winlogon exe a Userinit exe

hack1 · Příspěvekod **hack1** » 19 srp 2014 05:48

Zdravím,tak jsem tady zase z prosbou o pomoc.
Po vyčičtěnipc z Vaši pomocí bylo vše super, az dnes se při spuštěni pc objevily dvě hlašky:Willogon exe ne neni platna nejaka 64 bitova knihovna a ze mam porovnat z instalační disketou a to samy u hlašky Userinit .exe.
PC pak nabehne normalne Ale jak da spustit nektere programy tak vyskakuji podobné hlašky.Mbam exe atd,
nevite co se stalo?
Pomuže opet někdo?

Reklama

Příspěvekod **jaro3** » 19 srp 2014 09:58

Vlož log z HJT:
viewtopic.php?f=70&t=5119

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

hack1 · Příspěvekod **hack1** » 19 srp 2014 10:44

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:32:13, on 19.8.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Settings Manager\smdmf\SmdmFService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Settings Manager\smdmf\SmdmFService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\admin\Plocha\oprava pc\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=503&a ... 43&src=hmp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5158144900
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://d1ylr6sba64qi3.cloudfront.net/gl ... 1.66.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SmdmF Service (SmdmFService) - Aztec Media Inc - C:\Program Files\Settings Manager\smdmf\SmdmFService.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

--
End of file - 6528 bytes

# AdwCleaner v3.307 - Report created 19/08/2014 at 10:37:38
# Updated 17/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : admin - HACKDESKTOP
# Running from : C:\Documents and Settings\admin\Plocha\oprava pc\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Found : SmdmFService

***** [ Files / Folders ] *****

File Found : C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol
Folder Found : C:\Documents and Settings\admin\AppData\LocalLow\DataMngr
Folder Found : C:\Documents and Settings\admin\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\All Users\Data aplikací\smdmf
Folder Found : C:\Program Files\Settings Manager

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Found : HKCU\Software\SmdmF
Key Found : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Found : HKLM\SOFTWARE\Flash-Enhancer
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Flash-Enhancer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Settings Manager
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Found : HKLM\SOFTWARE\SmdmF
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.default-search.net?sid=503&a ... 43&src=hmp

*************************

AdwCleaner[R2].txt - [13749 octets] - [30/07/2014 13:54:14]
AdwCleaner[R3].txt - [14265 octets] - [31/07/2014 14:53:12]
AdwCleaner[R4].txt - [5302 octets] - [18/08/2014 10:17:09]
AdwCleaner[R5].txt - [5235 octets] - [19/08/2014 10:37:38]
AdwCleaner[S0].txt - [13525 octets] - [31/07/2014 14:55:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [5356 octets] ##########

Vse jsem udelal az na Makwarebytes,Nejde mi to nainstalovat.Vyskakuji pri instalaci chyby runtine error.

Příspěvekod **jaro3** » 19 srp 2014 18:52

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

hack1 · Příspěvekod **hack1** » 19 srp 2014 20:02

ADW:
cleaner v3.307 - Report created 19/08/2014 at 19:13:27
# Updated 17/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : admin - HACKDESKTOP
# Running from : C:\Documents and Settings\admin\Plocha\oprava pc\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : SmdmFService

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\smdmf
[!] Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Documents and Settings\admin\AppData\LocalLow\DataMngr
Folder Deleted : C:\Documents and Settings\admin\Data aplikací\OpenCandy
File Deleted : C:\WINDOWS\system32\GroupPolicy\Machine\Registry.pol

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\SmdmF
Key Deleted : HKLM\SOFTWARE\Flash-Enhancer
Key Deleted : HKLM\SOFTWARE\SmdmF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Flash-Enhancer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

*************************

AdwCleaner[R2].txt - [13749 octets] - [30/07/2014 13:54:14]
AdwCleaner[R3].txt - [14265 octets] - [31/07/2014 14:53:12]
AdwCleaner[R4].txt - [5302 octets] - [18/08/2014 10:17:09]
AdwCleaner[R5].txt - [5436 octets] - [19/08/2014 10:37:38]
AdwCleaner[R6].txt - [5496 octets] - [19/08/2014 12:54:25]
AdwCleaner[S0].txt - [13525 octets] - [31/07/2014 14:55:04]
AdwCleaner[S1].txt - [4830 octets] - [19/08/2014 19:13:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4890 octets] ##########

JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Microsoft Windows XP x86
Ran by admin on Łt 19.08.2014 at 19:21:10,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 19.08.2014 at 19:26:38,03
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rouge killer:
RogueKiller V9.2.8.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : admin [Práva správce]
Mód : Kontrola -- Datum : 08/19/2014 19:35:32

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 4 (Driver: NAHRÁNO) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\ElbyCDFL @ Unknown (\SystemRoot\System32\Drivers\ElbyCDFL.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrbsdrv @ Unknown (\SystemRoot\System32\Drivers\cdrbsdrv.SYS)
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\0000006e : \Driver\ElbyCDFL @ Unknown (\SystemRoot\System32\Drivers\ElbyCDFL.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrbsdrv @ Unknown (\SystemRoot\System32\Drivers\cdrbsdrv.SYS)

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD800JB-00JJC0 +++++
--- User ---
[MBR] 110e0f96b3e20f99a6be1717a3e2b568
[BSP] 8691678feed6acbe54247f6083530a01 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 76308 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST380011A +++++
--- User ---
[MBR] 95dbe4d793655b5750f8ca8260a57027
[BSP] 963dac80bb14c220d94cd608870d7663 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 76316 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_07312014_175758.log

Příspěvekod **jaro3** » 20 srp 2014 09:27

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

hack1 · Příspěvekod **hack1** » 20 srp 2014 10:21

09:52:14.0093 0x0b5c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
09:52:23.0718 0x0b5c ============================================================
09:52:23.0718 0x0b5c Current date / time: 2014/08/20 09:52:23.0718
09:52:23.0718 0x0b5c SystemInfo:
09:52:23.0718 0x0b5c
09:52:23.0718 0x0b5c OS Version: 5.1.2600 ServicePack: 3.0
09:52:23.0718 0x0b5c Product type: Workstation
09:52:23.0718 0x0b5c ComputerName: HACKDESKTOP
09:52:23.0718 0x0b5c UserName: admin
09:52:23.0718 0x0b5c Windows directory: C:\WINDOWS
09:52:23.0718 0x0b5c System windows directory: C:\WINDOWS
09:52:23.0718 0x0b5c Processor architecture: Intel x86
09:52:23.0718 0x0b5c Number of processors: 2
09:52:23.0718 0x0b5c Page size: 0x1000
09:52:23.0718 0x0b5c Boot type: Normal boot
09:52:23.0718 0x0b5c ============================================================
09:52:27.0187 0x0b5c KLMD registered as C:\WINDOWS\system32\drivers\32209168.sys
09:52:27.0359 0x0b5c System UUID: {97354E53-8FE0-C2F5-5458-6C3963660F76}
09:52:28.0562 0x0b5c Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:52:28.0578 0x0b5c Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:52:28.0593 0x0b5c ============================================================
09:52:28.0593 0x0b5c \Device\Harddisk0\DR0:
09:52:28.0593 0x0b5c MBR partitions:
09:52:28.0593 0x0b5c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
09:52:28.0593 0x0b5c \Device\Harddisk1\DR1:
09:52:28.0593 0x0b5c MBR partitions:
09:52:28.0593 0x0b5c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
09:52:28.0593 0x0b5c ============================================================
09:52:28.0625 0x0b5c C: <-> \Device\Harddisk0\DR0\Partition1
09:52:28.0734 0x0b5c G: <-> \Device\Harddisk1\DR1\Partition1
09:52:28.0734 0x0b5c ============================================================
09:52:28.0734 0x0b5c Initialize success
09:52:28.0734 0x0b5c ============================================================
09:52:31.0703 0x0a04 ============================================================
09:52:31.0703 0x0a04 Scan started
09:52:31.0718 0x0a04 Mode: Manual;
09:52:31.0718 0x0a04 ============================================================
09:52:31.0718 0x0a04 KSN ping started
09:52:34.0640 0x0a04 KSN ping finished: true
09:52:38.0296 0x0a04 ================ Scan system memory ========================
09:52:38.0296 0x0a04 System memory - ok
09:52:38.0296 0x0a04 ================ Scan services =============================
09:52:38.0484 0x0a04 Abiosdsk - ok
09:52:38.0500 0x0a04 abp480n5 - ok
09:52:38.0562 0x0a04 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:52:38.0593 0x0a04 ACPI - ok
09:52:38.0812 0x0a04 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:52:38.0812 0x0a04 ACPIEC - ok
09:52:38.0921 0x0a04 [ F4BF3ADDDDC1AD372604F13C2B0C1F65, FA37ED5014336A72F778C485226B61BEFECEB861AB754862738795C167F0BAB7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:52:38.0937 0x0a04 AdobeFlashPlayerUpdateSvc - ok
09:52:38.0968 0x0a04 adpu160m - ok
09:52:39.0000 0x0a04 [ E696E749BEDCDA8B23757B8B5EA93780, 9A5F2B7E70C414D0A21AE1ACD0C22587D0BC67BE52472496C4B4B20603057606 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
09:52:39.0015 0x0a04 aeaudio - ok
09:52:39.0062 0x0a04 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:52:39.0078 0x0a04 aec - ok
09:52:39.0140 0x0a04 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:52:39.0156 0x0a04 AFD - ok
09:52:39.0187 0x0a04 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
09:52:39.0187 0x0a04 agp440 - ok
09:52:39.0203 0x0a04 Aha154x - ok
09:52:39.0218 0x0a04 aic78u2 - ok
09:52:39.0234 0x0a04 aic78xx - ok
09:52:39.0265 0x0a04 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:52:39.0265 0x0a04 Alerter - ok
09:52:39.0312 0x0a04 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
09:52:39.0312 0x0a04 ALG - ok
09:52:39.0328 0x0a04 AliIde - ok
09:52:39.0343 0x0a04 amsint - ok
09:52:39.0406 0x0a04 [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:52:39.0421 0x0a04 AppMgmt - ok
09:52:39.0437 0x0a04 asc - ok
09:52:39.0453 0x0a04 asc3350p - ok
09:52:39.0453 0x0a04 asc3550 - ok
09:52:39.0500 0x0a04 [ 5CE8691A574769A313D029392CE65457, 691F8C2E476265FE41CDF6945BF3774B4B1DB894E3BC10FC315CE7F7895B9FC2 ] ASIXIo C:\WINDOWS\system32\Drivers\asixio.sys
09:52:39.0500 0x0a04 ASIXIo - ok
09:52:39.0718 0x0a04 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:52:39.0718 0x0a04 aspnet_state - ok
09:52:39.0765 0x0a04 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:52:39.0781 0x0a04 AsyncMac - ok
09:52:39.0843 0x0a04 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:52:39.0843 0x0a04 atapi - ok
09:52:39.0859 0x0a04 Atdisk - ok
09:52:39.0921 0x0a04 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:52:39.0921 0x0a04 Atmarpc - ok
09:52:39.0953 0x0a04 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:52:39.0953 0x0a04 AudioSrv - ok
09:52:40.0000 0x0a04 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:52:40.0015 0x0a04 audstub - ok
09:52:40.0078 0x0a04 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:52:40.0078 0x0a04 Beep - ok
09:52:40.0156 0x0a04 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
09:52:40.0203 0x0a04 BITS - ok
09:52:40.0359 0x0a04 [ 5AB58C337AC65837FE404462AD6265AB, F7E145F5D8DB1017D5B7B9D5380100F170FE5CC2050B5F7346A521B7B72D2166 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:52:40.0390 0x0a04 Bonjour Service - ok
09:52:40.0453 0x0a04 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
09:52:40.0453 0x0a04 Browser - ok
09:52:40.0484 0x0a04 [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
09:52:40.0484 0x0a04 BthEnum - ok
09:52:40.0500 0x0a04 [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
09:52:40.0515 0x0a04 BTHMODEM - ok
09:52:40.0546 0x0a04 [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
09:52:40.0546 0x0a04 BthPan - ok
09:52:40.0625 0x0a04 [ F338662A6C1FC11DD9508F6DFF2C06A2, 650993B9F641D05F34FB2E5771FB834A7EEDBD60C284FD1703043C297A6577F2 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
09:52:40.0656 0x0a04 BTHPORT - ok
09:52:40.0687 0x0a04 [ 70CA4B3F634C9DCA200832F8DA76E009, ACDAD55D6D94143B41E71685CDD8ADB2DA35635AE588EAED12BBDAA858ABF79E ] BthServ C:\WINDOWS\System32\bthserv.dll
09:52:40.0703 0x0a04 BthServ - ok
09:52:40.0750 0x0a04 [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
09:52:40.0750 0x0a04 BTHUSB - ok
09:52:40.0781 0x0a04 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:52:40.0796 0x0a04 cbidf2k - ok
09:52:40.0828 0x0a04 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:52:40.0843 0x0a04 CCDECODE - ok
09:52:40.0843 0x0a04 cd20xrnt - ok
09:52:40.0906 0x0a04 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:52:40.0906 0x0a04 Cdaudio - ok
09:52:40.0984 0x0a04 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:52:40.0984 0x0a04 Cdfs - ok
09:52:41.0031 0x0a04 [ 351735695E9EAD93DE6AF85D8BEB1CA8, CA3D48AAE080CC71F71BA23BCB46095F3B3207EEDA4A32ED3EFD1FF9DE684516 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
09:52:41.0046 0x0a04 cdrbsdrv - ok
09:52:41.0062 0x0a04 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:52:41.0078 0x0a04 Cdrom - ok
09:52:41.0156 0x0a04 [ C8B5858AEBB4782AE16533297EF1F9BE, F4D67D336251D1B0505A442F208E821700F6EAD60697492FB6C9EB740D26D4FA ] cglptnt C:\Program Files\totalcmd\cglptnt.sys
09:52:41.0156 0x0a04 cglptnt - ok
09:52:41.0171 0x0a04 Changer - ok
09:52:41.0218 0x0a04 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:52:41.0218 0x0a04 CiSvc - ok
09:52:41.0265 0x0a04 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:52:41.0281 0x0a04 ClipSrv - ok
09:52:41.0375 0x0a04 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:52:41.0390 0x0a04 clr_optimization_v2.0.50727_32 - ok
09:52:41.0453 0x0a04 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:52:41.0453 0x0a04 clr_optimization_v4.0.30319_32 - ok
09:52:41.0468 0x0a04 CmdIde - ok
09:52:41.0484 0x0a04 COMSysApp - ok
09:52:41.0515 0x0a04 Cpqarray - ok
09:52:41.0562 0x0a04 [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
09:52:41.0578 0x0a04 cpudrv - ok
09:52:41.0625 0x0a04 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:52:41.0625 0x0a04 CryptSvc - ok
09:52:41.0687 0x0a04 [ B907D2B20DB2F6392995F5379E2A9666, 804D0609911B3169DD6C97D76A4A18F96B64F86633C2AB9479B7BBBEAC348DBA ] CTU2K C:\WINDOWS\system32\Drivers\CTU2K.sys
09:52:41.0687 0x0a04 CTU2K - ok
09:52:41.0734 0x0a04 [ EC0CC1AA9ABFE9A32DAA66832CB06271, 0AAFAFEE82CAD14F4B4651751851DE1147E45A3E63394EF8EC57EE4DAFF817BE ] CYUSB C:\WINDOWS\system32\Drivers\UPAUSB.sys
09:52:41.0750 0x0a04 CYUSB - ok
09:52:41.0750 0x0a04 dac2w2k - ok
09:52:41.0765 0x0a04 dac960nt - ok
09:52:41.0828 0x0a04 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:52:41.0875 0x0a04 DcomLaunch - ok
09:52:41.0937 0x0a04 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:52:41.0953 0x0a04 Dhcp - ok
09:52:41.0984 0x0a04 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:52:41.0984 0x0a04 Disk - ok
09:52:42.0000 0x0a04 dmadmin - ok
09:52:42.0093 0x0a04 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:52:42.0156 0x0a04 dmboot - ok
09:52:42.0187 0x0a04 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:52:42.0203 0x0a04 dmio - ok
09:52:42.0234 0x0a04 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:52:42.0234 0x0a04 dmload - ok
09:52:42.0281 0x0a04 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:52:42.0281 0x0a04 dmserver - ok
09:52:42.0343 0x0a04 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:52:42.0343 0x0a04 DMusic - ok
09:52:42.0390 0x0a04 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:52:42.0406 0x0a04 Dnscache - ok
09:52:42.0453 0x0a04 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:52:42.0468 0x0a04 Dot3svc - ok
09:52:42.0484 0x0a04 dpti2o - ok
09:52:42.0515 0x0a04 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:52:42.0515 0x0a04 drmkaud - ok
09:52:42.0578 0x0a04 [ 89F28D9E011FD90DEC6C0ECE52C171BC, 500D44BAA8566713D0833263655E79990B73E287A3A556D0E668E92E4C0F7AF1 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
09:52:42.0593 0x0a04 E1000 - ok
09:52:42.0640 0x0a04 [ 98B46B331404A951CABAD8B4877E1276, DC683271BFF3BCC40D656E8190A4BA25E76B5876FE3C22C66ED789068C7017A7 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:52:42.0656 0x0a04 E100B - ok
09:52:42.0718 0x0a04 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:52:42.0734 0x0a04 EapHost - ok
09:52:42.0781 0x0a04 [ BC4B92AF5A801363A32E374E223967E6, 58B699577A175473AAF1B410C3984EB8EF6F16F2A23C82B075500A87DECAE89D ] ElbyCDFL C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
09:52:42.0781 0x0a04 ElbyCDFL - ok
09:52:42.0828 0x0a04 [ D4009DC08F09A20E567DC2B3EA825140, 8E7147526CFD31AE2E5EDB6962744E5E91DC6653EA0FA3EA9A5FB7E11A5BCB38 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
09:52:42.0828 0x0a04 ElbyCDIO - ok
09:52:42.0843 0x0a04 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:52:42.0843 0x0a04 ERSvc - ok
09:52:42.0906 0x0a04 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
09:52:42.0921 0x0a04 Eventlog - ok
09:52:42.0984 0x0a04 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
09:52:43.0015 0x0a04 EventSystem - ok
09:52:43.0078 0x0a04 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:52:43.0093 0x0a04 Fastfat - ok
09:52:43.0156 0x0a04 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:52:43.0171 0x0a04 FastUserSwitchingCompatibility - ok
09:52:43.0203 0x0a04 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
09:52:43.0203 0x0a04 Fdc - ok
09:52:43.0250 0x0a04 [ 5C329E2AB8DD62310213CBFAC0178539, 23B565B96B1C992DB17364391ED0B9A98C0498058436EA4088B0F088B751C7B3 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
09:52:43.0250 0x0a04 FilterService - ok
09:52:43.0281 0x0a04 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:52:43.0281 0x0a04 Fips - ok
09:52:43.0296 0x0a04 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:52:43.0296 0x0a04 Flpydisk - ok
09:52:43.0359 0x0a04 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:52:43.0375 0x0a04 FltMgr - ok
09:52:43.0468 0x0a04 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:52:43.0484 0x0a04 FontCache3.0.0.0 - ok
09:52:43.0500 0x0a04 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:52:43.0500 0x0a04 Fs_Rec - ok
09:52:43.0562 0x0a04 [ 47B9CF937AC479046DA289BD5A769CE9, 7DB8B264181478621E3B4123BCA44438F6AFC645AED3EB4161C3FDF036D9AFCB ] FTDIBUS C:\WINDOWS\system32\drivers\opcomusb.sys
09:52:43.0562 0x0a04 FTDIBUS - ok
09:52:43.0578 0x0a04 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:52:43.0593 0x0a04 Ftdisk - ok
09:52:43.0656 0x0a04 [ 48BFD1BA45C9C9E7AB339E25ABFBA1D2, 950F5C1A6FD00E0AABD090753781729EFFF8157525D0DD127864C27E0F7F21FA ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
09:52:43.0656 0x0a04 FTSER2K - ok
09:52:43.0718 0x0a04 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:52:43.0718 0x0a04 Gpc - ok
09:52:43.0828 0x0a04 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:52:43.0828 0x0a04 helpsvc - ok
09:52:43.0875 0x0a04 [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
09:52:43.0875 0x0a04 HidServ - ok
09:52:43.0890 0x0a04 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:52:43.0890 0x0a04 hidusb - ok
09:52:43.0953 0x0a04 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:52:43.0953 0x0a04 hkmsvc - ok
09:52:43.0968 0x0a04 hpn - ok
09:52:44.0031 0x0a04 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:52:44.0046 0x0a04 HTTP - ok
09:52:44.0109 0x0a04 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:52:44.0125 0x0a04 HTTPFilter - ok
09:52:44.0125 0x0a04 i2omgmt - ok
09:52:44.0140 0x0a04 i2omp - ok
09:52:44.0156 0x0a04 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
09:52:44.0156 0x0a04 i8042prt - ok
09:52:44.0296 0x0a04 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:52:44.0359 0x0a04 idsvc - ok
09:52:44.0390 0x0a04 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:52:44.0406 0x0a04 Imapi - ok
09:52:44.0468 0x0a04 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:52:44.0484 0x0a04 ImapiService - ok
09:52:44.0500 0x0a04 ini910u - ok
09:52:44.0515 0x0a04 [ 57D928E548B38502ABBA7A77A6EB7312, AD26B8096D918269BD7D9D454BB93850BCE595CE9E2A396F45777E7312396B33 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:52:44.0515 0x0a04 IntelIde - ok
09:52:44.0578 0x0a04 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:52:44.0578 0x0a04 intelppm - ok
09:52:44.0640 0x0a04 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:52:44.0640 0x0a04 Ip6Fw - ok
09:52:44.0703 0x0a04 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:52:44.0703 0x0a04 IpFilterDriver - ok
09:52:44.0718 0x0a04 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:52:44.0734 0x0a04 IpInIp - ok
09:52:44.0765 0x0a04 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:52:44.0781 0x0a04 IpNat - ok
09:52:44.0859 0x0a04 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:52:44.0859 0x0a04 IPSec - ok
09:52:44.0921 0x0a04 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:52:44.0921 0x0a04 IRENUM - ok
09:52:44.0984 0x0a04 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:52:44.0984 0x0a04 isapnp - ok
09:52:45.0078 0x0a04 [ 2F03CEB28307983F3B36216D35FFA5AA, EACAE0F03BD2A8F72458884CECFF3FD0CE093DDAC7C57B64FB9AF5E4BFBFFA21 ] ISODrive C:\Program Files\UltraISO\drivers\ISODrive.sys
09:52:45.0093 0x0a04 ISODrive - ok
09:52:45.0140 0x0a04 [ 2A2B575B66E9843C55A7E63218B4EF9F, A10576E5ECA0A1B0869004FC7DE4399471924014C6BE0C4C33F0E041DD6DB542 ] jlink C:\WINDOWS\system32\Drivers\jlink.sys
09:52:45.0140 0x0a04 jlink - ok
09:52:45.0156 0x0a04 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:52:45.0156 0x0a04 Kbdclass - ok
09:52:45.0203 0x0a04 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:52:45.0203 0x0a04 kbdhid - ok
09:52:45.0234 0x0a04 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:52:45.0265 0x0a04 kmixer - ok
09:52:45.0312 0x0a04 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:52:45.0312 0x0a04 KSecDD - ok
09:52:45.0359 0x0a04 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:52:45.0375 0x0a04 lanmanserver - ok
09:52:45.0437 0x0a04 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:52:45.0437 0x0a04 lanmanworkstation - ok
09:52:45.0453 0x0a04 lbrtfdc - ok
09:52:45.0515 0x0a04 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:52:45.0515 0x0a04 LmHosts - ok
09:52:45.0687 0x0a04 [ 9A3D4FC6B86E7E36473079AB76AC703D, 24E9EB39F4BC19B8D4D89F41E03761A5B1BD9B4968D5C269FB18523E8F41D5AF ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys
09:52:45.0828 0x0a04 LVcKap - ok
09:52:46.0031 0x0a04 [ 0ACBC11F19320AF6C19F2E20013D9095, 0D7AABAE9D5213B6B9392893A58F1294B799D85D21C8BCE61B3442B098FAD08F ] LVMVDrv C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
09:52:46.0125 0x0a04 LVMVDrv - ok
09:52:46.0296 0x0a04 [ E8ACF6DD83956FB63CEB058D5F51B18A, A1F1E4B2DCA66370C4F03E1849DF4C533E0868E52CAB6474D92B7B183F58CD55 ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
09:52:46.0375 0x0a04 lvpopflt - ok
09:52:46.0437 0x0a04 [ 12866641284EBB41E627BB53C04DA959, B0022C2008692F005282A1C91403CCAF478B75AC4FD3F04C2D0C74B5818FCD88 ] LVPr2Mon C:\WINDOWS\system32\drivers\LVPr2Mon.sys
09:52:46.0437 0x0a04 LVPr2Mon - ok
09:52:46.0546 0x0a04 [ 995D0B52870C7A5CAF3EA165FD674A35, DC29BA633208FCDA873F30BFC2C053DAFAA3C4EB8EA091B7A8F0D27158BEB913 ] LVPrcSrv c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
09:52:46.0546 0x0a04 LVPrcSrv - ok
09:52:46.0562 0x0a04 LVRS - ok
09:52:46.0578 0x0a04 lvselsus - ok
09:52:46.0593 0x0a04 [ A005CEE9BE199C5E375FAA559CA9A7A9, D39DD4463B2E30FECDFE3E65E1FD1ACF67310A33157B39B003CE05F66A950574 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
09:52:46.0609 0x0a04 LVSrvLauncher - ok
09:52:46.0656 0x0a04 [ 64BC29C3A0388BFC580BB8B1346F7659, 4BB25AEAEF4F4DB9A318858A365402429D23FEB281FAB4C96583402961F0E544 ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
09:52:46.0671 0x0a04 LVUSBSta - ok
09:52:46.0859 0x0a04 [ 922BE6770499220DC27B529CA236815A, 05EBBD3D7185D5DCAB234658917157CA6857193B95E3F3E37A66DDF369074E92 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
09:52:46.0953 0x0a04 LVUVC - ok
09:52:47.0046 0x0a04 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
09:52:47.0109 0x0a04 MDM - ok
09:52:47.0203 0x0a04 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:52:47.0234 0x0a04 Messenger - ok
09:52:47.0281 0x0a04 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:52:47.0296 0x0a04 mnmdd - ok
09:52:47.0343 0x0a04 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:52:47.0359 0x0a04 mnmsrvc - ok
09:52:47.0406 0x0a04 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:52:47.0406 0x0a04 Modem - ok
09:52:47.0437 0x0a04 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:52:47.0437 0x0a04 Mouclass - ok
09:52:47.0453 0x0a04 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:52:47.0453 0x0a04 mouhid - ok
09:52:47.0484 0x0a04 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:52:47.0484 0x0a04 MountMgr - ok
09:52:47.0546 0x0a04 [ 8072A7BB35D92CC621AC2605EEF79BC4, 68F61BE84A5032CEC24F04C90DACA1AE78F3744016389BE2345256B26E44E09A ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
09:52:47.0578 0x0a04 MpFilter - ok
09:52:47.0593 0x0a04 mraid35x - ok
09:52:47.0625 0x0a04 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:52:47.0640 0x0a04 MRxDAV - ok
09:52:47.0734 0x0a04 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:52:47.0765 0x0a04 MRxSmb - ok
09:52:47.0812 0x0a04 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:52:47.0828 0x0a04 MSDTC - ok
09:52:47.0843 0x0a04 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:52:47.0843 0x0a04 Msfs - ok
09:52:47.0859 0x0a04 MSIServer - ok
09:52:47.0921 0x0a04 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:52:47.0921 0x0a04 MSKSSRV - ok
09:52:48.0015 0x0a04 [ 1EE3643D1AA747222427F63353611AD7, 18465E375485DF4E980121449077D5BA87C25C5FA8D86F40DA3B7BE153306766 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:52:48.0015 0x0a04 MsMpSvc - ok
09:52:48.0031 0x0a04 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:52:48.0031 0x0a04 MSPCLOCK - ok
09:52:48.0078 0x0a04 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:52:48.0078 0x0a04 MSPQM - ok
09:52:48.0093 0x0a04 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:52:48.0093 0x0a04 mssmbios - ok
09:52:48.0140 0x0a04 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:52:48.0140 0x0a04 MSTEE - ok
09:52:48.0171 0x0a04 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:52:48.0171 0x0a04 Mup - ok
09:52:48.0218 0x0a04 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:52:48.0218 0x0a04 NABTSFEC - ok
09:52:48.0296 0x0a04 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
09:52:48.0328 0x0a04 napagent - ok
09:52:48.0359 0x0a04 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:52:48.0375 0x0a04 NDIS - ok
09:52:48.0406 0x0a04 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:52:48.0421 0x0a04 NdisIP - ok
09:52:48.0468 0x0a04 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:52:48.0468 0x0a04 NdisTapi - ok
09:52:48.0484 0x0a04 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:52:48.0500 0x0a04 Ndisuio - ok
09:52:48.0515 0x0a04 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:52:48.0531 0x0a04 NdisWan - ok
09:52:48.0578 0x0a04 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:52:48.0578 0x0a04 NDProxy - ok
09:52:48.0625 0x0a04 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:52:48.0625 0x0a04 NetBIOS - ok
09:52:48.0671 0x0a04 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:52:48.0687 0x0a04 NetBT - ok
09:52:48.0734 0x0a04 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
09:52:48.0750 0x0a04 NetDDE - ok
09:52:48.0765 0x0a04 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:52:48.0765 0x0a04 NetDDEdsdm - ok
09:52:48.0812 0x0a04 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:52:48.0828 0x0a04 Netlogon - ok
09:52:48.0890 0x0a04 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
09:52:48.0921 0x0a04 Netman - ok
09:52:48.0984 0x0a04 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:52:49.0000 0x0a04 NetTcpPortSharing - ok
09:52:49.0062 0x0a04 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
09:52:49.0078 0x0a04 Nla - ok
09:52:49.0140 0x0a04 [ A00877C05933FBA8AFB3390DD72D4679, 684D9642173C4BF4B752F259D5E89F16BC8B4B1608F1E6E176AA692A9775CE38 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
09:52:49.0140 0x0a04 nmwcd - ok
09:52:49.0187 0x0a04 [ 9FF15F18E4E8758AC57BDB910D0238B3, F27C40BDD3818C54E1099AD525C7C19B424E0C4676DB366DE0E905CA3F82A310 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
09:52:49.0187 0x0a04 nmwcdc - ok
09:52:49.0250 0x0a04 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:52:49.0250 0x0a04 Npfs - ok
09:52:49.0312 0x0a04 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:52:49.0406 0x0a04 Ntfs - ok
09:52:49.0421 0x0a04 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:52:49.0421 0x0a04 NtLmSsp - ok
09:52:49.0484 0x0a04 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:52:49.0531 0x0a04 NtmsSvc - ok
09:52:49.0546 0x0a04 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:52:49.0546 0x0a04 Null - ok
09:52:49.0734 0x0a04 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:52:49.0890 0x0a04 nv - ok
09:52:49.0937 0x0a04 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:52:49.0953 0x0a04 NwlnkFlt - ok
09:52:49.0984 0x0a04 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:52:50.0000 0x0a04 NwlnkFwd - ok
09:52:50.0093 0x0a04 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

hack1 · Příspěvekod **hack1** » 20 srp 2014 10:22

09:52:50.0171 0x0a04 [ B99575D16F887883B821D372FF292C20, D786DE9FB254DCEC3D131CBEAE13E4020D9E353835AD2E4BEF9580B1D638B4AD ] oreans32 C:\WINDOWS\system32\drivers\oreans32.sys
09:52:50.0187 0x0a04 oreans32 - ok
09:52:50.0234 0x0a04 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:52:50.0250 0x0a04 ose - ok
09:52:50.0312 0x0a04 [ 6775738192F4D3E13AC68ACA3565D239, 701281C09D067762B3F3EDD2B8E45D89F1178802C726F107D08BDD770825B155 ] pardrv C:\WINDOWS\system32\drivers\pardrv.sys
09:52:50.0312 0x0a04 pardrv - ok
09:52:50.0375 0x0a04 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:52:50.0390 0x0a04 Parport - ok
09:52:50.0390 0x0a04 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:52:50.0406 0x0a04 PartMgr - ok
09:52:50.0453 0x0a04 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:52:50.0453 0x0a04 ParVdm - ok
09:52:50.0500 0x0a04 [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:52:50.0500 0x0a04 pccsmcfd - ok
09:52:50.0546 0x0a04 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:52:50.0546 0x0a04 PCI - ok
09:52:50.0562 0x0a04 PCIDump - ok
09:52:50.0593 0x0a04 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:52:50.0609 0x0a04 PCIIde - ok
09:52:50.0640 0x0a04 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:52:50.0656 0x0a04 Pcmcia - ok
09:52:50.0671 0x0a04 PDCOMP - ok
09:52:50.0687 0x0a04 PDFRAME - ok
09:52:50.0687 0x0a04 PDRELI - ok
09:52:50.0703 0x0a04 PDRFRAME - ok
09:52:50.0718 0x0a04 perc2 - ok
09:52:50.0734 0x0a04 perc2hib - ok
09:52:50.0781 0x0a04 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
09:52:50.0796 0x0a04 PlugPlay - ok
09:52:50.0812 0x0a04 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:52:50.0828 0x0a04 PolicyAgent - ok
09:52:50.0875 0x0a04 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:52:50.0875 0x0a04 PptpMiniport - ok
09:52:50.0890 0x0a04 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:52:50.0906 0x0a04 ProtectedStorage - ok
09:52:50.0921 0x0a04 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:52:50.0921 0x0a04 PSched - ok
09:52:50.0968 0x0a04 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:52:50.0984 0x0a04 Ptilink - ok
09:52:50.0984 0x0a04 ql1080 - ok
09:52:51.0000 0x0a04 Ql10wnt - ok
09:52:51.0015 0x0a04 ql12160 - ok
09:52:51.0015 0x0a04 ql1240 - ok
09:52:51.0031 0x0a04 ql1280 - ok
09:52:51.0046 0x0a04 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:52:51.0046 0x0a04 RasAcd - ok
09:52:51.0093 0x0a04 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:52:51.0109 0x0a04 RasAuto - ok
09:52:51.0156 0x0a04 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:52:51.0156 0x0a04 Rasl2tp - ok
09:52:51.0218 0x0a04 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:52:51.0250 0x0a04 RasMan - ok
09:52:51.0265 0x0a04 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:52:51.0265 0x0a04 RasPppoe - ok
09:52:51.0281 0x0a04 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:52:51.0281 0x0a04 Raspti - ok
09:52:51.0343 0x0a04 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:52:51.0375 0x0a04 Rdbss - ok
09:52:51.0390 0x0a04 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:52:51.0390 0x0a04 RDPCDD - ok
09:52:51.0421 0x0a04 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:52:51.0453 0x0a04 rdpdr - ok
09:52:51.0500 0x0a04 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:52:51.0515 0x0a04 RDPWD - ok
09:52:51.0562 0x0a04 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:52:51.0578 0x0a04 RDSessMgr - ok
09:52:51.0609 0x0a04 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:52:51.0609 0x0a04 redbook - ok
09:52:51.0656 0x0a04 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:52:51.0671 0x0a04 RemoteAccess - ok
09:52:51.0718 0x0a04 [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:52:51.0718 0x0a04 RemoteRegistry - ok
09:52:51.0765 0x0a04 [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
09:52:51.0765 0x0a04 RFCOMM - ok
09:52:51.0781 0x0a04 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:52:51.0796 0x0a04 RpcLocator - ok
09:52:51.0843 0x0a04 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
09:52:51.0875 0x0a04 RpcSs - ok
09:52:51.0906 0x0a04 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:52:51.0921 0x0a04 RSVP - ok
09:52:51.0953 0x0a04 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
09:52:51.0968 0x0a04 SamSs - ok
09:52:51.0984 0x0a04 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:52:51.0984 0x0a04 SCardSvr - ok
09:52:52.0015 0x0a04 [ 20B2751CD4C8F3FD989739CA661B9F30, 7D2449FB3657DD219D7A401AB8BC0B3AF0FBB6BD784C1AC723825CB1B688BEC5 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
09:52:52.0015 0x0a04 SCDEmu - ok
09:52:52.0062 0x0a04 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:52:52.0093 0x0a04 Schedule - ok
09:52:52.0140 0x0a04 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:52:52.0140 0x0a04 Secdrv - ok
09:52:52.0171 0x0a04 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:52:52.0187 0x0a04 seclogon - ok
09:52:52.0203 0x0a04 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
09:52:52.0218 0x0a04 SENS - ok
09:52:52.0281 0x0a04 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:52:52.0281 0x0a04 serenum - ok
09:52:52.0296 0x0a04 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:52:52.0312 0x0a04 Serial - ok
09:52:52.0453 0x0a04 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:52:52.0515 0x0a04 ServiceLayer - ok
09:52:52.0562 0x0a04 [ E8CC4BA7B2E962BD932C7BF678E762E0, C71EDE0DED61B3358A880BFF87FBB250236F5988FD2A2390891F02966F2A4B2C ] sf C:\WINDOWS\system32\drivers\sf.sys
09:52:52.0562 0x0a04 sf - ok
09:52:52.0578 0x0a04 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:52:52.0593 0x0a04 Sfloppy - ok
09:52:52.0671 0x0a04 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:52:52.0703 0x0a04 SharedAccess - ok
09:52:52.0765 0x0a04 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:52:52.0781 0x0a04 ShellHWDetection - ok
09:52:52.0796 0x0a04 Simbad - ok
09:52:52.0906 0x0a04 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:52:52.0937 0x0a04 SkypeUpdate - ok
09:52:52.0968 0x0a04 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:52:52.0984 0x0a04 SLIP - ok
09:52:53.0015 0x0a04 [ D72A21424CA66C7A745BD995ECA6A710, 9B402DA63F6782828CA51864DF875B8B453967A3DAA83CBE7B508897F6B5873B ] SMBios C:\WINDOWS\system32\DRIVERS\SMBios.sys
09:52:53.0031 0x0a04 SMBios - ok
09:52:53.0062 0x0a04 [ AAE37F0F2F613218DCE17B42A18C38DB, 3C235370054E1AB3EFD6E59825B38F63F6B861025ABFE05CAC940B56D17D25BC ] SMOKBUS C:\WINDOWS\system32\drivers\SMOKbus.sys
09:52:53.0078 0x0a04 SMOKBUS - ok
09:52:53.0109 0x0a04 [ AB40574F179B60BE08FE87DF70ECF9EB, 5ED6E58182450997575CBF29AA3748F3C44DE0D8F2208A70657F9C13E090F0A3 ] SmokXX C:\WINDOWS\system32\Drivers\SmokXX.sys
09:52:53.0109 0x0a04 SmokXX - ok
09:52:53.0203 0x0a04 [ 7D9B50329AF9FD94B0529282530D2CB7, 424A64ADF380B935EF5FDC8060625C48BC952B982696BF334462AB3E25593710 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
09:52:53.0250 0x0a04 smwdm - ok
09:52:53.0296 0x0a04 [ DFADFC2C86662F40759BF02ADD27D569, 81BCBA6DE9CF540C66B4226BD5D46084295F41822BC1A7EB938277737F46CC76 ] sonypvs1 C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
09:52:53.0296 0x0a04 sonypvs1 - ok
09:52:53.0312 0x0a04 Sparrow - ok
09:52:53.0328 0x0a04 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:52:53.0328 0x0a04 splitter - ok
09:52:53.0375 0x0a04 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:52:53.0375 0x0a04 Spooler - ok
09:52:53.0484 0x0a04 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
09:52:53.0484 0x0a04 Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
09:52:53.0484 0x0a04 sptd - detected LockedFile.Multi.Generic ( 1 )
09:52:56.0093 0x0a04 Detect skipped due to KSN trusted
09:52:56.0093 0x0a04 sptd - ok
09:52:56.0125 0x0a04 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:52:56.0125 0x0a04 sr - ok
09:52:56.0203 0x0a04 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
09:52:56.0218 0x0a04 srservice - ok
09:52:56.0296 0x0a04 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:52:56.0328 0x0a04 Srv - ok
09:52:56.0390 0x0a04 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:52:56.0390 0x0a04 SSDPSRV - ok
09:52:56.0468 0x0a04 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:52:56.0515 0x0a04 stisvc - ok
09:52:56.0546 0x0a04 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:52:56.0546 0x0a04 streamip - ok
09:52:56.0593 0x0a04 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:52:56.0593 0x0a04 swenum - ok
09:52:56.0609 0x0a04 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:52:56.0625 0x0a04 swmidi - ok
09:52:56.0625 0x0a04 SwPrv - ok
09:52:56.0640 0x0a04 symc810 - ok
09:52:56.0656 0x0a04 symc8xx - ok
09:52:56.0671 0x0a04 sym_hi - ok
09:52:56.0687 0x0a04 sym_u3 - ok
09:52:56.0718 0x0a04 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:52:56.0734 0x0a04 sysaudio - ok
09:52:56.0781 0x0a04 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:52:56.0796 0x0a04 SysmonLog - ok
09:52:56.0843 0x0a04 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:52:56.0875 0x0a04 TapiSrv - ok
09:52:56.0953 0x0a04 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:52:56.0984 0x0a04 Tcpip - ok
09:52:57.0031 0x0a04 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:52:57.0031 0x0a04 TDPIPE - ok
09:52:57.0046 0x0a04 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:52:57.0046 0x0a04 TDTCP - ok
09:52:57.0078 0x0a04 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:52:57.0093 0x0a04 TermDD - ok
09:52:57.0125 0x0a04 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
09:52:57.0156 0x0a04 TermService - ok
09:52:57.0218 0x0a04 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
09:52:57.0234 0x0a04 Themes - ok
09:52:57.0265 0x0a04 [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:52:57.0265 0x0a04 TlntSvr - ok
09:52:57.0281 0x0a04 TosIde - ok
09:52:57.0328 0x0a04 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:52:57.0328 0x0a04 TrkWks - ok
09:52:57.0390 0x0a04 [ 446118FFFF5576434393AE4551A5CA74, 6E72F429EBF7EF5351735E12E153F39DDCAD3E0341106D3384C9EACFC105FDA6 ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys
09:52:57.0390 0x0a04 TrueSight - ok
09:52:57.0421 0x0a04 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:52:57.0437 0x0a04 Udfs - ok
09:52:57.0453 0x0a04 ultra - ok
09:52:57.0500 0x0a04 [ F443589225D1BE41F686ED736926CA64, 145FACBF399567B8F403950612D394766E92FBC6DE29FF13D390A595D1DFA0F8 ] uOBDBUS C:\WINDOWS\system32\drivers\uOBDbus32.sys
09:52:57.0500 0x0a04 uOBDBUS - ok
09:52:57.0562 0x0a04 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:52:57.0593 0x0a04 Update - ok
09:52:57.0656 0x0a04 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:52:57.0687 0x0a04 upnphost - ok
09:52:57.0734 0x0a04 [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3, C0C82480014B646709869A6A6FA2B71B993F9FCD8E2DB9E8F7D341C21EE169CF ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
09:52:57.0734 0x0a04 upperdev - ok
09:52:57.0765 0x0a04 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
09:52:57.0781 0x0a04 UPS - ok
09:52:57.0828 0x0a04 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:52:57.0828 0x0a04 usbaudio - ok
09:52:57.0875 0x0a04 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:52:57.0890 0x0a04 usbccgp - ok
09:52:57.0906 0x0a04 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:52:57.0906 0x0a04 usbehci - ok
09:52:57.0937 0x0a04 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:52:57.0953 0x0a04 usbhub - ok
09:52:57.0984 0x0a04 [ 84C44D720655A8AA475E57A9E764D675, 2D450199338A217FBD951317812A74223E8B477974C7634667E8896316C3FEA0 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
09:52:57.0984 0x0a04 usbser - ok
09:52:58.0015 0x0a04 [ 4E66C71D8D010BFB0DF1042D25E9CB0F, E581ED3557A06FEE7F35DF1C18C7D74FEFD1FC5E6CDAD6692F66F4A033830F1C ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
09:52:58.0031 0x0a04 UsbserFilt - ok
09:52:58.0062 0x0a04 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:52:58.0078 0x0a04 USBSTOR - ok
09:52:58.0093 0x0a04 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:52:58.0093 0x0a04 usbuhci - ok
09:52:58.0140 0x0a04 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:52:58.0140 0x0a04 VgaSave - ok
09:52:58.0156 0x0a04 ViaIde - ok
09:52:58.0171 0x0a04 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:52:58.0187 0x0a04 VolSnap - ok
09:52:58.0250 0x0a04 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
09:52:58.0281 0x0a04 VSS - ok
09:52:58.0328 0x0a04 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
09:52:58.0359 0x0a04 W32Time - ok
09:52:58.0406 0x0a04 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:52:58.0406 0x0a04 Wanarp - ok
09:52:58.0453 0x0a04 [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
09:52:58.0453 0x0a04 WDC_SAM - ok
09:52:58.0609 0x0a04 [ 90C0FE55328FB79292A2DC3B3CBEB12A, F60E23CC0C7DF97CFE38673899B7CBAD9B2D66FD1824286C3066536AF3E1AA35 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
09:52:58.0625 0x0a04 WDDMService - ok
09:52:58.0718 0x0a04 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
09:52:58.0765 0x0a04 Wdf01000 - ok
09:52:58.0921 0x0a04 [ DD017DEB8A60085559E94089801BCCB1, 57453DFC4E04BCFED6E77BA400711F164A25DE85199896841407B5AF18B03D8B ] WDFME C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
09:52:59.0015 0x0a04 WDFME - ok
09:52:59.0031 0x0a04 WDICA - ok
09:52:59.0078 0x0a04 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:52:59.0093 0x0a04 wdmaud - ok
09:52:59.0140 0x0a04 [ 796A652180ACBAB0771E206043C1F628, 2ED3ABE5ECAB8E8DC921A944B55E5B06CD670D7B771191141A255DD415B097F3 ] WDSC C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
09:52:59.0187 0x0a04 WDSC - ok
09:52:59.0250 0x0a04 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:52:59.0265 0x0a04 WebClient - ok
09:52:59.0375 0x0a04 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:52:59.0390 0x0a04 winmgmt - ok
09:52:59.0453 0x0a04 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:52:59.0453 0x0a04 WmdmPmSN - ok
09:52:59.0531 0x0a04 [ 0171CFF34BBA8C5977F18C48D8AEF8C6, 0E3E04220157CCFB92F8D029805EB56D101C2A3AB3375354537FA9B5B3CAA0AD ] Wmi C:\WINDOWS\System32\advapi32.dll
09:52:59.0593 0x0a04 Wmi - ok
09:52:59.0625 0x0a04 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:52:59.0640 0x0a04 WmiApSrv - ok
09:52:59.0781 0x0a04 [ 3739866D20ABD42F26A7B85F9E2560AF, 9DD01194A553590146A1A1D790B2F891D244C8C0EE34DA423CF2B1F7418BD3AC ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
09:52:59.0890 0x0a04 WMPNetworkSvc - ok
09:52:59.0906 0x0a04 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:52:59.0906 0x0a04 WpdUsb - ok
09:53:00.0015 0x0a04 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:53:00.0062 0x0a04 WPFFontCache_v0400 - ok
09:53:00.0109 0x0a04 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:53:00.0109 0x0a04 WS2IFSL - ok
09:53:00.0171 0x0a04 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:53:00.0187 0x0a04 wscsvc - ok
09:53:00.0203 0x0a04 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:53:00.0218 0x0a04 WSTCODEC - ok
09:53:00.0250 0x0a04 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:53:00.0265 0x0a04 wuauserv - ok
09:53:00.0312 0x0a04 [ EAA6324F51214D2F6718977EC9CE0DEF, B9DE1521395E09233FE519873702979C3EAF65FEC4B94B12A46CECB16C488543 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:53:00.0328 0x0a04 WudfPf - ok
09:53:00.0359 0x0a04 [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:53:00.0359 0x0a04 WudfRd - ok
09:53:00.0406 0x0a04 [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:53:00.0421 0x0a04 WudfSvc - ok
09:53:00.0500 0x0a04 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:53:00.0703 0x0a04 WZCSVC - ok
09:53:00.0875 0x0a04 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:53:00.0890 0x0a04 xmlprov - ok
09:53:00.0906 0x0a04 ================ Scan global ===============================
09:53:00.0953 0x0a04 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
09:53:01.0031 0x0a04 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
09:53:01.0093 0x0a04 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
09:53:01.0140 0x0a04 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
09:53:01.0140 0x0a04 [ Global ] - ok
09:53:01.0140 0x0a04 ================ Scan MBR ==================================
09:53:01.0171 0x0a04 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
09:53:01.0406 0x0a04 \Device\Harddisk0\DR0 - ok
09:53:01.0421 0x0a04 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
09:53:01.0437 0x0a04 \Device\Harddisk1\DR1 - ok
09:53:01.0437 0x0a04 ================ Scan VBR ==================================
09:53:01.0437 0x0a04 [ BA34876E5EBDD39A63A9E168D12AF4FC ] \Device\Harddisk0\DR0\Partition1
09:53:01.0453 0x0a04 \Device\Harddisk0\DR0\Partition1 - ok
09:53:01.0468 0x0a04 [ EA03E9E282A423906840D1545885334F ] \Device\Harddisk1\DR1\Partition1
09:53:01.0468 0x0a04 \Device\Harddisk1\DR1\Partition1 - ok
09:53:01.0468 0x0a04 ================ Scan generic autorun ======================
09:53:01.0578 0x0a04 [ 022DB38BECB5A44DA6F7E27923457624, 7BC02518574129F55F4126F53C6CCAEB45DC2C42E509FE79EDF44DA9E01ED737 ] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
09:53:01.0609 0x0a04 LogitechCommunicationsManager - ok
09:53:01.0734 0x0a04 [ 6B84B11CFAD4173733DD96C810D9BC6F, BC31400E4D66CD5711867D1C7B2B2173B1710A73AA34FABBF32707EA16E19261 ] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
09:53:01.0796 0x0a04 LogitechQuickCamRibbon - ok
09:53:01.0937 0x0a04 [ 882B5B999A71F56D5DF294D93AE1E7D1, 690B93C4A3E476595808EBDBE5CF620FC4A86D41FCD66023DE0DA7972F8941E4 ] C:\Program Files\Microsoft Security Client\msseces.exe
09:53:02.0031 0x0a04 MSC - ok
09:53:02.0109 0x0a04 [ D2DAD71C96C113ED07F7BB79AD831C28, 8EACE797C16663D58B8BA67C9BF135780D1676E16797A1E81706263238C7BC0B ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
09:53:02.0109 0x0a04 APSDaemon - ok
09:53:02.0203 0x0a04 [ AD70355D448466F70C62DA7E0A5A286B, 11C0E6BB74A4297DD73CFC8A406515D30710A82D43BCE5B6085AD08D9FA23D80 ] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
09:53:02.0203 0x0a04 CloneCDTray - ok
09:53:02.0218 0x0a04 BluetoothAuthenticationAgent - ok
09:53:02.0390 0x0a04 [ 646A34526CC33BE4CA933C5680D80B48, 18731AAE4ED70D6ADFC302DDC1CCB7FDA5D400A7829996676EE788C7589EA2AB ] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
09:53:02.0468 0x0a04 NokiaSuite.exe - ok
09:53:02.0687 0x0a04 [ 5425B0E1A2FBEE08E5FE3F8A54FE487F, FAC9FCF83674A0DE584A6A942A4FD7E02B23445E1CD14FE8F2C269A7F0C4EFAF ] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
09:53:02.0828 0x0a04 PC Suite Tray - ok
09:53:02.0843 0x0a04 Skype - ok
09:53:02.0890 0x0a04 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\ctfmon.exe
09:53:02.0890 0x0a04 ctfmon.exe - ok
09:53:02.0890 0x0a04 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
09:53:02.0906 0x0a04 CTFMON.EXE - ok
09:53:02.0906 0x0a04 Waiting for KSN requests completion. In queue: 230
09:53:03.0906 0x0a04 Waiting for KSN requests completion. In queue: 230
09:53:04.0906 0x0a04 Waiting for KSN requests completion. In queue: 230
09:53:05.0984 0x0a04 AV detected via SS1: Microsoft Security Essentials, 4.5.0216.0, disabled, updated
09:53:05.0984 0x0a04 AV detected via SS1: Microsoft Security Essentials, 2.1.6805.0, disabled, updated
09:53:05.0984 0x0a04 Win FW state via NFM: enabled
09:53:08.0828 0x0a04 ============================================================
09:53:08.0828 0x0a04 Scan finished
09:53:08.0828 0x0a04 ============================================================
09:53:08.0843 0x051c Detected object count: 0
09:53:08.0843 0x051c Actual detected object count: 0
09:54:44.0062 0x0958 Deinitialize success

hack1 · Příspěvekod **hack1** » 20 srp 2014 10:23

A ComboFix:

ComboFix 14-08-19.01 - admin 20.08.2014 10:00:54.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3583.2972 [GMT 2:00]
Spuštěný z: c:\documents and settings\admin\Plocha\oprava pc\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-20 do 2014-08-20 )))))))))))))))))))))))))))))))
.
.
2014-08-20 04:38 . 2014-08-07 09:05 8581864 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CD14F15D-19A7-45F6-B40C-E6BE693342B4}\mpengine.dll
2014-08-19 06:49 . 2014-08-19 06:49 -------- d-----w- c:\documents and settings\admin\AppData
2014-08-19 03:05 . 2014-08-07 09:05 8581864 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-18 06:50 . 2014-08-19 17:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\smdmf
2014-08-18 06:48 . 2014-08-18 06:48 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\AVG
2014-08-18 06:48 . 2014-08-18 06:48 -------- d-----w- c:\documents and settings\admin\Data aplikací\AVG
2014-08-18 06:46 . 2014-08-18 06:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG
2014-08-18 06:46 . 2014-08-18 06:46 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-18 06:46 . 2014-08-18 06:46 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2014-08-18 06:25 . 2014-08-18 06:25 -------- d-----w- c:\documents and settings\admin\Data aplikací\ImgBurn
2014-08-18 06:23 . 2014-08-18 06:23 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\TNT2
2014-08-15 07:51 . 2014-08-15 07:51 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\Adobe
2014-08-08 10:36 . 2014-08-08 10:36 -------- d-----w- c:\program files\Common Files\Skype
2014-08-03 09:53 . 2014-08-03 09:53 188304 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2014-07-31 15:52 . 2014-08-19 17:29 33512 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-31 15:52 . 2014-07-31 15:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RogueKiller
2014-07-31 13:05 . 2014-07-31 13:05 -------- d-----w- c:\windows\ERUNT
2014-07-30 18:55 . 2014-05-12 05:26 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-30 18:55 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-30 18:55 . 2014-08-19 08:40 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-07-30 10:35 . 2014-08-19 17:13 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-15 05:27 . 2012-03-30 13:04 699568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-08-15 05:27 . 2011-05-15 20:11 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-07-24 21650016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 488984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 774168]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2004-12-27 57344]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-11-8 3986944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Elnec_sw\\Programmer\\Pg4uwMC.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\SEGGER\\JLinkARM_V414i\\JLinkGDBServer.exe"=
"c:\\Program Files\\SEGGER\\JLinkARM_V414i\\JLinkTCPIPServer.exe"=
"c:\\Program Files\\SEGGER\\JLinkARM_V414i\\JMem.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.8.2010 10:43 691696]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [6.8.2013 15:55 33824]
R2 ASIXIo;ASIXIo;c:\windows\system32\drivers\asixio.sys [1.12.2010 21:39 3078]
R2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [28.1.2012 11:36 9728]
R2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [8.11.2010 12:40 237568]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [8.11.2010 12:43 1060352]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [8.11.2010 12:43 484352]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.4.2014 20:21 315008]
S3 cglptnt;cglptnt;c:\program files\totalcmd\CGLPTNT.SYS [7.8.2010 10:41 7888]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 CTU2K;CTU2K.SYS CTU2K device driver;c:\windows\system32\drivers\CTU2K.sys [24.1.2003 12:13 24197]
S3 CYUSB;UPA-USB Driver;c:\windows\system32\drivers\UPAUSB.sys [18.9.2010 6:38 39936]
S3 jlink;J-Link driver;c:\windows\system32\drivers\jlink.sys [5.10.2010 19:07 14208]
S3 SMOKBUS;USB Serial Converter Driver;c:\windows\system32\drivers\SMOKbus.sys [7.9.2012 19:16 61704]
S3 SmokXX;SmokXX.SYS FT8U2XX device driver;c:\windows\system32\drivers\SmokXX.sys [3.3.2011 20:40 29292]
S3 uOBDBUS;SECONS uOBD DRIVER;c:\windows\system32\drivers\uOBDbus32.sys [15.6.2011 15:36 60552]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [24.12.2010 21:10 11520]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 54101753
*Deregistered* - 54101753
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 05:27]
.
2014-08-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-27 23:28]
.
2014-08-20 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-27 23:28]
.
2014-08-20 c:\windows\Tasks\SPBIW_UpdateTask_Time_313738353137343036322d3437415a556c2a3223346c41.job
- c:\windows\system32\wscript.exe [2004-08-18 11:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-20 10:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2014-08-20 10:13:15
ComboFix-quarantined-files.txt 2014-08-20 08:13
.
Před spuštěním: Volných bajtů: 44 205 215 744
Po spuštění: Volných bajtů: 44 198 899 712
.
- - End Of File - - D483853A6A5DF5BCFF615238893CFA24
413FC2A0C716421B3158746D63736515

Příspěvekod **jaro3** » 20 srp 2014 18:45

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Folder::
c:\documents and settings\admin\Local Settings\Data aplikací\AVG
c:\documents and settings\admin\Data aplikací\AVG
c:\documents and settings\All Users\Data aplikací\AVG
c:\documents and settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
c:\program files\Skype\Updater

Driver::
SkypeUpdate

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

hack1 · Příspěvekod **hack1** » 21 srp 2014 08:40

ComboFix 14-08-19.01 - admin 21.08.2014 8:26.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3583.2968 [GMT 2:00]
Spuštěný z: c:\documents and settings\admin\Plocha\oprava pc\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-21 do 2014-08-21 )))))))))))))))))))))))))))))))
.
.
2014-08-21 05:43 . 2014-08-07 09:05 8581864 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A59DD668-D654-4DAE-9AFF-8B8B4826D4AA}\mpengine.dll
2014-08-20 04:38 . 2014-08-07 09:05 8581864 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-19 06:49 . 2014-08-19 06:49 -------- d-----w- c:\documents and settings\admin\AppData
2014-08-18 06:50 . 2014-08-19 17:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\smdmf
2014-08-18 06:48 . 2014-08-18 06:48 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\AVG
2014-08-18 06:48 . 2014-08-18 06:48 -------- d-----w- c:\documents and settings\admin\Data aplikací\AVG
2014-08-18 06:46 . 2014-08-18 06:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG
2014-08-18 06:46 . 2014-08-18 06:46 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-18 06:46 . 2014-08-18 06:46 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2014-08-18 06:25 . 2014-08-18 06:25 -------- d-----w- c:\documents and settings\admin\Data aplikací\ImgBurn
2014-08-18 06:23 . 2014-08-18 06:23 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\TNT2
2014-08-15 07:51 . 2014-08-15 07:51 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\Adobe
2014-08-08 10:36 . 2014-08-08 10:36 -------- d-----w- c:\program files\Common Files\Skype
2014-08-03 09:53 . 2014-08-03 09:53 188304 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2014-07-31 15:52 . 2014-08-19 17:29 33512 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-31 15:52 . 2014-07-31 15:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RogueKiller
2014-07-31 13:05 . 2014-07-31 13:05 -------- d-----w- c:\windows\ERUNT
2014-07-30 18:55 . 2014-05-12 05:26 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-30 18:55 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-30 18:55 . 2014-08-19 08:40 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-07-30 10:35 . 2014-08-19 17:13 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-15 05:27 . 2012-03-30 13:04 699568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-08-15 05:27 . 2011-05-15 20:11 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-07-24 21650016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 488984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 774168]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2004-12-27 57344]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-11-8 3986944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Elnec_sw\\Programmer\\Pg4uwMC.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\SEGGER\\JLinkARM_V414i\\JLinkGDBServer.exe"=
"c:\\Program Files\\SEGGER\\JLinkARM_V414i\\JLinkTCPIPServer.exe"=
"c:\\Program Files\\SEGGER\\JLinkARM_V414i\\JMem.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.8.2010 10:43 691696]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [6.8.2013 15:55 33824]
R2 ASIXIo;ASIXIo;c:\windows\system32\drivers\asixio.sys [1.12.2010 21:39 3078]
R2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [28.1.2012 11:36 9728]
R2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [8.11.2010 12:40 237568]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [8.11.2010 12:43 1060352]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [8.11.2010 12:43 484352]
S3 cglptnt;cglptnt;c:\program files\totalcmd\CGLPTNT.SYS [7.8.2010 10:41 7888]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 CTU2K;CTU2K.SYS CTU2K device driver;c:\windows\system32\drivers\CTU2K.sys [24.1.2003 12:13 24197]
S3 CYUSB;UPA-USB Driver;c:\windows\system32\drivers\UPAUSB.sys [18.9.2010 6:38 39936]
S3 jlink;J-Link driver;c:\windows\system32\drivers\jlink.sys [5.10.2010 19:07 14208]
S3 SMOKBUS;USB Serial Converter Driver;c:\windows\system32\drivers\SMOKbus.sys [7.9.2012 19:16 61704]
S3 SmokXX;SmokXX.SYS FT8U2XX device driver;c:\windows\system32\drivers\SmokXX.sys [3.3.2011 20:40 29292]
S3 uOBDBUS;SECONS uOBD DRIVER;c:\windows\system32\drivers\uOBDbus32.sys [15.6.2011 15:36 60552]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [24.12.2010 21:10 11520]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 05:27]
.
2014-08-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-27 23:28]
.
2014-08-21 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-27 23:28]
.
2014-08-21 c:\windows\Tasks\SPBIW_UpdateTask_Time_313738353137343036322d3437415a556c2a3223346c41.job
- c:\windows\system32\wscript.exe [2004-08-18 11:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-21 08:33
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(6496)
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\LogiShrd\LComMgr\LVComSX.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Celkový čas: 2014-08-21 08:38:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-21 06:38
ComboFix2.txt 2014-08-20 08:13
.
Před spuštěním: Volných bajtů: 44 113 571 840
Po spuštění: Volných bajtů: 44 098 764 800
.
- - End Of File - - DC668B48683E13F6EDC7632C8EDF9A14
413FC2A0C716421B3158746D63736515

hack1 · Příspěvekod **hack1** » 21 srp 2014 08:49

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-08-21 08:46:22
-----------------------------
08:46:22.671 OS Version: Windows 5.1.2600 Service Pack 3
08:46:22.671 Number of processors: 2 586 0x409
08:46:22.671 ComputerName: HACKDESKTOP UserName: admin
08:46:25.265 Initialize success
08:46:25.265 VM: initialized successfully
08:46:25.281 VM: Intel CPU virtualization not supported
08:46:30.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
08:46:30.250 Disk 0 Vendor: WDC_WD800JB-00JJC0 05.01C05 Size: 76319MB BusType: 3
08:46:30.250 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
08:46:30.250 Disk 1 Vendor: ST380011A 3.06 Size: 76319MB BusType: 3
08:46:30.484 Disk 0 MBR read successfully
08:46:30.484 Disk 0 MBR scan
08:46:30.484 Disk 0 Windows XP default MBR code
08:46:30.609 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
08:46:30.640 Disk 0 Boot: NTFS code=1
08:46:30.703 Disk 0 scanning sectors +156280320
08:46:31.015 Disk 0 scanning C:\WINDOWS\system32\drivers
08:46:44.968 Service scanning
08:47:00.656 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
08:47:05.468 Modules scanning
08:47:10.953 Disk 0 trace - called modules:
08:47:10.984 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spch.sys >>UNKNOWN [0x8a4b3938]<<
08:47:10.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3dcab8]
08:47:10.984 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000006e[0x8a3e4f18]
08:47:10.984 5 ACPI.sys[f74a3620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8a3e2d98]
08:47:10.984 Scan finished successfully
08:47:24.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\admin\Plocha\oprava pc\MBR.dat"
08:47:24.203 The log file has been saved successfully to "C:\Documents and Settings\admin\Plocha\oprava pc\aswMBR.txt"

winlogon exe a Userinit exe

winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Re: winlogon exe a Userinit exe

Kdo je online