Kontrola logu po "opravách" na notebooku

becherekmg · Příspěvekod **becherekmg** » 22 říj 2013 23:03

Dobrý den.

Potřeboval bych poradit či lépe řečeno zkouknout log. Náš "stařičký" notebook eee PC 1000HD (s Windows XP) po ne příliš rozumném zásahu jednoho člena rodiny (instalace přehrávače videa a během této instalace vypnutí notebooku "natvrdo". Co to bylo za přehrávač, nevím, nebyl se u toho, ale rozhodně to nebylo nic standardního, třeba jako vlc, winamp apod.), přestal po zapnutí za chvíli vůbec reagovat. Zjistil jsem, že to dělal svchost.exe. Když jsem jej "shodil", notebook již nebyl schopen se připojit na internet. Po pročítání různých fór jsem se pokusil nejprve systém aktualizovat. To se mi naštěstí podařilo a od té doby notebook reaguje poměrně dobře. Nicméně mám obavu, že se do něj tou instalací dostala nějaká "havěť". Pro jistotu jsem jej proskenoval. Ale ani Avast a ani Ad-aware nic nenašly. A tak zkouším štěstí zde, zda někdo něco neodhalí.

Děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:29:43, on 22.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe
C:\Documents and Settings\All Users\Data aplikací\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Gina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gina\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Install\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com/inde ... 5263DC6AD2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Search Protection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\SearchProtection.exe
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4954714312
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4954797000
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

--
End of file - 7918 bytes

Reklama

Příspěvekod **jaro3** » 23 říj 2013 10:46

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

becherekmg · Příspěvekod **becherekmg** » 23 říj 2013 15:43

Děkuji za reakci.

Zde je výpis z AdwCleaneru:

AdwCleaner v3.010 - Report created 23/10/2013 at 14:36:55
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Gina - GINAVL
# Running from : C:\Documents and Settings\Gina\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Gina\Data aplikací\speedanalysis.ico
Folder Found C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Found C:\Documents and Settings\All Users\Data aplikací\blekko toolbars
Folder Found C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService
Folder Found C:\Documents and Settings\All Users\Data aplikací\Search Protection
Folder Found C:\Documents and Settings\Gina\Data aplikací\adawaretb
Folder Found C:\Documents and Settings\Gina\Data aplikací\Babylon
Folder Found C:\Documents and Settings\Gina\Data aplikací\file scout
Folder Found C:\Documents and Settings\Gina\Data aplikací\PerformerSoft
Folder Found C:\Documents and Settings\Gina\Data aplikací\SeeSimilar02
Folder Found C:\Documents and Settings\Gina\Data aplikací\SpeedAnalysis3
Folder Found C:\Program Files\Toolbar Cleaner

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\adawaretb
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Found : HKCU\Software\performersoft llc
Key Found : HKLM\Software\adawaretb
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Installer
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : HKLM\Software\Toolbar Cleaner
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v

[ File : C:\Documents and Settings\Gina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3201 octets] - [23/10/2013 14:36:55]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3261 octets] ##########

Malwarebytes Anti-Malware se mi podařilo nainstalovat, ale již ne spustit. Musel jsem do nouzového režimu. Zde ja výpis:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
http://www.malwarebytes.org

Database version: v2013.10.23.05

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Administrator :: GINAVL [administrator]

Protection: Disabled

23.10.2013 15:01:24
MBAM-log-2013-10-23 (15-09-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209087
Time elapsed: 6 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\AmiBs.Installer (PUP.Optional.Amonetize.A) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService (Adware.InstallBrain) -> No action taken.
C:\Documents and Settings\Gina\Data aplikací\Babylon (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\Gina\Data aplikací\SpeedAnalysis3 (PUP.Optional.SpeedAnalysis3.A) -> No action taken.
C:\Documents and Settings\Gina\Data aplikací\File Scout (PUP.Optional.FileScout.A) -> No action taken.

Files Detected: 7
C:\Documents and Settings\Gina\Data aplikací\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService\repository.xml (Adware.InstallBrain) -> No action taken.
C:\Documents and Settings\Gina\Data aplikací\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\Documents and Settings\Gina\Data aplikací\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> No action taken.
C:\Documents and Settings\Gina\Data aplikací\SpeedAnalysis3\speedanalysis03.crx (PUP.Optional.SpeedAnalysis3.A) -> No action taken.
C:\Documents and Settings\Gina\Data aplikací\SpeedAnalysis3\install_helper.exe (PUP.Optional.SpeedAnalysis3.A) -> No action taken.
C:\Documents and Settings\Gina\Data aplikací\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> No action taken.

(end)

A zde přidávám výpis poté, co se mi podařilo XP pustit normálně:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.10.23.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gina :: GINAVL [administrátor]

Ochrana: Povolena

23.10.2013 15:27:03
MBAM-log-2013-10-23 (15-38-14).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 210356
Uplynulý čas: 10 minut, 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
HKCR\AmiBs.Installer (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 4
C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gina\Data aplikací\Babylon (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gina\Data aplikací\SpeedAnalysis3 (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gina\Data aplikací\File Scout (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 7
C:\Documents and Settings\Gina\Data aplikací\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gina\Data aplikací\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gina\Data aplikací\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gina\Data aplikací\SpeedAnalysis3\speedanalysis03.crx (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gina\Data aplikací\SpeedAnalysis3\install_helper.exe (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Gina\Data aplikací\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.

(konec)

Příspěvekod **memphisto** » 23 říj 2013 16:18

V obou programech nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

becherekmg · Příspěvekod **becherekmg** » 24 říj 2013 23:55

Přikládám jednotlivé logy:

AdwClean

# AdwCleaner v3.010 - Report created 24/10/2013 at 23:14:42
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Gina - GINAVL
# Running from : C:\Documents and Settings\Gina\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v

[ File : C:\Documents and Settings\Gina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3341 octets] - [23/10/2013 14:36:55]
AdwCleaner[R1].txt - [3401 octets] - [24/10/2013 22:52:20]
AdwCleaner[R2].txt - [770 octets] - [24/10/2013 23:14:42]
AdwCleaner[S0].txt - [3548 octets] - [24/10/2013 22:55:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [889 octets] ##########

-----------------------------------------------------------------------------------------------------

Anti-Malware

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.10.24.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gina :: GINAVL [administrátor]

Ochrana: Povolena

24.10.2013 23:00:45
mbam-log-2013-10-24 (23-00-45).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 210471
Uplynulý čas: 11 minut, 58 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

--------------------------------------------------------------------------------

RogueKiller

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Gina [Práva správce]
Mód : Kontrola -- Datum : 10/24/2013 23:23:36
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[BROK VAL] HKCR\[...]\command : () -> CHYBÍ

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Gina][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk : C:\Documents and Settings\Gina\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk @C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE /tsr [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9160310AS +++++
--- User ---
[MBR] e2d80794babd6183b669553f3a0c25a1
[BSP] 34996015b52366b90c6811d7a2963338 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 81933 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 167814990 | Size: 70653 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 312512445 | Size: 31 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10242013_232336.txt >>

---------------------------------------------------------------------------------------------

Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by Gina on źt 24.10.2013 at 23:32:36,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\search protection
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1177238915-1417001333-725345543-1004\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 24.10.2013 at 23:42:55,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Příspěvekod **jaro3** » 25 říj 2013 10:23

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

becherekmg · Příspěvekod **becherekmg** » 25 říj 2013 11:47

Při deaktivaci firewallu mám zůstat připojen na internet nebo mám wifinu odpojit? A antivir a firewall mají být vypnuté i při spuštěném TDSSKiller.exe?

Příspěvekod **jaro3** » 26 říj 2013 10:57

Jo , vypni vše. wifinu můžeš nechat.

becherekmg · Příspěvekod **becherekmg** » 26 říj 2013 12:07

Výpis z RogueKiller

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Gina [Práva správce]
Mód : Odebrat -- Datum : 10/26/2013 11:47:23
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[BROK VAL] HKCR\[...]\command : () -> vytvořené ("%1" %*)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Gina][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk : C:\Documents and Settings\Gina\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk @C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE /tsr [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9160310AS +++++
--- User ---
[MBR] e2d80794babd6183b669553f3a0c25a1
[BSP] 34996015b52366b90c6811d7a2963338 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 81933 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 167814990 | Size: 70653 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 312512445 | Size: 31 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10262013_114723.txt >>
RKreport[0]_S_10242013_232336.txt;RKreport[0]_S_10262013_114717.txt

------------------------------------------------------------------------------------

Tdsskiller

11:50:57.0514 0x0570 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
11:51:02.0389 0x0570 ============================================================
11:51:02.0389 0x0570 Current date / time: 2013/10/26 11:51:02.0389
11:51:02.0389 0x0570 SystemInfo:
11:51:02.0389 0x0570
11:51:02.0389 0x0570 OS Version: 5.1.2600 ServicePack: 3.0
11:51:02.0389 0x0570 Product type: Workstation
11:51:02.0389 0x0570 ComputerName: GINAVL
11:51:02.0389 0x0570 UserName: Gina
11:51:02.0389 0x0570 Windows directory: C:\WINDOWS
11:51:02.0389 0x0570 System windows directory: C:\WINDOWS
11:51:02.0389 0x0570 Processor architecture: Intel x86
11:51:02.0389 0x0570 Number of processors: 1
11:51:02.0389 0x0570 Page size: 0x1000
11:51:02.0389 0x0570 Boot type: Normal boot
11:51:02.0389 0x0570 ============================================================
11:51:08.0749 0x0570 System UUID: {2F170916-69D2-8C01-CDD2-0A460CEB6A3F}
11:51:10.0592 0x0570 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:51:10.0592 0x0570 ============================================================
11:51:10.0592 0x0570 \Device\Harddisk0\DR0:
11:51:10.0592 0x0570 MBR partitions:
11:51:10.0608 0x0570 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0xA00684E
11:51:10.0608 0x0570 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA00A74E, BlocksNum 0x89FE86F
11:51:10.0608 0x0570 ============================================================
11:51:10.0764 0x0570 D: <-> \Device\Harddisk0\DR0\Partition2
11:51:10.0858 0x0570 C: <-> \Device\Harddisk0\DR0\Partition1
11:51:10.0858 0x0570 ============================================================
11:51:10.0858 0x0570 Initialize success
11:51:10.0858 0x0570 ============================================================
11:51:15.0420 0x0dec ============================================================
11:51:15.0420 0x0dec Scan started
11:51:15.0420 0x0dec Mode: Manual;
11:51:15.0420 0x0dec ============================================================
11:51:15.0420 0x0dec KSN ping started
11:51:30.0592 0x0dec KSN ping finished: true
11:51:31.0655 0x0dec ================ Scan system memory ========================
11:51:31.0670 0x0dec System memory - ok
11:51:31.0670 0x0dec ================ Scan services =============================
11:51:31.0811 0x0dec Abiosdsk - ok
11:51:31.0827 0x0dec abp480n5 - ok
11:51:31.0967 0x0dec [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:51:31.0983 0x0dec ACPI - ok
11:51:32.0233 0x0dec [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:51:32.0249 0x0dec ACPIEC - ok
11:51:32.0249 0x0dec adpu160m - ok
11:51:32.0327 0x0dec [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:51:32.0327 0x0dec aec - ok
11:51:32.0420 0x0dec [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:51:32.0436 0x0dec AFD - ok
11:51:32.0452 0x0dec Aha154x - ok
11:51:32.0467 0x0dec aic78u2 - ok
11:51:32.0483 0x0dec aic78xx - ok
11:51:32.0530 0x0dec [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:51:32.0530 0x0dec Alerter - ok
11:51:32.0577 0x0dec [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
11:51:32.0577 0x0dec ALG - ok
11:51:32.0592 0x0dec AliIde - ok
11:51:32.0608 0x0dec amsint - ok
11:51:32.0624 0x0dec AppMgmt - ok
11:51:32.0733 0x0dec [ 6D5F95602B8D0D994D31A864872B38EF, E200D48DB4831D5073D1583067D254CD5C3F70557F07CAF77A26A4672FB32F8E ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys
11:51:32.0764 0x0dec AR5211 - ok
11:51:32.0780 0x0dec asc - ok
11:51:32.0795 0x0dec asc3350p - ok
11:51:32.0811 0x0dec asc3550 - ok
11:51:32.0936 0x0dec [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:51:32.0952 0x0dec aspnet_state - ok
11:51:32.0983 0x0dec [ 784FCB197F9A50A419D8CE4980655AE4, 296CAB5C1E22C68719E574CAA07EE10F3EC2D29148704CF8AAD6D464DF9AC306 ] AsusACPI C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
11:51:32.0983 0x0dec AsusACPI - ok
11:51:33.0030 0x0dec [ 4AF5F360BA1E8794D32B366E45A64A0A, 6AF5410168E06A6895237183AA9769576031FAF412ABFC46572A013432BE1F86 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:51:33.0030 0x0dec aswFsBlk - ok
11:51:33.0077 0x0dec [ 1F7094D4268D46F718C51286DC189791, 4820C1417876C45EBC1C33C66265AC16A6A016599256DDBA45D4D6E147DDE8A0 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
11:51:33.0077 0x0dec aswMonFlt - ok
11:51:33.0139 0x0dec [ 7B43265F92257A21CBFD88E7A651044C, E01A0E5BB3621CDEA906B63992A0258AC2BC79C487D128551153563FE1CBE819 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
11:51:33.0139 0x0dec aswRdr - ok
11:51:33.0217 0x0dec [ B680134BA1813B78B47FDD1DFF223CA5, 51B749766B8D1E75F8D652A9BDB8839A95A2637B05E1B2BFF4FF8B0E77A02D50 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
11:51:33.0217 0x0dec aswRvrt - ok
11:51:33.0295 0x0dec [ CCD565A8A72AF7D45F9A242013870926, 7E5A0EA32C5BAEA25C093A270CFEEE21E57272BC79221BDA58DDBF1CD9E9868C ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
11:51:33.0342 0x0dec aswSnx - ok
11:51:33.0420 0x0dec [ 937300BC7C4CDF7576BCCE44E19BBB9D, 2275DE904940042421D8A33ACC8C0E1C7FAED7E59FA4658938FB8DBE6D624634 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
11:51:33.0452 0x0dec aswSP - ok
11:51:33.0483 0x0dec [ 1F71F170D90E42EFDE9633D81D5E12DC, 62053E412F8269B4E906E482B905CADCFEA0D3296B525C1141944D5EA9B227A8 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
11:51:33.0483 0x0dec aswTdi - ok
11:51:33.0530 0x0dec [ 8CFAA2B965773A653F48F1207A9CB9C4, A4A58FAF10BB174A0400F3A25912A497300E5EEDF54B93B44FA67CA191047D06 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
11:51:33.0530 0x0dec aswVmm - ok
11:51:33.0624 0x0dec [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:51:33.0624 0x0dec AsyncMac - ok
11:51:33.0686 0x0dec [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:51:33.0702 0x0dec atapi - ok
11:51:33.0717 0x0dec Atdisk - ok
11:51:33.0764 0x0dec [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:51:33.0764 0x0dec Atmarpc - ok
11:51:33.0827 0x0dec [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:51:33.0827 0x0dec AudioSrv - ok
11:51:33.0905 0x0dec [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:51:33.0920 0x0dec audstub - ok
11:51:34.0030 0x0dec [ 28D6701C710AD7BA3CB95E75F8F1A9AA, 66EE8BC56E5043B5A84E1BA37D591EAD132BD949F03CA8092FDCC3E196AB39D0 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:51:34.0030 0x0dec avast! Antivirus - ok
11:51:34.0108 0x0dec [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:51:34.0108 0x0dec Beep - ok
11:51:34.0202 0x0dec [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
11:51:34.0280 0x0dec BITS - ok
11:51:34.0358 0x0dec [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
11:51:34.0374 0x0dec Browser - ok
11:51:34.0436 0x0dec [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:51:34.0436 0x0dec cbidf2k - ok
11:51:34.0467 0x0dec [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:51:34.0483 0x0dec CCDECODE - ok
11:51:34.0499 0x0dec cd20xrnt - ok
11:51:34.0514 0x0dec [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:51:34.0514 0x0dec Cdaudio - ok
11:51:34.0561 0x0dec [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:51:34.0561 0x0dec Cdfs - ok
11:51:34.0608 0x0dec [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:51:34.0624 0x0dec Cdrom - ok
11:51:34.0639 0x0dec Changer - ok
11:51:34.0670 0x0dec [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:51:34.0686 0x0dec CiSvc - ok
11:51:34.0702 0x0dec [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:51:34.0702 0x0dec ClipSrv - ok
11:51:34.0842 0x0dec [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:51:34.0858 0x0dec clr_optimization_v2.0.50727_32 - ok
11:51:34.0936 0x0dec [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:51:35.0014 0x0dec clr_optimization_v4.0.30319_32 - ok
11:51:35.0030 0x0dec [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:51:35.0030 0x0dec CmBatt - ok
11:51:35.0045 0x0dec CmdIde - ok
11:51:35.0077 0x0dec [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:51:35.0077 0x0dec Compbatt - ok
11:51:35.0092 0x0dec COMSysApp - ok
11:51:35.0124 0x0dec Cpqarray - ok
11:51:35.0186 0x0dec [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:51:35.0186 0x0dec CryptSvc - ok
11:51:35.0202 0x0dec dac2w2k - ok
11:51:35.0217 0x0dec dac960nt - ok
11:51:35.0311 0x0dec [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:51:35.0342 0x0dec DcomLaunch - ok
11:51:35.0358 0x0dec dgderdrv - ok
11:51:35.0420 0x0dec [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:51:35.0436 0x0dec Dhcp - ok
11:51:35.0499 0x0dec [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:51:35.0499 0x0dec Disk - ok
11:51:35.0514 0x0dec dmadmin - ok
11:51:35.0624 0x0dec [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:51:35.0686 0x0dec dmboot - ok
11:51:35.0764 0x0dec [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:51:35.0780 0x0dec dmio - ok
11:51:35.0842 0x0dec [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:51:35.0842 0x0dec dmload - ok
11:51:35.0889 0x0dec [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:51:35.0905 0x0dec dmserver - ok
11:51:35.0967 0x0dec [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:51:35.0967 0x0dec DMusic - ok
11:51:36.0030 0x0dec [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:51:36.0045 0x0dec Dnscache - ok
11:51:36.0108 0x0dec [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:51:36.0155 0x0dec Dot3svc - ok
11:51:36.0170 0x0dec dpti2o - ok
11:51:36.0233 0x0dec [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:51:36.0233 0x0dec drmkaud - ok
11:51:36.0295 0x0dec [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:51:36.0295 0x0dec EapHost - ok
11:51:36.0358 0x0dec [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:51:36.0374 0x0dec ERSvc - ok
11:51:36.0436 0x0dec [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
11:51:36.0467 0x0dec Eventlog - ok
11:51:36.0545 0x0dec [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
11:51:36.0592 0x0dec EventSystem - ok
11:51:36.0624 0x0dec [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:51:36.0639 0x0dec Fastfat - ok
11:51:36.0717 0x0dec [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:51:36.0749 0x0dec FastUserSwitchingCompatibility - ok
11:51:36.0780 0x0dec [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:51:36.0780 0x0dec Fdc - ok
11:51:36.0858 0x0dec [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:51:36.0858 0x0dec Fips - ok
11:51:36.0874 0x0dec [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:51:36.0874 0x0dec Flpydisk - ok
11:51:36.0952 0x0dec [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:51:36.0967 0x0dec FltMgr - ok
11:51:37.0077 0x0dec [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:51:37.0124 0x0dec FontCache3.0.0.0 - ok
11:51:37.0170 0x0dec [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:51:37.0170 0x0dec Fs_Rec - ok
11:51:37.0202 0x0dec [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:51:37.0217 0x0dec Ftdisk - ok
11:51:37.0295 0x0dec [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:51:37.0295 0x0dec Gpc - ok
11:51:37.0420 0x0dec [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:51:37.0436 0x0dec gupdate - ok
11:51:37.0467 0x0dec [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:51:37.0483 0x0dec gupdatem - ok
11:51:37.0514 0x0dec [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:51:37.0530 0x0dec HDAudBus - ok
11:51:37.0670 0x0dec [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:51:37.0670 0x0dec helpsvc - ok
11:51:37.0686 0x0dec HidServ - ok
11:51:37.0717 0x0dec [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:51:37.0717 0x0dec hidusb - ok
11:51:37.0780 0x0dec [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:51:37.0795 0x0dec hkmsvc - ok
11:51:37.0811 0x0dec hpn - ok
11:51:37.0874 0x0dec [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:51:37.0889 0x0dec HTTP - ok
11:51:37.0952 0x0dec [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:51:37.0983 0x0dec HTTPFilter - ok
11:51:37.0999 0x0dec i2omgmt - ok
11:51:38.0014 0x0dec i2omp - ok
11:51:38.0077 0x0dec [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:51:38.0077 0x0dec i8042prt - ok
11:51:38.0249 0x0dec [ 6FCB904910DA07C9DC2593D66438FA29, D826C75316735DB325FF74583A5C3FDF16E9790A4D438FB428A2F0841C29623D ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:51:38.0327 0x0dec ialm - ok
11:51:38.0545 0x0dec [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:51:38.0624 0x0dec idsvc - ok
11:51:38.0670 0x0dec [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:51:38.0686 0x0dec Imapi - ok
11:51:38.0749 0x0dec [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:51:38.0764 0x0dec ImapiService - ok
11:51:38.0795 0x0dec ini910u - ok
11:51:39.0280 0x0dec [ 74B482F8B2A9EBE8473381A7A58F801D, 2A6A71413F038FE0B4D7593651F73C31F05C7D1365B044329FA888D5D6D3DA39 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:51:39.0624 0x0dec IntcAzAudAddService - ok
11:51:39.0905 0x0dec [ 57D928E548B38502ABBA7A77A6EB7312, AD26B8096D918269BD7D9D454BB93850BCE595CE9E2A396F45777E7312396B33 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:51:39.0905 0x0dec IntelIde - ok
11:51:39.0983 0x0dec [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:51:39.0983 0x0dec intelppm - ok
11:51:40.0264 0x0dec [ 5F0F75FADB9D84B39E792567E0E88725, FC97BBEAA030F20D0910C3C70E9CD40AC5395CDECC75099AE5455819946D1839 ] ioloSystemService C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
11:51:40.0342 0x0dec ioloSystemService - ok
11:51:40.0374 0x0dec [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:51:40.0374 0x0dec Ip6Fw - ok
11:51:40.0452 0x0dec [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:51:40.0452 0x0dec IpFilterDriver - ok
11:51:40.0499 0x0dec [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:51:40.0499 0x0dec IpInIp - ok
11:51:40.0545 0x0dec [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:51:40.0561 0x0dec IpNat - ok
11:51:40.0592 0x0dec [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:51:40.0592 0x0dec IPSec - ok
11:51:40.0624 0x0dec [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:51:40.0624 0x0dec IRENUM - ok
11:51:40.0717 0x0dec [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:51:40.0717 0x0dec isapnp - ok
11:51:40.0780 0x0dec [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:51:40.0795 0x0dec Kbdclass - ok
11:51:40.0905 0x0dec [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:51:40.0905 0x0dec kmixer - ok
11:51:40.0967 0x0dec [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:51:40.0967 0x0dec KSecDD - ok
11:51:40.0999 0x0dec [ 8CBA0D1DA71EFBA17D15DDE1A5FFBB43, E77B9E78451CFA113A4C7852AADCD4B480B8CE5FD5D664B28E75AB86A916DE75 ] Ktp C:\WINDOWS\system32\DRIVERS\ETD.sys
11:51:40.0999 0x0dec Ktp - ok
11:51:41.0045 0x0dec [ 303627228DD739D98289679901A38C8F, 2E2C249CDD0C1D04EF4EC03DD5EF1984DD74FC66253BBDA553FB30FAA8173F60 ] L1e C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
11:51:41.0061 0x0dec L1e - ok
11:51:41.0155 0x0dec [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:51:41.0170 0x0dec lanmanserver - ok
11:51:41.0233 0x0dec [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:51:41.0280 0x0dec lanmanworkstation - ok
11:51:41.0295 0x0dec lbrtfdc - ok
11:51:41.0374 0x0dec [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:51:41.0389 0x0dec LmHosts - ok
11:51:41.0436 0x0dec [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:51:41.0436 0x0dec MBAMProtector - ok
11:51:41.0530 0x0dec [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:51:41.0561 0x0dec MBAMScheduler - ok
11:51:41.0639 0x0dec [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:51:41.0686 0x0dec MBAMService - ok
11:51:41.0717 0x0dec [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:51:41.0733 0x0dec Messenger - ok
11:51:41.0780 0x0dec [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:51:41.0795 0x0dec mnmdd - ok
11:51:41.0842 0x0dec [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:51:41.0858 0x0dec mnmsrvc - ok
11:51:41.0905 0x0dec [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:51:41.0905 0x0dec Modem - ok
11:51:41.0936 0x0dec [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:51:41.0952 0x0dec Mouclass - ok
11:51:42.0014 0x0dec [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:51:42.0014 0x0dec mouhid - ok
11:51:42.0045 0x0dec [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:51:42.0045 0x0dec MountMgr - ok
11:51:42.0061 0x0dec mraid35x - ok
11:51:42.0108 0x0dec [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:51:42.0124 0x0dec MRxDAV - ok
11:51:42.0186 0x0dec [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:51:42.0217 0x0dec MRxSmb - ok
11:51:42.0264 0x0dec [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:51:42.0264 0x0dec MSDTC - ok
11:51:42.0295 0x0dec [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:51:42.0311 0x0dec Msfs - ok
11:51:42.0327 0x0dec MSIServer - ok
11:51:42.0389 0x0dec [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:51:42.0389 0x0dec MSKSSRV - ok
11:51:42.0405 0x0dec [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:51:42.0405 0x0dec MSPCLOCK - ok
11:51:42.0436 0x0dec [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:51:42.0436 0x0dec MSPQM - ok
11:51:42.0499 0x0dec [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:51:42.0499 0x0dec mssmbios - ok
11:51:42.0530 0x0dec [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:51:42.0530 0x0dec MSTEE - ok
11:51:42.0624 0x0dec [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:51:42.0639 0x0dec Mup - ok
11:51:42.0717 0x0dec [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:51:42.0717 0x0dec NABTSFEC - ok
11:51:42.0811 0x0dec [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
11:51:42.0842 0x0dec napagent - ok
11:51:42.0905 0x0dec [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:51:42.0920 0x0dec NDIS - ok
11:51:42.0952 0x0dec [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:51:42.0952 0x0dec NdisIP - ok
11:51:43.0014 0x0dec [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:51:43.0030 0x0dec NdisTapi - ok
11:51:43.0092 0x0dec [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:51:43.0092 0x0dec Ndisuio - ok
11:51:43.0124 0x0dec [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:51:43.0139 0x0dec NdisWan - ok
11:51:43.0170 0x0dec [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:51:43.0170 0x0dec NDProxy - ok
11:51:43.0217 0x0dec [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:51:43.0217 0x0dec NetBIOS - ok
11:51:43.0249 0x0dec [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:51:43.0264 0x0dec NetBT - ok
11:51:43.0327 0x0dec [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
11:51:43.0374 0x0dec NetDDE - ok
11:51:43.0405 0x0dec [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:51:43.0420 0x0dec NetDDEdsdm - ok
11:51:43.0483 0x0dec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:51:43.0499 0x0dec Netlogon - ok
11:51:43.0577 0x0dec [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
11:51:43.0608 0x0dec Netman - ok
11:51:43.0702 0x0dec [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:51:43.0717 0x0dec NetTcpPortSharing - ok
11:51:43.0780 0x0dec [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
11:51:43.0811 0x0dec Nla - ok
11:51:43.0889 0x0dec [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:51:43.0889 0x0dec Npfs - ok
11:51:43.0952 0x0dec [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:51:43.0999 0x0dec Ntfs - ok
11:51:44.0014 0x0dec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:51:44.0030 0x0dec NtLmSsp - ok
11:51:44.0139 0x0dec [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:51:44.0217 0x0dec NtmsSvc - ok
11:51:44.0264 0x0dec [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
11:51:44.0264 0x0dec Null - ok
11:51:44.0327 0x0dec [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:51:44.0342 0x0dec NwlnkFlt - ok
11:51:44.0358 0x0dec [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:51:44.0374 0x0dec NwlnkFwd - ok
11:51:44.0577 0x0dec [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:51:44.0624 0x0dec odserv - ok
11:51:44.0686 0x0dec [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:51:44.0702 0x0dec ose - ok
11:51:44.0780 0x0dec [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
11:51:44.0795 0x0dec Parport - ok
11:51:44.0811 0x0dec [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:51:44.0827 0x0dec PartMgr - ok
11:51:44.0889 0x0dec [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:51:44.0905 0x0dec ParVdm - ok
11:51:44.0952 0x0dec [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:51:44.0952 0x0dec PCI - ok
11:51:44.0967 0x0dec PCIDump - ok
11:51:44.0983 0x0dec [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
11:51:44.0983 0x0dec PCIIde - ok
11:51:45.0030 0x0dec [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:51:45.0045 0x0dec Pcmcia - ok
11:51:45.0061 0x0dec PDCOMP - ok
11:51:45.0077 0x0dec PDFRAME - ok
11:51:45.0124 0x0dec [ 40C611622882C3FCAFEB845C1E12A10F, A4F5790D9976D06822A656DCFDFEF76831A00089F6AC5519429142E6CBBC3EAC ] PDFsFilter C:\WINDOWS\system32\DRIVERS\PDFsFilter.sys
11:51:45.0124 0x0dec PDFsFilter - ok
11:51:45.0139 0x0dec PDRELI - ok
11:51:45.0155 0x0dec PDRFRAME - ok
11:51:45.0170 0x0dec perc2 - ok
11:51:45.0186 0x0dec perc2hib - ok
11:51:45.0264 0x0dec [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
11:51:45.0295 0x0dec PlugPlay - ok
11:51:45.0311 0x0dec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:51:45.0327 0x0dec PolicyAgent - ok
11:51:45.0389 0x0dec [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:51:45.0405 0x0dec PptpMiniport - ok
11:51:45.0420 0x0dec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:51:45.0436 0x0dec ProtectedStorage - ok
11:51:45.0452 0x0dec [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:51:45.0452 0x0dec PSched - ok
11:51:45.0499 0x0dec [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:51:45.0499 0x0dec Ptilink - ok
11:51:45.0514 0x0dec ql1080 - ok
11:51:45.0530 0x0dec Ql10wnt - ok
11:51:45.0545 0x0dec ql12160 - ok
11:51:45.0561 0x0dec ql1240 - ok
11:51:45.0577 0x0dec ql1280 - ok
11:51:45.0624 0x0dec [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:51:45.0639 0x0dec RasAcd - ok
11:51:45.0717 0x0dec [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:51:45.0764 0x0dec RasAuto - ok
11:51:45.0811 0x0dec [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:51:45.0811 0x0dec Rasl2tp - ok
11:51:45.0889 0x0dec [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:51:45.0920 0x0dec RasMan - ok
11:51:45.0936 0x0dec [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:51:45.0952 0x0dec RasPppoe - ok
11:51:45.0967 0x0dec [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:51:45.0967 0x0dec Raspti - ok
11:51:46.0014 0x0dec [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:51:46.0030 0x0dec Rdbss - ok
11:51:46.0061 0x0dec [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:51:46.0061 0x0dec RDPCDD - ok
11:51:46.0155 0x0dec [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:51:46.0170 0x0dec RDPWD - ok
11:51:46.0249 0x0dec [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:51:46.0311 0x0dec RDSessMgr - ok
11:51:46.0342 0x0dec [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:51:46.0358 0x0dec redbook - ok
11:51:46.0420 0x0dec [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:51:46.0436 0x0dec RemoteAccess - ok
11:51:46.0483 0x0dec [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
11:51:46.0499 0x0dec RpcLocator - ok
11:51:46.0561 0x0dec [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:51:46.0608 0x0dec RpcSs - ok
11:51:46.0655 0x0dec [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:51:46.0670 0x0dec RSVP - ok
11:51:46.0717 0x0dec [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
11:51:46.0733 0x0dec SamSs - ok
11:51:46.0749 0x0dec SBRE - ok
11:51:46.0764 0x0dec [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:51:46.0795 0x0dec SCardSvr - ok
11:51:46.0874 0x0dec [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:51:46.0905 0x0dec Schedule - ok
11:51:46.0936 0x0dec [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:51:46.0952 0x0dec Secdrv - ok
11:51:46.0967 0x0dec [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:51:46.0983 0x0dec seclogon - ok
11:51:47.0014 0x0dec [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
11:51:47.0045 0x0dec SENS - ok
11:51:47.0077 0x0dec [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:51:47.0077 0x0dec Serial - ok
11:51:47.0170 0x0dec [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:51:47.0170 0x0dec Sfloppy - ok
11:51:47.0264 0x0dec [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:51:47.0311 0x0dec SharedAccess - ok
11:51:47.0358 0x0dec [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:51:47.0374 0x0dec ShellHWDetection - ok
11:51:47.0389 0x0dec Simbad - ok
11:51:47.0420 0x0dec [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:51:47.0436 0x0dec SLIP - ok
11:51:47.0467 0x0dec Sparrow - ok
11:51:47.0514 0x0dec [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:51:47.0530 0x0dec splitter - ok
11:51:47.0592 0x0dec [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:51:47.0608 0x0dec Spooler - ok
11:51:47.0639 0x0dec [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:51:47.0655 0x0dec sr - ok
11:51:47.0733 0x0dec [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
11:51:47.0764 0x0dec srservice - ok
11:51:47.0842 0x0dec [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:51:47.0874 0x0dec Srv - ok
11:51:47.0936 0x0dec [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:51:47.0967 0x0dec SSDPSRV - ok
11:51:48.0061 0x0dec [ EF3458337D7341A05169CEFC73709264, C9D0AE966CFA02F7B72586C2A6E2AFA9818C9F4856A4E9625B79BC5A886FC193 ] SSPORT C:\WINDOWS\system32\Drivers\SSPORT.sys
11:51:48.0061 0x0dec SSPORT - ok
11:51:48.0170 0x0dec [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:51:48.0233 0x0dec stisvc - ok
11:51:48.0295 0x0dec [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:51:48.0311 0x0dec streamip - ok
11:51:48.0342 0x0dec [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:51:48.0342 0x0dec swenum - ok
11:51:48.0374 0x0dec [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:51:48.0374 0x0dec swmidi - ok
11:51:48.0389 0x0dec SwPrv - ok
11:51:48.0405 0x0dec symc810 - ok
11:51:48.0420 0x0dec symc8xx - ok
11:51:48.0436 0x0dec sym_hi - ok
11:51:48.0452 0x0dec sym_u3 - ok
11:51:48.0545 0x0dec [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:51:48.0545 0x0dec sysaudio - ok
11:51:48.0608 0x0dec [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:51:48.0655 0x0dec SysmonLog - ok
11:51:48.0702 0x0dec [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:51:48.0749 0x0dec TapiSrv - ok
11:51:48.0795 0x0dec [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:51:48.0827 0x0dec Tcpip - ok
11:51:48.0905 0x0dec [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:51:48.0905 0x0dec TDPIPE - ok
11:51:48.0936 0x0dec [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:51:48.0936 0x0dec TDTCP - ok
11:51:48.0967 0x0dec [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:51:48.0983 0x0dec TermDD - ok
11:51:49.0061 0x0dec [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
11:51:49.0155 0x0dec TermService - ok
11:51:49.0202 0x0dec [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
11:51:49.0217 0x0dec Themes - ok
11:51:49.0233 0x0dec TosIde - ok
11:51:49.0311 0x0dec [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:51:49.0342 0x0dec TrkWks - ok
11:51:49.0389 0x0dec [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:51:49.0389 0x0dec Udfs - ok
11:51:49.0405 0x0dec ultra - ok
11:51:49.0452 0x0dec [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:51:49.0483 0x0dec Update - ok
11:51:49.0530 0x0dec [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:51:49.0577 0x0dec upnphost - ok
11:51:49.0624 0x0dec [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
11:51:49.0639 0x0dec UPS - ok
11:51:49.0702 0x0dec [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:51:49.0717 0x0dec usbccgp - ok
11:51:49.0733 0x0dec [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:51:49.0749 0x0dec usbehci - ok
11:51:49.0811 0x0dec [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:51:49.0827 0x0dec usbhub - ok
11:51:49.0905 0x0dec [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:51:49.0920 0x0dec usbprint - ok
11:51:49.0983 0x0dec [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:51:49.0999 0x0dec usbstor - ok
11:51:50.0014 0x0dec [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:51:50.0030 0x0dec usbuhci - ok
11:51:50.0124 0x0dec [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
11:51:50.0139 0x0dec usbvideo - ok
11:51:50.0186 0x0dec [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:51:50.0186 0x0dec VgaSave - ok
11:51:50.0202 0x0dec ViaIde - ok
11:51:50.0249 0x0dec [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:51:50.0264 0x0dec VolSnap - ok
11:51:50.0342 0x0dec [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
11:51:50.0389 0x0dec VSS - ok
11:51:50.0467 0x0dec [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
11:51:50.0514 0x0dec W32Time - ok
11:51:50.0545 0x0dec [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:51:50.0561 0x0dec Wanarp - ok
11:51:50.0577 0x0dec WDICA - ok
11:51:50.0670 0x0dec [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:51:50.0670 0x0dec wdmaud - ok
11:51:50.0749 0x0dec [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:51:50.0780 0x0dec WebClient - ok
11:51:50.0920 0x0dec [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:51:50.0936 0x0dec winmgmt - ok
11:51:50.0999 0x0dec [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:51:51.0014 0x0dec WmdmPmSN - ok
11:51:51.0092 0x0dec [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:51:51.0108 0x0dec WmiApSrv - ok
11:51:51.0389 0x0dec [ 3739866D20ABD42F26A7B85F9E2560AF, 9DD01194A553590146A1A1D790B2F891D244C8C0EE34DA423CF2B1F7418BD3AC ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:51:51.0467 0x0dec WMPNetworkSvc - ok
11:51:51.0764 0x0dec [ 7CAEC4665452072662496CFCCAB727E2, 25771639042557CD1A348C405DCC7DD75DDC50323195A5833D9DAEEA442218B5 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:51:51.0827 0x0dec WPFFontCache_v0400 - ok
11:51:51.0905 0x0dec [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:51:51.0936 0x0dec wscsvc - ok
11:51:51.0967 0x0dec [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:51:51.0967 0x0dec WSTCODEC - ok
11:51:52.0014 0x0dec [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:51:52.0045 0x0dec wuauserv - ok
11:51:52.0139 0x0dec [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:51:52.0139 0x0dec WudfPf - ok
11:51:52.0170 0x0dec [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:51:52.0186 0x0dec WudfRd - ok
11:51:52.0249 0x0dec [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:51:52.0280 0x0dec WudfSvc - ok
11:51:52.0374 0x0dec [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:51:52.0452 0x0dec WZCSVC - ok
11:51:52.0530 0x0dec [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:51:52.0577 0x0dec xmlprov - ok
11:51:52.0592 0x0dec ================ Scan global ===============================
11:51:52.0655 0x0dec [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
11:51:52.0749 0x0dec [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
11:51:52.0827 0x0dec [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
11:51:52.0889 0x0dec [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
11:51:52.0905 0x0dec [ Global ] - ok
11:51:52.0920 0x0dec ================ Scan MBR ==================================
11:51:52.0952 0x0dec [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:51:53.0295 0x0dec \Device\Harddisk0\DR0 - ok
11:51:53.0295 0x0dec ================ Scan VBR ==================================
11:51:53.0342 0x0dec [ 0C3CB47CB8588CA06C0BD1DB6530D805 ] \Device\Harddisk0\DR0\Partition1
11:51:53.0342 0x0dec \Device\Harddisk0\DR0\Partition1 - ok
11:51:53.0358 0x0dec [ 513276F7C7CA999915373D7871AC0284 ] \Device\Harddisk0\DR0\Partition2
11:51:53.0358 0x0dec \Device\Harddisk0\DR0\Partition2 - ok
11:51:53.0358 0x0dec Waiting for KSN requests completion. In queue: 175
11:51:54.0358 0x0dec Waiting for KSN requests completion. In queue: 175
11:51:55.0358 0x0dec Waiting for KSN requests completion. In queue: 175
11:51:56.0389 0x0dec AV detected via SS1: avast! Antivirus, 5.0.134219217, disabled, updated
11:51:56.0405 0x0dec Win FW state via NFM: disabled
11:51:58.0920 0x0dec ============================================================
11:51:58.0920 0x0dec Scan finished
11:51:58.0920 0x0dec ============================================================
11:51:58.0936 0x0a78 Detected object count: 0
11:51:58.0936 0x0a78 Actual detected object count: 0
11:52:34.0795 0x0bf8 Deinitialize success

Příspěvekod **jaro3** » 27 říj 2013 10:16

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

becherekmg · Příspěvekod **becherekmg** » 02 lis 2013 23:19

Přikládám log:

ComboFix 13-11-01.03 - Gina 02.11.2013 22:59:43.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.637 [GMT 1:00]
Spuštěný z: c:\documents and settings\Gina\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-02 do 2013-11-02 )))))))))))))))))))))))))))))))
.
.
2013-10-24 21:32 . 2013-10-24 21:32 -------- d-----w- c:\windows\ERUNT
2013-10-23 12:56 . 2013-10-23 12:57 -------- d-----w- c:\documents and settings\Administrator
2013-10-23 12:42 . 2013-10-23 12:42 -------- d-----w- c:\documents and settings\Gina\Data aplikací\Malwarebytes
2013-10-23 12:42 . 2013-10-23 12:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-10-23 12:42 . 2013-10-23 12:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-23 12:42 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-23 12:36 . 2013-10-24 21:16 -------- d-----w- C:\AdwCleaner
2013-10-23 09:43 . 2013-10-23 09:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\GFI Software
2013-10-22 19:25 . 2013-10-22 19:25 -------- d-----w- c:\program files\MSXML 4.0
2013-10-20 15:10 . 2013-10-20 15:10 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Ad-Aware Antivirus
2013-10-20 14:41 . 2013-10-23 09:43 -------- d-----w- c:\program files\Ad-Aware Antivirus
2013-10-20 14:34 . 2013-10-22 19:02 -------- d-----w- c:\documents and settings\Gina\Data aplikací\Ad-Aware Antivirus
2013-10-20 14:11 . 2013-10-20 14:11 -------- d-----w- c:\documents and settings\Gina\Data aplikací\LavasoftStatistics
2013-10-20 13:37 . 2013-10-20 13:37 -------- d-----w- c:\documents and settings\Gina\Local Settings\Data aplikací\adawarebp
2013-10-20 13:36 . 2013-10-20 14:29 -------- d-----w- c:\program files\Lavasoft
2013-10-20 13:27 . 2013-10-20 13:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2013-10-18 21:00 . 2013-10-18 22:32 -------- d-----w- c:\windows\system32\XPSViewer
2013-10-18 21:00 . 2013-10-18 21:00 -------- d-----w- c:\program files\MSBuild
2013-10-18 20:59 . 2013-10-18 20:59 -------- d-----w- c:\program files\Reference Assemblies
2013-10-18 20:59 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-10-18 20:58 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2013-10-18 20:58 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2013-10-18 20:58 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2013-10-18 20:58 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-10-18 20:58 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2013-10-18 20:58 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2013-10-18 20:58 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2013-10-18 20:58 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2013-10-18 20:45 . 2013-10-18 20:45 -------- d-sh--w- c:\documents and settings\Gina\IECompatCache
2013-10-18 20:33 . 2013-10-18 20:36 -------- dc-h--w- c:\windows\ie8
2013-10-16 13:34 . 2013-10-16 13:34 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\iolo
2013-10-12 17:01 . 2013-09-23 18:25 759296 -c----w- c:\windows\system32\dllcache\vgx.dll
2013-10-09 15:46 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2013-10-09 15:46 . 2013-07-03 01:59 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2013-10-09 15:44 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2013-10-09 15:44 . 2013-07-17 00:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2013-10-09 15:44 . 2013-08-09 00:55 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2013-10-09 15:44 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 18:25 . 2004-08-18 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25 . 2004-08-18 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25 . 2004-08-18 12:00 18944 ------w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2004-08-18 12:00 385024 ------w- c:\windows\system32\html.iec
2013-09-08 14:27 . 2013-09-08 14:27 74703 ----a-w- c:\windows\system32\mfc45.dat
2013-09-08 14:25 . 2013-09-08 14:25 74703 ----a-w- c:\windows\system32\mfc45.dll
2013-08-29 07:01 . 2004-08-18 12:00 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56 . 2004-08-18 12:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2004-08-18 12:00 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2004-08-18 12:00 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55 . 2004-08-18 12:00 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2004-08-18 12:00 1289216 ----a-w- c:\windows\system32\ole32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2012-08-13 16871936]
"SoundMan"="SOUNDMAN.EXE" [2012-08-13 86016]
"AlcWzrd"="ALCWZRD.EXE" [2012-08-13 2808832]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-13 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-13 114688]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-13 94208]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2012-08-13 335872]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-06-03 98304]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-06-03 479232]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 332288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Lavasoft\\AdAware SecureSearch Toolbar\\dtUser.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [17.3.2013 18:23 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [17.3.2013 18:23 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.8.2012 15:23 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.8.2012 13:11 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.8.2012 13:11 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [17.3.2013 18:23 66336]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [8.9.2013 15:28 1072664]
R2 PDFsFilter;PDFsFilter;c:\windows\system32\drivers\PDFsFilter.sys [8.9.2013 15:28 68464]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [14.3.2011 7:36 5120]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [23.10.2013 13:42 701512]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [23.10.2013 13:42 22856]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-08-14 08:58]
.
2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-28 14:32]
.
2013-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-28 14:32]
.
2013-11-02 c:\windows\Tasks\User_Feed_Synchronization-{3F1CDFD9-B052-490F-8A23-95AE5F9B37AE}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-02 23:10
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2013-11-02 23:13:46
ComboFix-quarantined-files.txt 2013-11-02 22:13
.
Před spuštěním: Volných bajtů: 40 647 077 888
Po spuštění: Volných bajtů: 40 604 323 840
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 1FEE6DF81CE736C25857ECA9940E2074
413FC2A0C716421B3158746D63736515

Příspěvekod **jaro3** » 03 lis 2013 10:42

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož nový log z HJT+info o problémech.

Kontrola logu po "opravách" na notebooku

Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Re: Kontrola logu po "opravách" na notebooku

Kdo je online