VIRY.CZ

Zdravím neviem, či som tu správne..ale tak snáď..mám problém s vírusom zrejme Trojský kůň, zlyhal mi antivirak..a tak sa mi dostal do noťasu a všetko, čo mohol pomazal (ikony, pozadia na ploche, vsetky programy)...všetko

neviem, čo mám robiť prosím poraďte, dal by sa mi zachraniť disk D (mám rozdelený na C a D)..stačila by reinštalácia windowsu a vírus by zmizol? s tým, že by sa zachránil spomínany disk?

Hezké dopoledne

SPouštěl jste nějaký crack/keygen?
Smazal Vám pouze tu systémovou část?
DOstanete se alespon do nouzového režimu?

Zdravím, antivirák už mám v poriadku, našiel zrejme aj vírusy, ale stále mám čiernu obrazovku a veci, čo boli na disku C, keď idem otvoriť zložku mi ju ukáže ako prázdnú, pričom keď skúsim pozrieť vlastnosti zložky, stále ukazuje, že tam tie súbory by mali byť, čo je horšie zistil som, že mi to robí aj v niektorých zložkách na disku D.
Na disku C mi ostali veci "len" v zložke Program files, a aj to neviem, či všetky. Takže zázrakom sa mi dá ísť aj net a mozem vytvorit aj log, ak to teda pomoze.

Chcel som skúsiť obnovenie systému, ale nepodaril sa mi spustiť núdzový režím, z nejakého dovodu mi nejde a vypisuje nasledovné:

Checking file system on C:
The type of the file system is NFTS.
Volume label is OS.

One of your disks needs to checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Disk chceking has been cancelled.

Vypisuje Vám, že je potřeba udělat kontrolu disku. Takže to potvrdte a provedte ji, vypadá to na špatný disk, proto se Vám ztratili ty soubory, pravděpodobně.

Předtím provedte

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

keď mi vypíše urobiť tú kontrolu ako vravíte, tak to nemám čím potvrdiť, bo mi to za pár sekund zmizne a nabehne mi windows...
SKúšal som to "ručne" ale nabehlo mi, že ho nemôžem skontrolovať, že sa práve používa, pričom som všetky programy vypol..a keď som zadal naplánovať, tak mi to celé zmizlo a nepustilo ma ani k tomu naplánovaniu..

tú su tie údaje

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/03/17 19:47:47

-- Controller Map ----------------------------------------------------------
+ Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
- ST9500420AS
- HL-DT-ST DVDRAM GT32N

-- Disk List ---------------------------------------------------------------
(1) ST9500420AS : 500.1 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) ST9500420AS
----------------------------------------------------------------------------
Model : ST9500420AS
Firmware : 0003SDM1
Serial Number : 5VJ7QRE6
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 4672 hours
Power On Count : 1866 count
Temparature : 29 C (84 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : D000h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 103 _99 __6 00000052D191 Read Error Rate
03 _97 _97 _85 000000000000 Spin-Up Time
04 _99 _99 _20 00000000075F Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _69 _60 _30 0008045E243E Seek Error Rate
09 _95 _95 __0 000000001240 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _99 _99 _20 00000000074A Power Cycle Count
B8 100 100 _99 000000000000 End-to-End Error
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BC 100 _97 __0 000000000008 Command Timeout
BD 100 100 __0 000000000000 High Fly Writes
BE _71 _52 _45 00001D16001D Airflow Temperature
BF 100 100 __0 00000000008D G-Sense Error Rate
C0 100 100 __0 000000000014 Power-off Retract Count
C1 _92 _92 __0 00000000417E Load/Unload Cycle Count
C2 _29 _48 __0 000F0000001D Temperature
C3 _45 _41 __0 00000052D191 Hardware ECC recovered
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
F0 100 253 __0 5406000012AB Head Flying Hours
F1 100 253 __0 000016A6BAEA Vendor Specific
F2 100 253 __0 00003DE94431 Vendor Specific
FE 100 100 __0 000000000000 Free Fall Protection

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0C 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00 .Z?..7.......?..
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20 ....
020: 35 56 4A 37 51 52 45 36 00 00 80 00 00 04 30 30 5VJ7QRE6......00
030: 30 33 53 44 4D 31 53 54 39 35 30 30 34 32 30 41 03SDM1ST9500420A
040: 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 S
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10 ..
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10 ../.@.......?...
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07 .?..............
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 ...x.x.x.x......
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 48 00 48 .............H.H
0A0: 01 F0 00 29 74 6B 7F 09 61 E3 74 69 BC 09 61 E3 ...)tk..a.ti..a.
0B0: 40 7F 00 33 00 33 80 80 FF FE 00 00 D0 00 00 00 @..3.3..........
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00 ........`0:8....
0D0: 00 00 00 00 00 00 00 00 50 00 C5 00 29 ED 18 12 ........P...)...
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1E ..............@.
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 @...............
100: 00 29 60 30 3A 38 60 30 3A 38 20 20 00 02 01 40 .)`0:8`0:8 ...@
110: 01 00 50 00 3C 06 3C 0A 00 00 00 78 00 00 00 08 ..P.<.<....x....
120: 00 00 00 00 00 1F 02 80 00 00 00 00 00 08 00 00 ................
130: 00 00 00 00 00 00 00 00 00 00 00 00 3E 00 80 00 ............>...
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
190: 00 00 00 00 00 00 00 00 00 00 00 00 10 3F 00 00 .............?..
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1B0: 00 00 1C 20 00 00 00 00 00 00 00 00 10 10 00 00 ... ............
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FA A5 ................

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 0A 0F 01 67 00 91 63 52 D1 00 00 00 00 03 03 ....g..cR.......
010: 61 00 00 61 00 00 00 00 00 00 32 04 63 00 5F 63 a..a......2.c._c
020: 00 07 00 00 00 00 33 05 64 00 00 64 00 00 00 00 ......3.d..d....
030: 00 00 0F 07 45 00 3E 3C 5E 24 08 04 00 00 32 09 ....E.><^$....2.
040: 5F 00 40 5F 00 12 00 00 00 00 13 0A 64 00 00 64 _.@_........d..d
050: 00 00 00 00 00 00 32 0C 63 00 4A 63 00 07 00 00 ......2.c.Jc....
060: 00 00 32 B8 64 00 00 64 00 00 00 00 00 00 32 BB ..2.d..d......2.
070: 64 00 00 64 00 00 00 00 00 00 32 BC 64 00 08 61 d..d......2.d..a
080: 00 00 00 00 00 00 3A BD 64 00 00 64 00 00 00 00 ......:.d..d....
090: 00 00 22 BE 47 00 1D 34 16 00 00 1D 00 00 32 BF ..".G..4......2.
0A0: 64 00 8D 64 00 00 00 00 00 00 32 C0 64 00 14 64 d..d......2.d..d
0B0: 00 00 00 00 00 00 32 C1 5C 00 7E 5C 00 41 00 00 ......2.\.~\.A..
0C0: 00 00 22 C2 1D 00 1D 30 00 00 0F 00 00 00 1A C3 .."....0........
0D0: 2D 00 91 29 52 D1 00 00 00 00 12 C5 64 00 00 64 -..)R.......d..d
0E0: 00 00 00 00 00 00 10 C6 64 00 00 64 00 00 00 00 ........d..d....
0F0: 00 00 3E C7 C8 00 00 C8 00 00 00 00 00 00 00 F0 ..>.............
100: 64 00 AB FD 00 12 06 00 23 54 00 F1 64 00 EA FD d.......#T..d...
110: A6 BA 00 16 00 00 00 F2 64 00 31 FD E9 44 00 3D ........d.1..D.=
120: 00 00 32 FE 64 00 00 64 00 00 00 00 00 00 00 00 ..2.d..d........
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73 00 ..............s.
170: 00 03 00 01 6B 02 00 03 00 00 00 00 00 00 00 00 ....k...........
180: 00 00 00 00 00 00 00 00 03 01 03 03 03 03 03 03 ................
190: 00 03 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
1A0: 00 00 00 00 00 8D 00 00 56 47 3E 4E 0F 4F 00 00 ........VG>N.O..
1B0: 00 00 00 00 00 01 FF FF BA EA 16 A6 F6 F8 00 01 ................
1C0: 44 31 3D E9 1C 76 00 11 00 00 00 00 0C 1A 00 0A D1=..v..........
1D0: 00 00 00 00 00 00 00 00 13 6D 00 00 00 92 00 03 .........m......
1E0: 00 00 00 00 12 A0 00 00 00 00 00 00 00 00 2B 00 ..............+.
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 00 ..............P.

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 06 01 00 00 00 00 00 00 00 00 00 00 55 03 ..............U.
010: 00 00 00 00 00 00 00 00 00 00 14 04 00 00 00 00 ................
020: 00 00 00 00 00 00 24 05 00 00 00 00 00 00 00 00 ......$.........
030: 00 00 1E 07 00 00 00 00 00 00 00 00 00 00 00 09 ................
040: 00 00 00 00 00 00 00 00 00 00 61 0A 00 00 00 00 ..........a.....
050: 00 00 00 00 00 00 14 0C 00 00 00 00 00 00 00 00 ................
060: 00 00 63 B8 00 00 00 00 00 00 00 00 00 00 00 BB ..c.............
070: 00 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 ................
080: 00 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 ................
090: 00 00 2D BE 00 00 00 00 00 00 00 00 00 00 00 BF ..-.............
0A0: 00 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 ................
0B0: 00 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 ................
0C0: 00 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 ................
0D0: 00 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 ................
0E0: 00 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 ................
0F0: 00 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 ................
100: 00 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 ................
110: 00 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 ................
120: 00 00 00 FE 00 00 00 00 00 00 00 00 00 00 00 00 ................
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 84 00 ................

Márty84 píše:Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi kratky test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

RogueKiller V7.3.1 [03/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ: Aďko [Práva Správcu]
Mode: Kontrola -- Date: 03/17/2012 22:30:35

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrov: 23 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : MTqJhIkNWw.exe (C:\ProgramData\MTqJhIkNWw.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-321173608-3100239004-2783502501-1001[...]\Run : MTqJhIkNWw.exe (C:\ProgramData\MTqJhIkNWw.exe) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{212CD663-91C1-4074-B6AF-CBB86C595142} : NameServer (0.0.0.0) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{212CD663-91C1-4074-B6AF-CBB86C595142} : NameServer (0.0.0.0) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač: [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] adb0aa9ec6250927eb9163cc393d5494
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 20002 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 40965750 | Size: 119232 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 285153280 | Size: 337704 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Márty84 píše:Znovu spustte RogueKiller
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi kratky test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

RogueKiller V7.3.1 [03/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ: Aďko [Práva Správcu]
Mode: Odebrať -- Date: 03/17/2012 23:05:37

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrov: 22 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : MTqJhIkNWw.exe (C:\ProgramData\MTqJhIkNWw.exe) -> DELETED
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{212CD663-91C1-4074-B6AF-CBB86C595142} : NameServer (0.0.0.0) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{212CD663-91C1-4074-B6AF-CBB86C595142} : NameServer (0.0.0.0) -> NOT REMOVED, USE DNSFIX
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\Aďko\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg)
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač: [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] adb0aa9ec6250927eb9163cc393d5494
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 20002 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 40965750 | Size: 119232 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 285153280 | Size: 337704 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

tak som spustil ten combofix..a všetko mi ponabiehalo späť!!:) veľmi pekne ďakujem za pomoc!!

tu je ešte log, čo mi vygenerovalo...

ComboFix 12-03-17.01 - Aďko . 03. 2012 12:41:55.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3886.2293 [GMT 1:00]
Running from: c:\users\A´ko\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\programdata\~p6FhcOXTltdc9K
c:\programdata\~p6FhcOXTltdc9Kr
c:\programdata\ASUS
c:\programdata\ASUS\LifeFrame\config0.cfg
c:\programdata\ASUS\LifeFrame\config1.cfg
c:\programdata\ASUS\LifeFrame\config2.cfg
c:\programdata\ASUS\LifeFrame\config3.cfg
c:\programdata\ASUS\LifeFrame\config4.cfg
c:\programdata\ASUS\LifeFrame\config5.cfg
c:\programdata\ASUS\LifeFrame\tmp0.img
c:\programdata\ASUS\LifeFrame\tmp1.img
c:\programdata\ASUS\LifeFrame\tmp2.img
c:\programdata\ASUS\LifeFrame\tmp3.img
c:\programdata\ASUS\LifeFrame\tmp4.img
c:\programdata\ASUS\LifeFrame\tmp5.img
c:\programdata\FullRemove.exe
c:\programdata\p6FhcOXTltdc9K
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Files Created from 2012-02-18 to 2012-03-18 )))))))))))))))))))))))))))))))
.
.
2012-03-18 11:53 . 2012-03-18 11:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-18 11:53 . 2012-03-18 11:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-18 11:20 . 2012-03-18 11:20 -------- d--h--w- c:\programdata\.syncID
2012-03-17 18:44 . 2012-03-17 18:44 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-03-17 18:43 . 2012-03-18 11:25 -------- d-----w- C:\RFGD
2012-03-16 20:05 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-16 20:05 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-16 20:05 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-16 19:15 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-16 19:15 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-16 19:15 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-16 19:15 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-16 19:15 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-16 19:15 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-16 19:15 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-16 19:15 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-16 19:15 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-16 19:15 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-18 12:05 . 2010-10-01 21:03 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-03-01 13:26 . 2011-05-13 14:11 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-04 10:44 . 2012-02-16 03:03 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-16 03:03 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-16 03:04 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-16 03:04 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-16 03:04 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"AdobeBridge"="c:\program files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" [2010-03-09 11989960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-02 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2010-10-05 149280]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"Standby"="c:\program files (x86)\Common Files\Corel\Standby\Standby.exe" [2010-01-07 105632]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-09-06 413696]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-06-25 273544]
.
c:\users\Aďko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
esport1.exe [2010-11-18 3639]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-9-2 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-9-2 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-02 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-02 135664]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-03-05 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-08-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-06-22 1616488]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-02 19:50]
.
2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-02 19:50]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2916584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-10-23 500208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"combofix"="c:\combofix\CF30676.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Previesť cieľ odkazu do formátu Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Previesť do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridať cieľ odkazu do existujúceho súboru PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Pridať do existujúceho súboru PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} -
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz
TCP: DhcpNameServer = 192.168.10.254
TCP: Interfaces\{212CD663-91C1-4074-B6AF-CBB86C595142}: NameServer = 0.0.0.0
FF - ProfilePath - c:\users\Aďko\AppData\Roaming\Mozilla\Firefox\Profiles\s47jgbuu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.pokec.sk
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-OEXPRESS - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-Corel File Shell Monitor - c:\program files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
Toolbar-Locked - (no file)
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
HKLM-Run-TNOD UP - c:\program files (x86)\TNod User & Password Finder\TNODUP.exe
AddRemove-ASUS_N_Series_Screensaver - c:\windows\system32\ASUS_N_Series_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
c:\program files (x86)\syncables\syncables desktop\syncablesMAPI.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
**************************************************************************
.
Completion time: 2012-03-18 13:21:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-18 12:21
.
Pre-Run: 1 683 398 656 bytes free
Post-Run: 7 704 178 688 bytes free
.
- - End Of File - - 385FD7014B31D662F7D0E26874D74D31

Tento program znáte?

c:\users\Aďko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
esport1.exe

VIRY.CZ

zavireny notebook hardcore

zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore

Re: zavireny notebook hardcore