28/09/2010 - 17:03:56 | N | 256048] F:\DSC00458.JPG
[28/09/2010 - 17:04:08 | N | 292711] F:\DSC00459.JPG
[04/10/2010 - 16:06:54 | N | 1122543] F:\DSC00464.JPG
[14/10/2010 - 08:46:42 | N | 276859] F:\DSC00502.JPG
[26/10/2010 - 13:15:34 | N | 332466] F:\DSC00533.JPG
[02/11/2010 - 20:59:24 | N | 218672] F:\DSC00557.JPG
[08/11/2010 - 13:44:32 | N | 289845] F:\DSC00559.JPG
[08/11/2010 - 13:48:22 | N | 62656] F:\DSC00560.JPG
[08/11/2010 - 13:48:30 | N | 60495] F:\DSC00561.JPG
[17/11/2010 - 21:46:06 | N | 229847] F:\DSC00563.JPG
[08/11/2010 - 13:50:14 | N | 55641] F:\DSC00564.JPG
[16/11/2010 - 12:29:06 | N | 50029] F:\DSC00568.JPG
[16/11/2010 - 12:29:28 | N | 67454] F:\DSC00569.JPG
[18/11/2010 - 10:05:42 | N | 56835] F:\DSC00570.JPG
[19/11/2010 - 12:16:14 | N | 61282] F:\DSC00571.JPG
[21/11/2010 - 19:19:06 | N | 39009] F:\DSC00573.JPG
[23/11/2010 - 09:28:04 | N | 44990] F:\DSC00575.JPG
[23/11/2010 - 09:28:24 | N | 56467] F:\DSC00576.JPG
[23/11/2010 - 09:28:34 | N | 56130] F:\DSC00577.JPG
[23/11/2010 - 09:28:40 | N | 48842] F:\DSC00578.JPG
[23/11/2010 - 09:28:48 | N | 46642] F:\DSC00579.JPG
[01/12/2010 - 14:48:32 | N | 547584] F:\DSC00580.JPG
[01/12/2010 - 14:48:48 | N | 533652] F:\DSC00581.JPG
[02/12/2010 - 13:21:10 | N | 311461] F:\DSC00585.JPG
[02/12/2010 - 13:21:16 | N | 303392] F:\DSC00586.JPG
[04/12/2010 - 23:01:04 | N | 485164] F:\DSC00587.JPG
[04/12/2010 - 23:11:28 | N | 410253] F:\DSC00588.JPG
[06/12/2010 - 13:29:32 | N | 348622] F:\DSC00589.JPG
[08/12/2010 - 15:16:48 | N | 261496] F:\DSC00591.JPG
[08/12/2010 - 15:17:02 | N | 291939] F:\DSC00592.JPG
[08/12/2010 - 15:17:26 | N | 291955] F:\DSC00594.JPG
[08/12/2010 - 15:17:32 | N | 289739] F:\DSC00595.JPG
[08/12/2010 - 15:18:14 | N | 278533] F:\DSC00597.JPG
[14/12/2010 - 11:42:12 | N | 284193] F:\DSC00599.JPG
[14/12/2010 - 12:07:58 | N | 373927] F:\DSC00600.JPG
[18/12/2010 - 23:06:38 | N | 428544] F:\DSC00601.JPG
[18/12/2010 - 23:41:06 | N | 450517] F:\DSC00602.JPG
[18/12/2010 - 23:48:40 | N | 399286] F:\DSC00605.JPG
[18/12/2010 - 23:48:54 | N | 423898] F:\DSC00606.JPG
[19/12/2010 - 00:29:34 | N | 520178] F:\DSC00608.JPG
[19/12/2011 - 22:15:34 | N | 365757] F:\DSC00810.JPG
[04/01/2012 - 10:49:18 | N | 258308] F:\DSC00839.JPG
[04/01/2012 - 10:49:28 | N | 248873] F:\DSC00840.JPG
[04/01/2012 - 10:50:16 | N | 224189] F:\DSC00841.JPG
[29/08/2011 - 18:37:52 | N | 388814] F:\DSC01674.JPG
[03/05/2011 - 06:31:48 | N | 1465200] F:\IMG.jpg
[20/04/2011 - 16:00:42 | N | 1022938] F:\IMGaa.jpg
[24/02/2010 - 11:18:30 | N | 1327293] F:\PIC_0090.JPG
[05/10/2011 - 16:13:10 | N | 1348350] F:\otazky-S.pdf
[05/12/2011 - 19:49:08 | N | 58880] F:\technika.doc
[10/03/2011 - 20:53:20 | N | 265362773] F:\x-art_silvie_morning_to_remember_hd.wmv
[23/12/2010 - 00:47:36 | N | 306031835] F:\Leila_X-art_Sex_on_the_Beach_HD.wmv
[11/03/2011 - 16:18:16 | N | 401733167] F:\[X-Art] Mutual Orgasm - Tiffany [720p].mov
[10/03/2011 - 16:41:14 | N | 591128805] F:\X-Art - Tiffany (Sex with a Supermodel)1080 full HDBB.mov
[14/01/2012 - 18:52:50 | D ] F:\novy
[14/01/2012 - 15:45:04 | D ] F:\Paramore - The Final Riot!
[14/01/2012 - 15:45:30 | D ] F:\Paramore Brand New Eyes
[14/01/2012 - 15:46:18 | D ] F:\Pendulum - Hold Your Colour
[14/01/2012 - 15:46:54 | D ] F:\Pendulum - Immersion
[14/01/2012 - 15:47:36 | D ] F:\Pendulum - In Silico
[14/01/2012 - 15:49:20 | D ] F:\poslane
[14/01/2012 - 15:52:52 | D ] F:\prodlouzena tom
[14/01/2012 - 15:28:30 | HD ] F:\RECYCLER
[14/01/2012 - 15:47:58 | D ] F:\Serj Tankian - Elect The Dead (2007)
[14/01/2012 - 16:01:00 | D ] F:\skripta
[14/01/2012 - 15:48:32 | D ] F:\System of a Down
[14/01/2012 - 18:53:30 | D ] F:\2006 - Skillet - Comatose
[14/01/2012 - 18:53:44 | D ] F:\2009 Awake
[14/01/2012 - 17:11:48 | D ] F:\Adaptační kurz TLA1, září 2009
[14/01/2012 - 17:12:34 | D ] F:\bredlyho prodlouzena
[14/01/2012 - 15:57:56 | D ] F:\d5as
[14/01/2012 - 15:29:48 | D ] F:\drivery
[14/01/2012 - 17:09:10 | D ] F:\hor
[14/01/2012 - 17:12:52 | D ] F:\hory010
[13/01/2012 - 23:00:50 | D ] F:\chang
[14/01/2012 - 15:28:58 | D ] F:\mk5
[14/01/2012 - 17:16:16 | D ] F:\MP Navigator EX
[14/01/2012 - 15:33:40 | D ] F:\muc
[14/01/2012 - 17:17:06 | D ] F:\Obrázky
[14/01/2012 - 17:10:44 | D ] F:\Od Nelči
[14/01/2012 - 17:10:52 | D ] F:\Od Zuzky
[14/01/2012 - 15:44:14 | D ] F:\Paramore - All We Know is Falling
[14/01/2012 - 15:44:28 | D ] F:\Paramore - MTV Unplugged
[14/01/2012 - 15:44:38 | D ] F:\Paramore - Riot
[14/01/2012 - 20:14:32 | D ] F:\Autorun.inf
[16/12/2009 - 16:29:22 | D ] G:\DCIM
[16/12/2009 - 16:29:22 | D ] G:\MP3
[16/12/2009 - 16:29:24 | D ] G:\MSSEMC
[16/12/2009 - 16:25:58 | N | 0] G:\MEMSTICK.IND
[14/09/2009 - 23:31:28 | N | 41] G:\pmp_usb.ini
[14/09/2009 - 23:31:28 | N | 474] G:\winamp_cache_0001.xml
[28/11/2008 - 07:17:08 | N | 1312] G:\BOOTEX.LOG
[16/12/2009 - 16:27:44 | N | 0] G:\MSTK_PRO.IND
[14/01/2012 - 10:57:04 | HD ] G:\RECYCLER
[14/01/2012 - 20:14:32 | D ] G:\Autorun.inf
[14/01/2012 - 20:38:54 | SHD ] H:\RECYCLER

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
F:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
G:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
H:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_NYEN-ECE80A648E.zip
http://eldesaparecido.com/support.php
Thank you for your contribution.

################## | E.O.F |
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#7 Příspěvek od Lakso »

RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Nyen [Admin rights]
Mode: Remove -- Date : 01/14/2012 20:50:54

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : Dcsqst (C:\Documents and Settings\Nyen\Data aplikací\Dcsqst.exe) -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 1360aec91d7372e4d23e179ac04fd592
[BSP] 3d09f49dd4a5ddbce33b305bec5bfba3 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 63 | Size: 120023 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] cab6512b40ec61c1fabe3fe7b5063d26
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32 [VISIBLE] Offset (sectors): 8064 | Size: 15875 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#8 Příspěvek od Lakso »

RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Nyen [Admin rights]
Mode: HOSTSFix -- Date : 01/14/2012 20:51:53

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#9 Příspěvek od Lakso »

RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Nyen [Admin rights]
Mode: ProxyFix -- Date : 01/14/2012 20:52:05

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zástupci namísto složek

#10 Příspěvek od vyosek »

:arrow: Nechte flash disk zapojeny

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#11 Příspěvek od Lakso »

ComboFix 12-01-15.01 - Nyen 15.01.2012 11:36:40.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.639.288 [GMT 1:00]
Spuštěný z: c:\documents and settings\Nyen\Plocha\combofix\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\windows\alcrmv.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\regopt.log
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\auto.exe
c:\windows\system32\SET1FE.tmp
c:\windows\system32\SET29.tmp
c:\windows\system32\SET2E.tmp
c:\windows\system32\SET2F.tmp
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-15 do 2012-01-15 )))))))))))))))))))))))))))))))
.
.
2012-01-14 19:07 . 2012-01-15 10:18 -------- d-----w- C:\UsbFix
2012-01-14 17:48 . 2012-01-14 17:48 -------- d-----w- C:\totalcmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-15 10:18 . 2012-01-14 19:14 967453 ----a-w- C:\UsbFix_Upload_Me_NYEN-ECE80A648E.zip
2011-11-25 21:57 . 2008-04-14 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2008-04-14 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2008-04-14 12:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-03 15:29 . 2008-04-14 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 2008-04-14 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 20:36 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-01 20:36 . 2008-04-14 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-11-01 20:36 . 2008-04-14 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-11-01 20:36 . 2008-04-14 12:00 1510912 ----a-w- c:\windows\system32\shdocvw.dll
2011-11-01 20:34 . 2008-04-14 12:00 370176 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-14 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2008-04-14 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2008-04-14 08:06 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 15:31 1514152 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 57344]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58699:TCP"= 58699:TCP:Pando Media Booster
"58699:UDP"= 58699:UDP:Pando Media Booster
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TrueSight
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-15 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2012-01-03 15:31]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 109.238.32.52 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-RunOnce-<NO NAME> - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-15 11:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-01-15 11:41:22
ComboFix-quarantined-files.txt 2012-01-15 10:41
.
Před spuštěním: 6 553 853 952
Po spuštění: 6 526 754 816
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - C84D0ADD9ADE27F3EE9003991FD8DF78
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zástupci namísto složek

#12 Příspěvek od vyosek »

:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    KillAll::

Folder::
c:\program files\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58699:TCP"=-
"58699:UDP"=-

File::
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

ClearJavaCache::

Reboot::
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#13 Příspěvek od Lakso »

ComboFix 12-01-15.01 - Nyen 15.01.2012 13:34:24.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.639.317 [GMT 1:00]
Spuštěný z: c:\documents and settings\Nyen\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Nyen\Plocha\CFScript.txt
.
FILE ::
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_1cb.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-15 do 2012-01-15 )))))))))))))))))))))))))))))))
.
.
2012-01-14 19:07 . 2012-01-15 10:18 -------- d-----w- C:\UsbFix
2012-01-14 17:48 . 2012-01-14 17:48 -------- d-----w- C:\totalcmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-15 10:18 . 2012-01-14 19:14 967453 ----a-w- C:\UsbFix_Upload_Me_NYEN-ECE80A648E.zip
2011-11-25 21:57 . 2008-04-14 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2008-04-14 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2008-04-14 12:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-03 15:29 . 2008-04-14 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 2008-04-14 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 20:36 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-01 20:36 . 2008-04-14 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-11-01 20:36 . 2008-04-14 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-11-01 20:36 . 2008-04-14 12:00 1510912 ----a-w- c:\windows\system32\shdocvw.dll
2011-11-01 20:34 . 2008-04-14 12:00 370176 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-14 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2008-04-14 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2008-04-14 08:06 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-15_10.39.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-13 19:17 . 2011-05-13 19:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-13 18:45 . 2011-05-13 18:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-14 00:06 . 2011-05-14 00:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 00:23 . 2011-05-14 00:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2011-05-13 17:37 . 2011-05-13 17:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2011-05-14 00:17 . 2011-05-14 00:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 00:12 . 2011-05-14 00:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 00:11 . 2011-05-14 00:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2012-01-15 11:20 . 2012-01-15 11:20 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe
+ 2012-01-15 11:20 . 2012-01-15 11:20 335520 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.dll
+ 2012-01-15 11:19 . 2012-01-15 11:19 467456 c:\windows\Installer\3f99f0.msi
+ 2011-05-13 19:04 . 2011-05-13 19:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-13 19:04 . 2011-05-13 19:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 57344]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 109.238.32.52 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-15 13:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
.
**************************************************************************
.
Celkový čas: 2012-01-15 13:41:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-15 12:41
ComboFix2.txt 2012-01-15 10:41
.
Před spuštěním: 5 751 271 424
Po spuštění: 5 779 079 168
.
- - End Of File - - 516A6229C24FC7D3606F62A6D8C287DC
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Zástupci namísto složek

#14 Příspěvek od vyosek »

:arrow: Chtelo by to nejake zabezpeceni PC

:arrow: Jak se chova disk a PC :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Lakso
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 21 říj 2010 09:32

Re: Zástupci namísto složek

#15 Příspěvek od Lakso »

paráda :) tak po odpojení disků a opětovném se už ti zástupci nevytváří :) děkuji za pomoc :)

co se týče zabezpečení, používám jen windowsáckej firewall a myslím, že moc problému nemám, dávám si celkem pozor, kam chodím. Co byste kdyžtak doporučoval?
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“