Enkryptované súbory

Zpráva

Japonka · #1 Příspěvek od **Japonka** » 04 čer 2015 14:35

Dobrý deň,

včera som zaznamenala výrazné spomalenie počítača počas surfovania na nete, občas mi to hodilu hlášku na zlyhanie zásuvného modulu, no žiadne problémy mi antivirák Panda nehlásil. Po použití CCleanera pred vypnutím PC sa na ploche zobrazil text:

Kód: Vybrat vše

Ваши файлы были зашифрованы.
Чтобы расшифровать их, Вам необходимо отправить код:
092D48597914A172228E|0
на электронный адрес decode010@gmail.com или decode1110@gmail.com .
Далее вы получите все необходимые инструкции.  
Попытки расшифровать самостоятельно не приведут ни к чему, кроме безвозвратной потери информации.

All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
092D48597914A172228E|0
to e-mail address decode010@gmail.com or decode1110@gmail.com .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.

- a všetky súbory boli prepísané, no Panda žiaden problém nehlási...
Skúsila som obnovu systému o pár dní, no to nepomohlo. Je šanca zachrániť súbory? Veľmi by ma mrzelo, keby nie. Prosím, pomôžte mi.

Posielam log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2015-06-04 15:05:39
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 348 GB (73%) free of 477 GB
Total RAM: 2783 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:06:57, on 4.6.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\uzivatel\Local Settings\Temporary Internet Files\Content.IE5\AA08FC0V\RSIT[1].exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe

--
End of file - 6880 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1424210897.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-03 981320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-04 98304]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2012-06-06 20065936]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"PSUAMain"=C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [2014-10-16 37624]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2015-02-12 39408]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-02-19 5503768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-05-04 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"MaxGPOScriptWait"=600

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm

======List of files/folders created in the last 1 month======

2015-06-04 15:05:40 ----D---- C:\Program Files\trend micro
2015-06-04 15:05:39 ----D---- C:\rsit
2015-06-03 23:06:40 ----A---- C:\README9.txt
2015-06-03 23:06:40 ----A---- C:\README8.txt
2015-06-03 23:06:40 ----A---- C:\README7.txt
2015-06-03 23:06:40 ----A---- C:\README6.txt
2015-06-03 23:06:40 ----A---- C:\README5.txt
2015-06-03 23:06:40 ----A---- C:\README4.txt
2015-06-03 23:06:40 ----A---- C:\README3.txt
2015-06-03 23:06:40 ----A---- C:\README2.txt
2015-06-03 23:06:40 ----A---- C:\README10.txt
2015-06-03 23:06:40 ----A---- C:\README1.txt
2015-06-03 16:13:13 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-06-04 15:05:43 ----D---- C:\WINDOWS\Prefetch
2015-06-04 15:05:40 ----RD---- C:\Program Files
2015-06-04 14:50:10 ----D---- C:\WINDOWS\Temp
2015-06-04 14:29:55 ----D---- C:\WINDOWS\system32\drivers
2015-06-04 14:29:55 ----D---- C:\WINDOWS\system32\CatRoot2
2015-06-04 02:39:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-06-04 02:25:08 ----D---- C:\WINDOWS
2015-06-04 02:23:35 ----D---- C:\WINDOWS\system32\config
2015-06-04 02:23:14 ----D---- C:\WINDOWS\system32\wbem
2015-06-04 02:23:14 ----D---- C:\WINDOWS\Registration
2015-05-31 20:36:48 ----D---- C:\WINDOWS\Minidump
2015-05-20 13:48:10 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-05-18 11:32:02 ----SHD---- C:\WINDOWS\Installer
2015-05-18 11:27:11 ----SD---- C:\WINDOWS\Tasks
2015-05-14 02:23:38 ----D---- C:\WINDOWS\Debug
2015-05-13 13:01:39 ----D---- C:\Config.Msi
2015-05-13 13:01:35 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-05-13 13:00:20 ----D---- C:\WINDOWS\system32\MRT
2015-05-13 12:57:32 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 NNSALPC;NNSAlpc; C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys [2014-06-04 88992]
R1 NNSHTTP;NNSHttp; C:\WINDOWS\system32\DRIVERS\NNSHttp.sys [2014-06-18 166816]
R1 NNSHTTPS;NNSHttps; C:\WINDOWS\system32\DRIVERS\NNSHttps.sys [2014-06-04 110624]
R1 NNSIDS;NNSids; C:\WINDOWS\system32\DRIVERS\NNSIds.sys [2014-06-04 125216]
R1 NNSPICC;NNSPicc; C:\WINDOWS\system32\DRIVERS\NNSPicc.sys [2014-06-04 96160]
R1 NNSPIHS;NNSPihs; C:\WINDOWS\system32\DRIVERS\NNSPihs.sys [2014-06-04 52384]
R1 NNSPOP3;NNSPop3; C:\WINDOWS\system32\DRIVERS\NNSPop3.sys [2014-06-04 121888]
R1 NNSPROT;NNSProt; C:\WINDOWS\system32\DRIVERS\NNSProt.sys [2014-06-04 288032]
R1 NNSPRV;NNSPrv; C:\WINDOWS\system32\DRIVERS\NNSPrv.sys [2014-06-04 208800]
R1 NNSSMTP;NNSSmtp; C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys [2014-06-04 109856]
R1 NNSSTRM;NNSStrm; C:\WINDOWS\system32\DRIVERS\NNSStrm.sys [2014-06-04 244000]
R1 NNSTLSC;NNSTlsc; C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys [2014-06-04 96928]
R1 PSINKNC;PSINKNC; C:\WINDOWS\system32\DRIVERS\psinknc.sys [2014-10-02 172432]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 PSINAflt;PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [2014-10-13 140688]
R2 PSINFile;PSINFile; C:\WINDOWS\system32\DRIVERS\PSINFile.sys [2014-10-13 103312]
R2 PSINProc;PSINProc; C:\WINDOWS\system32\DRIVERS\PSINProc.sys [2014-10-02 114704]
R2 PSINProt;PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [2014-10-02 124944]
R2 PSINReg;PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [2014-10-13 100496]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\amdhub30.sys [2011-10-26 81536]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\amdxhc.sys [2011-10-26 173184]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-05-04 7571968]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-12-20 100368]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-06-12 6138512]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 NNSNAHS;Network Activity Hook Server Service; C:\WINDOWS\system32\DRIVERS\NNSNAHS.sys [2014-01-16 46464]
R3 PSKMAD;PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [2014-03-25 48736]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2012-02-22 329960]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2012-01-13 43392]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-05-04 643072]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [2014-10-13 142072]
R2 PandaAgent;Panda Devices Agent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [2014-10-09 66808]
R2 PSUAService;Panda Product Service; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [2014-10-16 38136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-11 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-11 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-12 194032]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-19 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 04 čer 2015 14:37

Zdravim

tento typ haveti - zasifrovane souboy - nelze resit na foru - je treba aby se na to odbornik podival tzv. zive, napr. pres vzdalene pripojeni a dle toho pak zvolil pripadny zpusob obnovy souboru...

Na toto mohu doporucit nasi sluzbu vzdalene pomoci http://www.neslape.cz

VIRY.CZ

Enkryptované súbory

Enkryptované súbory

Re: Enkryptované súbory