české republik police, Pozor! Váš počítač je zablokován

Zpráva

Ales.oi · #1 Příspěvek od **Ales.oi** » 03 říj 2012 00:29

Dobrý den,

mám tu jeden rodinný NTB, který se zablokuje po naběhnutí Windows a zobrazí se obrazovka se znaky Policie ČR a hláškou o zablokování počítače z důvodu porušení autorského práva a pod. Pro odblokování žádá poplatek 2000 Kč zaslat někam přes Ukash nebo paysafecard.

Při bližším zkoumání vidíte, že je to podvrh, nejdná se o policii ČR, ale chybně "české republik police" a další nesrovnalosti (asi robotický překlad).

Obecně na PC nelze vůbec nic dělat. Nefunguje ani CTRL+ALT+DEL. Není k dispozici Start a pod.

Po resetu v nouzovém režimu s MS-DOS jsem spustil RSIT.exe, který zde přikládám.

Pokud je to možné, prosím o pomoc. Děkuji, Alex
Myslím, že se jedná o podobný problém jako zde:
http://forum.viry.cz/viewtopic.php?f=13&t=124672

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martina at 2012-10-03 00:21:14
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (11%) free of 34 GB
Total RAM: 1534 MB (81% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\PMTask.job
C:\WINDOWS\tasks\Připomenutí registrace 1.job
C:\WINDOWS\tasks\Připomenutí registrace 2.job
C:\WINDOWS\tasks\Připomenutí registrace 3.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1859417632-2323950192-1061034304-1005.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1859417632-2323950192-1061034304-1005.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-06-02 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension32.dll [2012-05-08 162816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-09-02 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-22 261632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-08-17 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll [2012-08-17 1002992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_2.dll [2011-05-09 176936]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-22 270336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-08-17 192144]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2009-07-14 128296]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-14 1541416]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2004-02-04 897024]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2009-02-02 181536]
"TPHOTKEY"=C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [2006-10-02 94208]
"ControlCenter"=C:\Program Files\IBM fingerprint software\ctlcntr.exe [2004-11-04 284766]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2004-11-12 40960]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-10-08 256576]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-12-11 344064]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-09-02 127035]
""= []
"ibmmessages"=C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe [2004-08-06 442368]
"IBMPRC"=C:\IBMTOOLS\UTILS\ibmprc.exe [2004-12-16 90112]
"QCTRAY"=C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE [2004-11-09 712704]
"QCWLICON"=C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE [2004-11-09 81920]
"PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor []
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-04-09 1557160]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]
"HPUsageTracking"=C:\Program Files\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-06-02 296056]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ibmmessages"=C:\Program Files\IBM\Messages By IBM\ibmmessages.exe [2004-08-06 442368]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
LINKMAGIC.lnk - C:\Program Files\LINKMAGIC\LINKMAGIC.EXE
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\Martina\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-11-30 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\IBM fingerprint software\psfus.dll [2004-11-04 108636]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina]
C:\WINDOWS\system32\QConGina.dll [2004-11-09 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]
C:\WINDOWS\system32\notifyf2.dll [2005-07-06 28672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\WINDOWS\system32\tphklock.dll [2005-11-30 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
pwdmon

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IBM\Updater\jre\bin\java.exe"="C:\Program Files\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\jre\bin\javaw.exe"="C:\Program Files\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\ucsmb.exe"="C:\Program Files\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"E:\Bobo\Programs\DC++\StrongDC.exe"="E:\Bobo\Programs\DC++\StrongDC.exe:*:Enabled:StrongDC++"
"D:\setup\HPPNIPRINT01.EXE"="D:\setup\HPPNIPRINT01.EXE:*:Enabled:hppniprint01.exe"
"D:\setup\HPPNIPRINT64.EXE"="D:\setup\HPPNIPRINT64.EXE:*:Enabled:hppniprint64.exe"
"D:\setup\HPPNICIFS01.EXE"="D:\setup\HPPNICIFS01.EXE:*:Enabled:hppnicifs01.exe"
"D:\setup\CustomPrnDnld\HPPCSTPG.EXE"="D:\setup\CustomPrnDnld\HPPCSTPG.EXE:*:Enabled:hppcstpg.exe"
"D:\setup\HPBTPG.EXE"="D:\setup\HPBTPG.EXE:*:Enabled:hpbtpg.exe"
"D:\setup\LaunchApp.exe"="D:\setup\LaunchApp.exe:*:Enabled:launchapp.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IBM\Updater\jre\bin\java.exe"="C:\Program Files\IBM\Updater\jre\bin\java.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\jre\bin\javaw.exe"="C:\Program Files\IBM\Updater\jre\bin\javaw.exe:*:Enabled:IBM Update Connector"
"C:\Program Files\IBM\Updater\ucsmb.exe"="C:\Program Files\IBM\Updater\ucsmb.exe:*:Enabled:IBM Update Connector"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-10-03 00:21:15 ----D---- C:\Program Files\trend micro
2012-10-03 00:21:14 ----D---- C:\rsit
2012-10-02 16:26:57 ----SHD---- C:\WINDOWS\CSC
2012-10-02 16:26:46 ----A---- C:\WINDOWS\ntbtlog.txt
2012-10-02 15:30:09 ----A---- C:\Documents and Settings\Martina\Data aplikací\msconfig.ini
2012-09-13 03:06:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$

======List of files/folders modified in the last 1 month======

2012-10-03 00:21:15 ----D---- C:\Program Files
2012-10-02 23:42:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-10-02 23:30:57 ----D---- C:\WINDOWS\Temp
2012-10-02 23:19:09 ----D---- C:\Documents and Settings\Martina\Data aplikací\602Installer
2012-10-02 23:17:37 ----D---- C:\WINDOWS\system32
2012-10-02 23:17:18 ----D---- C:\WINDOWS\Prefetch
2012-10-02 16:40:32 ----SD---- C:\WINDOWS\Tasks
2012-10-02 16:40:23 ----D---- C:\Documents and Settings\Martina\Data aplikací\Skype
2012-10-02 16:26:57 ----D---- C:\WINDOWS
2012-09-30 17:43:35 ----A---- C:\WINDOWS\NeroDigital.ini
2012-09-27 17:14:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2012-09-27 17:14:37 ----D---- C:\Documents and Settings\Martina\Data aplikací\Real
2012-09-22 15:53:25 ----HD---- C:\WINDOWS\inf
2012-09-22 15:53:12 ----RSHD---- C:\WINDOWS\system32\dllcache
2012-09-22 15:53:09 ----D---- C:\Program Files\Internet Explorer
2012-09-22 15:53:00 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-22 15:52:47 ----D---- C:\WINDOWS\ie8updates
2012-09-22 15:51:44 ----HD---- C:\WINDOWS\$hf_mig$
2012-09-17 18:25:10 ----SHD---- C:\WINDOWS\Installer
2012-09-17 18:25:10 ----HD---- C:\Config.Msi
2012-09-13 03:06:37 ----A---- C:\WINDOWS\imsins.BAK
2012-09-13 03:00:48 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-12 16:27:44 ----D---- C:\Documents and Settings\Martina\Data aplikací\602XML
2012-09-10 16:50:50 ----A---- C:\WINDOWS\wincmd.ini
2012-09-10 16:50:25 ----A---- C:\WINDOWS\wcx_ftp.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 drvmcdb;drvmcdb; C:\WINDOWS\system32\drivers\drvmcdb.sys [2004-08-17 87168]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-04-25 20640]
R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx86.sys [2009-01-28 117800]
R0 TPDIGIMN;TPDIGIMN; C:\WINDOWS\System32\DRIVERS\ApsHM86.sys [2009-01-28 20520]
R0 TPDiskPM;TPDiskPM; C:\WINDOWS\system32\drivers\TPDiskPM.sys [2006-09-26 14848]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2009-08-24 24872]
R3 portio;TPM Service; C:\WINDOWS\system32\DRIVERS\NscTpmDD.sys [2004-05-19 13757]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-07-14 212656]
R3 TPInput;TPInput; C:\WINDOWS\System32\DRIVERS\TPInput.sys [2006-09-26 6528]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
S1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2004-11-09 11520]
S1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-08-21 35928]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
S1 IBMTPCHK;IBMTPCHK; C:\WINDOWS\System32\drivers\IBMBLDID.SYS [2004-11-09 2432]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2006-10-02 14848]
S1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006-10-02 9343]
S1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2005-07-05 17699]
S1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2005-01-21 4442]
S1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2007-03-09 7168]
S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.0.0.8; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-10-26 16110]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
S2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-07-14 40448]
S2 EGATHDRV;IBM Access Support; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS []
S2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
S2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
S2 PMEM;PMEM; \??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS []
S2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904]
S2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-09-02 25723]
S2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-09-02 34843]
S2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-09-02 4123]
S2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-09-02 2239]
S2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-09-02 86202]
S2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-09-02 14715]
S2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-09-02 6363]
S2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-09-02 98714]
S2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-09-02 100603]
S2 U3sHlpDr;U3sHlpDr; \??\C:\WINDOWS\System32\Drivers\U3sHlpDr.sys []
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-05-17 133200]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-30 873984]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2007-03-05 1176192]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-05-02 161792]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2011-07-12 237440]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-11-10 1041664]
S3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-11-10 200448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2011-07-12 192768]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys [2009-07-23 100480]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 pppop;PPPoP WAN Adapter; C:\WINDOWS\system32\DRIVERS\pppop.sys [2009-07-21 36384]
S3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
S3 QCNDISIF;QCNDISIF; C:\WINDOWS\System32\drivers\qcndisif.SYS [2004-11-09 12288]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2004-11-04 24832]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 w22n51;Intel(R) PRO/Wireless 2200 Adapter Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-08-30 3151232]
S3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-11-10 685184]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-30 425984]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
S2 FortiSslvpnDaemon;FortiClient SSLVPN; C:\WINDOWS\system32\FortiSSLVPNdaemon.exe [2012-02-15 866920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-31 136176]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 IBM Rapid Restore Ultra Service;IBM Rapid Restore Ultra Service; C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe [2004-12-16 385024]
S2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2009-08-24 38176]
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 QCONSVC;QCONSVC; C:\WINDOWS\System32\QCONSVC.EXE [2004-11-09 73728]
S2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
S2 S24EventMonitor;Spectrum24 Event Monitor; C:\WINDOWS\system32\S24EvMon.exe [2004-10-02 286787]
S2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]
S2 SUService;System Update; c:\program files\lenovo\system update\suservice.exe [2009-06-12 28672]
S2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
S2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.exe [2009-01-28 39976]
S2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2003-07-11 32768]
S2 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
S2 vtserver;Protector Suite Virtual Token; C:\Program Files\Common Files\Virtual Token\vtserver.exe [2004-11-04 40547]
S2 Web Assistant Updater;Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856]
S2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-31 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-17 194032]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **stell** » 03 říj 2012 07:58

zdravim
Zostan tu v nudzovom rezime,
2:Stiahnite si AdwCleaner
Ulož ho na plochu.

Zatvorte všetky otvorené programy a internetové prehliadače.
Dvakrát kliknite na AdwCleaner.exe na spustenie nástroja.
Klikni na Delete.
Potvrďte zakaždým s Ok.
Počítač sa automaticky reštartuje.
Po restarte znova nabootuj do nudzoveho rezimu.
Textový súbor sa otvorí po reštarte.
Ak nie nájsť logfile na C: \ AdwCleaner [S1] txt .
Obsah vloz sem.

3: Stiahni RogueKiller . RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Zatvor vsetky programy
Ak pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dajte Run As Administrator ci Spustiť ako správca
Pockaj na dokončení PreScan
Vyber polozku Prehľadať (scan)
Pockas kym prebehne (scan)
Potom klikni na ""Zmazať"" - vykoná zmazanie nálezov.
Po dokončení klikni na Správa (Report) - otvorí sa log, ten sem vloz
Detailný postup http://forum.viry.cz/viewtopic.php?f=24 ... 1#p1097961

Ales.oi · #3 Příspěvek od **Ales.oi** » 03 říj 2012 18:20

Děkuji za návod, snad se dostanu k NTB dnes večer. Jen v rychlosti píši, že mám WIN XP - SP3, a že restart v nouzovém režimu nepomohl, pomohl pouze restart v nouzovém režimu s MS-DOS.

#4 Příspěvek od **stell** » 03 říj 2012 18:30

No uvidime, pretoze tento smejd blokuje vsetko, ale zostan tam v MSDOS, a skus programy ak nepojdu, tak napisat,

zemekoule · #5 Příspěvek od **zemekoule** » 03 říj 2012 19:29

Budu rád, když se pak napíšeš, jak se ti ten vir podařil odstranit. Mým rodičům se to podařilo dnes (zablokovat si počítač), takže mne to o víkendu také čeká

#6 Příspěvek od **stell** » 03 říj 2012 19:46

No toto bude zrejme obrovsky problem,tvrdy oriesok, pretoze na dialku to nijako sa neda, blokuje aj nudzovy rezim,ale vo win7 sa bude dat cez prikazovy riadok, z instalcd.

#7 Příspěvek od **stell** » 03 říj 2012 20:46

zemekoule
No je to novy typ ransomware,
Ak na to trufas malo by to odstranit kaspersky WindowsUnlocker
http://support.kaspersky.com/faq/?qid=208285998
http://www.viruskasino.com/2011/10/windowsunlocker.html

Ales.oi · #8 Příspěvek od **Ales.oi** » 03 říj 2012 21:56

Tak jsem spustil ADWCleaner, resetovalo se to, ale vrátilo se to do nouzového režimu - no, v tom to nejdede, obrazovka je překrytá - sice bílou barvou, ale předpokládám, že by byla překrytá obrázkem s textem o porušeních autorských práv, uzamčení PC a výzvou k platbě, kdyby byl NTB pripojen k internetu. Takže jsem restartoval znovu a to do nouzového reřimu s prací MS-DOS, abych získal ten log.

Jinak je to nějaká alternativa ransomwar, která v USA využila jména FBI, byla i ve švédsku a anglii. Našel jsem jeden návod, dle kterého jsem resetl do NR s MS-DOS, ale vir jsem nenašel na místě, kde se vyskytoval v předchozích verzích.

Ještě pro informaci, pokud dám počítač vypnout tlačítkem na NTB, tak se ten šmejd vypne, chvilku je vidět klasická plocha, asi by se dalo něco rychle odkliknout, ale pak se začnou ukončovat windows. Když před tím dám CTRL+ALT+DEL tak se nic neděje, ale při vypínání je právě vidět, že správce procesů naběhl. Takže WIN pracují normálně jen je to jako bych měl před obrazovkou papír, přes který není WIN vidět.

LOGY:

# AdwCleaner v2.003 - Logfile created 10/03/2012 at 22:18:42
# Updated 23/09/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Martina - MBDOMA
# Boot Mode : Safe mode
# Running from : C:\Documents and Settings\Martina\Plocha\adwcleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\InstallMate
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Premium
Folder Deleted : C:\Documents and Settings\Martina\Data aplikací\incredibar.com
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\BS_Player
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\incredibar.com
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\BS_Player
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\conduitEngine
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Web Assistant
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B581A2A6-2E9D-4873-AD4A-6F7140B5D887}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{425F85D1-A14E-48D2-974E-3B12D6062059}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7FFC7EE-E08A-4B09-A422-97EE0E6F439F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\incredibar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B581A2A6-2E9D-4873-AD4A-6F7140B5D887}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S1].txt - [12958 octets] - [03/10/2012 22:18:42]

########## EOF - C:\AdwCleaner[S1].txt - [13019 octets] ##########

Druhý LOG:
RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Nouzový režim
Uživatel : Martina [Práva správce]
Mód : Kontrola -- Datum : 10/03/2012 22:49:25

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[SHELL][Rans.Gendarm] HKCU\[...]\Winlogon : shell (explorer.exe,C:\Documents and Settings\Martina\Data aplikací\msconfig.dat) -> NALEZENO
[SHELL][Rans.Gendarm] HKUS\S-1-5-21-1859417632-2323950192-1061034304-1005[...]\Winlogon : shell (explorer.exe,C:\Documents and Settings\Martina\Data aplikací\msconfig.dat) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : Rans.Gendarm ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
192.168.1.101 NPI3D174C

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: HTS541040G9AT00 +++++
--- User ---
[MBR] a8285e0186e056dc1f301daecb499ddd
[BSP] d0ff61dee648b47ab166268d66d66cae : Lenovo tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 34108 Mo
1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 69854400 | Size: 4045 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

Mám ty šmejdy dle RK smazat (3ks) nebo ne (dle podrobného návodu mám počkat na správu rádce

.

Děkuji. -A-

#9 Příspěvek od **stell** » 04 říj 2012 07:03

Tento subor zazaipsuj, a poloz na http://vyosek.ic.cz/havet/uploader.php
C:\Documents and Settings\Martina\Data aplikací\msconfig.dat)

ano zmaz nalez Rogue killer a restart do windows, a napis.

Ales.oi · #10 Příspěvek od **Ales.oi** » 04 říj 2012 08:43

Promiň, co je to "zazaipsuj"?

Má to být zazipuj?

Děkuji.

#11 Příspěvek od **stell** » 04 říj 2012 08:45

ano..

Ales.oi · #12 Příspěvek od **Ales.oi** » 04 říj 2012 09:15

Tak zatím se to tváří, že to jede bez problémů

Tedy, ten původní problém se neukázal

.

V tuto chvíli velice děkuji. Jdu to testovat v běžném provozu

Dobrá práce Stelle

#13 Příspěvek od **stell** » 04 říj 2012 09:27

No pockaj, musime este skontrolovat ci ti tam nenamontoval rootkit Zeroaccess.

Takze teraz sprav toto:
1:vypnut obnovu systemu a restart a zapnut nazad.
2:spust nastroj TDSSKILLER.
http://www.viruskasino.com/2010/12/odst ... kitov.html
Log vloz sem.

Ales.oi · #14 Příspěvek od **Ales.oi** » 04 říj 2012 10:49

Ok, asi jsem byl trošku naivnější

Log je zde:

11:40:29.0375 5180 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
11:40:29.0468 5180 ============================================================
11:40:29.0468 5180 Current date / time: 2012/10/04 11:40:29.0468
11:40:29.0468 5180 SystemInfo:
11:40:29.0468 5180
11:40:29.0468 5180 OS Version: 5.1.2600 ServicePack: 3.0
11:40:29.0468 5180 Product type: Workstation
11:40:29.0468 5180 ComputerName: MBDOMA
11:40:29.0468 5180 UserName: Martina
11:40:29.0468 5180 Windows directory: C:\WINDOWS
11:40:29.0468 5180 System windows directory: C:\WINDOWS
11:40:29.0468 5180 Processor architecture: Intel x86
11:40:29.0468 5180 Number of processors: 1
11:40:29.0468 5180 Page size: 0x1000
11:40:29.0468 5180 Boot type: Normal boot
11:40:29.0468 5180 ============================================================
11:40:31.0171 5180 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1430, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
11:40:31.0187 5180 Drive \Device\Harddisk1\DR3 - Size: 0x1D11B0000 (7.27 Gb), SectorSize: 0x200, Cylinders: 0x3B4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:40:31.0187 5180 ============================================================
11:40:31.0187 5180 \Device\Harddisk0\DR0:
11:40:31.0187 5180 MBR partitions:
11:40:31.0187 5180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x429E481
11:40:31.0187 5180 \Device\Harddisk1\DR3:
11:40:31.0187 5180 MBR partitions:
11:40:31.0187 5180 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xE86E00
11:40:31.0187 5180 ============================================================
11:40:31.0281 5180 C: <-> \Device\Harddisk0\DR0\Partition1
11:40:31.0281 5180 ============================================================
11:40:31.0281 5180 Initialize success
11:40:31.0281 5180 ============================================================
11:40:40.0656 5368 ============================================================
11:40:40.0656 5368 Scan started
11:40:40.0656 5368 Mode: Manual;
11:40:40.0656 5368 ============================================================
11:40:41.0359 5368 ================ Scan system memory ========================
11:40:41.0359 5368 System memory - ok
11:40:41.0359 5368 ================ Scan services =============================
11:40:41.0484 5368 [ 42FAEEF297D64C132862266418DBEF7F ] 602XML Updater C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
11:40:41.0484 5368 602XML Updater - ok
11:40:41.0609 5368 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
11:40:41.0609 5368 Aavmker4 - ok
11:40:41.0625 5368 Abiosdsk - ok
11:40:41.0671 5368 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:40:41.0671 5368 abp480n5 - ok
11:40:41.0687 5368 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
11:40:41.0703 5368 ac97intc - ok
11:40:41.0750 5368 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:40:41.0765 5368 ACPI - ok
11:40:41.0781 5368 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:40:41.0781 5368 ACPIEC - ok
11:40:41.0812 5368 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:40:41.0812 5368 adpu160m - ok
11:40:41.0843 5368 [ CDE1F62FE63631B932ACE2249FB11DA0 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
11:40:41.0843 5368 aeaudio - ok
11:40:41.0859 5368 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:40:41.0859 5368 aec - ok
11:40:41.0875 5368 [ 18309916DA01042606B4A5EC8F60B447 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:40:41.0875 5368 AegisP - ok
11:40:41.0921 5368 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:40:41.0921 5368 AFD - ok
11:40:41.0968 5368 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
11:40:41.0984 5368 agp440 - ok
11:40:42.0031 5368 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:40:42.0031 5368 agpCPQ - ok
11:40:42.0046 5368 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:40:42.0046 5368 Aha154x - ok
11:40:42.0062 5368 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:40:42.0062 5368 aic78u2 - ok
11:40:42.0078 5368 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:40:42.0078 5368 aic78xx - ok
11:40:42.0125 5368 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:40:42.0125 5368 Alerter - ok
11:40:42.0140 5368 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
11:40:42.0140 5368 ALG - ok
11:40:42.0156 5368 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
11:40:42.0156 5368 AliIde - ok
11:40:42.0187 5368 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:40:42.0187 5368 alim1541 - ok
11:40:42.0203 5368 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:40:42.0203 5368 amdagp - ok
11:40:42.0218 5368 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
11:40:42.0218 5368 amsint - ok
11:40:42.0234 5368 [ 11AB185A7AF224800BBFB5B836974A17 ] ANC C:\WINDOWS\system32\drivers\ANC.SYS
11:40:42.0234 5368 ANC - ok
11:40:42.0296 5368 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:40:42.0296 5368 AppMgmt - ok
11:40:42.0343 5368 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
11:40:42.0343 5368 asc - ok
11:40:42.0406 5368 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:40:42.0406 5368 asc3350p - ok
11:40:42.0437 5368 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:40:42.0453 5368 asc3550 - ok
11:40:42.0578 5368 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:40:42.0593 5368 aspnet_state - ok
11:40:42.0640 5368 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:40:42.0640 5368 aswFsBlk - ok
11:40:42.0640 5368 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
11:40:42.0640 5368 aswMon2 - ok
11:40:42.0656 5368 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
11:40:42.0656 5368 aswRdr - ok
11:40:42.0703 5368 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
11:40:42.0718 5368 aswSnx - ok
11:40:42.0750 5368 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
11:40:42.0750 5368 aswSP - ok
11:40:42.0796 5368 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
11:40:42.0796 5368 aswTdi - ok
11:40:42.0859 5368 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:40:42.0859 5368 AsyncMac - ok
11:40:42.0859 5368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:40:42.0859 5368 atapi - ok
11:40:42.0875 5368 Atdisk - ok
11:40:42.0937 5368 [ 4D1D67E1E99ECB685DEA92301A29DF23 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
11:40:42.0953 5368 Ati HotKey Poller - ok
11:40:43.0031 5368 [ 6D820E99CF360FDBB554AF72F33C2052 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:40:43.0031 5368 ati2mtag - ok
11:40:43.0062 5368 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:40:43.0062 5368 Atmarpc - ok
11:40:43.0109 5368 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:40:43.0109 5368 AudioSrv - ok
11:40:43.0125 5368 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:40:43.0125 5368 audstub - ok
11:40:43.0203 5368 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:40:43.0203 5368 avast! Antivirus - ok
11:40:43.0312 5368 [ B946A45E04EC4339EEC002E449D4CD4C ] AVerBDA3x C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys
11:40:43.0328 5368 AVerBDA3x - ok
11:40:43.0390 5368 [ 66DD574749C38153C6067EBBA929BEFC ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
11:40:43.0390 5368 b57w2k - ok
11:40:43.0468 5368 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
11:40:43.0468 5368 BBSvc - ok
11:40:43.0500 5368 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
11:40:43.0500 5368 BBUpdate - ok
11:40:43.0546 5368 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:40:43.0546 5368 Beep - ok
11:40:43.0625 5368 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
11:40:43.0656 5368 BITS - ok
11:40:43.0718 5368 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
11:40:43.0718 5368 Browser - ok
11:40:43.0765 5368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:40:43.0765 5368 cbidf - ok
11:40:43.0765 5368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:40:43.0765 5368 cbidf2k - ok
11:40:43.0812 5368 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:40:43.0812 5368 CCDECODE - ok
11:40:43.0859 5368 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:40:43.0859 5368 cd20xrnt - ok
11:40:43.0859 5368 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:40:43.0875 5368 Cdaudio - ok
11:40:43.0875 5368 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:40:43.0890 5368 Cdfs - ok
11:40:43.0890 5368 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:40:43.0906 5368 Cdrom - ok
11:40:43.0906 5368 Changer - ok
11:40:43.0937 5368 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:40:43.0953 5368 CiSvc - ok
11:40:43.0953 5368 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:40:43.0953 5368 ClipSrv - ok
11:40:44.0046 5368 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:44.0125 5368 clr_optimization_v2.0.50727_32 - ok
11:40:44.0171 5368 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:44.0203 5368 clr_optimization_v4.0.30319_32 - ok
11:40:44.0250 5368 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:40:44.0250 5368 CmBatt - ok
11:40:44.0296 5368 [ 964D0F042ACA51D5644779EB9D9EE40F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:40:44.0312 5368 CmdIde - ok
11:40:44.0312 5368 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:40:44.0312 5368 Compbatt - ok
11:40:44.0328 5368 COMSysApp - ok
11:40:44.0375 5368 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:40:44.0375 5368 Cpqarray - ok
11:40:44.0437 5368 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:40:44.0437 5368 CryptSvc - ok
11:40:44.0468 5368 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:40:44.0468 5368 dac2w2k - ok
11:40:44.0484 5368 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:40:44.0484 5368 dac960nt - ok
11:40:44.0546 5368 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:40:44.0562 5368 DcomLaunch - ok
11:40:44.0625 5368 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:40:44.0625 5368 Dhcp - ok
11:40:44.0640 5368 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:40:44.0640 5368 Disk - ok
11:40:44.0640 5368 dmadmin - ok
11:40:44.0703 5368 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:40:44.0718 5368 dmboot - ok
11:40:44.0750 5368 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:40:44.0750 5368 dmio - ok
11:40:44.0781 5368 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:40:44.0781 5368 dmload - ok
11:40:44.0796 5368 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:40:44.0812 5368 dmserver - ok
11:40:44.0828 5368 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:40:44.0828 5368 DMusic - ok
11:40:44.0875 5368 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:40:44.0875 5368 Dnscache - ok
11:40:44.0921 5368 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:40:44.0921 5368 Dot3svc - ok
11:40:44.0968 5368 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:40:44.0984 5368 dot4 - ok
11:40:45.0000 5368 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:40:45.0000 5368 Dot4Print - ok
11:40:45.0015 5368 [ CCC4092DFC85336F2E1C142483ADEB42 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
11:40:45.0015 5368 dot4usb - ok
11:40:45.0031 5368 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:40:45.0046 5368 dpti2o - ok
11:40:45.0093 5368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:40:45.0093 5368 drmkaud - ok
11:40:45.0109 5368 [ F41619AE216B51D68DDA163805EEFAA9 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
11:40:45.0109 5368 drvmcdb - ok
11:40:45.0109 5368 [ B295700E684ED1984DB1D6BE40354421 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
11:40:45.0109 5368 drvnddm - ok
11:40:45.0140 5368 [ 866B8EE30E4504C11AE0D29ED6F8824B ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:40:45.0140 5368 E100B - ok
11:40:45.0171 5368 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:40:45.0171 5368 EapHost - ok
11:40:45.0203 5368 [ 2D0FC676D159525F6CD74C3302C7A61C ] EGATHDRV C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
11:40:45.0203 5368 EGATHDRV - ok
11:40:45.0265 5368 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:40:45.0265 5368 ERSvc - ok
11:40:45.0312 5368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
11:40:45.0312 5368 Eventlog - ok
11:40:45.0421 5368 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
11:40:45.0437 5368 EventSystem - ok
11:40:45.0578 5368 [ 53CCA6B4DF0977074E85C9A18F42B5CC ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:40:45.0578 5368 EvtEng - ok
11:40:45.0625 5368 [ 3AED3B6B78F3506E363A4B64B7309568 ] ewusbnet C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
11:40:45.0625 5368 ewusbnet - ok
11:40:45.0656 5368 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:40:45.0671 5368 Fastfat - ok
11:40:45.0718 5368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:40:45.0718 5368 FastUserSwitchingCompatibility - ok
11:40:45.0781 5368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:40:45.0781 5368 Fdc - ok
11:40:45.0796 5368 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:40:45.0796 5368 Fips - ok
11:40:45.0812 5368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:40:45.0812 5368 Flpydisk - ok
11:40:45.0859 5368 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:40:45.0859 5368 FltMgr - ok
11:40:45.0953 5368 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:40:45.0953 5368 FontCache3.0.0.0 - ok
11:40:46.0031 5368 [ 4C0291A92F88377EA449A35B8CEA1A91 ] FortiSslvpnDaemon C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
11:40:46.0031 5368 FortiSslvpnDaemon - ok
11:40:46.0046 5368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:40:46.0046 5368 Fs_Rec - ok
11:40:46.0078 5368 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:40:46.0078 5368 Ftdisk - ok
11:40:46.0093 5368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:40:46.0093 5368 Gpc - ok
11:40:46.0187 5368 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:40:46.0187 5368 gupdate - ok
11:40:46.0187 5368 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:40:46.0187 5368 gupdatem - ok
11:40:46.0265 5368 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:40:46.0281 5368 gusvc - ok
11:40:46.0390 5368 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:40:46.0390 5368 helpsvc - ok
11:40:46.0437 5368 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:40:46.0453 5368 HidServ - ok
11:40:46.0468 5368 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:40:46.0468 5368 HidUsb - ok
11:40:46.0515 5368 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:40:46.0515 5368 hkmsvc - ok
11:40:46.0562 5368 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
11:40:46.0562 5368 hpn - ok
11:40:46.0718 5368 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:40:46.0718 5368 hpqcxs08 - ok
11:40:46.0734 5368 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:40:46.0750 5368 hpqddsvc - ok
11:40:46.0796 5368 [ 7B555FF6647069BD1D68B4F9556A7B16 ] HSFHWICH C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
11:40:46.0796 5368 HSFHWICH - ok
11:40:46.0859 5368 [ 43B60F94718841E13B9DD8905366BDBD ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
11:40:46.0890 5368 HSF_DP - ok
11:40:46.0953 5368 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:40:46.0953 5368 HTTP - ok
11:40:47.0031 5368 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:40:47.0031 5368 HTTPFilter - ok
11:40:47.0078 5368 [ 033CF42B457366CFA1F8C669C5E30233 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
11:40:47.0078 5368 huawei_enumerator - ok
11:40:47.0140 5368 [ 90CF9FDF55B12BCCD69CA1C3C9DC6ADB ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
11:40:47.0140 5368 hwdatacard - ok
11:40:47.0187 5368 [ B93D3C81EF1D372DC5BD5E6275362E1A ] hwusbfake C:\WINDOWS\system32\DRIVERS\ewusbfake.sys
11:40:47.0203 5368 hwusbfake - ok
11:40:47.0250 5368 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
11:40:47.0250 5368 i2omgmt - ok
11:40:47.0265 5368 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:40:47.0265 5368 i2omp - ok
11:40:47.0312 5368 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:40:47.0312 5368 i8042prt - ok
11:40:47.0468 5368 [ 697A25E6C57EBCAAE6984F8134B906B5 ] IBM Rapid Restore Ultra Service C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
11:40:47.0484 5368 IBM Rapid Restore Ultra Service - ok
11:40:47.0531 5368 [ 6603A96F2EE0F88F53651ADC4FCD7468 ] ibmfilter C:\WINDOWS\system32\drivers\ibmfilter.sys
11:40:47.0531 5368 ibmfilter - ok
11:40:47.0562 5368 [ 4DCFC1792BE8FC092AB41EAFA9D0FDE5 ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
11:40:47.0562 5368 IBMPMDRV - ok
11:40:47.0578 5368 [ EC25C26C4733CA16ADBBBEC53B991976 ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
11:40:47.0578 5368 IBMPMSVC - ok
11:40:47.0609 5368 [ E4FA96158A283618A0E1807BFDC12230 ] IBMTPCHK C:\WINDOWS\system32\drivers\IBMBLDID.SYS
11:40:47.0609 5368 IBMTPCHK - ok
11:40:47.0671 5368 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:40:47.0703 5368 idsvc - ok
11:40:47.0734 5368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:40:47.0750 5368 Imapi - ok
11:40:47.0796 5368 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:40:47.0812 5368 ImapiService - ok
11:40:47.0828 5368 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:40:47.0828 5368 ini910u - ok
11:40:47.0859 5368 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:40:47.0859 5368 IntelIde - ok
11:40:47.0890 5368 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:40:47.0906 5368 intelppm - ok
11:40:47.0921 5368 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:40:47.0921 5368 Ip6Fw - ok
11:40:47.0968 5368 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:40:47.0968 5368 IpFilterDriver - ok
11:40:47.0984 5368 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:40:47.0984 5368 IpInIp - ok
11:40:48.0015 5368 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:40:48.0015 5368 IpNat - ok
11:40:48.0031 5368 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:40:48.0031 5368 IPSec - ok
11:40:48.0062 5368 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
11:40:48.0062 5368 irda - ok
11:40:48.0078 5368 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:40:48.0078 5368 IRENUM - ok
11:40:48.0093 5368 [ 8024EA8C5B2D2A4D201F418B0AADB804 ] Irmon C:\WINDOWS\System32\irmon.dll
11:40:48.0093 5368 Irmon - ok
11:40:48.0125 5368 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:40:48.0125 5368 isapnp - ok
11:40:48.0203 5368 [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
11:40:48.0218 5368 JavaQuickStarterService - ok
11:40:48.0218 5368 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:40:48.0218 5368 Kbdclass - ok
11:40:48.0234 5368 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:40:48.0234 5368 kbdhid - ok
11:40:48.0250 5368 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:40:48.0250 5368 kmixer - ok
11:40:48.0281 5368 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:40:48.0281 5368 KSecDD - ok
11:40:48.0328 5368 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:40:48.0328 5368 lanmanserver - ok
11:40:48.0406 5368 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:40:48.0406 5368 lanmanworkstation - ok
11:40:48.0437 5368 lbrtfdc - ok
11:40:48.0453 5368 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:40:48.0453 5368 LmHosts - ok
11:40:48.0546 5368 [ 46BCDE5C65AAD948F53E311B5751F62B ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
11:40:48.0546 5368 MDM - ok
11:40:48.0562 5368 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:40:48.0562 5368 mdmxsdk - ok
11:40:48.0609 5368 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:40:48.0609 5368 Messenger - ok
11:40:48.0625 5368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:40:48.0625 5368 mnmdd - ok
11:40:48.0656 5368 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:40:48.0656 5368 mnmsrvc - ok
11:40:48.0687 5368 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:40:48.0687 5368 Modem - ok
11:40:48.0734 5368 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:40:48.0734 5368 Mouclass - ok
11:40:48.0750 5368 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:40:48.0750 5368 mouhid - ok
11:40:48.0781 5368 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:40:48.0781 5368 MountMgr - ok
11:40:48.0828 5368 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
11:40:48.0843 5368 MPE - ok
11:40:48.0890 5368 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:40:48.0890 5368 mraid35x - ok
11:40:48.0906 5368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:40:48.0921 5368 MRxDAV - ok
11:40:48.0984 5368 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:40:49.0000 5368 MRxSmb - ok
11:40:49.0015 5368 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:40:49.0015 5368 MSDTC - ok
11:40:49.0031 5368 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:40:49.0031 5368 Msfs - ok
11:40:49.0031 5368 MSIServer - ok
11:40:49.0046 5368 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:40:49.0062 5368 MSKSSRV - ok
11:40:49.0078 5368 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:40:49.0078 5368 MSPCLOCK - ok
11:40:49.0078 5368 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:40:49.0093 5368 MSPQM - ok
11:40:49.0125 5368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:40:49.0140 5368 mssmbios - ok
11:40:49.0171 5368 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:40:49.0171 5368 MSTEE - ok
11:40:49.0203 5368 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:40:49.0203 5368 Mup - ok
11:40:49.0250 5368 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:40:49.0250 5368 NABTSFEC - ok
11:40:49.0296 5368 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:40:49.0312 5368 napagent - ok
11:40:49.0328 5368 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:40:49.0328 5368 NDIS - ok
11:40:49.0375 5368 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:40:49.0375 5368 NdisIP - ok
11:40:49.0437 5368 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:40:49.0453 5368 NdisTapi - ok
11:40:49.0500 5368 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:40:49.0500 5368 Ndisuio - ok
11:40:49.0578 5368 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:40:49.0578 5368 NdisWan - ok
11:40:49.0625 5368 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:40:49.0625 5368 NDProxy - ok
11:40:49.0687 5368 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
11:40:49.0687 5368 Net Driver HPZ12 - ok
11:40:49.0703 5368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:40:49.0703 5368 NetBIOS - ok
11:40:49.0734 5368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:40:49.0734 5368 NetBT - ok
11:40:49.0796 5368 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:40:49.0796 5368 NetDDE - ok
11:40:49.0812 5368 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:40:49.0812 5368 NetDDEdsdm - ok
11:40:49.0859 5368 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:40:49.0859 5368 Netlogon - ok
11:40:49.0890 5368 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
11:40:49.0890 5368 Netman - ok
11:40:49.0937 5368 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:40:49.0968 5368 NetTcpPortSharing - ok
11:40:50.0015 5368 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
11:40:50.0015 5368 Nla - ok
11:40:50.0062 5368 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
11:40:50.0062 5368 nmwcd - ok
11:40:50.0093 5368 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
11:40:50.0093 5368 nmwcdc - ok
11:40:50.0109 5368 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:40:50.0125 5368 Npfs - ok
11:40:50.0125 5368 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
11:40:50.0125 5368 NSCIRDA - ok
11:40:50.0187 5368 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:40:50.0203 5368 Ntfs - ok
11:40:50.0203 5368 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:40:50.0203 5368 NtLmSsp - ok
11:40:50.0296 5368 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:40:50.0593 5368 NtmsSvc - ok
11:40:50.0625 5368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:40:50.0640 5368 Null - ok
11:40:50.0812 5368 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:40:50.0859 5368 nv - ok
11:40:50.0890 5368 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:40:50.0906 5368 NwlnkFlt - ok
11:40:50.0984 5368 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:40:50.0984 5368 NwlnkFwd - ok
11:40:51.0046 5368 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:40:51.0046 5368 Parport - ok
11:40:51.0093 5368 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:40:51.0156 5368 PartMgr - ok
11:40:51.0218 5368 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:40:51.0218 5368 ParVdm - ok
11:40:51.0234 5368 PCASp50 - ok
11:40:51.0281 5368 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
11:40:51.0281 5368 pccsmcfd - ok
11:40:51.0296 5368 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:40:51.0312 5368 PCI - ok
11:40:51.0312 5368 PCIDump - ok
11:40:51.0359 5368 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:40:51.0359 5368 PCIIde - ok
11:40:51.0375 5368 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:40:51.0375 5368 Pcmcia - ok
11:40:51.0390 5368 PDCOMP - ok
11:40:51.0390 5368 PDFRAME - ok
11:40:51.0406 5368 PDRELI - ok
11:40:51.0421 5368 PDRFRAME - ok
11:40:51.0437 5368 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
11:40:51.0437 5368 perc2 - ok
11:40:51.0453 5368 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:40:51.0453 5368 perc2hib - ok
11:40:51.0500 5368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
11:40:51.0515 5368 PlugPlay - ok
11:40:51.0531 5368 [ FA292805788528C083F416E151B60AB6 ] PMEM C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS
11:40:51.0531 5368 PMEM - ok
11:40:51.0562 5368 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
11:40:51.0562 5368 Pml Driver HPZ12 - ok
11:40:51.0593 5368 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:40:51.0593 5368 PolicyAgent - ok
11:40:51.0609 5368 [ A15F8012B1BB59F5C5ABF1AA1158CD43 ] portio C:\WINDOWS\system32\DRIVERS\NscTpmDD.sys
11:40:51.0625 5368 portio - ok
11:40:51.0671 5368 [ 4FB133321E33CF310B0010F7F3631536 ] pppop C:\WINDOWS\system32\DRIVERS\pppop.sys
11:40:51.0671 5368 pppop - ok
11:40:51.0687 5368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:40:51.0687 5368 PptpMiniport - ok
11:40:51.0703 5368 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
11:40:51.0703 5368 Processor - ok
11:40:51.0718 5368 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:40:51.0718 5368 ProtectedStorage - ok
11:40:51.0750 5368 [ 651D3ABC1D82D61B6CFB40CB947B3DB3 ] psadd C:\WINDOWS\system32\DRIVERS\psadd.sys
11:40:51.0750 5368 psadd - ok
11:40:51.0765 5368 PsaSrv - ok
11:40:51.0781 5368 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:40:51.0796 5368 PSched - ok
11:40:51.0812 5368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:40:51.0812 5368 Ptilink - ok
11:40:51.0859 5368 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:40:51.0859 5368 PxHelp20 - ok
11:40:51.0875 5368 [ 2FEB0DA5705DF73EF15027512B998223 ] QCNDISIF C:\WINDOWS\system32\drivers\qcndisif.SYS
11:40:51.0890 5368 QCNDISIF - ok
11:40:51.0937 5368 [ 799216A07608ABC97D9D39AC2F92596B ] QCONSVC C:\WINDOWS\system32\QCONSVC.EXE
11:40:51.0937 5368 QCONSVC - ok
11:40:51.0953 5368 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:40:51.0953 5368 ql1080 - ok
11:40:51.0968 5368 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:40:51.0968 5368 Ql10wnt - ok
11:40:52.0046 5368 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:40:52.0046 5368 ql12160 - ok
11:40:52.0062 5368 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:40:52.0062 5368 ql1240 - ok
11:40:52.0078 5368 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:40:52.0078 5368 ql1280 - ok
11:40:52.0093 5368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:40:52.0093 5368 RasAcd - ok
11:40:52.0156 5368 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:40:52.0156 5368 RasAuto - ok
11:40:52.0187 5368 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
11:40:52.0187 5368 Rasirda - ok
11:40:52.0203 5368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:40:52.0218 5368 Rasl2tp - ok
11:40:52.0265 5368 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:40:52.0265 5368 RasMan - ok
11:40:52.0281 5368 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:40:52.0281 5368 RasPppoe - ok
11:40:52.0296 5368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:40:52.0296 5368 Raspti - ok
11:40:52.0312 5368 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:40:52.0328 5368 Rdbss - ok
11:40:52.0359 5368 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:40:52.0375 5368 RDPCDD - ok
11:40:52.0406 5368 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:40:52.0406 5368 rdpdr - ok
11:40:52.0453 5368 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:40:52.0453 5368 RDPWD - ok
11:40:52.0484 5368 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:40:52.0500 5368 RDSessMgr - ok
11:40:52.0531 5368 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:40:52.0531 5368 redbook - ok
11:40:52.0640 5368 [ 7C4391419852DFC331F6AF620C33AF3C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:40:52.0640 5368 RegSrvc - ok
11:40:52.0687 5368 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:40:52.0687 5368 RemoteAccess - ok
11:40:52.0718 5368 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:40:52.0718 5368 RemoteRegistry - ok
11:40:52.0734 5368 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:40:52.0734 5368 RpcLocator - ok
11:40:52.0765 5368 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:40:52.0781 5368 RpcSs - ok
11:40:52.0796 5368 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:40:52.0812 5368 RSVP - ok
11:40:52.0859 5368 [ 6083FE94CAE83EE40A9A2BB6B440A5EE ] S24EventMonitor C:\WINDOWS\system32\S24EvMon.exe
11:40:52.0875 5368 S24EventMonitor - ok
11:40:52.0890 5368 [ 96B4494D4734970F47C566E098C4F527 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
11:40:52.0890 5368 s24trans - ok
11:40:52.0921 5368 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
11:40:52.0921 5368 SamSs - ok
11:40:52.0937 5368 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:40:52.0953 5368 SCardSvr - ok
11:40:53.0000 5368 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:40:53.0015 5368 Schedule - ok
11:40:53.0062 5368 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:40:53.0062 5368 Secdrv - ok
11:40:53.0078 5368 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:40:53.0093 5368 seclogon - ok
11:40:53.0109 5368 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
11:40:53.0109 5368 SENS - ok
11:40:53.0140 5368 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:40:53.0140 5368 serenum - ok
11:40:53.0156 5368 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:40:53.0156 5368 Serial - ok
11:40:53.0265 5368 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
11:40:53.0281 5368 ServiceLayer - ok
11:40:53.0312 5368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
11:40:53.0312 5368 Sfloppy - ok
11:40:53.0421 5368 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:40:53.0421 5368 SharedAccess - ok
11:40:53.0453 5368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:40:53.0468 5368 ShellHWDetection - ok
11:40:53.0515 5368 [ 2108FC5934843E5F346A715E71FA79F9 ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx86.sys
11:40:53.0515 5368 Shockprf - ok
11:40:53.0515 5368 Simbad - ok
11:40:53.0593 5368 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:40:54.0812 5368 sisagp - ok
11:40:55.0109 5368 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
11:40:55.0140 5368 Skype C2C Service - ok
11:40:55.0218 5368 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:40:55.0234 5368 SkypeUpdate - ok
11:40:55.0250 5368 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:40:55.0250 5368 SLIP - ok
11:40:55.0312 5368 [ 26341D0DD225D19FD50E0EE3C3C77502 ] Smapint C:\WINDOWS\system32\drivers\Smapint.sys
11:40:55.0312 5368 Smapint - ok
11:40:55.0375 5368 [ 014AB093E6452EA88031BB6E22919BB5 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
11:40:55.0375 5368 smwdm - ok
11:40:55.0390 5368 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:40:55.0406 5368 Sparrow - ok
11:40:55.0453 5368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:40:55.0453 5368 splitter - ok
11:40:55.0500 5368 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:40:55.0500 5368 Spooler - ok
11:40:55.0531 5368 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:40:55.0531 5368 sr - ok
11:40:55.0625 5368 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
11:40:55.0640 5368 srservice - ok
11:40:55.0718 5368 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:40:55.0718 5368 Srv - ok
11:40:55.0734 5368 [ D7968049BE0ADBB6A57CEE3960320911 ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
11:40:55.0734 5368 sscdbhk5 - ok
11:40:55.0750 5368 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:40:55.0750 5368 SSDPSRV - ok
11:40:55.0781 5368 [ C3FFD65ABFB6441E7606CF74F1155273 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
11:40:55.0781 5368 ssrtln - ok
11:40:55.0812 5368 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:40:55.0843 5368 stisvc - ok
11:40:55.0859 5368 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:40:55.0859 5368 streamip - ok
11:40:55.0937 5368 [ F1262146970C5B73159E3727ACDE8278 ] SUService c:\program files\lenovo\system update\suservice.exe
11:40:55.0937 5368 SUService - ok
11:40:55.0953 5368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:40:55.0953 5368 swenum - ok
11:40:55.0968 5368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:40:55.0984 5368 swmidi - ok
11:40:55.0984 5368 SwPrv - ok
11:40:56.0015 5368 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
11:40:56.0015 5368 symc810 - ok
11:40:56.0062 5368 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:40:56.0062 5368 symc8xx - ok
11:40:56.0078 5368 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:40:56.0078 5368 sym_hi - ok
11:40:56.0093 5368 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:40:56.0093 5368 sym_u3 - ok
11:40:56.0125 5368 [ 7A9025D8F7852B06D6D08ED536135E7E ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:40:56.0140 5368 SynTP - ok
11:40:56.0156 5368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:40:56.0171 5368 sysaudio - ok
11:40:56.0218 5368 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:40:56.0218 5368 SysmonLog - ok
11:40:56.0265 5368 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:40:56.0265 5368 TapiSrv - ok
11:40:56.0328 5368 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:40:56.0343 5368 Tcpip - ok
11:40:56.0421 5368 [ BBB66F80B72932182D8015F80934E527 ] TcUsb C:\WINDOWS\system32\Drivers\tcusb.sys
11:40:56.0421 5368 TcUsb - ok
11:40:56.0468 5368 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:40:56.0468 5368 TDPIPE - ok
11:40:56.0515 5368 [ 564B337034271B7BDDCABFDDC91C6B7A ] TDSMAPI C:\WINDOWS\system32\drivers\TDSMAPI.SYS
11:40:56.0515 5368 TDSMAPI - ok
11:40:56.0531 5368 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:40:56.0531 5368 TDTCP - ok
11:40:56.0562 5368 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:40:56.0562 5368 TermDD - ok
11:40:56.0593 5368 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
11:40:56.0609 5368 TermService - ok
11:40:56.0656 5368 [ 1797F3375B4BF20E81D69AC8B11445B5 ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
11:40:56.0656 5368 tfsnboio - ok
11:40:56.0687 5368 [ 019BA601CB71A71143AED94F2DB26250 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
11:40:56.0687 5368 tfsncofs - ok
11:40:56.0703 5368 [ 87269D7FA6DF7EF84B83BF5B0D2E031C ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
11:40:56.0703 5368 tfsndrct - ok
11:40:56.0718 5368 [ C435768C370F35A5ABF22BD6CA272014 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
11:40:56.0718 5368 tfsndres - ok
11:40:56.0750 5368 [ 2A144EC7557EFB9758D1C121688EBAF5 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
11:40:56.0750 5368 tfsnifs - ok
11:40:56.0765 5368 [ 1AA2C61A846EFBC200703E8DC250297F ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
11:40:56.0765 5368 tfsnopio - ok
11:40:56.0781 5368 [ B3B0B6616CAE23AB1A4A5898CA6D5552 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
11:40:56.0781 5368 tfsnpool - ok
11:40:56.0796 5368 [ 1614A1E396F296138D3FB1728F385E0B ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
11:40:56.0796 5368 tfsnudf - ok
11:40:56.0828 5368 [ E5D5B8DDE8C221FEDC88680631294155 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
11:40:56.0843 5368 tfsnudfa - ok
11:40:56.0859 5368 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:40:56.0859 5368 Themes - ok
11:40:56.0984 5368 [ 9626746A9B120D2ED537DD8D76278405 ] ThinkVantage Registry Monitor Service C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
11:40:56.0984 5368 ThinkVantage Registry Monitor Service - ok
11:40:57.0062 5368 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:40:57.0078 5368 TlntSvr - ok
11:40:57.0109 5368 [ FD4FD7D6FDA5C019ED86025D7BE1510F ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
11:40:57.0109 5368 TosIde - ok
11:40:57.0125 5368 [ 1282722CF2CC5A88A606B8022D0F8B7E ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM86.sys
11:40:57.0125 5368 TPDIGIMN - ok
11:40:57.0171 5368 [ 4506CB9042C794D82B88D3685328E0E8 ] TPDiskPM C:\WINDOWS\system32\drivers\TPDiskPM.sys
11:40:57.0187 5368 TPDiskPM - ok
11:40:57.0218 5368 [ 5A726E3CC83655EF71912C4775D004F9 ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG.exe
11:40:57.0234 5368 TPHDEXLGSVC - ok
11:40:57.0281 5368 [ 29F3601D4233A53F819010FEE8C04A60 ] TPHKDRV C:\WINDOWS\system32\drivers\TPHKDRV.sys
11:40:57.0281 5368 TPHKDRV - ok
11:40:57.0296 5368 [ 77139B840F55BA6DB6BF14109E04968E ] TPInput C:\WINDOWS\system32\DRIVERS\TPInput.sys
11:40:57.0296 5368 TPInput - ok
11:40:57.0359 5368 [ DFB268FF0A6DCB9280015FF527F892FF ] TpKmpSVC C:\WINDOWS\system32\TpKmpSVC.exe
11:40:57.0375 5368 TpKmpSVC - ok
11:40:57.0390 5368 [ 44672DE6CEA9569C21C4B7A8D2560750 ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwrif.sys
11:40:57.0390 5368 TPPWRIF - ok
11:40:57.0453 5368 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:40:57.0453 5368 TrkWks - ok
11:40:57.0484 5368 [ F2ABA3066D7921D7FCDBD66DEA88BE11 ] TSMAPIP C:\WINDOWS\system32\drivers\TSMAPIP.SYS
11:40:57.0484 5368 TSMAPIP - ok
11:40:57.0593 5368 [ E9EA448F1174BE4052416B62263EA4EE ] TVT Scheduler C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
11:40:57.0609 5368 TVT Scheduler - ok
11:40:57.0656 5368 [ F32CA4E68A075476F661DD85234CBDB5 ] U3sHlpDr C:\WINDOWS\System32\Drivers\U3sHlpDr.sys
11:40:57.0656 5368 U3sHlpDr - ok
11:40:57.0656 5368 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:40:57.0671 5368 Udfs - ok
11:40:57.0687 5368 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
11:40:57.0687 5368 ultra - ok
11:40:57.0750 5368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:40:57.0750 5368 Update - ok
11:40:57.0781 5368 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
11:40:57.0796 5368 upnphost - ok
11:40:57.0828 5368 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
11:40:57.0843 5368 upperdev - ok
11:40:57.0859 5368 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
11:40:57.0875 5368 UPS - ok
11:40:57.0906 5368 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:40:57.0906 5368 usbccgp - ok
11:40:57.0921 5368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:40:57.0921 5368 usbehci - ok
11:40:57.0984 5368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:40:57.0984 5368 usbhub - ok
11:40:58.0015 5368 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:40:58.0015 5368 usbprint - ok
11:40:58.0062 5368 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:40:58.0078 5368 usbscan - ok
11:40:58.0093 5368 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
11:40:58.0093 5368 usbser - ok
11:40:58.0109 5368 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
11:40:58.0109 5368 UsbserFilt - ok
11:40:58.0156 5368 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:40:58.0156 5368 USBSTOR - ok
11:40:58.0187 5368 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:40:58.0187 5368 usbuhci - ok
11:40:58.0187 5368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:40:58.0187 5368 VgaSave - ok
11:40:58.0218 5368 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:40:58.0218 5368 viaagp - ok
11:40:58.0234 5368 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
11:40:58.0234 5368 ViaIde - ok
11:40:58.0250 5368 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:40:58.0250 5368 VolSnap - ok
11:40:58.0296 5368 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
11:40:58.0312 5368 VSS - ok
11:40:58.0359 5368 [ 93948D258629FECF37225A18CE882726 ] vtserver C:\Program Files\Common Files\Virtual Token\vtserver.exe
11:40:58.0359 5368 vtserver - ok
11:40:58.0546 5368 [ 5BC494442773035DA902AB30CDCA11E7 ] w22n51 C:\WINDOWS\system32\DRIVERS\w22n51.sys
11:40:58.0609 5368 w22n51 - ok
11:40:58.0765 5368 [ F0608F3B5B6D16F4870E867F9D069B6B ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
11:40:58.0812 5368 w29n51 - ok
11:40:58.0859 5368 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
11:40:58.0875 5368 W32Time - ok
11:40:58.0921 5368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:40:58.0921 5368 Wanarp - ok
11:40:58.0984 5368 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
11:40:58.0984 5368 Wdf01000 - ok
11:40:59.0000 5368 WDICA - ok
11:40:59.0015 5368 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:40:59.0015 5368 wdmaud - ok
11:40:59.0078 5368 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:40:59.0078 5368 WebClient - ok
11:40:59.0171 5368 [ C3D9C524CD25E19D212CACBFB925EE1F ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:40:59.0187 5368 winachsf - ok
11:40:59.0265 5368 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:40:59.0281 5368 winmgmt - ok
11:40:59.0328 5368 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:40:59.0343 5368 WmdmPmSN - ok
11:40:59.0390 5368 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:40:59.0406 5368 Wmi - ok
11:40:59.0437 5368 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:40:59.0437 5368 WmiApSrv - ok
11:40:59.0562 5368 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:40:59.0578 5368 WMPNetworkSvc - ok
11:40:59.0703 5368 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:40:59.0718 5368 WPFFontCache_v0400 - ok
11:40:59.0765 5368 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:40:59.0765 5368 wscsvc - ok
11:40:59.0781 5368 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:40:59.0796 5368 WSTCODEC - ok
11:40:59.0812 5368 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:40:59.0812 5368 wuauserv - ok
11:40:59.0859 5368 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:40:59.0859 5368 WudfPf - ok
11:40:59.0890 5368 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:40:59.0890 5368 WudfRd - ok
11:40:59.0906 5368 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:40:59.0921 5368 WudfSvc - ok
11:40:59.0984 5368 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:41:00.0000 5368 WZCSVC - ok
11:41:00.0031 5368 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:41:00.0046 5368 xmlprov - ok
11:41:00.0062 5368 ================ Scan global ===============================
11:41:00.0109 5368 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
11:41:00.0171 5368 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
11:41:00.0187 5368 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
11:41:00.0218 5368 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
11:41:00.0218 5368 [Global] - ok
11:41:00.0234 5368 ================ Scan MBR ==================================
11:41:00.0250 5368 [ D48838D2F376206771362741D511D86E ] \Device\Harddisk0\DR0
11:41:00.0375 5368 \Device\Harddisk0\DR0 - ok
11:41:00.0375 5368 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
11:41:03.0937 5368 \Device\Harddisk1\DR3 - ok
11:41:03.0953 5368 ================ Scan VBR ==================================
11:41:03.0953 5368 [ 68111AB953387CE1ABCEA9CE70707630 ] \Device\Harddisk0\DR0\Partition1
11:41:03.0953 5368 \Device\Harddisk0\DR0\Partition1 - ok
11:41:03.0953 5368 [ 597CD8A6D3413280BB820AC376816676 ] \Device\Harddisk1\DR3\Partition1
11:41:03.0968 5368 \Device\Harddisk1\DR3\Partition1 - ok
11:41:03.0968 5368 ============================================================
11:41:03.0968 5368 Scan finished
11:41:03.0968 5368 ============================================================
11:41:03.0968 5360 Detected object count: 0
11:41:03.0968 5360 Actual detected object count: 0

#15 Příspěvek od **stell** » 04 říj 2012 11:23

ok, nemas tam rootkita.
Ok este vypnes obnovu systemu, restart a zapni nazad.
Vycistime TEMP,.
Stiahni na plochu.
http://oldtimer.geekstogo.com/OTL.exe
Spust zafajkni ,pro vsechny uzivatele, loop.

Nastavenie nechaj tak ako je .
Dole do okna vloz kod, co tu dam.
Klikni na Gombik OPRAVIT.
Po restarte log vloz sem

Kód: Vybrat vše

:Files
ipconfig /flushdns /c
:Commands
[resethosts]
[emptytemp]

VIRY.CZ

české republik police, Pozor! Váš počítač je zablokován

české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován

Re: české republik police, Pozor! Váš počítač je zablokován