Zdravím,
prosím o kontrolu logu na NTB nejde spustit žádný z prohlížečů, po spuštění ihned spadne.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:35:31, on 16.5.2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\nikolas\Plocha\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?rlz=1W4CHBA_csCZ570
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ngwcvoj] regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat"
O4 - HKCU\..\Policies\Explorer\Run: [Elecard] C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 6162 bytes
Prosím o kontrolu logu Vyřešeno
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
===================================================
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
===================================================
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
===================================================
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.
===================================================
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
===================================================
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
===================================================
Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu logu
# AdwCleaner v3.208 - Report created 16/05/2014 at 13:35:36
# Updated 11/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : nikolas - NIKOLAS-17CD13B
# Running from : C:\Documents and Settings\nikolas\Plocha\AdwCleaner(2).exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Found : C:\Documents and Settings\nikolas\Data aplikací\Mozilla\Firefox\Profiles\636mm8zh.default\Extensions\WebSiteRecommendation@weliketheweb.com
Folder Found : C:\Documents and Settings\nikolas\Data aplikací\SimilarSites
Folder Found : C:\Documents and Settings\nikolas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
Folder Found : C:\Program Files\SimilarSites
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\ctTOOLBAR.ctToolBarCtrl.4
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Documents and Settings\nikolas\Data aplikací\Mozilla\Firefox\Profiles\636mm8zh.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Documents and Settings\nikolas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
Found [Extension] : olakgnkoldmagdblaalodobkmeokmgjj
*************************
AdwCleaner[R0].txt - [1617 octets] - [16/05/2014 13:25:26]
AdwCleaner[R1].txt - [1537 octets] - [16/05/2014 13:35:36]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1597 octets] ##########
# Updated 11/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : nikolas - NIKOLAS-17CD13B
# Running from : C:\Documents and Settings\nikolas\Plocha\AdwCleaner(2).exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Found : C:\Documents and Settings\nikolas\Data aplikací\Mozilla\Firefox\Profiles\636mm8zh.default\Extensions\WebSiteRecommendation@weliketheweb.com
Folder Found : C:\Documents and Settings\nikolas\Data aplikací\SimilarSites
Folder Found : C:\Documents and Settings\nikolas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
Folder Found : C:\Program Files\SimilarSites
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\ctTOOLBAR.ctToolBarCtrl.4
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Documents and Settings\nikolas\Data aplikací\Mozilla\Firefox\Profiles\636mm8zh.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Documents and Settings\nikolas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
Found [Extension] : olakgnkoldmagdblaalodobkmeokmgjj
*************************
AdwCleaner[R0].txt - [1617 octets] - [16/05/2014 13:25:26]
AdwCleaner[R1].txt - [1537 octets] - [16/05/2014 13:35:36]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1597 octets] ##########
Re: Prosím o kontrolu logu
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.05.16.08
Windows XP Service Pack 2 x86 FAT
Internet Explorer 8.0.6001.18702
nikolas :: NIKOLAS-17CD13B [administrátor]
16.5.2014 13:51:37
MBAM-log-2014-05-16 (13-58-03).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216743
Uplynulý čas: 5 minut, 59 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKCU\Software\Softonic\Universal Downloader (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ngwcvoj (Trojan.Ransom.Gend) -> Data: regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat" -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Elecard (Trojan.Crypt.NKN) -> Data: C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 1
C:\Documents and Settings\nikolas\Data aplikací\SimilarSites (PUP.Optional.SimilarSites.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 2
C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat (Trojan.Ransom.Gend) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe (Trojan.Crypt.NKN) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2014.05.16.08
Windows XP Service Pack 2 x86 FAT
Internet Explorer 8.0.6001.18702
nikolas :: NIKOLAS-17CD13B [administrátor]
16.5.2014 13:51:37
MBAM-log-2014-05-16 (13-58-03).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216743
Uplynulý čas: 5 minut, 59 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKCU\Software\Softonic\Universal Downloader (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ngwcvoj (Trojan.Ransom.Gend) -> Data: regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat" -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Elecard (Trojan.Crypt.NKN) -> Data: C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 1
C:\Documents and Settings\nikolas\Data aplikací\SimilarSites (PUP.Optional.SimilarSites.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 2
C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat (Trojan.Ransom.Gend) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe (Trojan.Crypt.NKN) -> Nebyla provedena žádná instrukce.
(konec)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
# AdwCleaner v3.208 - Report created 19/05/2014 at 14:25:36
# Updated 11/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : nikolas - NIKOLAS-17CD13B
# Running from : C:\Documents and Settings\nikolas\Plocha\AdwCleaner(2).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Documents and Settings\nikolas\Data aplikací\SimilarSites
Folder Deleted : C:\Documents and Settings\nikolas\Data aplikací\Mozilla\Firefox\Profiles\636mm8zh.default\Extensions\WebSiteRecommendation@weliketheweb.com
[!] Folder Deleted : C:\Documents and Settings\nikolas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\ctTOOLBAR.ctToolBarCtrl.4
Key Deleted : HKCU\Software\Softonic
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Documents and Settings\nikolas\Data aplikací\Mozilla\Firefox\Profiles\636mm8zh.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Documents and Settings\nikolas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : olakgnkoldmagdblaalodobkmeokmgjj
*************************
AdwCleaner[R0].txt - [1617 octets] - [16/05/2014 13:25:26]
AdwCleaner[R1].txt - [1677 octets] - [16/05/2014 13:35:36]
AdwCleaner[R2].txt - [1737 octets] - [19/05/2014 14:24:58]
AdwCleaner[S0].txt - [1678 octets] - [19/05/2014 14:25:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1738 octets] ##########
# Updated 11/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : nikolas - NIKOLAS-17CD13B
# Running from : C:\Documents and Settings\nikolas\Plocha\AdwCleaner(2).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Documents and Settings\nikolas\Data aplikací\SimilarSites
Folder Deleted : C:\Documents and Settings\nikolas\Data aplikací\Mozilla\Firefox\Profiles\636mm8zh.default\Extensions\WebSiteRecommendation@weliketheweb.com
[!] Folder Deleted : C:\Documents and Settings\nikolas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\ctTOOLBAR.ctToolBarCtrl.4
Key Deleted : HKCU\Software\Softonic
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Documents and Settings\nikolas\Data aplikací\Mozilla\Firefox\Profiles\636mm8zh.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Documents and Settings\nikolas\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : olakgnkoldmagdblaalodobkmeokmgjj
*************************
AdwCleaner[R0].txt - [1617 octets] - [16/05/2014 13:25:26]
AdwCleaner[R1].txt - [1677 octets] - [16/05/2014 13:35:36]
AdwCleaner[R2].txt - [1737 octets] - [19/05/2014 14:24:58]
AdwCleaner[S0].txt - [1678 octets] - [19/05/2014 14:25:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1738 octets] ##########
Re: Prosím o kontrolu logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by nikolas on po 19.05.2014 at 14:33:13,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{e0716f58-4c3a-45cc-bdb8-9ec9aa3f9182}
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 19.05.2014 at 14:39:13,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by nikolas on po 19.05.2014 at 14:33:13,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{e0716f58-4c3a-45cc-bdb8-9ec9aa3f9182}
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 19.05.2014 at 14:39:13,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu logu
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org
Verze: v2014.05.16.08
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
nikolas :: NIKOLAS-17CD13B [administrátor]
19.5.2014 14:52:22
mbam-log-2014-05-19 (14-52-22).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216946
Uplynulý čas: 7 minut, 7 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ngwcvoj (Trojan.Ransom.Gend) -> Data: regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat" -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Elecard (Trojan.Crypt.NKN) -> Data: C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe -> Přesun do karantény a smazání se zdařilo.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 3
C:\Documents and Settings\nikolas\Local Settings\Temp\KMP_3.9.0.124.exe (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat (Trojan.Ransom.Gend) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe (Trojan.Crypt.NKN) -> Bude smazán při restartu.
(konec)
http://www.malwarebytes.org
Verze: v2014.05.16.08
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
nikolas :: NIKOLAS-17CD13B [administrátor]
19.5.2014 14:52:22
mbam-log-2014-05-19 (14-52-22).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216946
Uplynulý čas: 7 minut, 7 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ngwcvoj (Trojan.Ransom.Gend) -> Data: regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat" -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Elecard (Trojan.Crypt.NKN) -> Data: C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe -> Přesun do karantény a smazání se zdařilo.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 3
C:\Documents and Settings\nikolas\Local Settings\Temp\KMP_3.9.0.124.exe (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\All Users\Data aplikací\ngwcvoj.dat (Trojan.Ransom.Gend) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\nikolas\Data aplikací\ivtdaihu\tteuughc.exe (Trojan.Crypt.NKN) -> Bude smazán při restartu.
(konec)
Re: Prosím o kontrolu logu
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : nikolas [Práva správce]
Mód : Kontrola -- Datum : 05/19/2014 15:07:29
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] Bluetooth.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk @C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [-][-] -> NALEZENO
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1234GAX +++++
--- User ---
[MBR] d0ced984568273427ba70e2f1e496885
[BSP] 7fd6b6605f270042ab61170ef5a24d75 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 MB
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Prolific USB Flash Disk USB Device +++++
--- User ---
[MBR] 74693b6f3abb3fb524e5b0656b2234df
[BSP] afbe3015af2ba8719367935890883453 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 234840425 | Size: 994568 MB
1 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1376390655 | Size: 798350 MB
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1802725748 | Size: 877581 MB
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 0 | Size: 1767733 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Prolific USB Flash Disk USB Device +++++
--- User ---
[MBR] 7b8e0d870d8a2e6d7891d8e555862079
[BSP] c03d9d58d22f53cc37396ab7a7b0396c : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 234840425 | Size: 994568 MB
1 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1376390655 | Size: 798350 MB
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1802725748 | Size: 877581 MB
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 0 | Size: 1767733 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
Dokončeno : << RKreport[0]_S_05192014_150729.txt >>
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : nikolas [Práva správce]
Mód : Kontrola -- Datum : 05/19/2014 15:07:29
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] Bluetooth.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk @C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [-][-] -> NALEZENO
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1234GAX +++++
--- User ---
[MBR] d0ced984568273427ba70e2f1e496885
[BSP] 7fd6b6605f270042ab61170ef5a24d75 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 MB
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Prolific USB Flash Disk USB Device +++++
--- User ---
[MBR] 74693b6f3abb3fb524e5b0656b2234df
[BSP] afbe3015af2ba8719367935890883453 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 234840425 | Size: 994568 MB
1 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1376390655 | Size: 798350 MB
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1802725748 | Size: 877581 MB
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 0 | Size: 1767733 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Prolific USB Flash Disk USB Device +++++
--- User ---
[MBR] 7b8e0d870d8a2e6d7891d8e555862079
[BSP] c03d9d58d22f53cc37396ab7a7b0396c : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 234840425 | Size: 994568 MB
1 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1376390655 | Size: 798350 MB
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1802725748 | Size: 877581 MB
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 0 | Size: 1767733 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
Dokončeno : << RKreport[0]_S_05192014_150729.txt >>
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Platform: Windows XP SP2 -- doinstaluj SP3!
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Platform: Windows XP SP2 -- doinstaluj SP3!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : nikolas [Práva správce]
Mód : Odebrat -- Datum : 05/20/2014 09:54:23
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] Bluetooth.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk @C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [-][-] -> VYMAZÁNO
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1234GAX +++++
--- User ---
[MBR] d0ced984568273427ba70e2f1e496885
[BSP] 7fd6b6605f270042ab61170ef5a24d75 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 MB
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_05202014_095423.txt >>
RKreport[0]_S_05192014_150729.txt;RKreport[0]_S_05202014_094314.txt
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : nikolas [Práva správce]
Mód : Odebrat -- Datum : 05/20/2014 09:54:23
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] Bluetooth.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk @C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [-][-] -> VYMAZÁNO
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK1234GAX +++++
--- User ---
[MBR] d0ced984568273427ba70e2f1e496885
[BSP] 7fd6b6605f270042ab61170ef5a24d75 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 MB
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_05202014_095423.txt >>
RKreport[0]_S_05192014_150729.txt;RKreport[0]_S_05202014_094314.txt
Re: Prosím o kontrolu logu
09:57:11.0546 0x0e68 TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
09:57:18.0906 0x0e68 ============================================================
09:57:18.0906 0x0e68 Current date / time: 2014/05/20 09:57:18.0906
09:57:18.0906 0x0e68 SystemInfo:
09:57:18.0906 0x0e68
09:57:18.0906 0x0e68 OS Version: 5.1.2600 ServicePack: 2.0
09:57:18.0906 0x0e68 Product type: Workstation
09:57:18.0906 0x0e68 ComputerName: NIKOLAS-17CD13B
09:57:18.0906 0x0e68 UserName: nikolas
09:57:18.0906 0x0e68 Windows directory: C:\WINDOWS
09:57:18.0906 0x0e68 System windows directory: C:\WINDOWS
09:57:18.0906 0x0e68 Processor architecture: Intel x86
09:57:18.0906 0x0e68 Number of processors: 1
09:57:18.0906 0x0e68 Page size: 0x1000
09:57:18.0906 0x0e68 Boot type: Normal boot
09:57:18.0906 0x0e68 ============================================================
09:57:22.0687 0x0e68 KLMD registered as C:\WINDOWS\system32\drivers\74275640.sys
09:57:23.0250 0x0e68 System UUID: {4FB2FDDC-75EC-432F-93EB-1C3A379F48B6}
09:57:24.0140 0x0e68 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:57:24.0140 0x0e68 Drive \Device\Harddisk1\DR2 - Size: 0x1540000 (0.02 Gb), SectorSize: 0x200, Cylinders: 0x2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:57:24.0140 0x0e68 Drive \Device\Harddisk2\DR3 - Size: 0xA00000 (0.01 Gb), SectorSize: 0x200, Cylinders: 0x1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:57:24.0234 0x0e68 ============================================================
09:57:24.0234 0x0e68 \Device\Harddisk0\DR0:
09:57:24.0234 0x0e68 MBR partitions:
09:57:24.0234 0x0e68 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
09:57:24.0234 0x0e68 \Device\Harddisk1\DR2:
09:57:24.0343 0x0e68 MBR partitions:
09:57:24.0343 0x0e68 \Device\Harddisk2\DR3:
09:57:24.0437 0x0e68 MBR partitions:
09:57:24.0437 0x0e68 ============================================================
09:57:24.0468 0x0e68 C: <-> \Device\Harddisk0\DR0\Partition1
09:57:24.0468 0x0e68 ============================================================
09:57:24.0468 0x0e68 Initialize success
09:57:24.0468 0x0e68 ============================================================
09:57:38.0234 0x08c8 ============================================================
09:57:38.0234 0x08c8 Scan started
09:57:38.0234 0x08c8 Mode: Manual;
09:57:38.0234 0x08c8 ============================================================
09:57:38.0234 0x08c8 KSN ping started
09:57:51.0875 0x08c8 KSN ping finished: true
09:57:52.0500 0x08c8 ================ Scan system memory ========================
09:57:52.0500 0x08c8 System memory - ok
09:57:52.0500 0x08c8 ================ Scan services =============================
09:57:52.0593 0x08c8 Abiosdsk - ok
09:57:52.0609 0x08c8 abp480n5 - ok
09:57:52.0687 0x08c8 [ FA2FBCDA96D2385F773B059FE5A125A6, 247ADDAF3E318342F4DEA0234560AE4252738194563584D66C1E5AD44DFF182F ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:57:52.0703 0x08c8 ACPI - ok
09:57:52.0859 0x08c8 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:57:52.0859 0x08c8 ACPIEC - ok
09:57:52.0968 0x08c8 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:57:52.0984 0x08c8 AdobeFlashPlayerUpdateSvc - ok
09:57:53.0000 0x08c8 adpu160m - ok
09:57:53.0078 0x08c8 [ 841F385C6CFAF66B58FBD898722BB4F0, 0DA17CCA27DF5C7245959249162A5393B2E36B7C9A3A3525AE1371DE6AE698A3 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:57:53.0078 0x08c8 aec - ok
09:57:53.0125 0x08c8 [ 5AC495F4CB807B2B98AD2AD591E6D92E, F645FAD628EC81C3D2555862BEE8DF3975FD9EAE326885528E773B2F148D70FB ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:57:53.0125 0x08c8 AFD - ok
09:57:53.0140 0x08c8 Aha154x - ok
09:57:53.0140 0x08c8 aic78u2 - ok
09:57:53.0156 0x08c8 aic78xx - ok
09:57:53.0203 0x08c8 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1, 2982A70AF1C9DD7A86B104D1A86ECA08753ED06D68FAE74FAE232828A80BF88C ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:57:53.0203 0x08c8 Alerter - ok
09:57:53.0234 0x08c8 [ B3F690BF43F93A012A52F28F234FAA1B, 72B520D2F1F0A510AC49170CECC909F01FB550683C6740726F11B5BE96E610CF ] ALG C:\WINDOWS\System32\alg.exe
09:57:53.0234 0x08c8 ALG - ok
09:57:53.0250 0x08c8 AliIde - ok
09:57:53.0312 0x08c8 [ D2B80A58ED4082DA1D2F382F64621DC9, 10BAFE11CA5FCC60B7A4420F619E5C6DF0960244D1578CD0C6898E190C469FB0 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
09:57:53.0312 0x08c8 AmdK8 - ok
09:57:53.0312 0x08c8 amsint - ok
09:57:53.0328 0x08c8 AppMgmt - ok
09:57:53.0406 0x08c8 [ 89873AEBBF0309393F0737E26D891209, B9A2580F84C2FD4CA50C50330DC9C853230CF6439E7876A067DD35626E7555E7 ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys
09:57:53.0421 0x08c8 AR5211 - ok
09:57:53.0437 0x08c8 asc - ok
09:57:53.0453 0x08c8 asc3350p - ok
09:57:53.0453 0x08c8 asc3550 - ok
09:57:53.0546 0x08c8 [ D33C507942299753868204CC7642FA27, 4E7096D6F4B1176C4823540427219988AC9180E70954D3BF32A6C15ED1332670 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:57:53.0546 0x08c8 aspnet_state - ok
09:57:53.0562 0x08c8 [ 02000ABF34AF4C218C35D257024807D6, FDE21F7FCB198A44A6F2BCAF5EB11C9D90A094B4A2F8C307244A7655848954DA ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:57:53.0562 0x08c8 AsyncMac - ok
09:57:53.0625 0x08c8 [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:57:53.0625 0x08c8 atapi - ok
09:57:53.0640 0x08c8 Atdisk - ok
09:57:53.0718 0x08c8 [ E9B73D638608B5B20608DB28186D3494, 1EFF676C5E6F4EA9257AF2CE698BDA4CA196AA7CAF458E43A472957685038ECD ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
09:57:53.0734 0x08c8 Ati HotKey Poller - ok
09:57:54.0046 0x08c8 [ 2922CD8A5D913E737D4E7A634042E154, 2C6137406FB6C9818D70B327B74CD4A71826DBB3EBD5BB68BECEC361CA8D8393 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:57:54.0093 0x08c8 ati2mtag - ok
09:57:54.0156 0x08c8 [ EC88DA854AB7D7752EC8BE11A741BB7F, 91FAF224CB4B44608C85CC25C3A82A3EC83F379D14A119A60A75505A30043255 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:57:54.0156 0x08c8 Atmarpc - ok
09:57:54.0234 0x08c8 [ 40D78F514C8588EF12EC718D2AF0FC4E, E8ABE9E67D6E35D53387B8F6EF11284EC330B8E94784A506F3756D4A39E4F184 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:57:54.0234 0x08c8 AudioSrv - ok
09:57:54.0328 0x08c8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:57:54.0328 0x08c8 audstub - ok
09:57:54.0406 0x08c8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:57:54.0406 0x08c8 Beep - ok
09:57:54.0578 0x08c8 [ E774A26610EC92674273486612C11CFC, 10BF77510872A4E1262FCE42F1254313E193D0804C90DC334C4249D477CB9A08 ] BITS C:\WINDOWS\system32\qmgr.dll
09:57:54.0625 0x08c8 BITS - ok
09:57:54.0703 0x08c8 [ F219E27E88107A50544153898DD8178E, 4E48E64AAF302F1FAF66F8F14BC22D2DA2E0C62E4C7E6CEE6F9705A04D75E0F6 ] Browser C:\WINDOWS\System32\browser.dll
09:57:54.0718 0x08c8 Browser - ok
09:57:54.0828 0x08c8 [ F73D41FD3653FE64CC79610F7B240472, AB1CF98D4C7F1CAB8A4F9A4D4DA3CCD37624466F923B8BB2B9B2B81FE26C2622 ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
09:57:54.0843 0x08c8 btaudio - ok
09:57:54.0953 0x08c8 [ 4854ED2EE57769B9527680978A9DD5B4, 82527DD7CF90F3494C17289061D7406D0FB02DCA9B81A85458A591FEF663942D ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
09:57:54.0953 0x08c8 BTDriver - ok
09:57:55.0015 0x08c8 [ D24B8D1784C68A25060FFFBE8ED34B76, E96FBABDB2B24050DD963C0CF39980DFBADB4DCE03CF5DC1C7CB0AE72A644608 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
09:57:55.0015 0x08c8 BthEnum - ok
09:57:55.0078 0x08c8 [ 10355270BE12641B9764235DA39DCF0F, 325EECDF0B062BDF0CE76BC0B42885197315CFDEAF3336566B5EFCA0860FF0F0 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
09:57:55.0078 0x08c8 BthPan - ok
09:57:55.0156 0x08c8 [ C4084076346FF43F3005477644710657, 34DB61913DD97128AC476DC2AD2A424D49CF2021D9F3438552DCCEE654DF4B5B ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
09:57:55.0171 0x08c8 BTHPORT - ok
09:57:55.0234 0x08c8 [ 4F17674870D7729F8CF0A78F85CBB5D6, 63F588C067E2CE999248D20D2FC256A311095BDF6D19C61BF699F6042C2A3302 ] BthServ C:\WINDOWS\System32\bthserv.dll
09:57:55.0234 0x08c8 BthServ - ok
09:57:55.0265 0x08c8 [ F06D4CB9918B462A84D9AC00027EFC30, 1F949DF5B768FB176A0203CD2C1260C15C7B4C5A3658230DA3BD7D8014614FD3 ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
09:57:55.0265 0x08c8 BTHUSB - ok
09:57:55.0562 0x08c8 [ 4EBD4EBFF01617FBDA6CE7963F150918, B526CE319BC2E1EB5D97BF41E47B609A73280DB18A57C40C060AA9D9A0D8C013 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
09:57:55.0593 0x08c8 BTKRNL - ok
09:57:55.0656 0x08c8 [ 6D9F1D03D4EBA886E1626D856762B4F0, 7B5C090EFB26022A57076441DF55ABE84758D0CB97D1B907FAA55D8EBDF5EB03 ] BTSERIAL C:\WINDOWS\system32\drivers\btserial.sys
09:57:55.0656 0x08c8 BTSERIAL - ok
09:57:56.0000 0x08c8 [ D9E3B5AAD23BF7EFA6A5DE3C855E0DA2, F4ECA9A1C68C3F4BA0B99C332F8DE02618398F68993EFC3099B357FF17100CCF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
09:57:56.0000 0x08c8 btwdins - ok
09:57:56.0125 0x08c8 [ 96708D343264ABAF8AD93C464B2FC9CA, AE40866537F09756E5DAEED67608ADACB09EDF90F176BDAE2B77198A32CD34C2 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
09:57:56.0125 0x08c8 BTWDNDIS - ok
09:57:56.0281 0x08c8 [ B2C100ADE3A01B663CAA7EB68EE80A51, CF5BFB642F038B1E261DD7723962A16C7C654D2FCBE1309B20D2AC44F4B2E2C4 ] Cam5603D C:\WINDOWS\system32\Drivers\BisonCam.sys
09:57:56.0296 0x08c8 Cam5603D - ok
09:57:56.0359 0x08c8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:57:56.0359 0x08c8 cbidf2k - ok
09:57:56.0390 0x08c8 [ 6163ED60B684BAB19D3352AB22FC48B2, 5A7ED636D8B2178EA21FA986CC9168DEF258AA4FFB9DCD792A81A1D615AC5D5E ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:57:56.0390 0x08c8 CCDECODE - ok
09:57:56.0390 0x08c8 cd20xrnt - ok
09:57:56.0421 0x08c8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:57:56.0421 0x08c8 Cdaudio - ok
09:57:56.0468 0x08c8 [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:57:56.0468 0x08c8 Cdfs - ok
09:57:56.0515 0x08c8 [ AF9C19B3100FE010496B1A27181FBF72, 64E9E4461F631EED2B2A1FC80DCC9C31DCECB5738289D322E6A6428C840DC621 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:57:56.0531 0x08c8 Cdrom - ok
09:57:56.0531 0x08c8 Changer - ok
09:57:56.0562 0x08c8 [ 9E21229E04E1D301BB40222FE4641CB2, 4D2CFD04DB9A71A3DE9159A4514BDD59884556EFF137D43C98FD322A63BF86DA ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:57:56.0562 0x08c8 CiSvc - ok
09:57:56.0578 0x08c8 [ D3DC45553C8025338E08A60E95B1B91D, 03F90660E6AF758A32A15172E00D25CB3804EBC4264628DC2FDCF5ACB4E2C6A7 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:57:56.0578 0x08c8 ClipSrv - ok
09:57:56.0625 0x08c8 [ 3C4D595E7F9B747325AEF28B4ADCAAE5, 4A283F3E2E659DA996EC16BC8181E9F521BDFDFCF246D0E432D65D2672AC9629 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:57:56.0687 0x08c8 clr_optimization_v2.0.50727_32 - ok
09:57:56.0734 0x08c8 [ 4266BE808F85826AEDF3C64C1E240203, D1EF8B2C35C21BA122C44F8C55F57B2FA36D37B08A15CFCCE085A4810FAC1FF9 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:57:56.0734 0x08c8 CmBatt - ok
09:57:56.0734 0x08c8 CmdIde - ok
09:57:56.0750 0x08c8 [ DF1B1A24BF52D0EBC01ED4ECE8979F50, 78C5E7BE2FFA6A0709F3095AB006C86E3991AFC9E9B5ABEC94C3E8DF2EA2169D ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:57:56.0750 0x08c8 Compbatt - ok
09:57:56.0765 0x08c8 COMSysApp - ok
09:57:56.0781 0x08c8 Cpqarray - ok
09:57:56.0843 0x08c8 [ 70D2A1756F4B2067658A186C963FCABD, 3B80C01D40C32F6ACD6394A7B4D47341251D5ECDA4E71707B98154A71BFA4563 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:57:56.0843 0x08c8 CryptSvc - ok
09:57:56.0859 0x08c8 dac2w2k - ok
09:57:56.0859 0x08c8 dac960nt - ok
09:57:56.0921 0x08c8 [ C72C15EE57E248C66E57C76CAB086CF2, 2CDFC82E31E58B4BF80F33DFB69D62ED55EAB118AD7BFEE5138DE0DF3F8F2543 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:57:56.0937 0x08c8 DcomLaunch - ok
09:57:56.0953 0x08c8 [ 562830EFB7CF367FB773FEA5256E67C8, FFB284845FF636D8C0BF77AEEAEF5E9E560A65943D6C456B731E455B35D2531A ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:57:56.0953 0x08c8 Dhcp - ok
09:57:56.0984 0x08c8 [ 00CA44E4534865F8A3B64F7C0984BFF0, 3FD73CCD9892F6CFEE776CB384C2E35FA15F4101D308A67E1358F85299501E3D ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:57:56.0984 0x08c8 Disk - ok
09:57:57.0000 0x08c8 dmadmin - ok
09:57:57.0078 0x08c8 [ E1968EDEC81C430108FEB23AB07BDB14, 2FF6FF66826ECF3F921C45339DB9FE5C31855BB65A68F3392A96D054127584AA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:57:57.0109 0x08c8 dmboot - ok
09:57:57.0140 0x08c8 [ 1B1520A82E396E46B9AE9FA6B03FF6C6, 13E7D812B775F2CE29CC55090E47D43546B027610042839E5E7F5F1643B683F7 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:57:57.0156 0x08c8 dmio - ok
09:57:57.0187 0x08c8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:57:57.0187 0x08c8 dmload - ok
09:57:57.0234 0x08c8 [ 7B3CA72885923EB947221F17F3E3AC59, 4C01BF4C9CF1A976C0A37AD97ED2D6C782AE6231B3B63B3749ABA76228DE2182 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:57:57.0234 0x08c8 dmserver - ok
09:57:57.0281 0x08c8 [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:57:57.0281 0x08c8 DMusic - ok
09:57:57.0296 0x08c8 [ F605B3F5674D67587C4B6C9E92A3E025, B48339F570467AA5E7FB4256A14280963A37EDC38D5C9D7097C9172420E48572 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:57:57.0296 0x08c8 Dnscache - ok
09:57:57.0296 0x08c8 dpti2o - ok
09:57:57.0328 0x08c8 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:57:57.0328 0x08c8 drmkaud - ok
09:57:57.0375 0x08c8 [ 5AEE9EEDCFBF2B0F9DEC53C27EE722A3, AC502A476B207355BA48BEC3B6D79AA6C414EE01716B2EF5CFDF05B8E9112D88 ] EMSCR C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
09:57:57.0375 0x08c8 EMSCR - ok
09:57:57.0406 0x08c8 [ D6F7428B201E33BC80066B47144CB568, 8E9E90D4D6DCE7F006A6904E86A2559B263D19A4F921F44E97079EF9C9C220F9 ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:57:57.0406 0x08c8 ERSvc - ok
09:57:57.0406 0x08c8 [ 8E56AB21D10C368029CEA57DE47D79C2, 540109D627ED27AE034B81F1FBF3CC97717ADA4EF934A4AAC076F14DD7C8B195 ] ESDCR C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
09:57:57.0421 0x08c8 ESDCR - ok
09:57:57.0421 0x08c8 [ 0A58FADE5E12D3A611427292073362CB, 8CD7ADFF3C594632E049B7900B6CE7A73257C6BE856DB015DCF3183DB6E4745D ] ESMCR C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
09:57:57.0437 0x08c8 ESMCR - ok
09:57:57.0453 0x08c8 [ 6E401E61F952FBBF708AFBECEFAFAE81, 31D7A402BE7997F0BF902CB8A150DB54C7309C882DE3D8A8E74338CF1BD268D7 ] Eventlog C:\WINDOWS\system32\services.exe
09:57:57.0468 0x08c8 Eventlog - ok
09:57:57.0484 0x08c8 [ 972378B907070F64932A87C90A035487, 7D0F6FD6CBF285C517F05B168394676ADE83FB80434128002ADD90328AFDEACA ] EventSystem C:\WINDOWS\system32\es.dll
09:57:57.0500 0x08c8 EventSystem - ok
09:57:57.0562 0x08c8 [ 3117F595E9615E04F05A54FC15A03B20, 4708E8F1CDE6E9663B5DBEBAB8C684B16E45D41AEF20E4071D0A2931B305BD76 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:57:57.0562 0x08c8 Fastfat - ok
09:57:57.0593 0x08c8 [ 8BA76BD2A943F642F267A296A15776D2, 6338382F0C17E4F6454298D19FDF05CA5E22A63586A3D8E37B7E24478E35DF51 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:57:57.0609 0x08c8 FastUserSwitchingCompatibility - ok
09:57:57.0625 0x08c8 [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:57:57.0625 0x08c8 Fdc - ok
09:57:57.0687 0x08c8 [ 266DAB58619B17BDF37FABBD48D875CA, 33B6E2AF9B78B6B47768102321868B8A75C49B66849DAEEA2F8E6753BBE28F2D ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:57:57.0687 0x08c8 Fips - ok
09:57:57.0703 0x08c8 [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:57:57.0703 0x08c8 Flpydisk - ok
09:57:57.0734 0x08c8 [ 157754F0DF355A9E0A6F54721914F9C6, 1EB1424D98000FE80901287F9D51DDD18132B7C2CFEC4C7767F32F71DC2F64F9 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:57:57.0734 0x08c8 FltMgr - ok
09:57:57.0750 0x08c8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:57:57.0750 0x08c8 Fs_Rec - ok
09:57:57.0781 0x08c8 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:57:57.0781 0x08c8 Ftdisk - ok
09:57:57.0812 0x08c8 [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:57:57.0812 0x08c8 Gpc - ok
09:57:57.0859 0x08c8 [ 3FCC124B6E08EE0E9351F717DD136939, EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:57:57.0859 0x08c8 HDAudBus - ok
09:57:57.0906 0x08c8 [ F59152272782FED8A8197FA788287F68, BB4E79979FD8F68C9F7061C06E9300120DCDC3B74BAD20300ECF8A7D4F48CE3C ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:57:57.0921 0x08c8 helpsvc - ok
09:57:57.0937 0x08c8 [ D2DCF769E5A70027058AD5BE1F9B55BF, 3C4CE4A4BA6F7E5BFB910BFEE28B64E4437B1E08A3D5A1FEB0FB13104407E5E9 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:57:57.0937 0x08c8 HidServ - ok
09:57:57.0968 0x08c8 [ 1DE6783B918F540149AA69943BDFEBA8, 6ED28109CA0A7738857D840E369EAB91C1605F2643950762D327CCE241C135A1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:57:57.0968 0x08c8 hidusb - ok
09:57:57.0984 0x08c8 hpn - ok
09:57:58.0046 0x08c8 [ C19B522A9AE0BBC3293397F3055E80A1, C04F067E06798E50AE90743F6ACB53FEB83DC749C76F97C962B14616A49E15CE ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:57:58.0062 0x08c8 HTTP - ok
09:57:58.0093 0x08c8 [ DA826826C5C9116F47E0CD0CA8CC7C11, 4360B34629C7267D9298F42F29940CE78A33674CD7F2F74B400A40D4683BD274 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:57:58.0093 0x08c8 HTTPFilter - ok
09:57:58.0109 0x08c8 i2omgmt - ok
09:57:58.0125 0x08c8 i2omp - ok
09:57:58.0140 0x08c8 [ 0F42DE9909B5DBF2C48DD1A79D491AF5, 0846D23DC158F5AE4585596A3BF4F5CC8C2BB4DA30CC7C627A0C47C73BAD7726 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:57:58.0156 0x08c8 i8042prt - ok
09:57:58.0187 0x08c8 [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:57:58.0187 0x08c8 Imapi - ok
09:57:58.0250 0x08c8 [ CF9D286B34CB4912F3B28B4972D5CB33, EB8B65842D6767511956BFF4FD32F4B1098D23EBC34B11ABB9CAEE0A2846F012 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:57:58.0250 0x08c8 ImapiService - ok
09:57:58.0265 0x08c8 ini910u - ok
09:57:58.0640 0x08c8 [ B2957D6C1226F029230DAC2C46D34286, C581D967C96DD3EC1DFFEDF01087A3042FED333CFF389698FCC7396B79B8C13F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:57:58.0796 0x08c8 IntcAzAudAddService - ok
09:57:58.0828 0x08c8 IntelIde - ok
09:57:58.0859 0x08c8 [ 4448006B6BC60E6C027932CFC38D6855, C377235EBE475C281ACB6A3267F12D8FE623433F05134A6CE50562414F94D7B1 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:57:58.0859 0x08c8 Ip6Fw - ok
09:57:58.0890 0x08c8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:57:58.0906 0x08c8 IpFilterDriver - ok
09:57:58.0906 0x08c8 [ E1EC7F5DA720B640CD8FB8424F1B14BB, E5CF9F43D8C8028E8F29CAF8AD1E2179E5B02DCAA430900672FCB4C4EE288EF0 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:57:58.0906 0x08c8 IpInIp - ok
09:57:58.0953 0x08c8 [ B5A8E215AC29D24D60B4D1250EF05ACE, D1D47DCF9F35325549833710BD9B1C431698819914212FF6A328DD338FBA0E1D ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:57:58.0953 0x08c8 IpNat - ok
09:57:59.0000 0x08c8 [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:57:59.0000 0x08c8 IPSec - ok
09:57:59.0031 0x08c8 [ 50708DAA1B1CBB7D6AC1CF8F56A24410, A5657038A66B83472B456246E58884D5DF2E5B63BD176AE3DFFB6D5B6998E8B7 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:57:59.0031 0x08c8 IRENUM - ok
09:57:59.0062 0x08c8 [ 1091528512E4DD7ED5FDDCC4DF1C53D7, 81F1AFFD064E783BE5F2377C580612C9D8FEA05D792078452BD6BCC0FE04B1A4 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:57:59.0062 0x08c8 isapnp - ok
09:57:59.0171 0x08c8 [ CC54FD59486BEF7CE70275FAC2FD9D34, 78F4B353CC8672B634EDF76D7366FFF1E67A8CE0B719FDD749CF430225511FDE ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
09:57:59.0171 0x08c8 JavaQuickStarterService - ok
09:57:59.0234 0x08c8 [ 6F877BF8DC01A550CD666F3BEDB2213C, F48BDC5E300D5598F585D9698F1884D86006938240521512B21C59213ADCDE2A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:57:59.0234 0x08c8 Kbdclass - ok
09:57:59.0281 0x08c8 [ 065B5A83AA78C0C7047BF22E0AB5C821, 219C328A8DE8929E34364EE0599153E62F3BC91138647C58F5171BB69DDF72C9 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:57:59.0281 0x08c8 kbdhid - ok
09:57:59.0312 0x08c8 [ D93CAD07C5683DB066B0B2D2D3790EAD, 4C96F68F9914DCCDAFB5D6FC1A765ADFF37C6E4675AF0EF20AA1EDFF04CE27AD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:57:59.0328 0x08c8 kmixer - ok
09:57:59.0343 0x08c8 [ EB7FFE87FD367EA8FCA0506F74A87FBB, 5D318CD7DB88473A6FFB74939FF62EB8DD0E6C79847844212D7168095F635531 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:57:59.0343 0x08c8 KSecDD - ok
09:57:59.0390 0x08c8 [ 6D6BDD68B775986577C48A8DF961A05C, D6D2B5BC2707E39848BE7B03DFD14F1D1E52BBFE24AC54247D520B00468B084E ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:57:59.0390 0x08c8 lanmanserver - ok
09:57:59.0421 0x08c8 [ 69B0569AAE33F0D5057CA0E8577AAF07, A0D9FB370A259E50EE4BF89CD8EA7AE2A81283DE146087D064BCAC5F0BBFEB50 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:57:59.0437 0x08c8 lanmanworkstation - ok
09:57:59.0437 0x08c8 lbrtfdc - ok
09:57:59.0468 0x08c8 [ F9EE6D2AAB0690B34AE35BA9921A1414, 7FD7397E9B8F23D00E060462AA8DE4E4E7D786602D7BD95EE0685142F46DA6F2 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:57:59.0468 0x08c8 LmHosts - ok
09:57:59.0500 0x08c8 [ 8B2FCBD881879B55BE40B41F12FFC431, D79E98D5209CB94F6AFC7CFCB1ABAF7525E124B05F339B6B4AC49B57812745C9 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:57:59.0500 0x08c8 Messenger - ok
09:57:59.0531 0x08c8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:57:59.0531 0x08c8 mnmdd - ok
09:57:18.0906 0x0e68 ============================================================
09:57:18.0906 0x0e68 Current date / time: 2014/05/20 09:57:18.0906
09:57:18.0906 0x0e68 SystemInfo:
09:57:18.0906 0x0e68
09:57:18.0906 0x0e68 OS Version: 5.1.2600 ServicePack: 2.0
09:57:18.0906 0x0e68 Product type: Workstation
09:57:18.0906 0x0e68 ComputerName: NIKOLAS-17CD13B
09:57:18.0906 0x0e68 UserName: nikolas
09:57:18.0906 0x0e68 Windows directory: C:\WINDOWS
09:57:18.0906 0x0e68 System windows directory: C:\WINDOWS
09:57:18.0906 0x0e68 Processor architecture: Intel x86
09:57:18.0906 0x0e68 Number of processors: 1
09:57:18.0906 0x0e68 Page size: 0x1000
09:57:18.0906 0x0e68 Boot type: Normal boot
09:57:18.0906 0x0e68 ============================================================
09:57:22.0687 0x0e68 KLMD registered as C:\WINDOWS\system32\drivers\74275640.sys
09:57:23.0250 0x0e68 System UUID: {4FB2FDDC-75EC-432F-93EB-1C3A379F48B6}
09:57:24.0140 0x0e68 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:57:24.0140 0x0e68 Drive \Device\Harddisk1\DR2 - Size: 0x1540000 (0.02 Gb), SectorSize: 0x200, Cylinders: 0x2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:57:24.0140 0x0e68 Drive \Device\Harddisk2\DR3 - Size: 0xA00000 (0.01 Gb), SectorSize: 0x200, Cylinders: 0x1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:57:24.0234 0x0e68 ============================================================
09:57:24.0234 0x0e68 \Device\Harddisk0\DR0:
09:57:24.0234 0x0e68 MBR partitions:
09:57:24.0234 0x0e68 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
09:57:24.0234 0x0e68 \Device\Harddisk1\DR2:
09:57:24.0343 0x0e68 MBR partitions:
09:57:24.0343 0x0e68 \Device\Harddisk2\DR3:
09:57:24.0437 0x0e68 MBR partitions:
09:57:24.0437 0x0e68 ============================================================
09:57:24.0468 0x0e68 C: <-> \Device\Harddisk0\DR0\Partition1
09:57:24.0468 0x0e68 ============================================================
09:57:24.0468 0x0e68 Initialize success
09:57:24.0468 0x0e68 ============================================================
09:57:38.0234 0x08c8 ============================================================
09:57:38.0234 0x08c8 Scan started
09:57:38.0234 0x08c8 Mode: Manual;
09:57:38.0234 0x08c8 ============================================================
09:57:38.0234 0x08c8 KSN ping started
09:57:51.0875 0x08c8 KSN ping finished: true
09:57:52.0500 0x08c8 ================ Scan system memory ========================
09:57:52.0500 0x08c8 System memory - ok
09:57:52.0500 0x08c8 ================ Scan services =============================
09:57:52.0593 0x08c8 Abiosdsk - ok
09:57:52.0609 0x08c8 abp480n5 - ok
09:57:52.0687 0x08c8 [ FA2FBCDA96D2385F773B059FE5A125A6, 247ADDAF3E318342F4DEA0234560AE4252738194563584D66C1E5AD44DFF182F ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:57:52.0703 0x08c8 ACPI - ok
09:57:52.0859 0x08c8 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:57:52.0859 0x08c8 ACPIEC - ok
09:57:52.0968 0x08c8 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:57:52.0984 0x08c8 AdobeFlashPlayerUpdateSvc - ok
09:57:53.0000 0x08c8 adpu160m - ok
09:57:53.0078 0x08c8 [ 841F385C6CFAF66B58FBD898722BB4F0, 0DA17CCA27DF5C7245959249162A5393B2E36B7C9A3A3525AE1371DE6AE698A3 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:57:53.0078 0x08c8 aec - ok
09:57:53.0125 0x08c8 [ 5AC495F4CB807B2B98AD2AD591E6D92E, F645FAD628EC81C3D2555862BEE8DF3975FD9EAE326885528E773B2F148D70FB ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:57:53.0125 0x08c8 AFD - ok
09:57:53.0140 0x08c8 Aha154x - ok
09:57:53.0140 0x08c8 aic78u2 - ok
09:57:53.0156 0x08c8 aic78xx - ok
09:57:53.0203 0x08c8 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1, 2982A70AF1C9DD7A86B104D1A86ECA08753ED06D68FAE74FAE232828A80BF88C ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:57:53.0203 0x08c8 Alerter - ok
09:57:53.0234 0x08c8 [ B3F690BF43F93A012A52F28F234FAA1B, 72B520D2F1F0A510AC49170CECC909F01FB550683C6740726F11B5BE96E610CF ] ALG C:\WINDOWS\System32\alg.exe
09:57:53.0234 0x08c8 ALG - ok
09:57:53.0250 0x08c8 AliIde - ok
09:57:53.0312 0x08c8 [ D2B80A58ED4082DA1D2F382F64621DC9, 10BAFE11CA5FCC60B7A4420F619E5C6DF0960244D1578CD0C6898E190C469FB0 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
09:57:53.0312 0x08c8 AmdK8 - ok
09:57:53.0312 0x08c8 amsint - ok
09:57:53.0328 0x08c8 AppMgmt - ok
09:57:53.0406 0x08c8 [ 89873AEBBF0309393F0737E26D891209, B9A2580F84C2FD4CA50C50330DC9C853230CF6439E7876A067DD35626E7555E7 ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys
09:57:53.0421 0x08c8 AR5211 - ok
09:57:53.0437 0x08c8 asc - ok
09:57:53.0453 0x08c8 asc3350p - ok
09:57:53.0453 0x08c8 asc3550 - ok
09:57:53.0546 0x08c8 [ D33C507942299753868204CC7642FA27, 4E7096D6F4B1176C4823540427219988AC9180E70954D3BF32A6C15ED1332670 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:57:53.0546 0x08c8 aspnet_state - ok
09:57:53.0562 0x08c8 [ 02000ABF34AF4C218C35D257024807D6, FDE21F7FCB198A44A6F2BCAF5EB11C9D90A094B4A2F8C307244A7655848954DA ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:57:53.0562 0x08c8 AsyncMac - ok
09:57:53.0625 0x08c8 [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:57:53.0625 0x08c8 atapi - ok
09:57:53.0640 0x08c8 Atdisk - ok
09:57:53.0718 0x08c8 [ E9B73D638608B5B20608DB28186D3494, 1EFF676C5E6F4EA9257AF2CE698BDA4CA196AA7CAF458E43A472957685038ECD ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
09:57:53.0734 0x08c8 Ati HotKey Poller - ok
09:57:54.0046 0x08c8 [ 2922CD8A5D913E737D4E7A634042E154, 2C6137406FB6C9818D70B327B74CD4A71826DBB3EBD5BB68BECEC361CA8D8393 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:57:54.0093 0x08c8 ati2mtag - ok
09:57:54.0156 0x08c8 [ EC88DA854AB7D7752EC8BE11A741BB7F, 91FAF224CB4B44608C85CC25C3A82A3EC83F379D14A119A60A75505A30043255 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:57:54.0156 0x08c8 Atmarpc - ok
09:57:54.0234 0x08c8 [ 40D78F514C8588EF12EC718D2AF0FC4E, E8ABE9E67D6E35D53387B8F6EF11284EC330B8E94784A506F3756D4A39E4F184 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:57:54.0234 0x08c8 AudioSrv - ok
09:57:54.0328 0x08c8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:57:54.0328 0x08c8 audstub - ok
09:57:54.0406 0x08c8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:57:54.0406 0x08c8 Beep - ok
09:57:54.0578 0x08c8 [ E774A26610EC92674273486612C11CFC, 10BF77510872A4E1262FCE42F1254313E193D0804C90DC334C4249D477CB9A08 ] BITS C:\WINDOWS\system32\qmgr.dll
09:57:54.0625 0x08c8 BITS - ok
09:57:54.0703 0x08c8 [ F219E27E88107A50544153898DD8178E, 4E48E64AAF302F1FAF66F8F14BC22D2DA2E0C62E4C7E6CEE6F9705A04D75E0F6 ] Browser C:\WINDOWS\System32\browser.dll
09:57:54.0718 0x08c8 Browser - ok
09:57:54.0828 0x08c8 [ F73D41FD3653FE64CC79610F7B240472, AB1CF98D4C7F1CAB8A4F9A4D4DA3CCD37624466F923B8BB2B9B2B81FE26C2622 ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
09:57:54.0843 0x08c8 btaudio - ok
09:57:54.0953 0x08c8 [ 4854ED2EE57769B9527680978A9DD5B4, 82527DD7CF90F3494C17289061D7406D0FB02DCA9B81A85458A591FEF663942D ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
09:57:54.0953 0x08c8 BTDriver - ok
09:57:55.0015 0x08c8 [ D24B8D1784C68A25060FFFBE8ED34B76, E96FBABDB2B24050DD963C0CF39980DFBADB4DCE03CF5DC1C7CB0AE72A644608 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
09:57:55.0015 0x08c8 BthEnum - ok
09:57:55.0078 0x08c8 [ 10355270BE12641B9764235DA39DCF0F, 325EECDF0B062BDF0CE76BC0B42885197315CFDEAF3336566B5EFCA0860FF0F0 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
09:57:55.0078 0x08c8 BthPan - ok
09:57:55.0156 0x08c8 [ C4084076346FF43F3005477644710657, 34DB61913DD97128AC476DC2AD2A424D49CF2021D9F3438552DCCEE654DF4B5B ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
09:57:55.0171 0x08c8 BTHPORT - ok
09:57:55.0234 0x08c8 [ 4F17674870D7729F8CF0A78F85CBB5D6, 63F588C067E2CE999248D20D2FC256A311095BDF6D19C61BF699F6042C2A3302 ] BthServ C:\WINDOWS\System32\bthserv.dll
09:57:55.0234 0x08c8 BthServ - ok
09:57:55.0265 0x08c8 [ F06D4CB9918B462A84D9AC00027EFC30, 1F949DF5B768FB176A0203CD2C1260C15C7B4C5A3658230DA3BD7D8014614FD3 ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
09:57:55.0265 0x08c8 BTHUSB - ok
09:57:55.0562 0x08c8 [ 4EBD4EBFF01617FBDA6CE7963F150918, B526CE319BC2E1EB5D97BF41E47B609A73280DB18A57C40C060AA9D9A0D8C013 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
09:57:55.0593 0x08c8 BTKRNL - ok
09:57:55.0656 0x08c8 [ 6D9F1D03D4EBA886E1626D856762B4F0, 7B5C090EFB26022A57076441DF55ABE84758D0CB97D1B907FAA55D8EBDF5EB03 ] BTSERIAL C:\WINDOWS\system32\drivers\btserial.sys
09:57:55.0656 0x08c8 BTSERIAL - ok
09:57:56.0000 0x08c8 [ D9E3B5AAD23BF7EFA6A5DE3C855E0DA2, F4ECA9A1C68C3F4BA0B99C332F8DE02618398F68993EFC3099B357FF17100CCF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
09:57:56.0000 0x08c8 btwdins - ok
09:57:56.0125 0x08c8 [ 96708D343264ABAF8AD93C464B2FC9CA, AE40866537F09756E5DAEED67608ADACB09EDF90F176BDAE2B77198A32CD34C2 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
09:57:56.0125 0x08c8 BTWDNDIS - ok
09:57:56.0281 0x08c8 [ B2C100ADE3A01B663CAA7EB68EE80A51, CF5BFB642F038B1E261DD7723962A16C7C654D2FCBE1309B20D2AC44F4B2E2C4 ] Cam5603D C:\WINDOWS\system32\Drivers\BisonCam.sys
09:57:56.0296 0x08c8 Cam5603D - ok
09:57:56.0359 0x08c8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:57:56.0359 0x08c8 cbidf2k - ok
09:57:56.0390 0x08c8 [ 6163ED60B684BAB19D3352AB22FC48B2, 5A7ED636D8B2178EA21FA986CC9168DEF258AA4FFB9DCD792A81A1D615AC5D5E ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:57:56.0390 0x08c8 CCDECODE - ok
09:57:56.0390 0x08c8 cd20xrnt - ok
09:57:56.0421 0x08c8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:57:56.0421 0x08c8 Cdaudio - ok
09:57:56.0468 0x08c8 [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:57:56.0468 0x08c8 Cdfs - ok
09:57:56.0515 0x08c8 [ AF9C19B3100FE010496B1A27181FBF72, 64E9E4461F631EED2B2A1FC80DCC9C31DCECB5738289D322E6A6428C840DC621 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:57:56.0531 0x08c8 Cdrom - ok
09:57:56.0531 0x08c8 Changer - ok
09:57:56.0562 0x08c8 [ 9E21229E04E1D301BB40222FE4641CB2, 4D2CFD04DB9A71A3DE9159A4514BDD59884556EFF137D43C98FD322A63BF86DA ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:57:56.0562 0x08c8 CiSvc - ok
09:57:56.0578 0x08c8 [ D3DC45553C8025338E08A60E95B1B91D, 03F90660E6AF758A32A15172E00D25CB3804EBC4264628DC2FDCF5ACB4E2C6A7 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:57:56.0578 0x08c8 ClipSrv - ok
09:57:56.0625 0x08c8 [ 3C4D595E7F9B747325AEF28B4ADCAAE5, 4A283F3E2E659DA996EC16BC8181E9F521BDFDFCF246D0E432D65D2672AC9629 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:57:56.0687 0x08c8 clr_optimization_v2.0.50727_32 - ok
09:57:56.0734 0x08c8 [ 4266BE808F85826AEDF3C64C1E240203, D1EF8B2C35C21BA122C44F8C55F57B2FA36D37B08A15CFCCE085A4810FAC1FF9 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:57:56.0734 0x08c8 CmBatt - ok
09:57:56.0734 0x08c8 CmdIde - ok
09:57:56.0750 0x08c8 [ DF1B1A24BF52D0EBC01ED4ECE8979F50, 78C5E7BE2FFA6A0709F3095AB006C86E3991AFC9E9B5ABEC94C3E8DF2EA2169D ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:57:56.0750 0x08c8 Compbatt - ok
09:57:56.0765 0x08c8 COMSysApp - ok
09:57:56.0781 0x08c8 Cpqarray - ok
09:57:56.0843 0x08c8 [ 70D2A1756F4B2067658A186C963FCABD, 3B80C01D40C32F6ACD6394A7B4D47341251D5ECDA4E71707B98154A71BFA4563 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:57:56.0843 0x08c8 CryptSvc - ok
09:57:56.0859 0x08c8 dac2w2k - ok
09:57:56.0859 0x08c8 dac960nt - ok
09:57:56.0921 0x08c8 [ C72C15EE57E248C66E57C76CAB086CF2, 2CDFC82E31E58B4BF80F33DFB69D62ED55EAB118AD7BFEE5138DE0DF3F8F2543 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:57:56.0937 0x08c8 DcomLaunch - ok
09:57:56.0953 0x08c8 [ 562830EFB7CF367FB773FEA5256E67C8, FFB284845FF636D8C0BF77AEEAEF5E9E560A65943D6C456B731E455B35D2531A ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:57:56.0953 0x08c8 Dhcp - ok
09:57:56.0984 0x08c8 [ 00CA44E4534865F8A3B64F7C0984BFF0, 3FD73CCD9892F6CFEE776CB384C2E35FA15F4101D308A67E1358F85299501E3D ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:57:56.0984 0x08c8 Disk - ok
09:57:57.0000 0x08c8 dmadmin - ok
09:57:57.0078 0x08c8 [ E1968EDEC81C430108FEB23AB07BDB14, 2FF6FF66826ECF3F921C45339DB9FE5C31855BB65A68F3392A96D054127584AA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:57:57.0109 0x08c8 dmboot - ok
09:57:57.0140 0x08c8 [ 1B1520A82E396E46B9AE9FA6B03FF6C6, 13E7D812B775F2CE29CC55090E47D43546B027610042839E5E7F5F1643B683F7 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:57:57.0156 0x08c8 dmio - ok
09:57:57.0187 0x08c8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:57:57.0187 0x08c8 dmload - ok
09:57:57.0234 0x08c8 [ 7B3CA72885923EB947221F17F3E3AC59, 4C01BF4C9CF1A976C0A37AD97ED2D6C782AE6231B3B63B3749ABA76228DE2182 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:57:57.0234 0x08c8 dmserver - ok
09:57:57.0281 0x08c8 [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:57:57.0281 0x08c8 DMusic - ok
09:57:57.0296 0x08c8 [ F605B3F5674D67587C4B6C9E92A3E025, B48339F570467AA5E7FB4256A14280963A37EDC38D5C9D7097C9172420E48572 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:57:57.0296 0x08c8 Dnscache - ok
09:57:57.0296 0x08c8 dpti2o - ok
09:57:57.0328 0x08c8 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:57:57.0328 0x08c8 drmkaud - ok
09:57:57.0375 0x08c8 [ 5AEE9EEDCFBF2B0F9DEC53C27EE722A3, AC502A476B207355BA48BEC3B6D79AA6C414EE01716B2EF5CFDF05B8E9112D88 ] EMSCR C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
09:57:57.0375 0x08c8 EMSCR - ok
09:57:57.0406 0x08c8 [ D6F7428B201E33BC80066B47144CB568, 8E9E90D4D6DCE7F006A6904E86A2559B263D19A4F921F44E97079EF9C9C220F9 ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:57:57.0406 0x08c8 ERSvc - ok
09:57:57.0406 0x08c8 [ 8E56AB21D10C368029CEA57DE47D79C2, 540109D627ED27AE034B81F1FBF3CC97717ADA4EF934A4AAC076F14DD7C8B195 ] ESDCR C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
09:57:57.0421 0x08c8 ESDCR - ok
09:57:57.0421 0x08c8 [ 0A58FADE5E12D3A611427292073362CB, 8CD7ADFF3C594632E049B7900B6CE7A73257C6BE856DB015DCF3183DB6E4745D ] ESMCR C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
09:57:57.0437 0x08c8 ESMCR - ok
09:57:57.0453 0x08c8 [ 6E401E61F952FBBF708AFBECEFAFAE81, 31D7A402BE7997F0BF902CB8A150DB54C7309C882DE3D8A8E74338CF1BD268D7 ] Eventlog C:\WINDOWS\system32\services.exe
09:57:57.0468 0x08c8 Eventlog - ok
09:57:57.0484 0x08c8 [ 972378B907070F64932A87C90A035487, 7D0F6FD6CBF285C517F05B168394676ADE83FB80434128002ADD90328AFDEACA ] EventSystem C:\WINDOWS\system32\es.dll
09:57:57.0500 0x08c8 EventSystem - ok
09:57:57.0562 0x08c8 [ 3117F595E9615E04F05A54FC15A03B20, 4708E8F1CDE6E9663B5DBEBAB8C684B16E45D41AEF20E4071D0A2931B305BD76 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:57:57.0562 0x08c8 Fastfat - ok
09:57:57.0593 0x08c8 [ 8BA76BD2A943F642F267A296A15776D2, 6338382F0C17E4F6454298D19FDF05CA5E22A63586A3D8E37B7E24478E35DF51 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:57:57.0609 0x08c8 FastUserSwitchingCompatibility - ok
09:57:57.0625 0x08c8 [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:57:57.0625 0x08c8 Fdc - ok
09:57:57.0687 0x08c8 [ 266DAB58619B17BDF37FABBD48D875CA, 33B6E2AF9B78B6B47768102321868B8A75C49B66849DAEEA2F8E6753BBE28F2D ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:57:57.0687 0x08c8 Fips - ok
09:57:57.0703 0x08c8 [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:57:57.0703 0x08c8 Flpydisk - ok
09:57:57.0734 0x08c8 [ 157754F0DF355A9E0A6F54721914F9C6, 1EB1424D98000FE80901287F9D51DDD18132B7C2CFEC4C7767F32F71DC2F64F9 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:57:57.0734 0x08c8 FltMgr - ok
09:57:57.0750 0x08c8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:57:57.0750 0x08c8 Fs_Rec - ok
09:57:57.0781 0x08c8 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:57:57.0781 0x08c8 Ftdisk - ok
09:57:57.0812 0x08c8 [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:57:57.0812 0x08c8 Gpc - ok
09:57:57.0859 0x08c8 [ 3FCC124B6E08EE0E9351F717DD136939, EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:57:57.0859 0x08c8 HDAudBus - ok
09:57:57.0906 0x08c8 [ F59152272782FED8A8197FA788287F68, BB4E79979FD8F68C9F7061C06E9300120DCDC3B74BAD20300ECF8A7D4F48CE3C ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:57:57.0921 0x08c8 helpsvc - ok
09:57:57.0937 0x08c8 [ D2DCF769E5A70027058AD5BE1F9B55BF, 3C4CE4A4BA6F7E5BFB910BFEE28B64E4437B1E08A3D5A1FEB0FB13104407E5E9 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:57:57.0937 0x08c8 HidServ - ok
09:57:57.0968 0x08c8 [ 1DE6783B918F540149AA69943BDFEBA8, 6ED28109CA0A7738857D840E369EAB91C1605F2643950762D327CCE241C135A1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:57:57.0968 0x08c8 hidusb - ok
09:57:57.0984 0x08c8 hpn - ok
09:57:58.0046 0x08c8 [ C19B522A9AE0BBC3293397F3055E80A1, C04F067E06798E50AE90743F6ACB53FEB83DC749C76F97C962B14616A49E15CE ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:57:58.0062 0x08c8 HTTP - ok
09:57:58.0093 0x08c8 [ DA826826C5C9116F47E0CD0CA8CC7C11, 4360B34629C7267D9298F42F29940CE78A33674CD7F2F74B400A40D4683BD274 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:57:58.0093 0x08c8 HTTPFilter - ok
09:57:58.0109 0x08c8 i2omgmt - ok
09:57:58.0125 0x08c8 i2omp - ok
09:57:58.0140 0x08c8 [ 0F42DE9909B5DBF2C48DD1A79D491AF5, 0846D23DC158F5AE4585596A3BF4F5CC8C2BB4DA30CC7C627A0C47C73BAD7726 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:57:58.0156 0x08c8 i8042prt - ok
09:57:58.0187 0x08c8 [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:57:58.0187 0x08c8 Imapi - ok
09:57:58.0250 0x08c8 [ CF9D286B34CB4912F3B28B4972D5CB33, EB8B65842D6767511956BFF4FD32F4B1098D23EBC34B11ABB9CAEE0A2846F012 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:57:58.0250 0x08c8 ImapiService - ok
09:57:58.0265 0x08c8 ini910u - ok
09:57:58.0640 0x08c8 [ B2957D6C1226F029230DAC2C46D34286, C581D967C96DD3EC1DFFEDF01087A3042FED333CFF389698FCC7396B79B8C13F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:57:58.0796 0x08c8 IntcAzAudAddService - ok
09:57:58.0828 0x08c8 IntelIde - ok
09:57:58.0859 0x08c8 [ 4448006B6BC60E6C027932CFC38D6855, C377235EBE475C281ACB6A3267F12D8FE623433F05134A6CE50562414F94D7B1 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:57:58.0859 0x08c8 Ip6Fw - ok
09:57:58.0890 0x08c8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:57:58.0906 0x08c8 IpFilterDriver - ok
09:57:58.0906 0x08c8 [ E1EC7F5DA720B640CD8FB8424F1B14BB, E5CF9F43D8C8028E8F29CAF8AD1E2179E5B02DCAA430900672FCB4C4EE288EF0 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:57:58.0906 0x08c8 IpInIp - ok
09:57:58.0953 0x08c8 [ B5A8E215AC29D24D60B4D1250EF05ACE, D1D47DCF9F35325549833710BD9B1C431698819914212FF6A328DD338FBA0E1D ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:57:58.0953 0x08c8 IpNat - ok
09:57:59.0000 0x08c8 [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:57:59.0000 0x08c8 IPSec - ok
09:57:59.0031 0x08c8 [ 50708DAA1B1CBB7D6AC1CF8F56A24410, A5657038A66B83472B456246E58884D5DF2E5B63BD176AE3DFFB6D5B6998E8B7 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:57:59.0031 0x08c8 IRENUM - ok
09:57:59.0062 0x08c8 [ 1091528512E4DD7ED5FDDCC4DF1C53D7, 81F1AFFD064E783BE5F2377C580612C9D8FEA05D792078452BD6BCC0FE04B1A4 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:57:59.0062 0x08c8 isapnp - ok
09:57:59.0171 0x08c8 [ CC54FD59486BEF7CE70275FAC2FD9D34, 78F4B353CC8672B634EDF76D7366FFF1E67A8CE0B719FDD749CF430225511FDE ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
09:57:59.0171 0x08c8 JavaQuickStarterService - ok
09:57:59.0234 0x08c8 [ 6F877BF8DC01A550CD666F3BEDB2213C, F48BDC5E300D5598F585D9698F1884D86006938240521512B21C59213ADCDE2A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:57:59.0234 0x08c8 Kbdclass - ok
09:57:59.0281 0x08c8 [ 065B5A83AA78C0C7047BF22E0AB5C821, 219C328A8DE8929E34364EE0599153E62F3BC91138647C58F5171BB69DDF72C9 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:57:59.0281 0x08c8 kbdhid - ok
09:57:59.0312 0x08c8 [ D93CAD07C5683DB066B0B2D2D3790EAD, 4C96F68F9914DCCDAFB5D6FC1A765ADFF37C6E4675AF0EF20AA1EDFF04CE27AD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:57:59.0328 0x08c8 kmixer - ok
09:57:59.0343 0x08c8 [ EB7FFE87FD367EA8FCA0506F74A87FBB, 5D318CD7DB88473A6FFB74939FF62EB8DD0E6C79847844212D7168095F635531 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:57:59.0343 0x08c8 KSecDD - ok
09:57:59.0390 0x08c8 [ 6D6BDD68B775986577C48A8DF961A05C, D6D2B5BC2707E39848BE7B03DFD14F1D1E52BBFE24AC54247D520B00468B084E ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:57:59.0390 0x08c8 lanmanserver - ok
09:57:59.0421 0x08c8 [ 69B0569AAE33F0D5057CA0E8577AAF07, A0D9FB370A259E50EE4BF89CD8EA7AE2A81283DE146087D064BCAC5F0BBFEB50 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:57:59.0437 0x08c8 lanmanworkstation - ok
09:57:59.0437 0x08c8 lbrtfdc - ok
09:57:59.0468 0x08c8 [ F9EE6D2AAB0690B34AE35BA9921A1414, 7FD7397E9B8F23D00E060462AA8DE4E4E7D786602D7BD95EE0685142F46DA6F2 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:57:59.0468 0x08c8 LmHosts - ok
09:57:59.0500 0x08c8 [ 8B2FCBD881879B55BE40B41F12FFC431, D79E98D5209CB94F6AFC7CFCB1ABAF7525E124B05F339B6B4AC49B57812745C9 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:57:59.0500 0x08c8 Messenger - ok
09:57:59.0531 0x08c8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:57:59.0531 0x08c8 mnmdd - ok
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 119 hostů