Chybný proces po přihloášení do win xp - nejspíše explorer

konzervator · Příspěvekod **konzervator** » 29 lis 2013 12:18

Prosím o kontrolu logu z HJT k tématu ZDE

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:18:12, on 29.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\HJT\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\6a4e9366-a2d4-4ab7-a7f2-1543f1c89f32.exe /check
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 5838 bytes
_____________________________-

Děkuji

Reklama

Příspěvekod **Žbeky** » 29 lis 2013 18:09

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

konzervator · Příspěvekod **konzervator** » 29 lis 2013 19:14

AdwCleaner

# AdwCleaner v3.013 - Report created 29/11/2013 at 19:04:34
# Updated 24/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : michal - HAL9000
# Running from : C:\Documents and Settings\michal\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v25.0.1 (cs)

[ File : C:\Documents and Settings\michal\Data aplikací\Mozilla\Firefox\Profiles\zmjyo4qz.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [2077 octets] - [29/11/2013 19:04:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2137 octets] ##########

_____________________________________

Malwarebytes

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.29.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
michal :: HAL9000 [administrátor]

Ochrana: Zakázána

29.11.2013 18:45:24
MBAM-log-2013-11-29 (18-59-30).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 190285
Uplynulý čas: 7 minut, 15 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

________

Vše jsem udělal... Dokonce ten Malwarebytes jsem provedl dřív než jsem sem napsal a 3 viry smazal už před tím.

Příspěvekod **jaro3** » 30 lis 2013 09:29

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

konzervator · Příspěvekod **konzervator** » 30 lis 2013 10:51

AdwCleaner :

# AdwCleaner v3.013 - Report created 30/11/2013 at 10:31:37
# Updated 24/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : michal - HAL9000
# Running from : C:\Documents and Settings\michal\Plocha\Documents\program pc\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v25.0.1 (cs)

[ File : C:\Documents and Settings\michal\Data aplikací\Mozilla\Firefox\Profiles\zmjyo4qz.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [2217 octets] - [29/11/2013 19:04:34]
AdwCleaner[R1].txt - [2298 octets] - [30/11/2013 10:29:19]
AdwCleaner[S0].txt - [2243 octets] - [30/11/2013 10:31:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2303 octets] ##########

__________________________________

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by michal on so 30.11.2013 at 10:39:34,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 30.11.2013 at 10:50:18,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EDIT
MbAM mám dát rychlý test nebo kompletní ?

EDIT 2
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.11.29.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
michal :: HAL9000 [administrátor]

Ochrana: Zakázána

30.11.2013 11:02:22
mbam-log-2013-11-30 (11-02-22).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 229606
Uplynulý čas: 42 minut, 9 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

____________________

RoqueKiller

RogueKiller V8.7.9 [Nov 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : michal [Práva správce]
Mód : Kontrola -- Datum : 11/30/2013 11:50:41
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 2 ¤¤¤
[LocalService][SUSP UNIC] fastboot.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\fastboot.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] fastboot.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\fastboot.exe [x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F70CD4)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] ffd3d1432315ec5e1ad02ce798797bb1
[BSP] b52151ff85b5032f81f088b2a174b418 : Legit.C MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 138003 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 282631545 | Size: 100469 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11302013_115041.txt >>

Příspěvekod **jaro3** » 30 lis 2013 12:10

Můžeš udělat i komletní sken.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

konzervator · Příspěvekod **konzervator** » 30 lis 2013 15:40

RogueKiller V8.7.9 [Nov 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : michal [Práva správce]
Mód : Odebrat -- Datum : 11/30/2013 15:38:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 2 ¤¤¤
[LocalService][SUSP UNIC] fastboot.exe : C:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\fastboot.exe [x] ->
[NetworkService][SUSP UNIC] fastboot.exe : C:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\fastboot.exe [x] ->

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xC8F70CD4)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] ffd3d1432315ec5e1ad02ce798797bb1
[BSP] b52151ff85b5032f81f088b2a174b418 : Legit.C MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 138003 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 282631545 | Size: 100469 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_11302013_153844.txt >>
RKreport[0]_S_11302013_115041.txt;RKreport[0]_S_11302013_153753.txt

EDIT

15:43:09.0390 0x0be4 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
15:43:13.0734 0x0be4 ============================================================
15:43:13.0734 0x0be4 Current date / time: 2013/11/30 15:43:13.0734
15:43:13.0734 0x0be4 SystemInfo:
15:43:13.0734 0x0be4
15:43:13.0734 0x0be4 OS Version: 5.1.2600 ServicePack: 3.0
15:43:13.0734 0x0be4 Product type: Workstation
15:43:13.0734 0x0be4 ComputerName: HAL9000
15:43:13.0734 0x0be4 UserName: michal
15:43:13.0734 0x0be4 Windows directory: C:\WINDOWS
15:43:13.0734 0x0be4 System windows directory: C:\WINDOWS
15:43:13.0734 0x0be4 Processor architecture: Intel x86
15:43:13.0734 0x0be4 Number of processors: 2
15:43:13.0734 0x0be4 Page size: 0x1000
15:43:13.0734 0x0be4 Boot type: Normal boot
15:43:13.0734 0x0be4 ============================================================
15:43:16.0781 0x0be4 KLMD registered as C:\WINDOWS\system32\drivers\51805648.sys
15:43:16.0859 0x0be4 System UUID: {79EFFCA6-8BE0-83C2-5EF9-4F5A0200FB02}
15:43:17.0640 0x0be4 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:43:17.0640 0x0be4 ============================================================
15:43:17.0640 0x0be4 \Device\Harddisk0\DR0:
15:43:17.0640 0x0be4 MBR partitions:
15:43:17.0640 0x0be4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x10D89D3A
15:43:17.0656 0x0be4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10D89DB8, BlocksNum 0xC43A7C9
15:43:17.0656 0x0be4 ============================================================
15:43:17.0703 0x0be4 C: <-> \Device\Harddisk0\DR0\Partition1
15:43:17.0750 0x0be4 D: <-> \Device\Harddisk0\DR0\Partition2
15:43:17.0750 0x0be4 ============================================================
15:43:17.0750 0x0be4 Initialize success
15:43:17.0750 0x0be4 ============================================================
15:43:51.0734 0x0f10 ============================================================
15:43:51.0734 0x0f10 Scan started
15:43:51.0734 0x0f10 Mode: Manual;
15:43:51.0734 0x0f10 ============================================================
15:43:51.0734 0x0f10 KSN ping started
15:43:55.0734 0x0f10 KSN ping finished: true
15:43:56.0546 0x0f10 ================ Scan system memory ========================
15:43:56.0546 0x0f10 System memory - ok
15:43:56.0546 0x0f10 ================ Scan services =============================
15:43:56.0671 0x0f10 Abiosdsk - ok
15:43:56.0687 0x0f10 abp480n5 - ok
15:43:56.0750 0x0f10 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:43:56.0765 0x0f10 ACPI - ok
15:43:57.0015 0x0f10 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:43:57.0015 0x0f10 ACPIEC - ok
15:43:57.0031 0x0f10 adpu160m - ok
15:43:57.0078 0x0f10 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:43:57.0078 0x0f10 aec - ok
15:43:57.0140 0x0f10 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:43:57.0140 0x0f10 AFD - ok
15:43:57.0156 0x0f10 Aha154x - ok
15:43:57.0156 0x0f10 aic78u2 - ok
15:43:57.0171 0x0f10 aic78xx - ok
15:43:57.0218 0x0f10 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:43:57.0218 0x0f10 Alerter - ok
15:43:57.0250 0x0f10 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
15:43:57.0250 0x0f10 ALG - ok
15:43:57.0250 0x0f10 AliIde - ok
15:43:57.0406 0x0f10 [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
15:43:57.0484 0x0f10 Ambfilt - ok
15:43:57.0500 0x0f10 amsint - ok
15:43:57.0546 0x0f10 [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:43:57.0546 0x0f10 AppMgmt - ok
15:43:57.0562 0x0f10 asc - ok
15:43:57.0578 0x0f10 asc3350p - ok
15:43:57.0578 0x0f10 asc3550 - ok
15:43:57.0609 0x0f10 [ D5730129EA9ADF7AE710DA0B14F9DE19, 79DECECA6DF86D85280C41242924753302B181584E3C4E60EF0F0E8EE2672E64 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:43:57.0625 0x0f10 aswFsBlk - ok
15:43:57.0625 0x0f10 [ 6F23333C8358D267718F9ECB21CBB6F4, 647A743E9E95763B45BF2A83A30C5FD08CB085DC805B096724ACE29037AF29A1 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
15:43:57.0640 0x0f10 aswMonFlt - ok
15:43:57.0656 0x0f10 [ 29CB7009F11470A24B1D49849A6118A5, 67CAF72D6DB5E10889AFDD90D004B15A3FCFF47432167C209A6DB5233206A626 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
15:43:57.0656 0x0f10 aswRdr - ok
15:43:57.0671 0x0f10 [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
15:43:57.0671 0x0f10 aswRvrt - ok
15:43:57.0734 0x0f10 [ 50C85412AD31F5C0F687F00C2E34C673, D8EBD884AD717DFC78948177A1DED1D6FD8E3E88B20847751078B553F6C5D54A ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:43:57.0765 0x0f10 aswSnx - ok
15:43:57.0828 0x0f10 [ 259E864BFB9268CD7CEFA5849A3B374B, EF1BE2581A53A6FCCE64ECE63AF2CF3D84592D472694102FD147ADE57C0F4697 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:43:57.0859 0x0f10 aswSP - ok
15:43:57.0906 0x0f10 [ 8BCD47E79EAA40C387D7B9DCEC41DE2D, FDED5A91287037DA21C5456BD67C5898FB6F063B28DD97B1E47D4AB0D9365BAD ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
15:43:57.0906 0x0f10 aswTdi - ok
15:43:57.0921 0x0f10 [ BADA8FD627F1D0E22308211C33F0BDB5, F88751280969B8963DCFC684C99C7CCF396B50FD0AC0F869628A009557438609 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
15:43:57.0937 0x0f10 aswVmm - ok
15:43:57.0984 0x0f10 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:43:57.0984 0x0f10 AsyncMac - ok
15:43:58.0015 0x0f10 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:43:58.0015 0x0f10 atapi - ok
15:43:58.0031 0x0f10 Atdisk - ok
15:43:58.0062 0x0f10 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:43:58.0062 0x0f10 Atmarpc - ok
15:43:58.0109 0x0f10 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:43:58.0109 0x0f10 AudioSrv - ok
15:43:58.0156 0x0f10 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:43:58.0156 0x0f10 audstub - ok
15:43:58.0250 0x0f10 [ 4BE7EC02133544CDE7A580875E130208, DF665024664252BB6005B80B99C091905F9B5873D58CE9FED2E66F578E372D13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:43:58.0250 0x0f10 avast! Antivirus - ok
15:43:58.0515 0x0f10 [ C4DD93C82227D964897940C68391A577, 5E0B0B2926FC76CE2503F9EFAB9060C4176CA7594BC19407AEC1E0A32503B5DB ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
15:43:58.0656 0x0f10 BCM43XX - ok
15:43:58.0734 0x0f10 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:43:58.0734 0x0f10 Beep - ok
15:43:58.0796 0x0f10 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
15:43:58.0843 0x0f10 BITS - ok
15:43:58.0890 0x0f10 [ EE0F41FA0466189A2C8B9CAF7D1CDDD5, 961681493D76C604D978710FD6B6D4A44FD418EAA57CBD0BCC7CF66D9B1D51BF ] BRGSp50 C:\WINDOWS\system32\Drivers\BRGSp50.sys
15:43:58.0890 0x0f10 BRGSp50 - ok
15:43:58.0937 0x0f10 [ 249276D3EF1E74B992299CB96099E4D7, A7E23EC13CB96C0CFD12D2D75E7115361B1F9890DB815D90F7B0A878EF7738F5 ] Browser C:\WINDOWS\System32\browser.dll
15:43:58.0953 0x0f10 Browser - ok
15:43:58.0984 0x0f10 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:43:58.0984 0x0f10 cbidf2k - ok
15:43:59.0031 0x0f10 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:43:59.0031 0x0f10 CCDECODE - ok
15:43:59.0046 0x0f10 cd20xrnt - ok
15:43:59.0078 0x0f10 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:43:59.0078 0x0f10 Cdaudio - ok
15:43:59.0109 0x0f10 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:43:59.0109 0x0f10 Cdfs - ok
15:43:59.0140 0x0f10 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:43:59.0140 0x0f10 Cdrom - ok
15:43:59.0156 0x0f10 Changer - ok
15:43:59.0187 0x0f10 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:43:59.0187 0x0f10 CiSvc - ok
15:43:59.0234 0x0f10 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:43:59.0234 0x0f10 ClipSrv - ok
15:43:59.0281 0x0f10 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:43:59.0296 0x0f10 CmBatt - ok
15:43:59.0296 0x0f10 CmdIde - ok
15:43:59.0328 0x0f10 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:43:59.0328 0x0f10 Compbatt - ok
15:43:59.0343 0x0f10 COMSysApp - ok
15:43:59.0359 0x0f10 Cpqarray - ok
15:43:59.0406 0x0f10 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:43:59.0421 0x0f10 CryptSvc - ok
15:43:59.0421 0x0f10 dac2w2k - ok
15:43:59.0437 0x0f10 dac960nt - ok
15:43:59.0531 0x0f10 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:43:59.0593 0x0f10 DcomLaunch - ok
15:43:59.0656 0x0f10 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:43:59.0671 0x0f10 Dhcp - ok
15:43:59.0703 0x0f10 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:43:59.0718 0x0f10 Disk - ok
15:43:59.0718 0x0f10 dmadmin - ok
15:43:59.0828 0x0f10 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:43:59.0890 0x0f10 dmboot - ok
15:43:59.0921 0x0f10 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:43:59.0921 0x0f10 dmio - ok
15:43:59.0953 0x0f10 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:43:59.0953 0x0f10 dmload - ok
15:43:59.0984 0x0f10 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:43:59.0984 0x0f10 dmserver - ok
15:44:00.0031 0x0f10 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:44:00.0046 0x0f10 DMusic - ok
15:44:00.0093 0x0f10 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:44:00.0093 0x0f10 Dnscache - ok
15:44:00.0156 0x0f10 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:44:00.0156 0x0f10 Dot3svc - ok
15:44:00.0171 0x0f10 dpti2o - ok
15:44:00.0203 0x0f10 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:44:00.0203 0x0f10 drmkaud - ok
15:44:00.0250 0x0f10 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:44:00.0265 0x0f10 EapHost - ok
15:44:00.0296 0x0f10 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:44:00.0312 0x0f10 ERSvc - ok
15:44:00.0359 0x0f10 [ 4B417AED329224169805124A42D543C6, C47CE075B61E2F2490C50BA64362073EFA3F5931B5B3C7A476362A14EB5C39D7 ] EUCR C:\WINDOWS\system32\DRIVERS\EUCR6SK.SYS
15:44:00.0375 0x0f10 EUCR - ok
15:44:00.0421 0x0f10 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
15:44:00.0437 0x0f10 Eventlog - ok
15:44:00.0500 0x0f10 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
15:44:00.0546 0x0f10 EventSystem - ok
15:44:00.0593 0x0f10 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:44:00.0625 0x0f10 Fastfat - ok
15:44:00.0671 0x0f10 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:44:00.0718 0x0f10 FastUserSwitchingCompatibility - ok
15:44:00.0750 0x0f10 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:44:00.0750 0x0f10 Fdc - ok
15:44:00.0781 0x0f10 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:44:00.0781 0x0f10 Fips - ok
15:44:00.0812 0x0f10 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:44:00.0812 0x0f10 Flpydisk - ok
15:44:00.0875 0x0f10 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:44:00.0890 0x0f10 FltMgr - ok
15:44:00.0890 0x0f10 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:44:00.0906 0x0f10 Fs_Rec - ok
15:44:00.0937 0x0f10 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:44:00.0953 0x0f10 Ftdisk - ok
15:44:01.0000 0x0f10 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:44:01.0000 0x0f10 Gpc - ok
15:44:01.0078 0x0f10 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:44:01.0093 0x0f10 gupdate - ok
15:44:01.0109 0x0f10 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:44:01.0125 0x0f10 gupdatem - ok
15:44:01.0156 0x0f10 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:44:01.0171 0x0f10 HDAudBus - ok
15:44:01.0265 0x0f10 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:44:01.0265 0x0f10 helpsvc - ok
15:44:01.0281 0x0f10 HidServ - ok
15:44:01.0328 0x0f10 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:44:01.0343 0x0f10 HidUsb - ok
15:44:01.0406 0x0f10 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:44:01.0421 0x0f10 hkmsvc - ok
15:44:01.0421 0x0f10 hpn - ok
15:44:01.0484 0x0f10 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:44:01.0515 0x0f10 HTTP - ok
15:44:01.0562 0x0f10 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:44:01.0593 0x0f10 HTTPFilter - ok
15:44:01.0593 0x0f10 i2omgmt - ok
15:44:01.0609 0x0f10 i2omp - ok
15:44:01.0671 0x0f10 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:44:01.0671 0x0f10 i8042prt - ok
15:44:01.0875 0x0f10 [ 601C76224D741FE70AFC4298C0A04213, 2BDAE238F8E6470CBF13FB0F78FF7C0FDCF1C16B1EBD77C1AC4E2D6D14C02A23 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:44:01.0968 0x0f10 ialm - ok
15:44:02.0015 0x0f10 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:44:02.0031 0x0f10 Imapi - ok
15:44:02.0078 0x0f10 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:44:02.0093 0x0f10 ImapiService - ok
15:44:02.0109 0x0f10 ini910u - ok
15:44:02.0515 0x0f10 [ F574D00AB0319D8AB38FFF0739C8659B, AABCDC33CCCE699E38D7F191E69086BEF5EDB5BD226ECB1D111FCDA55ED05B4E ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:44:02.0843 0x0f10 IntcAzAudAddService - ok
15:44:02.0875 0x0f10 IntelIde - ok
15:44:02.0921 0x0f10 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:44:02.0921 0x0f10 intelppm - ok
15:44:02.0937 0x0f10 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:44:02.0953 0x0f10 Ip6Fw - ok
15:44:02.0984 0x0f10 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:44:02.0984 0x0f10 IpFilterDriver - ok
15:44:03.0015 0x0f10 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:44:03.0015 0x0f10 IpInIp - ok
15:44:03.0031 0x0f10 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:44:03.0046 0x0f10 IpNat - ok
15:44:03.0062 0x0f10 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:44:03.0062 0x0f10 IPSec - ok
15:44:03.0093 0x0f10 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:44:03.0093 0x0f10 IRENUM - ok
15:44:03.0125 0x0f10 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:44:03.0125 0x0f10 isapnp - ok
15:44:03.0281 0x0f10 [ 5739F2821D49975CEDE6BF0153D0CF01, DF45BD1A9F6DDB893C99F28C3730C50C61A612C4297A4B00D857533FC0973CD9 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
15:44:03.0281 0x0f10 JavaQuickStarterService - ok
15:44:03.0343 0x0f10 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:44:03.0343 0x0f10 Kbdclass - ok
15:44:03.0390 0x0f10 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:44:03.0390 0x0f10 kbdhid - ok
15:44:03.0421 0x0f10 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:44:03.0437 0x0f10 kmixer - ok
15:44:03.0484 0x0f10 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:44:03.0484 0x0f10 KSecDD - ok
15:44:03.0531 0x0f10 [ A717D07DB8AFC53ED8BAA530B0CC84B4, 317C24D062273EE6363F778FCC8341D69CE7787BF9CBC8F213F6B11E2452ED2C ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
15:44:03.0531 0x0f10 L1c - ok
15:44:03.0578 0x0f10 [ 21920AC69594AB021237054FA728FE46, 01D1E231B85BF3B1979491BE6338EEE4A184AED9B8B113CB9AEFCACFAA7B73E9 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:44:03.0593 0x0f10 lanmanserver - ok
15:44:03.0656 0x0f10 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:44:03.0687 0x0f10 lanmanworkstation - ok
15:44:03.0703 0x0f10 lbrtfdc - ok
15:44:03.0718 0x0f10 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:44:03.0734 0x0f10 LmHosts - ok
15:44:03.0781 0x0f10 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
15:44:03.0781 0x0f10 MBAMProtector - ok
15:44:03.0875 0x0f10 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:44:03.0890 0x0f10 MBAMScheduler - ok
15:44:03.0953 0x0f10 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:44:04.0000 0x0f10 MBAMService - ok
15:44:04.0031 0x0f10 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:44:04.0031 0x0f10 Messenger - ok
15:44:04.0109 0x0f10 [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:44:04.0109 0x0f10 Microsoft Office Groove Audit Service - ok
15:44:04.0156 0x0f10 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:44:04.0156 0x0f10 mnmdd - ok
15:44:04.0203 0x0f10 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:44:04.0218 0x0f10 mnmsrvc - ok
15:44:04.0265 0x0f10 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:44:04.0265 0x0f10 Modem - ok
15:44:04.0375 0x0f10 [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
15:44:04.0453 0x0f10 Monfilt - ok
15:44:04.0500 0x0f10 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:44:04.0500 0x0f10 Mouclass - ok
15:44:04.0546 0x0f10 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:44:04.0562 0x0f10 mouhid - ok
15:44:04.0593 0x0f10 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:44:04.0609 0x0f10 MountMgr - ok
15:44:04.0656 0x0f10 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:44:04.0656 0x0f10 MozillaMaintenance - ok
15:44:04.0671 0x0f10 mraid35x - ok
15:44:04.0687 0x0f10 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:44:04.0687 0x0f10 MRxDAV - ok
15:44:04.0750 0x0f10 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:44:04.0765 0x0f10 MRxSmb - ok
15:44:04.0796 0x0f10 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:44:04.0812 0x0f10 MSDTC - ok
15:44:04.0843 0x0f10 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:44:04.0843 0x0f10 Msfs - ok
15:44:04.0843 0x0f10 MSIServer - ok
15:44:04.0890 0x0f10 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:44:04.0890 0x0f10 MSKSSRV - ok
15:44:04.0906 0x0f10 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:44:04.0906 0x0f10 MSPCLOCK - ok
15:44:04.0906 0x0f10 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:44:04.0921 0x0f10 MSPQM - ok
15:44:04.0953 0x0f10 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:44:04.0953 0x0f10 mssmbios - ok
15:44:04.0984 0x0f10 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:44:05.0000 0x0f10 MSTEE - ok
15:44:05.0031 0x0f10 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:44:05.0031 0x0f10 Mup - ok
15:44:05.0062 0x0f10 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:44:05.0078 0x0f10 NABTSFEC - ok
15:44:05.0125 0x0f10 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
15:44:05.0171 0x0f10 napagent - ok
15:44:05.0203 0x0f10 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:44:05.0218 0x0f10 NDIS - ok
15:44:05.0250 0x0f10 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:44:05.0265 0x0f10 NdisIP - ok
15:44:05.0296 0x0f10 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:44:05.0296 0x0f10 NdisTapi - ok
15:44:05.0312 0x0f10 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:44:05.0328 0x0f10 Ndisuio - ok
15:44:05.0343 0x0f10 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:44:05.0343 0x0f10 NdisWan - ok
15:44:05.0390 0x0f10 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:44:05.0390 0x0f10 NDProxy - ok
15:44:05.0421 0x0f10 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:44:05.0437 0x0f10 NetBIOS - ok
15:44:05.0453 0x0f10 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:44:05.0468 0x0f10 NetBT - ok
15:44:05.0515 0x0f10 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
15:44:05.0531 0x0f10 NetDDE - ok
15:44:05.0546 0x0f10 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:44:05.0562 0x0f10 NetDDEdsdm - ok
15:44:05.0578 0x0f10 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:44:05.0593 0x0f10 Netlogon - ok
15:44:05.0656 0x0f10 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
15:44:05.0703 0x0f10 Netman - ok
15:44:05.0750 0x0f10 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
15:44:05.0796 0x0f10 Nla - ok
15:44:05.0843 0x0f10 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:44:05.0843 0x0f10 Npfs - ok
15:44:05.0906 0x0f10 [ 53F7546E8DAEFB3A0813F5E19C4613C9, 3083129855BA0C9435D18A7D2693807F07751E2A3080D968D2777A6457CDFC59 ] NSNDIS5 C:\WINDOWS\system32\NSNDIS5.SYS
15:44:05.0921 0x0f10 NSNDIS5 - ok
15:44:06.0000 0x0f10 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:44:06.0046 0x0f10 Ntfs - ok
15:44:06.0078 0x0f10 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:44:06.0093 0x0f10 NtLmSsp - ok
15:44:06.0171 0x0f10 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:44:06.0203 0x0f10 NtmsSvc - ok
15:44:06.0234 0x0f10 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
15:44:06.0234 0x0f10 Null - ok
15:44:06.0281 0x0f10 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:44:06.0281 0x0f10 NwlnkFlt - ok
15:44:06.0296 0x0f10 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:44:06.0296 0x0f10 NwlnkFwd - ok
15:44:06.0437 0x0f10 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:44:06.0484 0x0f10 odserv - ok
15:44:06.0515 0x0f10 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:44:06.0531 0x0f10 ose - ok
15:44:06.0578 0x0f10 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
15:44:06.0593 0x0f10 Parport - ok
15:44:06.0609 0x0f10 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:44:06.0609 0x0f10 PartMgr - ok
15:44:06.0656 0x0f10 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:44:06.0656 0x0f10 ParVdm - ok
15:44:06.0671 0x0f10 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:44:06.0687 0x0f10 PCI - ok
15:44:06.0687 0x0f10 PCIDump - ok
15:44:06.0703 0x0f10 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:44:06.0703 0x0f10 PCIIde - ok
15:44:06.0734 0x0f10 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:44:06.0750 0x0f10 Pcmcia - ok
15:44:06.0750 0x0f10 PDCOMP - ok
15:44:06.0765 0x0f10 PDFRAME - ok
15:44:06.0781 0x0f10 PDRELI - ok
15:44:06.0781 0x0f10 PDRFRAME - ok
15:44:06.0796 0x0f10 perc2 - ok
15:44:06.0812 0x0f10 perc2hib - ok
15:44:06.0875 0x0f10 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
15:44:06.0890 0x0f10 PlugPlay - ok
15:44:06.0890 0x0f10 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:44:06.0906 0x0f10 PolicyAgent - ok
15:44:06.0953 0x0f10 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:44:06.0953 0x0f10 PptpMiniport - ok
15:44:06.0968 0x0f10 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:44:06.0984 0x0f10 ProtectedStorage - ok
15:44:06.0984 0x0f10 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:44:07.0000 0x0f10 PSched - ok
15:44:07.0031 0x0f10 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:44:07.0031 0x0f10 Ptilink - ok
15:44:07.0031 0x0f10 ql1080 - ok
15:44:07.0046 0x0f10 Ql10wnt - ok
15:44:07.0062 0x0f10 ql12160 - ok
15:44:07.0062 0x0f10 ql1240 - ok
15:44:07.0078 0x0f10 ql1280 - ok
15:44:07.0109 0x0f10 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:44:07.0109 0x0f10 RasAcd - ok
15:44:07.0140 0x0f10 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:44:07.0171 0x0f10 RasAuto - ok
15:44:07.0187 0x0f10 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:44:07.0203 0x0f10 Rasl2tp - ok
15:44:07.0250 0x0f10 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:44:07.0281 0x0f10 RasMan - ok
15:44:07.0296 0x0f10 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:44:07.0296 0x0f10 RasPppoe - ok
15:44:07.0312 0x0f10 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:44:07.0312 0x0f10 Raspti - ok
15:44:07.0343 0x0f10 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:44:07.0359 0x0f10 Rdbss - ok
15:44:07.0375 0x0f10 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:44:07.0375 0x0f10 RDPCDD - ok
15:44:07.0406 0x0f10 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:44:07.0421 0x0f10 rdpdr - ok
15:44:07.0484 0x0f10 [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:44:07.0500 0x0f10 RDPWD - ok
15:44:07.0515 0x0f10 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:44:07.0546 0x0f10 RDSessMgr - ok
15:44:07.0578 0x0f10 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:44:07.0578 0x0f10 redbook - ok
15:44:07.0625 0x0f10 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:44:07.0640 0x0f10 RemoteAccess - ok
15:44:07.0671 0x0f10 [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:44:07.0687 0x0f10 RemoteRegistry - ok
15:44:07.0703 0x0f10 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
15:44:07.0718 0x0f10 RpcLocator - ok
15:44:07.0765 0x0f10 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:44:07.0812 0x0f10 RpcSs - ok
15:44:07.0843 0x0f10 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:44:07.0875 0x0f10 RSVP - ok
15:44:07.0906 0x0f10 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
15:44:07.0906 0x0f10 SamSs - ok
15:44:07.0921 0x0f10 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:44:07.0953 0x0f10 SCardSvr - ok
15:44:08.0000 0x0f10 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:44:08.0031 0x0f10 Schedule - ok
15:44:08.0078 0x0f10 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:44:08.0078 0x0f10 Secdrv - ok
15:44:08.0109 0x0f10 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:44:08.0140 0x0f10 seclogon - ok
15:44:08.0156 0x0f10 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
15:44:08.0171 0x0f10 SENS - ok
15:44:08.0218 0x0f10 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:44:08.0234 0x0f10 Serial - ok
15:44:08.0250 0x0f10 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:44:08.0265 0x0f10 Sfloppy - ok
15:44:08.0312 0x0f10 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:44:08.0359 0x0f10 SharedAccess - ok
15:44:08.0390 0x0f10 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:44:08.0421 0x0f10 ShellHWDetection - ok
15:44:08.0437 0x0f10 Simbad - ok
15:44:08.0468 0x0f10 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:44:08.0468 0x0f10 SLIP - ok
15:44:08.0531 0x0f10 [ C6DAFC9AF23D54CA0E222B215D5E8378, 13269951F2A41D032C5EBA1BD0ED59B2E3053A4C2EB2F438B4BB404F5B807E9A ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
15:44:08.0546 0x0f10 snapman - ok
15:44:08.0562 0x0f10 Sparrow - ok
15:44:08.0609 0x0f10 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:44:08.0609 0x0f10 splitter - ok
15:44:08.0671 0x0f10 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:44:08.0687 0x0f10 Spooler - ok
15:44:08.0687 0x0f10 ================ Scan global ===============================
15:44:08.0734 0x0f10 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
15:44:08.0796 0x0f10 [ 4F1340B27E7590D3E42541769ABD5872, 55380D5F71DCDD3F7FD8A1AC0C2213734C99288E6CDB34E3A4C9E6DA20E14A97 ] C:\WINDOWS\system32\winsrv.dll
15:44:08.0875 0x0f10 [ 4F1340B27E7590D3E42541769ABD5872, 55380D5F71DCDD3F7FD8A1AC0C2213734C99288E6CDB34E3A4C9E6DA20E14A97 ] C:\WINDOWS\system32\winsrv.dll
15:44:08.0953 0x0f10 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
15:44:08.0984 0x0f10 [ Global ] - ok
15:44:08.0984 0x0f10 ================ Scan MBR ==================================
15:44:09.0000 0x0f10 [ D1AD4C53EADD115593E05FA56D6B9DEA ] \Device\Harddisk0\DR0
15:44:09.0265 0x0f10 \Device\Harddisk0\DR0 - ok
15:44:09.0265 0x0f10 ================ Scan VBR ==================================
15:44:09.0265 0x0f10 [ 3270C996634D46E0CC929271B682A760 ] \Device\Harddisk0\DR0\Partition1
15:44:09.0281 0x0f10 \Device\Harddisk0\DR0\Partition1 - ok
15:44:09.0296 0x0f10 [ BB9FD3BE410E1F6B1CB934379947318E ] \Device\Harddisk0\DR0\Partition2
15:44:09.0296 0x0f10 \Device\Harddisk0\DR0\Partition2 - ok
15:44:09.0296 0x0f10 Waiting for KSN requests completion. In queue: 127
15:44:10.0312 0x0f10 Waiting for KSN requests completion. In queue: 127
15:44:11.0312 0x0f10 Waiting for KSN requests completion. In queue: 127
15:44:12.0390 0x0f10 AV detected via SS1: avast! Antivirus, 5.0.150996950, disabled, updated
15:44:12.0406 0x0f10 Win FW state via NFM: disabled
15:44:14.0890 0x0f10 ============================================================
15:44:14.0890 0x0f10 Scan finished
15:44:14.0890 0x0f10 ============================================================
15:44:14.0906 0x0f84 Detected object count: 0
15:44:14.0906 0x0f84 Actual detected object count: 0

Příspěvekod **jaro3** » 01 pro 2013 10:57

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

konzervator · Příspěvekod **konzervator** » 01 pro 2013 12:24

ComboFix 13-11-27.01 - michal 01.12.2013 12:10:19.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1013.650 [GMT 1:00]
Spuštěný z: c:\documents and settings\michal\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\AdbWinApi.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-01 do 2013-12-01 )))))))))))))))))))))))))))))))
.
.
2013-11-30 09:39 . 2013-11-30 09:39 -------- d-----w- c:\windows\ERUNT
2013-11-29 18:03 . 2013-11-30 09:31 -------- d-----w- C:\AdwCleaner
2013-11-29 11:47 . 2007-03-22 23:00 -------- d-----w- C:\GM
2013-11-29 11:46 . 2013-11-29 11:46 -------- d-----w- c:\program files\VS Revo Group
2013-11-29 10:56 . 2013-11-29 10:56 388096 ----a-r- c:\documents and settings\michal\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-11-29 10:56 . 2013-11-29 10:56 -------- d-----w- c:\program files\HJT
2013-11-29 10:28 . 2013-11-29 10:28 -------- d-----w- c:\program files\CrystalDiskInfo
2013-11-29 06:22 . 2013-11-29 06:22 -------- d-----w- c:\documents and settings\michal\Data aplikací\Malwarebytes
2013-11-29 06:22 . 2013-11-29 06:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-11-29 06:22 . 2013-11-29 06:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-29 06:22 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-19 20:19 . 2008-04-14 06:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2013-11-19 20:19 . 2008-04-14 06:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2013-11-10 14:33 . 2008-04-14 07:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2013-11-10 14:14 . 2005-10-04 14:38 280064 ----a-w- c:\windows\system32\drivers\ZD1211U.sys
2013-11-10 14:14 . 2005-06-08 17:44 29184 ----a-w- c:\windows\system32\drivers\BRGSp50a64.sys
2013-11-10 14:14 . 2005-06-08 17:44 20608 ----a-w- c:\windows\system32\drivers\BRGSp50.sys
2013-11-10 14:14 . 2005-03-18 14:35 31744 ----a-w- c:\windows\system32\drivers\ZDPSp50a64.sys
2013-11-10 14:14 . 2004-10-25 12:40 17664 ----a-w- c:\windows\system32\drivers\ZDPSp50.sys
2013-11-10 14:14 . 2004-01-14 10:30 17151 ----a-w- c:\windows\system32\ZDPNDIS5.SYS
2013-11-10 14:14 . 2004-01-14 10:25 81920 ----a-w- c:\windows\system32\ZDPN50.DLL
2013-11-10 14:14 . 2013-11-10 14:14 -------- d-----w- c:\program files\AirLive WL-5480USB WLAN USB
2013-11-10 14:14 . 2003-03-14 11:24 24576 ----a-w- c:\windows\system32\ZyDelReg.exe
2013-11-10 14:14 . 2005-07-12 13:44 15872 ----a-w- c:\windows\system32\InsDrvZD64.DLL
2013-11-10 14:14 . 2004-03-23 15:38 28672 ----a-w- c:\windows\system32\InsDrvZD.dll
2013-11-05 20:02 . 2013-11-19 22:38 -------- d-----w- C:\TempProjekty
2013-11-02 11:17 . 2013-11-02 11:17 -------- d-----w- c:\program files\WinHTTrack
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-10 18:53 . 2013-10-25 17:58 403440 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-10-27 23:14 . 2013-10-27 23:14 170080 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-10-25 19:38 . 2011-11-23 23:25 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-25 17:58 . 2013-10-25 17:58 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-25 17:58 . 2013-10-25 17:58 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-25 17:58 . 2013-10-25 17:58 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-25 17:58 . 2013-10-25 17:58 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-25 17:58 . 2013-10-25 17:58 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-25 17:58 . 2013-10-25 17:58 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-25 17:58 . 2013-10-25 17:58 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-10-25 17:58 . 2013-10-25 17:58 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-25 17:58 . 2013-10-25 17:58 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-25 17:58 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-03-13 19521056]
"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2009-12-11 59936]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-05 1692968]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-17 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-17 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-17 141336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-25 3567800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Documents and Settings\\michal\\Ubiquiti UniFi\\bin\\mongod.exe"=
"c:\\Documents and Settings\\michal\\Plocha\\sitove_utility\\winbox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\WinHTTrack\\WinHTTrack.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [25.10.2013 18:58 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [25.10.2013 18:58 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.10.2013 18:58 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [25.10.2013 18:58 403440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.10.2013 18:58 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [25.10.2013 18:58 70384]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [29.11.2013 7:22 22856]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [29.11.2013 7:22 701512]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16.11.2011 11:16 1691480]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [16.11.2011 11:23 82384]
S3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [20.5.2010 11:20 61552]
S3 ZD1211U(AirLive);AirLive WL-5480USB WLAN USB Driver(AirLive);c:\windows\system32\drivers\ZD1211U.sys [10.11.2013 15:14 280064]
S4 Správce výběru OS;Aktivátor Správce výběru OS Acronis;c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe [7.7.2010 16:17 2156952]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-01 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-10-25 17:58]
.
2013-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-08 21:07]
.
2013-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-08 21:07]
.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 147.231.58.1 147.231.12.1
FF - ProfilePath - c:\documents and settings\michal\Data aplikací\Mozilla\Firefox\Profiles\zmjyo4qz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =937811&p=
FF - ExtSQL: 2013-10-25 19:58; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-01 12:19
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2013-12-01 12:22:21
ComboFix-quarantined-files.txt 2013-12-01 11:22
.
Před spuštěním: Volných bajtů: 64 136 536 064
Po spuštění: Volných bajtů: 64 093 822 976
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
;timeout=3
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - DB4E42FC6A2CB752D1E8339857D34BA5
D1AD4C53EADD115593E05FA56D6B9DEA

Příspěvekod **jaro3** » 01 pro 2013 20:23

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\ZyDelReg.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Co problémy?

konzervator · Příspěvekod **konzervator** » 01 pro 2013 20:53

https://www.virustotal.com/cs/file/3d1b ... 385927527/

___________-

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-01 20:54:51
-----------------------------
20:54:51.593 OS Version: Windows 5.1.2600 Service Pack 3
20:54:51.593 Number of processors: 2 586 0x1C0A
20:54:51.593 ComputerName: HAL9000 UserName: michal
20:54:55.218 Initialize success
20:54:58.953 AVAST engine defs: 13120101
20:57:39.156 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:57:39.156 Disk 0 Vendor: WDC_WD2500BEVT-22A23T0 01.01A01 Size: 238475MB BusType: 3
20:57:39.390 Disk 0 MBR read successfully
20:57:39.390 Disk 0 MBR scan
20:57:39.390 Disk 0 unknown MBR code
20:57:39.390 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 138003 MB offset 63
20:57:39.406 Disk 0 Partition - 00 05 Extended 100469 MB offset 282631545
20:57:39.437 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 100468 MB offset 282631608
20:57:39.453 Disk 0 scanning sectors +488392065
20:57:39.687 Disk 0 scanning C:\WINDOWS\system32\drivers
20:58:20.421 Service scanning
20:59:23.531 Modules scanning
21:00:00.500 Disk 0 trace - called modules:
21:00:00.531 ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
21:00:00.531 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8651eab8]
21:00:00.531 3 CLASSPNP.SYS[f7632fd7] -> nt!IofCallDriver -> \Device\0000006b[0x8654ef18]
21:00:00.546 5 ACPI.sys[f74c9620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8656dd98]
21:00:03.671 AVAST engine scan C:\WINDOWS
21:00:19.015 AVAST engine scan C:\WINDOWS\system32
21:06:18.375 AVAST engine scan C:\WINDOWS\system32\drivers
21:06:55.812 AVAST engine scan C:\Documents and Settings\michal
21:18:53.500 AVAST engine scan C:\Documents and Settings\All Users
21:19:17.062 Scan finished successfully
21:27:12.984 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\michal\Plocha\MBR.dat"
21:27:13.000 The log file has been saved successfully to "C:\Documents and Settings\michal\Plocha\aswMBR.txt"

Příspěvekod **jaro3** » 02 pro 2013 09:43

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož nový log z HJT+info o problémech.

Chybný proces po přihloášení do win xp - nejspíše explorer

Chybný proces po přihloášení do win xp - nejspíše explorer

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Re: Chybný proces po přihloášení do win xp - nejspíše explor

Kdo je online