Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

nelze zobrazit zadne stranky AV

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

nelze zobrazit zadne stranky AV

#1 Příspěvek od pepik24 »

Zdravim experti.
Prosim o pomoc s jednim pracovnim, malo vyuzivanym, PC.
Po delsi dobe jsem ho chtel pripojit prez wifi k netu a neslo to. Nakonec jsem odinstaloval stary a zrejme i nefunkcni AVG a pripojeni se povedlo a web chodi.
Jenze po pokusu stahnout nejaky AV jsem zjistil, ze se na zadny web vyrobcu nepripojim.
Podezreni o nakaze uz hranici s jistotou.
Proto se obracim na Vas s prosbou o pomoc.
Dle pozadavku jsem chtel stahnout RSIT a udelat log, ale ani to se mi stahnout nedari - neda.
Jeste jedna mala poznamka - na PC az do utery mohu pracovat pouze vzdalene - pomoci Team Vieweru, takze to bude vsechno asi ztizene, nektere veci nemozne :(

Dekuji predem!!!!
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: nelze zobrazit zadne stranky AV

#2 Příspěvek od motji »

Také zdravím :) ,
jedná se o pracovní pc?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#3 Příspěvek od pepik24 »

"Silent Runners.vbs", revision 64, http://www.silentrunners.org/
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (32-bit)
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe [MS]
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background [MS]
SpybotSD TeaTimer = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [Safer Networking Limited]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
LaunchApp = Alaunch [Acer Inc.]
SoundMan = SOUNDMAN.EXE [Realtek Semiconductor Corp.]
ntiMUI = c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [null data]
(Default) = (empty string) [file not found]
RemoteControl = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [Cyberlink Corp.]
IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [MS]
MSPY2002 = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC [null data]
PHIME2002ASync = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC [MS]
PHIME2002A = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName [MS]
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [MS]
nwiz = nwiz.exe /install [NVIDIA Corporation]
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [MS]
eRecoveryService = C:\Acer\Empowering Technology\eRecovery\Monitor.exe [acer Inc.]
WinVNC = "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -servicehelper [RealVNC Ltd.]
pdfFactory Dispatcher v1 = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe [FinePrint Software, LLC]
WinampAgent = C:\Program Files\Winamp\winampa.exe [null data]
OrderReminder = C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [Hewlett-Packard]
SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Sun Microsystems, Inc.]
ApnUpdater = "C:\Program Files\Ask.com\Updater\Updater.exe" [Ask]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM…CLSID} = AcroIEHlprObj Class
\InProcServer32\(Default) = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe Systems Incorporated]

{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = C:\PROGRA~1\SPYBOT~1\SDHelper.dll [Safer Networking Limited]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM…CLSID} = Java(tm) Plug-In SSV Helper
\InProcServer32\(Default) = C:\Program Files\Java\jre6\bin\ssv.dll [Sun Microsystems, Inc.]

{D4027C7F-154A-4066-A1AD-4243D8127440}\(Default) = Ask Toolbar BHO
-> {HKLM…CLSID} = Ask Toolbar
\InProcServer32\(Default) = C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM…CLSID} = Java(tm) Plug-In 2 SSV Helper
\InProcServer32\(Default) = C:\Program Files\Java\jre6\bin\jp2ssv.dll [Sun Microsystems, Inc.]

{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = JQSIEStartDetectorImpl
-> {HKLM…CLSID} = JQSIEStartDetectorImpl Class
\InProcServer32\(Default) = C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [Sun Microsystems, Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{42071714-76d4-11d1-8b24-00a0c9068ff3} = Rozšíření panelu Zobrazení pro panoramatické zobrazení
-> {HKLM…CLSID} = Rozšíření panelu Zobrazení pro panoramatické zobrazení
\InProcServer32\(Default) = deskpan.dll [file not found]

{88895560-9AA2-1069-930E-00AA0030EBC8} = Rozšíření ikony programu HyperTerminal
-> {HKLM…CLSID} = HyperTerminal Icon Ext
\InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.]

{5E6AB780-7743-11CF-A12B-00AA004AE837} = Panel nástrojů Microsoft pro síť Internet
-> {HKLM…CLSID} = Panel nástrojů Microsoft pro síť Internet
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{22BF0C20-6DA7-11D0-B373-00A0C9034938} = Stav stahování
-> {HKLM…CLSID} = Stav stahování
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{91EA3F8B-C99B-11d0-9815-00C04FD91972} = Rozšířená složka prostředí
-> {HKLM…CLSID} = Rozšířená složka prostředí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{6413BA2C-B461-11d1-A18A-080036B11A03} = Augmented Shell Folder 2
-> {HKLM…CLSID} = Augmented Shell Folder 2
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{F61FFEC1-754F-11d0-80CA-00AA005B4383} = BandProxy
-> {HKLM…CLSID} = BandProxy
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{7BA4C742-9E81-11CF-99D3-00AA004AE837} = Microsoft BrowserBand
-> {HKLM…CLSID} = Microsoft BrowserBand
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{169A0691-8DF9-11d1-A1C4-00C04FD75D13} = Vyhledávat v podokně
-> {HKLM…CLSID} = Vyhledávat v podokně
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{07798131-AF23-11d1-9111-00A0C98BA67D} = Hledání na webu
-> {HKLM…CLSID} = Hledání na webu
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{AF4F6510-F982-11d0-8595-00AA004CD6D8} = Nástroj možností registrového stromu
-> {HKLM…CLSID} = Nástroj možností registrového stromu
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{01E04581-4EEE-11d0-BFE9-00AA005B4383} = &Adresa
-> {HKLM…CLSID} = &Adresa
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{A08C11D2-A228-11d0-825B-00AA005B4383} = Textové pole adresy
-> {HKLM…CLSID} = Textové pole adresy
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{00BB2763-6A77-11D0-A535-00C04FD7D062} = Automatické dokončování Microsoft
-> {HKLM…CLSID} = Automatické dokončování Microsoft
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{7376D660-C583-11d0-A3A5-00C04FD706EC} = TridentImageExtractor
-> {HKLM…CLSID} = TridentImageExtractor
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{6756A641-DE71-11d0-831B-00AA005B4383} = Automaticky dokončovaný seznam MRU
-> {HKLM…CLSID} = Automaticky dokončovaný seznam MRU
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} = Custom MRU AutoCompleted List
-> {HKLM…CLSID} = Custom MRU AutoCompleted List
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{7e653215-fa25-46bd-a339-34a2790f3cb7} = Přístupný
-> {HKLM…CLSID} = Přístupný
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{acf35015-526e-4230-9596-becbe19f0ac9} = Track Popup Bar
-> {HKLM…CLSID} = Track Popup Bar
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{00BB2764-6A77-11D0-A535-00C04FD7D062} = Automaticky dokončovaný seznam historie
-> {HKLM…CLSID} = Automaticky dokončovaný seznam historie
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{03C036F1-A186-11D0-824A-00AA005B4383} = Automaticky se doplňující seznam složky prostředí společnosti Microsoft
-> {HKLM…CLSID} = Automaticky se doplňující seznam složky prostředí společnosti Microsoft
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{00BB2765-6A77-11D0-A535-00C04FD7D062} = Kontejner automatického dokončování více seznamů
-> {HKLM…CLSID} = Kontejner automatického dokončování více seznamů
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{ECD4FC4E-521C-11D0-B792-00A0C90312E1} = Nabídka serveru pruhu prostředí
-> {HKLM…CLSID} = Nabídka serveru pruhu prostředí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} = Panel plochy aplikací prostředí
-> {HKLM…CLSID} = Panel plochy aplikací prostředí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{ECD4FC4C-521C-11D0-B792-00A0C90312E1} = Panel plochy prostředí
-> {HKLM…CLSID} = Panel plochy prostředí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{ECD4FC4D-521C-11D0-B792-00A0C90312E1} = Shell Rebar BandSite
-> {HKLM…CLSID} = Shell Rebar BandSite
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{DD313E04-FEFF-11d1-8ECD-0000F87A470C} = Asistence uživatele
-> {HKLM…CLSID} = Asistence uživatele
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} = Globální nastavení složek
-> {HKLM…CLSID} = Globální nastavení složek
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class
-> {HKLM…CLSID} = DesktopContext Class
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

{FFB699E0-306A-11d3-8BD1-00104B6F7516} = Play on my TV helper
-> {HKLM…CLSID} = NVIDIA CPL Extension
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

{1CDB2949-8F65-4355-8456-263E7C208A5D} = Desktop Explorer
-> {HKLM…CLSID} = Desktop Explorer
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{1E9B04FB-F9E5-4718-997B-B8DA88302A47} = Desktop Explorer Menu
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{1E9B04FB-F9E5-4718-997B-B8DA88302A48} = nView Desktop Context Menu
-> {HKLM…CLSID} = nView Desktop Context Menu
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{21569614-B795-46b1-85F4-E737A8DC09AD} = Shell Search Band
-> {HKLM…CLSID} = Shell Search Band
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = OpenOffice.org Column Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{087B3AE3-E237-4467-B8DB-5A38AB959AC9} = OpenOffice.org Infotip Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{63542C48-9552-494A-84F7-73AA6A7C99C1} = OpenOffice.org Property Sheet Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{3B092F0C-7696-40E3-A80F-68D74DA84210} = OpenOffice.org Thumbnail Viewer
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search
-> {HKLM…CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\msohevi.dll [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
-> {HKLM…CLSID} = Microsoft Office Metadata Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
-> {HKLM…CLSID} = Microsoft Office Thumbnail Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\

<<!>> {438755C2-A8BA-11D1-B96B-00A0C90312E1} = Browseui preloader
-> {HKLM…CLSID} = Browseui preloader
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

<<!>> {8C7461EF-2B13-11d2-BE35-3078302C2030} = Proces mezipaměti kategorií součástí
-> {HKLM…CLSID} = Proces mezipaměti kategorií součástí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

WPDShServiceObj = {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
-> {HKLM…CLSID} = WPDShServiceObj Class
\InProcServer32\(Default) = C:\WINDOWS\system32\WPDShServiceObj.dll [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}
-> {HKLM…CLSID} = Microsoft Office InfoPath XML Mime Filter
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294}
-> {HKLM…CLSID} = HxProtocol Class
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

00nView\(Default) = {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
-> {HKLM…CLSID} = nView Desktop Context Menu
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

NvCplDesktopContext\(Default) = {A70C977A-BF00-412C-90B7-034C51DA2439}
-> {HKLM…CLSID} = DesktopContext Class
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = OpenOffice.org Column Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info
-> {HKLM…CLSID} = PDF Shell Extension
\InProcServer32\(Default) = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
Wallpaper = F:\obrázky táta\2009-07-06 dovolená 2009\dovolená 2009 184.JPG

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

MSWPDShellNamespaceHandler\
Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine =
-> {HKLM…CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS]

NTIBurner\
Provider = NTI CD-Maker
InvokeProgID = NTIBurnerOpen
InvokeVerb = open
HKLM\SOFTWARE\Classes\NTIBurnerOpen\shell\open\command\(Default) = "c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\Cdmkr32.exe" [NewTech Infosystems, Inc.]

PDVDPlayCDAudioOnArrival\
Provider = PowerDVD
InvokeProgID = AudioCD
InvokeVerb = PlayWithPowerDVD
HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPowerDVD\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%L" [CyberLink Corp.]

PDVDPlayDVDMovieOnArrival\
Provider = PowerDVD
InvokeProgID = DVD
InvokeVerb = PlayWithPowerDVD
HKLM\SOFTWARE\Classes\DVD\shell\PlayWithPowerDVD\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l" [CyberLink Corp.]

PDVDPlayVCDMovieOnArrival\
Provider = PowerDVD
InvokeProgID = VCD
InvokeVerb = PlayWithPowerDVD
HKLM\SOFTWARE\Classes\VCD\shell\PlayWithPowerDVD\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l" [CyberLink Corp.]


Startup items in "uzivatel" & "All Users" startup folders:
----------------------------------------------------------

C:\Documents and Settings\uzivatel\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.0 -> shortcut to: C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [null data]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch -> shortcut to: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [Adobe Systems Incorporated]
Wireless Utility -> shortcut to: C:\Program Files\EDIMAX\Common\RaUI.exe -s [Edimax Technology Co.]


Enabled Scheduled Tasks:
------------------------

Scheduled Update for Ask Toolbar -> launches: C:\Program Files\Ask.com\UpdateTask.exe [null data]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]
000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 04, 07 - 14
%SystemRoot%\system32\rsvpsp.dll [MS], 05 - 06


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

{D4027C7F-154A-4066-A1AD-4243D8127440}
-> {HKLM…CLSID} = Ask Toolbar
\InProcServer32\(Default) = C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
{D4027C7F-154A-4066-A1AD-4243D8127440} = (no title provided)
-> {HKLM…CLSID} = Ask Toolbar
\InProcServer32\(Default) = C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask]

Explorer Bars

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Zdroje informací
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{2670000A-7350-4F3C-8081-5663EE0C6C49}\
ButtonText = Odeslat do aplikace OneNote
MenuText = Od&eslat do aplikace OneNote
CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C}
-> {HKLM…CLSID} = Send to OneNote from Internet Explorer button
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [MS]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
ButtonText = Research

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
MenuText = @xpsp3res.dll,-20001
Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
ButtonText = Messenger
MenuText = Windows Messenger
Exec = C:\Program Files\Messenger\msmsgs.exe [MS]


Miscellaneous IE Hijack Points
------------------------------

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> {00000000-6E41-4FD3-8538-502F5495E5FC} = ∀`ƈ`?ţ
-> {HKLM…CLSID} = UrlSearchHook Class
\InProcServer32\(Default) = C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Adaptér výkonu služby WMI, WmiApSrv, C:\WINDOWS\system32\wbem\wmiapsrv.exe [MS]
Java Quick Starter, JavaQuickStarterService, "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [Sun Microsystems, Inc.]
NVIDIA Display Driver Service, NVSvc, C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation]
Ralink Registry Writer, RalinkRegistryWriter, C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe [Ralink Technology, Corp.]
TeamViewer 7, TeamViewer7, C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [TeamViewer GmbH]
VNC Server, winvnc, "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -service [RealVNC Ltd.]


Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> {1a3e09be-1e45-494b-9174-d7385b45bbf5},


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
FPP1:\Driver = fppmon1.dll [FinePrint Software, LLC]
HPLJ1018LM\Driver = ZLhp1018.DLL [Zenographics, Inc.]
Microsoft Shared Fax Monitor\Driver = FXSMON.DLL [MS]
Send To Microsoft OneNote Monitor\Driver = msonpmon.dll [MS]


---------- (launch time: 2012-05-04 21:22:39)
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 46 seconds, including 18 seconds for message boxes)
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#4 Příspěvek od pepik24 »

Zdravim take.
Ano, je to PC v ordinaci lekare.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: nelze zobrazit zadne stranky AV

#5 Příspěvek od motji »

A pc vyléčit neumíte? :D
Předpokládám že lékař tam nemá žádného IT odborníka...my tu léčíme jen domácí pc, protože v práci za to obvykle bývá někdo placený a mi tu fungujeme zadarmo a dobrovolně.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#6 Příspěvek od pepik24 »

to uz by v ordinaci mely dost sirokej zaber, kdyby umely i toto.
no, ono to je tak ze jedna mala ordinace na vesnici neni ani firmou ale spis modlou pro vsechny zname - par spoluobcaanu, kteri to zrovna potrebuji.
Ani ja nejsem v tomto pripade ve vztahu zakaznik - placeny odbornik. Spis jako skorosoused (kamarad a obcasny pacient), co do pocitacu vidi asi o milion procent vic nez nas pan doktor a o milion procent min nez vy. A na pozadani - pratelskou vypomoc se snazi svemu priteli pomoci. Jednou s rozchozenim internetu, potom s instalaci programu nebo tiskarny, ale odvirovani uz je uplne mimo moje vedomosti.
Koukam, ze jsem se nejak rozepsal - asi to jinak neumim - ale diky, ze jste to docetli az sem.
Prosim o objektivni posouzeni, protoze tady o zadnou komerci nejde, nybrz o nezistnou pomoc priteli.
Ale Vas nazor - rozhodnuti budu samozrejme plne respektovat...
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#7 Příspěvek od pepik24 »

jj vim a za tu minulou pomoc dekuji! kdyz clovek do IT dela o malinko vic nez asi kazdej doma vecer po praci na seznamu, tak se tech "kamosu" a znamejch vyroji najednou docela hodne :)
diky za Tvuj postoj!
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: nelze zobrazit zadne stranky AV

#8 Příspěvek od motji »

Vyjímečně....pokračuj Naughty :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#9 Příspěvek od pepik24 »

DEKUJU !!!!
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#10 Příspěvek od pepik24 »

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 15 Model 47 Stepping 2, AuthenticAMD
BOOT           : Normal Boot
DATE           : 2012/05/04 (ISO 8601) at 22:11:50
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD1600JS-00MHB0 (02.01C03)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	149.1 Go  [Fixed] ==> Acer Recovery

MBR_MD5   : 9ABB3EA3AFE487BCD63C6B1804E1348D
MBR_SHA1  : DDDCDF95D993F76D1A7B374E65168EDEC073F8AB

Device\Harddisk0\Partition1	3.90 Go  	0x12 Diagnostic 
Device\Harddisk0\Partition2	72.07 Go  	0x0C FAT32 [LBA]  __ BOOTABLE __
Device\Harddisk0\Partition3	73.08 Go  	0x0C FAT32 [LBA] 
________________________________________________________________________________

############################### Additional scan ################################

Device\Harddisk0\DR0 => Acer Recovery found in sector 37
SystemStartOptions : NOEXECUTE=OPTIN  FASTDETECT

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   31 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   1À.м.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BF 05 00 31 C0   ¿..PW¹å.ó¤Ë¿..1À
0x00000020   B2 80 CD 13 73 07 4F 74 02 EB F3 EB FE BD 79 07   ².Í.s.Ot.ëóëþ½y.
0x00000030   80 7E 00 5A 74 41 F8 B8 10 96 B3 15 CD 15 72 16   .~.ZtAø¸..³.Í.r.
0x00000040   81 F9 00 00 74 2E F8 B8 10 96 B3 16 CD 15 72 06   .ù..t.ø¸..³.Í.r.
0x00000050   81 F9 01 00 74 1E F8 B8 10 96 B3 18 CD 15 72 06   .ù..t.ø¸..³.Í.r.
0x00000060   81 F9 01 00 75 11 F8 B8 81 CA CD 15 80 FA 01 74   .ù..u.ø¸.ÊÍ..ú.t
0x00000070   06 E9 68 00 E9 65 00 BD BE 07 66 8B 5E 08 60 68   .éh.ée.½¾.f.^.`h
0x00000080   00 00 68 00 00 66 53 68 00 00 68 00 7C 68 01 00   ..h..fSh..h.|h..
0x00000090   68 10 00 B4 42 B2 80 89 E6 CD 13 61 61 73 0B 4F   h..´B²..æÍ.aas.O
0x000000A0   74 08 30 E4 B2 80 CD 13 EB CD E8 7F 00 BD BE 7F   t.0ä².Í.ëÍè..½¾.
0x000000B0   C6 46 00 80 C6 46 10 00 C6 46 04 0B A0 7A 7F A8   ÆF..ÆF..ÆF...z.¨
0x000000C0   04 74 04 80 4E 24 10 A0 7A 7F A8 08 74 04 80 4E   .t..N$..z.¨.t..N
0x000000D0   34 10 E8 7A 00 68 00 00 68 00 7C CB BD BE 07 66   4.èz.h..h.|˽¾.f
0x000000E0   8B 5E 18 60 68 00 00 68 00 00 66 53 68 00 00 68   .^.`h..h..fSh..h
0x000000F0   00 7C 68 01 00 68 10 00 B4 42 B2 80 89 E6 CD 13   .|h..h..´B²..æÍ.
0x00000100   61 61 73 0B 4F 74 08 30 E4 B2 80 CD 13 EB CD E8   aas.Ot.0ä².Í.ëÍè
0x00000110   1A 00 BD BE 7F 80 7E 04 12 74 BA C6 46 00 00 C6   ..½¾..~..tºÆF..Æ
0x00000120   46 10 80 C6 46 04 12 E8 25 00 EB A9 BF 05 00 31   F..ÆF..è%.ë©¿..1
0x00000130   C0 8E C0 BB 00 7E B8 01 02 B5 00 B1 01 B6 00 B2   À.À».~¸..µ.±.¶.²
0x00000140   80 CD 13 73 09 4F 74 06 30 E4 CD 0D EB DE C3 BF   .Í.s.Ot.0äÍ.ëÞÿ
0x00000150   05 00 31 C0 8E C0 BB 00 7E B8 01 03 B5 00 B1 01   ..1À.À».~¸..µ.±.
0x00000160   B6 00 B2 80 CD 13 73 09 4F 74 06 30 E4 CD 0D EB   ¶.².Í.s.Ot.0äÍ.ë
0x00000170   DE C3 00 00 41 63 65 72 0C 33 00 00 73 79 73 74   ÞÃ..Acer.3..syst
0x00000180   65 6D 00 00 00 00 00 00 00 00 00 00 00 00 00 00   em..............
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 B4 1B B5 1B 00 00 00 01   ........´.µ.....
0x000001C0   01 00 12 FE 7F FC 3F 00 00 00 7E C5 7C 00 80 00   ...þ.ü?...~Å|...
0x000001D0   41 FD 0C FE FF FE BD C5 7C 00 C0 34 02 09 00 00   Aý.þ.þ½Å|.À4....
0x000001E0   C1 FE 0C FE FF FE 7D FA 7E 09 44 90 22 09 00 00   Áþ.þ.þ}ú~.D."...
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    31c0            XOR AX, AX   
0x0002    8ed0            MOV SS, AX   
0x0004    bc 007c         MOV SP, 0x7c00   
0x0007    fb              STI   
0x0008    50              PUSH AX   
0x0009    07              POP ES   
0x000A    50              PUSH AX   
0x000B    1f              POP DS   
0x000C    fc              CLD   
0x000D    be 1b7c         MOV SI, 0x7c1b   
0x0010    bf 1b06         MOV DI, 0x61b   
0x0013    50              PUSH AX   
0x0014    57              PUSH DI   
0x0015    b9 e501         MOV CX, 0x1e5   
0x0018    f3 a4           REP MOVSB   
0x001A    cb              RETF   
0x001B    bf 0500         MOV DI, 0x5   
0x001E    31c0            XOR AX, AX   
0x0020    b2 80           MOV DL, 0x80   
0x0022    cd 13           INT 0x13   
0x0024    73 07           JAE 0x2d   
0x0026    4f              DEC DI   
0x0027    74 02           JZ 0x2b   
0x0029    eb f3           JMP 0x1e   
0x002B    eb fe           JMP 0x2b   
0x002D    bd 7907         MOV BP, 0x779   
0x0030    807e 00 5a      CMP BYTE [BP+0x0], 0x5a   
0x0034    74 41           JZ 0x77   
0x0036    f8              CLC   
0x0037    b8 1096         MOV AX, 0x9610   
0x003A    b3 15           MOV BL, 0x15   
0x003C    cd 15           INT 0x15   
0x003E    72 16           JB 0x56   
0x0040    81f9 0000       CMP CX, 0x0   
0x0044    74 2e           JZ 0x74   
0x0046    f8              CLC   
0x0047    b8 1096         MOV AX, 0x9610   
0x004A    b3 16           MOV BL, 0x16   
0x004C    cd 15           INT 0x15   
0x004E    72 06           JB 0x56   
0x0050    81f9 0100       CMP CX, 0x1   
0x0054    74 1e           JZ 0x74   
0x0056    f8              CLC   
0x0057    b8 1096         MOV AX, 0x9610   
0x005A    b3 18           MOV BL, 0x18   
0x005C    cd 15           INT 0x15   
0x005E    72 06           JB 0x66   
0x0060    81f9 0100       CMP CX, 0x1   
0x0064    75 11           JNZ 0x77   
0x0066    f8              CLC   
0x0067    b8 81ca         MOV AX, 0xca81   
0x006A    cd 15           INT 0x15   
0x006C    80fa 01         CMP DL, 0x1   
0x006F    74 06           JZ 0x77   
0x0071    e9 6800         JMP 0xdc   
0x0074    e9 6500         JMP 0xdc   
0x0077    bd be07         MOV BP, 0x7be   
0x007A    66 8b5e 08      MOV EBX, [BP+0x8]   
0x007E    60              PUSHA   
0x007F    68 0000         PUSH 0x0   
0x0082    68 0000         PUSH 0x0   
0x0085    66 53           PUSH EBX   
0x0087    68 0000         PUSH 0x0   
0x008A    68 007c         PUSH 0x7c00   
0x008D    68 0100         PUSH 0x1   
0x0090    68 1000         PUSH 0x10   
0x0093    b4 42           MOV AH, 0x42   
0x0095    b2 80           MOV DL, 0x80   
0x0097    89e6            MOV SI, SP   
0x0099    cd 13           INT 0x13   
0x009B    61              POPA   
0x009C    61              POPA   
0x009D    73 0b           JAE 0xaa   
0x009F    4f              DEC DI   
0x00A0    74 08           JZ 0xaa   
0x00A2    30e4            XOR AH, AH   
0x00A4    b2 80           MOV DL, 0x80   
0x00A6    cd 13           INT 0x13   
0x00A8    eb cd           JMP 0x77   
0x00AA    e8 7f00         CALL 0x12c   
0x00AD    bd be7f         MOV BP, 0x7fbe   
0x00B0    c646 00 80      MOV BYTE [BP+0x0], 0x80   
0x00B4    c646 10 00      MOV BYTE [BP+0x10], 0x0   
0x00B8    c646 04 0b      MOV BYTE [BP+0x4], 0xb   
0x00BC    a0 7a7f         MOV AL, [0x7f7a]   
0x00BF    a8 04           TEST AL, 0x4   
0x00C1    74 04           JZ 0xc7   
0x00C3    804e 24 10      OR BYTE [BP+0x24], 0x10   
0x00C7    a0 7a7f         MOV AL, [0x7f7a]   
0x00CA    a8 08           TEST AL, 0x8   
0x00CC    74 04           JZ 0xd2   
0x00CE    804e 34 10      OR BYTE [BP+0x34], 0x10   
0x00D2    e8 7a00         CALL 0x14f   
0x00D5    68 0000         PUSH 0x0   
0x00D8    68 007c         PUSH 0x7c00   
0x00DB    cb              RETF   
0x00DC    bd be07         MOV BP, 0x7be   
0x00DF    66 8b5e 18      MOV EBX, [BP+0x18]   
0x00E3    60              PUSHA   
0x00E4    68 0000         PUSH 0x0   
0x00E7    68 0000         PUSH 0x0   
0x00EA    66 53           PUSH EBX   
0x00EC    68 0000         PUSH 0x0   
0x00EF    68 007c         PUSH 0x7c00   
0x00F2    68 0100         PUSH 0x1   
0x00F5    68 1000         PUSH 0x10   
0x00F8    b4 42           MOV AH, 0x42   
0x00FA    b2 80           MOV DL, 0x80   
0x00FC    89e6            MOV SI, SP   
0x00FE    cd 13           INT 0x13   
0x0100    61              POPA   
0x0101    61              POPA   
0x0102    73 0b           JAE 0x10f   
0x0104    4f              DEC DI   
0x0105    74 08           JZ 0x10f   
0x0107    30e4            XOR AH, AH   
0x0109    b2 80           MOV DL, 0x80   
0x010B    cd 13           INT 0x13   
0x010D    eb cd           JMP 0xdc   
0x010F    e8 1a00         CALL 0x12c   
0x0112    bd be7f         MOV BP, 0x7fbe   
0x0115    807e 04 12      CMP BYTE [BP+0x4], 0x12   
0x0119    74 ba           JZ 0xd5   
0x011B    c646 00 00      MOV BYTE [BP+0x0], 0x0   
0x011F    c646 10 80      MOV BYTE [BP+0x10], 0x80   
0x0123    c646 04 12      MOV BYTE [BP+0x4], 0x12   
0x0127    e8 2500         CALL 0x14f   
0x012A    eb a9           JMP 0xd5   
0x012C    bf 0500         MOV DI, 0x5   
0x012F    31c0            XOR AX, AX   
0x0131    8ec0            MOV ES, AX   
0x0133    bb 007e         MOV BX, 0x7e00   
0x0136    b8 0102         MOV AX, 0x201   
0x0139    b5 00           MOV CH, 0x0   
0x013B    b1 01           MOV CL, 0x1   
0x013D    b6 00           MOV DH, 0x0   
0x013F    b2 80           MOV DL, 0x80   
0x0141    cd 13           INT 0x13   
0x0143    73 09           JAE 0x14e   
0x0145    4f              DEC DI   
0x0146    74 06           JZ 0x14e   
0x0148    30e4            XOR AH, AH   
0x014A    cd 0d           INT 0xd   
0x014C    eb de           JMP 0x12c   
0x014E    c3              RET   
0x014F    bf 0500         MOV DI, 0x5   
0x0152    31c0            XOR AX, AX   
0x0154    8ec0            MOV ES, AX   
0x0156    bb 007e         MOV BX, 0x7e00   
0x0159    b8 0103         MOV AX, 0x301   
0x015C    b5 00           MOV CH, 0x0   
0x015E    b1 01           MOV CL, 0x1   
0x0160    b6 00           MOV DH, 0x0   
0x0162    b2 80           MOV DL, 0x80   
0x0164    cd 13           INT 0x13   
0x0166    73 09           JAE 0x171   
0x0168    4f              DEC DI   
0x0169    74 06           JZ 0x171   
0x016B    30e4            XOR AH, AH   
0x016D    cd 0d           INT 0xd   
0x016F    eb de           JMP 0x14f   
0x0171    c3              RET   
0x0172    0000            ADD [BX+SI], AL   
0x0174    41              INC CX   
0x0175    6365 72         ARPL [DI+0x72], SP   
0x0178    0c 33           OR AL, 0x33   
0x017A    0000            ADD [BX+SI], AL   
0x017C    73 79           JAE 0x1f7   
0x017E    73 74           JAE 0x1f4   
0x0180    65 6d           INS WORD GS:[DI], DX   
0x0182    0000            ADD [BX+SI], AL   
0x0184    0000            ADD [BX+SI], AL   
0x0186    0000            ADD [BX+SI], AL   
0x0188    0000            ADD [BX+SI], AL   
0x018A    0000            ADD [BX+SI], AL   
0x018C    0000            ADD [BX+SI], AL   
0x018E    0000            ADD [BX+SI], AL   
0x0190    0000            ADD [BX+SI], AL   
0x0192    0000            ADD [BX+SI], AL   
0x0194    0000            ADD [BX+SI], AL   
0x0196    0000            ADD [BX+SI], AL   
0x0198    0000            ADD [BX+SI], AL   
0x019A    0000            ADD [BX+SI], AL   
0x019C    0000            ADD [BX+SI], AL   
0x019E    0000            ADD [BX+SI], AL   
0x01A0    0000            ADD [BX+SI], AL   
0x01A2    0000            ADD [BX+SI], AL   
0x01A4    0000            ADD [BX+SI], AL   
0x01A6    0000            ADD [BX+SI], AL   
0x01A8    0000            ADD [BX+SI], AL   
0x01AA    0000            ADD [BX+SI], AL   
0x01AC    0000            ADD [BX+SI], AL   
0x01AE    0000            ADD [BX+SI], AL   
0x01B0    0000            ADD [BX+SI], AL   
0x01B2    0000            ADD [BX+SI], AL   
0x01B4    0000            ADD [BX+SI], AL   
0x01B6    0000            ADD [BX+SI], AL   
0x01B8    b4 1b           MOV AH, 0x1b   
0x01BA    b5 1b           MOV CH, 0x1b   
0x01BC    0000            ADD [BX+SI], AL   
0x01BE    0001            ADD [BX+DI], AL   
0x01C0    0100            ADD [BX+SI], AX   
0x01C2    12fe            ADC BH, DH   
0x01C4    7f fc           JG 0x1c2   
0x01C6    3f              AAS   
0x01C7    0000            ADD [BX+SI], AL   
0x01C9    007e c5         ADD [BP-0x3b], BH   
0x01CC    7c 00           JL 0x1ce   
0x01CE    8000 41         ADD BYTE [BX+SI], 0x41   
0x01D1    fd              STD   
0x01D2    0c fe           OR AL, 0xfe   
0x01D4    ff              DB 0xff   
0x01D5    fe              DB 0xfe   
0x01D6    bd c57c         MOV BP, 0x7cc5   
0x01D9    00c0            ADD AL, AL   
0x01DB    34 02           XOR AL, 0x2   
0x01DD    0900            OR [BX+SI], AX   
0x01DF    00c1            ADD CL, AL   
0x01E1    fe0c            DEC BYTE [SI]   
0x01E3    fe              DB 0xfe   
0x01E4    ff              DB 0xff   
0x01E5    fe              DB 0xfe   
0x01E6    7d fa           JGE 0x1e2   
0x01E8    7e 09           JLE 0x1f3   
0x01EA    44              INC SP   
0x01EB    90              NOP   
0x01EC    2209            AND CL, [BX+DI]   
0x01EE    0000            ADD [BX+SI], AL   
0x01F0    0000            ADD [BX+SI], AL   
0x01F2    0000            ADD [BX+SI], AL   
0x01F4    0000            ADD [BX+SI], AL   
0x01F6    0000            ADD [BX+SI], AL   
0x01F8    0000            ADD [BX+SI], AL   
0x01FA    0000            ADD [BX+SI], AL   
0x01FC    0000            ADD [BX+SI], AL   
0x01FE    55              PUSH BP   
0x01FF    aa              STOSB
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#11 Příspěvek od pepik24 »

hm, webova stranka nejde zorazit :(
ale napadlo me stahnout to tady na svem PC a pomoci Prenosu souboru TeamViewera to poslat na ono PC a spustit. co tak?
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#12 Příspěvek od pepik24 »

povedlo se

22:26:58.0093 1592 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
22:26:58.0109 1592 ============================================================
22:26:58.0109 1592 Current date / time: 2012/05/04 22:26:58.0109
22:26:58.0109 1592 SystemInfo:
22:26:58.0109 1592
22:26:58.0109 1592 OS Version: 5.1.2600 ServicePack: 3.0
22:26:58.0109 1592 Product type: Workstation
22:26:58.0109 1592 ComputerName: RYCHLY-PC
22:26:58.0109 1592 UserName: uzivatel
22:26:58.0109 1592 Windows directory: C:\WINDOWS
22:26:58.0109 1592 System windows directory: C:\WINDOWS
22:26:58.0109 1592 Processor architecture: Intel x86
22:26:58.0109 1592 Number of processors: 1
22:26:58.0109 1592 Page size: 0x1000
22:26:58.0109 1592 Boot type: Normal boot
22:26:58.0109 1592 ============================================================
22:26:59.0234 1592 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:26:59.0234 1592 ============================================================
22:26:59.0234 1592 \Device\Harddisk0\DR0:
22:26:59.0234 1592 MBR partitions:
22:26:59.0234 1592 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x7CC5BD, BlocksNum 0x90234C0
22:26:59.0234 1592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x97EFA7D, BlocksNum 0x9229044
22:26:59.0234 1592 ============================================================
22:26:59.0281 1592 C: <-> \Device\Harddisk0\DR0\Partition0
22:26:59.0296 1592 D: <-> \Device\Harddisk0\DR0\Partition1
22:26:59.0296 1592 ============================================================
22:26:59.0296 1592 Initialize success
22:26:59.0296 1592 ============================================================
22:27:26.0453 3556 ============================================================
22:27:26.0453 3556 Scan started
22:27:26.0453 3556 Mode: Manual; SigCheck; TDLFS;
22:27:26.0453 3556 ============================================================
22:27:27.0218 3556 Abiosdsk - ok
22:27:27.0250 3556 abp480n5 - ok
22:27:27.0296 3556 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:27:27.0968 3556 ACPI - ok
22:27:27.0984 3556 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:27:28.0140 3556 ACPIEC - ok
22:27:28.0171 3556 adpu160m - ok
22:27:28.0234 3556 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:27:28.0375 3556 aec - ok
22:27:28.0421 3556 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:27:28.0437 3556 AegisP ( UnsignedFile.Multi.Generic ) - warning
22:27:28.0437 3556 AegisP - detected UnsignedFile.Multi.Generic (1)
22:27:28.0484 3556 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
22:27:28.0515 3556 AFD - ok
22:27:28.0531 3556 Aha154x - ok
22:27:28.0546 3556 aic78u2 - ok
22:27:28.0562 3556 aic78xx - ok
22:27:28.0781 3556 ALCXWDM (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:27:29.0031 3556 ALCXWDM - ok
22:27:29.0109 3556 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
22:27:29.0296 3556 Alerter - ok
22:27:29.0343 3556 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
22:27:29.0500 3556 ALG - ok
22:27:29.0531 3556 AliIde - ok
22:27:29.0562 3556 AmdK8 (99bd5596b5d06c2ead3cecc6f11999f5) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
22:27:29.0609 3556 AmdK8 - ok
22:27:29.0609 3556 amsint - ok
22:27:29.0687 3556 AppMgmt - ok
22:27:29.0718 3556 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:27:29.0843 3556 Arp1394 - ok
22:27:29.0843 3556 asc - ok
22:27:29.0859 3556 asc3350p - ok
22:27:29.0890 3556 asc3550 - ok
22:27:30.0031 3556 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:27:30.0031 3556 aspnet_state - ok
22:27:30.0062 3556 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:27:30.0187 3556 AsyncMac - ok
22:27:30.0203 3556 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:27:30.0343 3556 atapi - ok
22:27:30.0359 3556 Atdisk - ok
22:27:30.0375 3556 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:27:30.0515 3556 Atmarpc - ok
22:27:30.0593 3556 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
22:27:30.0734 3556 AudioSrv - ok
22:27:30.0750 3556 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:27:30.0906 3556 audstub - ok
22:27:30.0921 3556 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:27:31.0078 3556 Beep - ok
22:27:31.0140 3556 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
22:27:31.0296 3556 BITS - ok
22:27:31.0359 3556 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
22:27:31.0500 3556 Browser - ok
22:27:31.0515 3556 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:27:31.0687 3556 cbidf2k - ok
22:27:31.0703 3556 cd20xrnt - ok
22:27:31.0718 3556 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:27:31.0890 3556 Cdaudio - ok
22:27:31.0906 3556 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:27:32.0015 3556 Cdfs - ok
22:27:32.0031 3556 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:27:32.0140 3556 Cdrom - ok
22:27:32.0140 3556 Changer - ok
22:27:32.0203 3556 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
22:27:32.0328 3556 CiSvc - ok
22:27:32.0375 3556 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
22:27:32.0500 3556 ClipSrv - ok
22:27:32.0546 3556 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:27:32.0578 3556 clr_optimization_v2.0.50727_32 - ok
22:27:32.0578 3556 CmdIde - ok
22:27:32.0640 3556 COMSysApp - ok
22:27:32.0656 3556 Cpqarray - ok
22:27:32.0734 3556 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
22:27:32.0875 3556 CryptSvc - ok
22:27:32.0875 3556 dac2w2k - ok
22:27:32.0890 3556 dac960nt - ok
22:27:32.0968 3556 DcomLaunch (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
22:27:33.0125 3556 DcomLaunch - ok
22:27:33.0156 3556 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
22:27:33.0296 3556 Dhcp - ok
22:27:33.0312 3556 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:27:33.0453 3556 Disk - ok
22:27:33.0484 3556 dmadmin - ok
22:27:33.0578 3556 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
22:27:33.0796 3556 dmboot - ok
22:27:33.0812 3556 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
22:27:33.0953 3556 dmio - ok
22:27:33.0984 3556 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:27:34.0140 3556 dmload - ok
22:27:34.0203 3556 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
22:27:34.0343 3556 dmserver - ok
22:27:34.0390 3556 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:27:34.0515 3556 DMusic - ok
22:27:34.0562 3556 Dnscache (0634b791684b84f4a331f3d3536feef8) C:\WINDOWS\System32\dnsrslvr.dll
22:27:34.0703 3556 Dnscache - ok
22:27:34.0781 3556 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
22:27:34.0937 3556 Dot3svc - ok
22:27:34.0953 3556 dpti2o - ok
22:27:34.0984 3556 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:27:35.0125 3556 drmkaud - ok
22:27:35.0156 3556 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
22:27:35.0328 3556 EapHost - ok
22:27:35.0390 3556 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
22:27:35.0515 3556 ERSvc - ok
22:27:35.0578 3556 Eventlog (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
22:27:35.0703 3556 Eventlog - ok
22:27:35.0750 3556 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
22:27:35.0781 3556 EventSystem - ok
22:27:35.0812 3556 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:27:35.0937 3556 Fastfat - ok
22:27:36.0000 3556 FastUserSwitchingCompatibility (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
22:27:36.0125 3556 FastUserSwitchingCompatibility - ok
22:27:36.0187 3556 Fax (2cd14c70d1d81af054aa5ed8024dcae6) C:\WINDOWS\system32\fxssvc.exe
22:27:36.0343 3556 Fax - ok
22:27:36.0375 3556 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:27:36.0484 3556 Fdc - ok
22:27:36.0500 3556 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
22:27:36.0656 3556 Fips - ok
22:27:36.0671 3556 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:27:36.0812 3556 Flpydisk - ok
22:27:36.0843 3556 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:27:37.0000 3556 FltMgr - ok
22:27:37.0000 3556 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:27:37.0156 3556 Fs_Rec - ok
22:27:37.0171 3556 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:27:37.0328 3556 Ftdisk - ok
22:27:37.0359 3556 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:27:37.0468 3556 Gpc - ok
22:27:37.0578 3556 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:27:37.0625 3556 gusvc - ok
22:27:37.0671 3556 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:27:37.0796 3556 helpsvc - ok
22:27:37.0843 3556 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
22:27:38.0000 3556 HidServ - ok
22:27:38.0046 3556 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:27:38.0187 3556 hidusb - ok
22:27:38.0234 3556 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
22:27:38.0375 3556 hkmsvc - ok
22:27:38.0390 3556 hpn - ok
22:27:38.0437 3556 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
22:27:38.0562 3556 HTTP - ok
22:27:38.0609 3556 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
22:27:38.0734 3556 HTTPFilter - ok
22:27:38.0734 3556 i2omgmt - ok
22:27:38.0750 3556 i2omp - ok
22:27:38.0781 3556 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:27:38.0937 3556 i8042prt - ok
22:27:38.0968 3556 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:27:39.0093 3556 Imapi - ok
22:27:39.0156 3556 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
22:27:39.0296 3556 ImapiService - ok
22:27:39.0312 3556 ini910u - ok
22:27:39.0375 3556 int15.sys (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys
22:27:39.0406 3556 int15.sys ( UnsignedFile.Multi.Generic ) - warning
22:27:39.0406 3556 int15.sys - detected UnsignedFile.Multi.Generic (1)
22:27:39.0421 3556 IntelIde - ok
22:27:39.0453 3556 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:27:39.0562 3556 Ip6Fw - ok
22:27:39.0593 3556 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:27:39.0734 3556 IpFilterDriver - ok
22:27:39.0750 3556 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:27:39.0875 3556 IpInIp - ok
22:27:39.0906 3556 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:27:40.0078 3556 IpNat - ok
22:27:40.0093 3556 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:27:40.0234 3556 IPSec - ok
22:27:40.0281 3556 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
22:27:40.0421 3556 irda - ok
22:27:40.0453 3556 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:27:40.0578 3556 IRENUM - ok
22:27:40.0625 3556 Irmon (8024ea8c5b2d2a4d201f418b0aadb804) C:\WINDOWS\System32\irmon.dll
22:27:40.0750 3556 Irmon - ok
22:27:40.0765 3556 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
22:27:40.0828 3556 irsir - ok
22:27:40.0859 3556 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:27:40.0984 3556 isapnp - ok
22:27:41.0062 3556 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
22:27:41.0078 3556 JavaQuickStarterService - ok
22:27:41.0093 3556 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:27:41.0218 3556 Kbdclass - ok
22:27:41.0250 3556 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:27:41.0375 3556 kbdhid - ok
22:27:41.0406 3556 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:27:41.0531 3556 kmixer - ok
22:27:41.0562 3556 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
22:27:41.0703 3556 KSecDD - ok
22:27:41.0750 3556 lanmanserver (21920ac69594ab021237054fa728fe46) C:\WINDOWS\System32\srvsvc.dll
22:27:41.0875 3556 lanmanserver - ok
22:27:41.0937 3556 lanmanworkstation (5190783f51a2d7a8495202c664d7c963) C:\WINDOWS\System32\wkssvc.dll
22:27:42.0062 3556 lanmanworkstation - ok
22:27:42.0062 3556 lbrtfdc - ok
22:27:42.0140 3556 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
22:27:42.0265 3556 LmHosts - ok
22:27:42.0296 3556 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
22:27:42.0421 3556 Messenger - ok
22:27:42.0421 3556 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:27:42.0578 3556 mnmdd - ok
22:27:42.0625 3556 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
22:27:42.0734 3556 mnmsrvc - ok
22:27:42.0765 3556 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
22:27:42.0875 3556 Modem - ok
22:27:42.0906 3556 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:27:43.0015 3556 Mouclass - ok
22:27:43.0031 3556 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:27:43.0203 3556 mouhid - ok
22:27:43.0203 3556 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:27:43.0312 3556 MountMgr - ok
22:27:43.0343 3556 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:27:43.0406 3556 MozillaMaintenance - ok
22:27:43.0421 3556 mraid35x - ok
22:27:43.0453 3556 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:27:43.0609 3556 MRxDAV - ok
22:27:43.0640 3556 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:27:43.0687 3556 MRxSmb - ok
22:27:43.0750 3556 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
22:27:43.0843 3556 MSDTC - ok
22:27:43.0859 3556 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:27:44.0000 3556 Msfs - ok
22:27:44.0062 3556 MSIServer - ok
22:27:44.0093 3556 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:27:44.0250 3556 MSKSSRV - ok
22:27:44.0265 3556 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:27:44.0390 3556 MSPCLOCK - ok
22:27:44.0406 3556 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:27:44.0515 3556 MSPQM - ok
22:27:44.0546 3556 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:27:44.0671 3556 mssmbios - ok
22:27:44.0671 3556 Suspicious service (NoAccess): mtpjueuhy
22:27:44.0781 3556 mtpjueuhy (5a596acc916f37f266498535ebfc8d9e) C:\WINDOWS\system32\ujwwomdn.dll
22:27:44.0781 3556 Suspicious file (NoAccess): C:\WINDOWS\system32\ujwwomdn.dll. md5: 5a596acc916f37f266498535ebfc8d9e
22:27:44.0781 3556 mtpjueuhy ( LockedService.Multi.Generic ) - warning
22:27:44.0781 3556 mtpjueuhy - detected LockedService.Multi.Generic (1)
22:27:44.0812 3556 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
22:27:44.0906 3556 Mup - ok
22:27:45.0000 3556 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
22:27:45.0125 3556 napagent - ok
22:27:45.0156 3556 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:27:45.0265 3556 NDIS - ok
22:27:45.0296 3556 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:27:45.0453 3556 NdisTapi - ok
22:27:45.0484 3556 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:27:45.0609 3556 Ndisuio - ok
22:27:45.0625 3556 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:27:45.0750 3556 NdisWan - ok
22:27:45.0765 3556 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
22:27:45.0890 3556 NDProxy - ok
22:27:45.0890 3556 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:27:46.0015 3556 NetBIOS - ok
22:27:46.0046 3556 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:27:46.0203 3556 NetBT - ok
22:27:46.0234 3556 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:27:46.0359 3556 NetDDE - ok
22:27:46.0359 3556 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:27:46.0484 3556 NetDDEdsdm - ok
22:27:46.0546 3556 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:46.0640 3556 Netlogon - ok
22:27:46.0718 3556 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
22:27:46.0828 3556 Netman - ok
22:27:46.0859 3556 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:27:46.0984 3556 NIC1394 - ok
22:27:47.0046 3556 Nla (1289b7611ccd6cb27596ae92cbf03e35) C:\WINDOWS\System32\mswsock.dll
22:27:47.0093 3556 Nla - ok
22:27:47.0125 3556 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:27:47.0250 3556 Npfs - ok
22:27:47.0312 3556 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:27:47.0453 3556 Ntfs - ok
22:27:47.0484 3556 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
22:27:47.0484 3556 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
22:27:47.0484 3556 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
22:27:47.0500 3556 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:47.0656 3556 NtLmSsp - ok
22:27:47.0765 3556 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
22:27:47.0906 3556 NtmsSvc - ok
22:27:47.0921 3556 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:27:48.0109 3556 Null - ok
22:27:48.0296 3556 nv (6f6f92603a4311a466f0241e8ef951fb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:27:48.0531 3556 nv - ok
22:27:48.0609 3556 NVENETFD (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
22:27:48.0640 3556 NVENETFD - ok
22:27:48.0687 3556 nvnetbus (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
22:27:48.0718 3556 nvnetbus - ok
22:27:48.0828 3556 NVSvc (fb028320103b37ebbc683ea3afa507cb) C:\WINDOWS\system32\nvsvc32.exe
22:27:48.0843 3556 NVSvc - ok
22:27:48.0843 3556 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:27:49.0031 3556 NwlnkFlt - ok
22:27:49.0046 3556 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:27:49.0171 3556 NwlnkFwd - ok
22:27:49.0296 3556 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:27:49.0328 3556 odserv - ok
22:27:49.0343 3556 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:27:49.0468 3556 ohci1394 - ok
22:27:49.0484 3556 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:27:49.0515 3556 ose - ok
22:27:49.0531 3556 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
22:27:49.0656 3556 Parport - ok
22:27:49.0671 3556 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:27:49.0812 3556 PartMgr - ok
22:27:49.0828 3556 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
22:27:49.0984 3556 ParVdm - ok
22:27:50.0000 3556 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
22:27:50.0140 3556 PCI - ok
22:27:50.0140 3556 PCIDump - ok
22:27:50.0156 3556 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:27:50.0281 3556 PCIIde - ok
22:27:50.0328 3556 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:27:50.0437 3556 Pcmcia - ok
22:27:50.0453 3556 PDCOMP - ok
22:27:50.0468 3556 PDFRAME - ok
22:27:50.0500 3556 PDRELI - ok
22:27:50.0515 3556 PDRFRAME - ok
22:27:50.0531 3556 perc2 - ok
22:27:50.0546 3556 perc2hib - ok
22:27:50.0625 3556 PlugPlay (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
22:27:50.0765 3556 PlugPlay - ok
22:27:50.0812 3556 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:50.0921 3556 PolicyAgent - ok
22:27:50.0937 3556 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:27:51.0062 3556 PptpMiniport - ok
22:27:51.0078 3556 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
22:27:51.0203 3556 Processor - ok
22:27:51.0218 3556 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:51.0343 3556 ProtectedStorage - ok
22:27:51.0359 3556 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:27:51.0468 3556 PSched - ok
22:27:51.0484 3556 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:27:51.0625 3556 Ptilink - ok
22:27:51.0640 3556 PxHelp20 (0c8da0a8b0d227319c285e0eae65defd) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:27:51.0656 3556 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
22:27:51.0656 3556 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
22:27:51.0671 3556 ql1080 - ok
22:27:51.0687 3556 Ql10wnt - ok
22:27:51.0703 3556 ql12160 - ok
22:27:51.0718 3556 ql1240 - ok
22:27:51.0734 3556 ql1280 - ok
22:27:51.0843 3556 RalinkRegistryWriter (432f5b15e21a54b48072593f03570326) C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
22:27:51.0843 3556 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - warning
22:27:51.0843 3556 RalinkRegistryWriter - detected UnsignedFile.Multi.Generic (1)
22:27:51.0875 3556 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:27:52.0015 3556 RasAcd - ok
22:27:52.0078 3556 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
22:27:52.0218 3556 RasAuto - ok
22:27:52.0234 3556 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
22:27:52.0296 3556 Rasirda - ok
22:27:52.0312 3556 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:27:52.0421 3556 Rasl2tp - ok
22:27:52.0484 3556 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
22:27:52.0609 3556 RasMan - ok
22:27:52.0640 3556 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:27:52.0781 3556 RasPppoe - ok
22:27:52.0796 3556 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:27:52.0937 3556 Raspti - ok
22:27:53.0015 3556 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:27:53.0140 3556 Rdbss - ok
22:27:53.0171 3556 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:27:53.0343 3556 RDPCDD - ok
22:27:53.0453 3556 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
22:27:53.0578 3556 RDPWD - ok
22:27:53.0734 3556 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
22:27:53.0875 3556 RDSessMgr - ok
22:27:53.0937 3556 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:27:54.0062 3556 redbook - ok
22:27:54.0156 3556 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
22:27:54.0296 3556 RemoteAccess - ok
22:27:54.0328 3556 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
22:27:54.0453 3556 RpcLocator - ok
22:27:54.0765 3556 RpcSs (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
22:27:54.0906 3556 RpcSs - ok
22:27:55.0000 3556 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
22:27:55.0140 3556 RSVP - ok
22:27:55.0250 3556 rt2870 (5532f69d0a845ffe9d70b9e0392fe50a) C:\WINDOWS\system32\DRIVERS\rt2870.sys
22:27:55.0390 3556 rt2870 - ok
22:27:55.0390 3556 RT61 - ok
22:27:55.0453 3556 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:55.0562 3556 SamSs - ok
22:27:55.0625 3556 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
22:27:55.0750 3556 SCardSvr - ok
22:27:55.0796 3556 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
22:27:55.0937 3556 Schedule - ok
22:27:55.0968 3556 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:27:56.0125 3556 Secdrv - ok
22:27:56.0187 3556 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
22:27:56.0328 3556 seclogon - ok
22:27:56.0390 3556 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
22:27:56.0515 3556 SENS - ok
22:27:56.0531 3556 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:27:56.0640 3556 serenum - ok
22:27:56.0656 3556 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
22:27:56.0765 3556 Serial - ok
22:27:56.0796 3556 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\WINDOWS\system32\drivers\sfdrv01a.sys
22:27:56.0953 3556 sfdrv01a - ok
22:27:56.0968 3556 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\WINDOWS\system32\drivers\sfhlp02.sys
22:27:57.0015 3556 sfhlp02 - ok
22:27:57.0046 3556 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:27:57.0156 3556 Sfloppy - ok
22:27:57.0171 3556 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\WINDOWS\system32\drivers\sfsync02.sys
22:27:57.0187 3556 sfsync02 - ok
22:27:57.0218 3556 sfvfs02 (107b772690050d3b19cbc637ad8fd96e) C:\WINDOWS\system32\drivers\sfvfs02.sys
22:27:57.0265 3556 sfvfs02 - ok
22:27:57.0312 3556 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
22:27:57.0468 3556 SharedAccess - ok
22:27:57.0531 3556 ShellHWDetection (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
22:27:57.0656 3556 ShellHWDetection - ok
22:27:57.0671 3556 Simbad - ok
22:27:57.0687 3556 Sparrow - ok
22:27:57.0734 3556 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:27:57.0875 3556 splitter - ok
22:27:57.0921 3556 Spooler (cb1090bca0e7b40d0b5b4e4d66531809) C:\WINDOWS\system32\spoolsv.exe
22:27:58.0031 3556 Spooler - ok
22:27:58.0046 3556 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
22:27:58.0187 3556 sr - ok
22:27:58.0234 3556 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
22:27:58.0343 3556 srservice - ok
22:27:58.0390 3556 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
22:27:58.0453 3556 Srv - ok
22:27:58.0500 3556 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
22:27:58.0625 3556 SSDPSRV - ok
22:27:58.0703 3556 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
22:27:58.0859 3556 stisvc - ok
22:27:58.0890 3556 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:27:59.0015 3556 swenum - ok
22:27:59.0046 3556 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:27:59.0171 3556 swmidi - ok
22:27:59.0218 3556 SwPrv - ok
22:27:59.0250 3556 symc810 - ok
22:27:59.0265 3556 symc8xx - ok
22:27:59.0296 3556 sym_hi - ok
22:27:59.0312 3556 sym_u3 - ok
22:27:59.0328 3556 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:27:59.0468 3556 sysaudio - ok
22:27:59.0531 3556 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
22:27:59.0671 3556 SysmonLog - ok
22:27:59.0718 3556 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
22:27:59.0890 3556 TapiSrv - ok
22:27:59.0921 3556 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:27:59.0968 3556 Tcpip - ok
22:28:00.0015 3556 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:28:00.0125 3556 TDPIPE - ok
22:28:00.0156 3556 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:28:00.0281 3556 TDTCP - ok
22:28:00.0546 3556 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
22:28:00.0703 3556 TeamViewer7 - ok
22:28:00.0859 3556 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:28:01.0000 3556 TermDD - ok
22:28:01.0125 3556 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
22:28:01.0281 3556 TermService - ok
22:28:01.0312 3556 Themes (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
22:28:01.0468 3556 Themes - ok
22:28:01.0484 3556 TosIde - ok
22:28:01.0562 3556 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
22:28:01.0687 3556 TrkWks - ok
22:28:01.0718 3556 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
22:28:01.0734 3556 UBHelper ( UnsignedFile.Multi.Generic ) - warning
22:28:01.0734 3556 UBHelper - detected UnsignedFile.Multi.Generic (1)
22:28:01.0781 3556 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:28:01.0906 3556 Udfs - ok
22:28:01.0906 3556 ultra - ok
22:28:01.0953 3556 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:28:02.0093 3556 Update - ok
22:28:02.0156 3556 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
22:28:02.0312 3556 upnphost - ok
22:28:02.0375 3556 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
22:28:02.0515 3556 UPS - ok
22:28:02.0546 3556 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:28:02.0703 3556 usbccgp - ok
22:28:02.0718 3556 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:28:02.0843 3556 usbehci - ok
22:28:02.0859 3556 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:28:02.0984 3556 usbhub - ok
22:28:03.0015 3556 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:28:03.0125 3556 usbohci - ok
22:28:03.0171 3556 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:28:03.0281 3556 usbprint - ok
22:28:03.0328 3556 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:28:03.0437 3556 USBSTOR - ok
22:28:03.0453 3556 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:28:03.0578 3556 VgaSave - ok
22:28:03.0593 3556 ViaIde - ok
22:28:03.0625 3556 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
22:28:03.0750 3556 VolSnap - ok
22:28:03.0812 3556 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
22:28:03.0937 3556 VSS - ok
22:28:03.0984 3556 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
22:28:04.0140 3556 W32Time - ok
22:28:04.0171 3556 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:28:04.0281 3556 Wanarp - ok
22:28:04.0296 3556 WDICA - ok
22:28:04.0328 3556 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:28:04.0437 3556 wdmaud - ok
22:28:04.0484 3556 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
22:28:04.0609 3556 WebClient - ok
22:28:04.0671 3556 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:28:04.0781 3556 winmgmt - ok
22:28:04.0890 3556 winvnc (b84873b030e66ddf3964a31793bb4211) C:\Program Files\RealVNC\WinVNC\WinVNC.exe
22:28:04.0937 3556 winvnc ( UnsignedFile.Multi.Generic ) - warning
22:28:04.0937 3556 winvnc - detected UnsignedFile.Multi.Generic (1)
22:28:04.0968 3556 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:28:05.0015 3556 WmdmPmSN - ok
22:28:05.0062 3556 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:28:05.0203 3556 WmiApSrv - ok
22:28:05.0296 3556 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
22:28:05.0375 3556 WMPNetworkSvc - ok
22:28:05.0437 3556 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
22:28:05.0562 3556 wscsvc - ok
22:28:05.0625 3556 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
22:28:05.0781 3556 wuauserv - ok
22:28:05.0812 3556 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:28:05.0843 3556 WudfPf - ok
22:28:05.0843 3556 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:28:05.0875 3556 WudfRd - ok
22:28:05.0906 3556 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
22:28:05.0937 3556 WudfSvc - ok
22:28:06.0015 3556 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
22:28:06.0203 3556 WZCSVC - ok
22:28:06.0265 3556 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
22:28:06.0406 3556 xmlprov - ok
22:28:06.0406 3556 Suspicious service (NoAccess): ymzid
22:28:06.0437 3556 ymzid (5a596acc916f37f266498535ebfc8d9e) C:\Program Files\Movie Maker\ujwwomdn.dll
22:28:06.0453 3556 ymzid ( LockedService.Multi.Generic ) - warning
22:28:06.0453 3556 ymzid - detected LockedService.Multi.Generic (1)
22:28:06.0484 3556 MBR (0x1B8) (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0
22:28:09.0765 3556 \Device\Harddisk0\DR0 - ok
22:28:09.0796 3556 Boot (0x1200) (bf6b28a39af7498ae39a198abbe52092) \Device\Harddisk0\DR0\Partition0
22:28:09.0796 3556 \Device\Harddisk0\DR0\Partition0 - ok
22:28:09.0812 3556 Boot (0x1200) (a523d1357696058d46799c86a8a55c31) \Device\Harddisk0\DR0\Partition1
22:28:09.0812 3556 \Device\Harddisk0\DR0\Partition1 - ok
22:28:09.0828 3556 ============================================================
22:28:09.0828 3556 Scan finished
22:28:09.0828 3556 ============================================================
22:28:09.0953 3476 Detected object count: 9
22:28:09.0953 3476 Actual detected object count: 9
22:29:08.0937 3476 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 mtpjueuhy ( LockedService.Multi.Generic ) - skipped by user
22:29:08.0937 3476 mtpjueuhy ( LockedService.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 winvnc ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 winvnc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0953 3476 ymzid ( LockedService.Multi.Generic ) - skipped by user
22:29:08.0953 3476 ymzid ( LockedService.Multi.Generic ) - User select action: Skip
22:29:27.0343 3468 Deinitialize success
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#13 Příspěvek od pepik24 »

provedeno, ale web AV nelze zobrazit - konretne zkouseno avg.com, avast.cz, eset.cz, eset.com
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#14 Příspěvek od pepik24 »

v priloze jsou zazipovane soubory OTL.txt a Extras.txt

Preji prijemnou noc, pro dnesek musim bezet.
Diky!!!
Přílohy
OTL.zip
OTL.txt i Extras.txt
(117.06 KiB) Staženo 71 x
Nahoru
pepik24
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 90
Registrován: 27 led 2009 16:31

Re: nelze zobrazit zadne stranky AV

#15 Příspěvek od pepik24 »

Zdravicko,
tak jsem po propracovanem dnu zpet.
Brajgl? Neco oskliveho, co by funkcni AV na jinych PC neodhalil? Nejaka ta flashka prez toto PC urcite presla. Doufam, ze se to opravdu nerozlezlo dal, to by byla nakazena pulka vesnice :D
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“