Prosim o kontrolu logu.

LightclawSK · Příspěvekod **LightclawSK** » 16 črc 2013 12:15

Dobry den, prosim o kontrolu, pomaly nacitava, pc sa sam restartuje, zasekava.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:01, on 16.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\orant\bin\ifsrv60.exe
C:\WINDOWS\System32\svchost.exe
C:\orant\bin\ifweb60.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lightclaw\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [AshSnap] C:\Program Files\Ashampoo\Ashampoo Snap 6\ashsnap.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = softec.sk
O17 - HKLM\Software\..\Telephony: DomainName = softec.sk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = softec.sk
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: OracleClientCache80 - Unknown owner - C:\orant\BIN\ONRSD80.EXE
O23 - Service: Oracle Forms Server [Forms60Server] (OracleFormsServer-Forms60Server) - Oracle Corporation - C:\orant\bin\ifsrv60.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9937 bytes

Reklama

Příspěvekod **memphisto** » 16 črc 2013 12:53

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

LightclawSK · Příspěvekod **LightclawSK** » 16 črc 2013 13:39

Malwarebytes Anti-Malware log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.07.16.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Lightclaw :: CHARGER [administrátor]

16.7.2013 13:12:43
MBAM-log-2013-07-16 (13-30-24).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 297910
Uplynutý čas: 14 min, 31 sek

Detegované služby pamäte: 1
C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe (PUP.InstallBrain) -> 244 -> Žiadna úloha nevykonaná.

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 2
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (PUP.InstallBrain) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 1
C:\Documents and Settings\All Users\Application Data\IBUpdaterService (PUP.InstallBrain) -> Žiadna úloha nevykonaná.

Detegované súbory: 2
C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe (PUP.InstallBrain) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\All Users\Application Data\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Žiadna úloha nevykonaná.

(koniec)

AdwCleaner log

# AdwCleaner v2.305 - Logfile created 07/16/2013 at 13:35:00
# Updated 11/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Lightclaw - CHARGER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Lightclaw\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

Found : IBUpdaterService

***** [Files / Folders] *****

File Found : C:\Documents and Settings\Lightclaw\Application Data\Mozilla\Firefox\Profiles\kq3d9ct0.default\searchplugins\softonic.xml
File Found : C:\WINDOWS\system32\roboot.exe
Folder Found : C:\Documents and Settings\All Users\Application Data\IBUpdaterService
Folder Found : C:\Documents and Settings\Lightclaw\Application Data\Mozilla\Firefox\Profiles\kq3d9ct0.default\extensions\pluswinks@PlusWinks
Folder Found : C:\Documents and Settings\Lightclaw\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\Lightclaw\Application Data\PerformerSoft
Folder Found : C:\Documents and Settings\Lightclaw\Application Data\SpeedAnalysis2
Folder Found : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Folder Found : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Folder Found : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Folder Found : C:\Program Files\Common Files\spigot

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Key Found : HKCU\Software\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\SmartBar
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IM
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Found : HKLM\Software\systweak

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (sk)

File : C:\Documents and Settings\cintulp\Application Data\Mozilla\Firefox\Profiles\iq8ru6nw.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Lightclaw\Application Data\Mozilla\Firefox\Profiles\kq3d9ct0.default\prefs.js

Found : user_pref("extensions.Softonic.admin", false);
Found : user_pref("extensions.Softonic.aflt", "SD");
Found : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Found : user_pref("extensions.Softonic.autoRvrt", "false");
Found : user_pref("extensions.Softonic.dfltLng", "");
Found : user_pref("extensions.Softonic.dfltSrch", true);
Found : user_pref("extensions.Softonic.dnsErr", true);
Found : user_pref("extensions.Softonic.excTlbr", false);
Found : user_pref("extensions.Softonic.ffxUnstlRst", false);
Found : user_pref("extensions.Softonic.hmpg", true);
Found : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&[...]
Found : user_pref("extensions.Softonic.hpOld0", "hxxp://www.zoznam.sk/");
Found : user_pref("extensions.Softonic.id", "4077360e00000000000000123f86c5d5");
Found : user_pref("extensions.Softonic.instlDay", "15865");
Found : user_pref("extensions.Softonic.instlRef", "INF00176");
Found : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc[...]
Found : user_pref("extensions.Softonic.newTab", true);
Found : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=[...]
Found : user_pref("extensions.Softonic.prdct", "Softonic");
Found : user_pref("extensions.Softonic.prtnrId", "softonic");
Found : user_pref("extensions.Softonic.rvrt", "false");
Found : user_pref("extensions.Softonic.smplGrp", "none");
Found : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Found : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
Found : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource[...]
Found : user_pref("extensions.Softonic.vrsn", "1.8.19.3");
Found : user_pref("extensions.Softonic.vrsnTs", "1.8.19.316:33:55");
Found : user_pref("extensions.Softonic.vrsni", "1.8.19.3");
Found : user_pref("extensions.privitize.srchPrvdr", "Search The Web (privitize)");

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ak6fyeo6.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6059 octets] - [16/07/2013 13:33:35]
AdwCleaner[R2].txt - [6119 octets] - [16/07/2013 13:34:23]
AdwCleaner[R3].txt - [6050 octets] - [16/07/2013 13:35:00]

########## EOF - C:\AdwCleaner[R3].txt - [6110 octets] ##########

Příspěvekod **memphisto** » 16 črc 2013 13:52

V Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
- Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

LightclawSK · Příspěvekod **LightclawSK** » 16 črc 2013 14:51

Malwarebytes Anti-Malware

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.07.16.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Lightclaw :: CHARGER [administrátor]

16.7.2013 14:30:18
mbam-log-2013-07-16 (14-30-18).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 297873
Uplynutý čas: 7 min, 53 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

AdwCleaner

# AdwCleaner v2.305 - Logfile created 07/16/2013 at 14:40:27
# Updated 11/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Lightclaw - CHARGER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Lightclaw\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Deleted on reboot : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Deleted on reboot : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Folder Deleted : C:\Documents and Settings\Lightclaw\Application Data\Mozilla\Firefox\Profiles\kq3d9ct0.default\extensions\pluswinks@PlusWinks
Folder Deleted : C:\Documents and Settings\Lightclaw\Application Data\SpeedAnalysis2
Folder Deleted : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (sk)

File : C:\Documents and Settings\cintulp\Application Data\Mozilla\Firefox\Profiles\iq8ru6nw.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Lightclaw\Application Data\Mozilla\Firefox\Profiles\kq3d9ct0.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ak6fyeo6.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Documents and Settings\Lightclaw\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6059 octets] - [16/07/2013 13:33:35]
AdwCleaner[R2].txt - [6119 octets] - [16/07/2013 13:34:23]
AdwCleaner[R3].txt - [6179 octets] - [16/07/2013 13:35:00]
AdwCleaner[R4].txt - [3523 octets] - [16/07/2013 14:39:49]
AdwCleaner[S1].txt - [3331 octets] - [16/07/2013 14:40:27]

########## EOF - C:\AdwCleaner[S1].txt - [3391 octets] ##########

RogueKiller

RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Lightclaw [Admin rights]
Mode : Scan -- Date : 07/16/2013 14:11:41
| ARK || FAK || MBR |

¤¤¤ Bad processes : 4 ¤¤¤
[SUSP PATH] ZSSnp211.EXE -- C:\WINDOWS\ZSSnp211.EXE [-] -> KILLED [TermProc]
[SUSP PATH] Domino.EXE -- C:\WINDOWS\Domino.EXE [-] -> KILLED [TermProc]
[SUSP PATH] RogueKiller.exe -- C:\Documents and Settings\Lightclaw\Desktop\RogueKiller.exe [-] -> KILLED [TermProc]
[SERVICE] IBUpdaterService -- "C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe" /SERVICE [x] -> STOPPED

¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : ZSSnp211 (C:\WINDOWS\ZSSnp211.exe [-]) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : Domino (C:\WINDOWS\Domino.exe [-]) -> FOUND
[SERVICE][BLVALUE] HKLM\[...]\CCSet\[...]\Services : IBUpdaterService ("C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe" /SERVICE [x]) -> FOUND
[SERVICE][BLVALUE] HKLM\[...]\CS001\[...]\Services : IBUpdaterService ("C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe" /SERVICE [x]) -> FOUND
[SERVICE][BLVALUE] HKLM\[...]\CS003\[...]\Services : IBUpdaterService ("C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe" /SERVICE [x]) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] IRP[IRP_MJ_CREATE_NAMED_PIPE] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_READ] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_WRITE] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_INFORMATION] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_INFORMATION] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_EA] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_EA] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_FLUSH_BUFFERS] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_VOLUME_INFORMATION] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_VOLUME_INFORMATION] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_DIRECTORY_CONTROL] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_FILE_SYSTEM_CONTROL] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SHUTDOWN] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_LOCK_CONTROL] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_CLEANUP] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_CREATE_MAILSLOT] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_SECURITY] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_SECURITY] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_DEVICE_CHANGE] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_QUOTA] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_QUOTA] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)

¤¤¤ External Hives: ¤¤¤
-> E:\windows\system32\config\SYSTEM
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\windows\system32\config\SOFTWARE
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\windows\system32\config\SECURITY
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\windows\system32\config\SAM
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\windows\system32\config\DEFAULT
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\Documents and Settings\admin\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\Documents and Settings\Default User\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\Default User\Start Menu\Programs\Startup
-> E:\Documents and Settings\LocalService\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\LocalService\Start Menu\Programs\Startup
-> E:\Documents and Settings\NetworkService\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\NetworkService\Start Menu\Programs\Startup

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
10.25.1.231 hera.intranet.orange.sk

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: MAXTOR STM3250820A +++++
--- User ---
[MBR] 80c77661c26b6dedb07dea1aab8ff58d
[BSP] 229999cce3bb13fe206d9b1b186a4a60 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: MAXTOR STM3250820A +++++
--- User ---
[MBR] d6b8cb06eed99b158b7b7b41eaca2aab
[BSP] ae203e84dcb456630d870d8f3155a2b5 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 76230 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_07162013_141141.txt >>

Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.1 (07.15.2013:2)
OS: Microsoft Windows XP x86
Ran by Lightclaw on ut 16.07.2013 at 14:18:56,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] ibupdaterservice
Successfully deleted: [Service] ibupdaterservice

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3355AFD6-8962-453F-ABD1-C63555536CC3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D001EAA2-B318-4B80-B200-1D0FD97555CE}

~~~ Files

Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ibupdaterservice"
Successfully deleted: [Folder] "C:\Documents and Settings\Lightclaw\Application Data\opencandy"
Successfully deleted: [Folder] "C:\Documents and Settings\Lightclaw\Application Data\performersoft"
Successfully deleted: [Folder] "C:\Documents and Settings\Lightclaw\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Lightclaw\Application Data\mozilla\firefox\profiles\kq3d9ct0.default\user.js
Successfully deleted: [File] C:\Documents and Settings\Lightclaw\Application Data\mozilla\firefox\profiles\kq3d9ct0.default\searchplugins\privitize.xml
Successfully deleted: [File] C:\Documents and Settings\Lightclaw\Application Data\mozilla\firefox\profiles\kq3d9ct0.default\searchplugins\softonic.xml
Successfully deleted the following from C:\Documents and Settings\Lightclaw\Application Data\mozilla\firefox\profiles\kq3d9ct0.default\prefs.js

user_pref("extensions.Softonic.admin", false);
user_pref("extensions.Softonic.aflt", "SD");
user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
user_pref("extensions.Softonic.autoRvrt", "false");
user_pref("extensions.Softonic.dfltLng", "");
user_pref("extensions.Softonic.dfltSrch", true);
user_pref("extensions.Softonic.dnsErr", true);
user_pref("extensions.Softonic.excTlbr", false);
user_pref("extensions.Softonic.ffxUnstlRst", false);
user_pref("extensions.Softonic.hmpg", true);
user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=4077360e00000000000000123f86c5d5");
user_pref("extensions.Softonic.hpOld0", "hxxp://www.zoznam.sk/");
user_pref("extensions.Softonic.id", "4077360e00000000000000123f86c5d5");
user_pref("extensions.Softonic.instlDay", "15865");
user_pref("extensions.Softonic.instlRef", "INF00176");
user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=4077360e00000000000000123f86c5d5&q=");
user_pref("extensions.Softonic.newTab", true);
user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=4077360e00000000000000123f86c5d5");
user_pref("extensions.Softonic.prdct", "Softonic");
user_pref("extensions.Softonic.prtnrId", "softonic");
user_pref("extensions.Softonic.rvrt", "false");
user_pref("extensions.Softonic.smplGrp", "none");
user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&mi=4077360e00000000000000123f86c5d5&q=");
user_pref("extensions.Softonic.vrsn", "1.8.19.3");
user_pref("extensions.Softonic.vrsnTs", "1.8.19.316:33:55");
user_pref("extensions.Softonic.vrsni", "1.8.19.3");
user_pref("extensions.privitize.admin", false);
user_pref("extensions.privitize.aflt", "5");
user_pref("extensions.privitize.appId", "{301966DF-A84B-4255-AAB9-574B5CE237E4}");
user_pref("extensions.privitize.autoRvrt", "false");
user_pref("extensions.privitize.dfltLng", "");
user_pref("extensions.privitize.dfltSrch", true);
user_pref("extensions.privitize.dnsErr", true);
user_pref("extensions.privitize.excTlbr", false);
user_pref("extensions.privitize.ffxUnstlRst", false);
user_pref("extensions.privitize.hmpg", true);
user_pref("extensions.privitize.hmpgUrl", "hxxp://searchou.com/?id=4077360e00000000000000123f86c5d5&affilt=5");
user_pref("extensions.privitize.hpOld0", "hxxp://www.zoznam.sk/");
user_pref("extensions.privitize.id", "4077360e00000000000000123f86c5d5");
user_pref("extensions.privitize.instlDay", "15866");
user_pref("extensions.privitize.instlRef", "");
user_pref("extensions.privitize.kw_url", "hxxp://searchou.com/?q={searchTerms}&id=4077360e00000000000000123f86c5d5&affilt=5");
user_pref("extensions.privitize.newTab", true);
user_pref("extensions.privitize.newTabUrl", "hxxp://searchou.com/?id=4077360e00000000000000123f86c5d5&affilt=5");
user_pref("extensions.privitize.prdct", "privitize");
user_pref("extensions.privitize.prtnrId", "privitize");
user_pref("extensions.privitize.rvrt", "false");
user_pref("extensions.privitize.smplGrp", "none");
user_pref("extensions.privitize.srchPrvdr", "Search The Web (privitize)");
user_pref("extensions.privitize.tlbrId", "base");
user_pref("extensions.privitize.tlbrSrchUrl", "hxxp://searchou.com/?id=4077360e00000000000000123f86c5d5&affilt=5&q=");
user_pref("extensions.privitize.vrsn", "1.8.21.6");
user_pref("extensions.privitize.vrsnTs", "1.8.21.615:46:08");
user_pref("extensions.privitize.vrsni", "1.8.21.6");

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 16.07.2013 at 14:25:02,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Příspěvekod **memphisto** » 16 črc 2013 15:04

Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

LightclawSK · Příspěvekod **LightclawSK** » 16 črc 2013 16:46

RogueKiller

RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Lightclaw [Admin rights]
Mode : Remove -- Date : 07/16/2013 16:28:56
| ARK || FAK || MBR |

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] ZSSnp211.EXE -- C:\WINDOWS\ZSSnp211.EXE [-] -> KILLED [TermProc]
[SUSP PATH] Domino.EXE -- C:\WINDOWS\Domino.EXE [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : ZSSnp211 (C:\WINDOWS\ZSSnp211.exe [-]) -> DELETED
[RUN][SUSP PATH] HKLM\[...]\Run : Domino (C:\WINDOWS\Domino.exe [-]) -> DELETED
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] IRP[IRP_MJ_CREATE_NAMED_PIPE] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_READ] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_WRITE] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_INFORMATION] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_INFORMATION] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_EA] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_EA] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_FLUSH_BUFFERS] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_VOLUME_INFORMATION] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_VOLUME_INFORMATION] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_DIRECTORY_CONTROL] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_FILE_SYSTEM_CONTROL] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SHUTDOWN] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_LOCK_CONTROL] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_CLEANUP] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_CREATE_MAILSLOT] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_SECURITY] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_SECURITY] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_DEVICE_CHANGE] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_QUERY_QUOTA] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)
[Address] IRP[IRP_MJ_SET_QUOTA] : atapi.sys -> HOOKED ([Address] \WINDOWS\system32\TUKERNEL.EXE @ 0x804F9739)

¤¤¤ External Hives: ¤¤¤
-> E:\windows\system32\config\SYSTEM
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\windows\system32\config\SOFTWARE
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\windows\system32\config\SECURITY
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\windows\system32\config\SAM
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\windows\system32\config\DEFAULT
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\Documents and Settings\admin\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\admin\Start Menu\Programs\Startup
-> E:\Documents and Settings\Default User\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\Default User\Start Menu\Programs\Startup
-> E:\Documents and Settings\LocalService\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\LocalService\Start Menu\Programs\Startup
-> E:\Documents and Settings\NetworkService\NTUSER.DAT
C:\WINDOWS\system32
C:\Documents and Settings\NetworkService\Start Menu\Programs\Startup

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
10.25.1.231 hera.intranet.orange.sk

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: MAXTOR STM3250820A +++++
--- User ---
[MBR] 80c77661c26b6dedb07dea1aab8ff58d
[BSP] 229999cce3bb13fe206d9b1b186a4a60 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: MAXTOR STM3250820A +++++
--- User ---
[MBR] d6b8cb06eed99b158b7b7b41eaca2aab
[BSP] ae203e84dcb456630d870d8f3155a2b5 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 76230 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_07162013_162856.txt >>
RKreport[0]_S_07162013_141141.txt;RKreport[0]_S_07162013_162851.txt

TDSSKiller

16:34:29.0968 3796 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:34:30.0453 3796 ============================================================
16:34:30.0453 3796 Current date / time: 2013/07/16 16:34:30.0453
16:34:30.0453 3796 SystemInfo:
16:34:30.0453 3796
16:34:30.0453 3796 OS Version: 5.1.2600 ServicePack: 3.0
16:34:30.0453 3796 Product type: Workstation
16:34:30.0453 3796 ComputerName: CHARGER
16:34:30.0453 3796 UserName: Lightclaw
16:34:30.0453 3796 Windows directory: C:\WINDOWS
16:34:30.0453 3796 System windows directory: C:\WINDOWS
16:34:30.0453 3796 Processor architecture: Intel x86
16:34:30.0453 3796 Number of processors: 2
16:34:30.0453 3796 Page size: 0x1000
16:34:30.0453 3796 Boot type: Normal boot
16:34:30.0453 3796 ============================================================
16:34:31.0953 3796 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:34:31.0968 3796 Drive \Device\Harddisk1\DR1 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:34:31.0968 3796 ============================================================
16:34:31.0968 3796 \Device\Harddisk0\DR0:
16:34:31.0984 3796 MBR partitions:
16:34:31.0984 3796 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
16:34:31.0984 3796 \Device\Harddisk1\DR1:
16:34:31.0984 3796 MBR partitions:
16:34:31.0984 3796 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x94E3276
16:34:31.0984 3796 ============================================================
16:34:32.0000 3796 C: <-> \Device\Harddisk1\DR1\Partition1
16:34:32.0031 3796 E: <-> \Device\Harddisk0\DR0\Partition1
16:34:32.0031 3796 ============================================================
16:34:32.0031 3796 Initialize success
16:34:32.0031 3796 ============================================================
16:34:34.0203 1468 ============================================================
16:34:34.0203 1468 Scan started
16:34:34.0203 1468 Mode: Manual;
16:34:34.0203 1468 ============================================================
16:34:35.0640 1468 ================ Scan system memory ========================
16:34:35.0656 1468 System memory - ok
16:34:35.0656 1468 ================ Scan services =============================
16:34:35.0781 1468 [ B930454120A14DE5621F50A724777436 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
16:34:35.0781 1468 Aavmker4 - ok
16:34:35.0796 1468 Abiosdsk - ok
16:34:35.0796 1468 abp480n5 - ok
16:34:35.0843 1468 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:34:35.0843 1468 ACPI - ok
16:34:35.0875 1468 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:34:35.0875 1468 ACPIEC - ok
16:34:35.0937 1468 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:34:35.0937 1468 AdobeFlashPlayerUpdateSvc - ok
16:34:35.0953 1468 adpu160m - ok
16:34:36.0046 1468 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
16:34:36.0046 1468 AdvancedSystemCareService6 - ok
16:34:36.0093 1468 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
16:34:36.0093 1468 aeaudio - ok
16:34:36.0109 1468 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:34:36.0109 1468 aec - ok
16:34:36.0140 1468 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:34:36.0140 1468 AFD - ok
16:34:36.0156 1468 Aha154x - ok
16:34:36.0171 1468 aic78u2 - ok
16:34:36.0171 1468 aic78xx - ok
16:34:36.0312 1468 [ DD8520280304B6145A6BE31008748C7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
16:34:36.0343 1468 ALCXWDM - ok
16:34:36.0375 1468 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:34:36.0390 1468 Alerter - ok
16:34:36.0406 1468 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
16:34:36.0406 1468 ALG - ok
16:34:36.0406 1468 AliIde - ok
16:34:36.0421 1468 amsint - ok
16:34:36.0453 1468 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:34:36.0453 1468 AppMgmt - ok
16:34:36.0468 1468 asc - ok
16:34:36.0468 1468 asc3350p - ok
16:34:36.0484 1468 asc3550 - ok
16:34:36.0656 1468 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:34:36.0796 1468 aspnet_state - ok
16:34:36.0828 1468 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
16:34:36.0828 1468 aswFsBlk - ok
16:34:36.0859 1468 [ 6BEB19EFC395990CC7B6608FDEDA42F8 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
16:34:36.0859 1468 aswMon2 - ok
16:34:36.0890 1468 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:34:36.0890 1468 aswMonFlt - ok
16:34:36.0906 1468 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
16:34:36.0906 1468 AswRdr - ok
16:34:36.0921 1468 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
16:34:36.0921 1468 aswRvrt - ok
16:34:36.0953 1468 [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
16:34:36.0953 1468 aswSnx - ok
16:34:37.0000 1468 [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
16:34:37.0000 1468 aswSP - ok
16:34:37.0015 1468 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
16:34:37.0015 1468 aswTdi - ok
16:34:37.0031 1468 [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
16:34:37.0031 1468 aswVmm - ok
16:34:37.0062 1468 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:34:37.0062 1468 AsyncMac - ok
16:34:37.0093 1468 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:34:37.0093 1468 atapi - ok
16:34:37.0109 1468 Atdisk - ok
16:34:37.0156 1468 [ 29CE0B7E8190D7AE278F94BBC43F496E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
16:34:37.0156 1468 Ati HotKey Poller - ok
16:34:37.0187 1468 [ 56926CCC03417DFFC39C02AC4C163EBC ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
16:34:37.0203 1468 ATI Smart - ok
16:34:37.0250 1468 [ BF278C2D512EF0D2748CDAC641BB9649 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:34:37.0265 1468 ati2mtag - ok
16:34:37.0296 1468 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:34:37.0296 1468 Atmarpc - ok
16:34:37.0343 1468 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:34:37.0359 1468 AudioSrv - ok
16:34:37.0375 1468 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:34:37.0375 1468 audstub - ok
16:34:37.0421 1468 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:34:37.0421 1468 avast! Antivirus - ok
16:34:37.0453 1468 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
16:34:37.0453 1468 b57w2k - ok
16:34:37.0515 1468 [ 77542F1CB1C3260F0C5C922C5E548FB8 ] BASFND C:\Program Files\Broadcom\MgmtAgent\BASFND.sys
16:34:37.0515 1468 BASFND - ok
16:34:37.0546 1468 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:34:37.0546 1468 Beep - ok
16:34:37.0609 1468 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
16:34:37.0656 1468 BITS - ok
16:34:37.0703 1468 [ ABFBA187E4DBCDFE86E6B0ED56570C97 ] Blfp C:\WINDOWS\system32\DRIVERS\baspxp32.sys
16:34:37.0718 1468 Blfp - ok
16:34:37.0781 1468 [ DD8C7C6DDB05F82379B08F257318D63E ] BrcmMgmtAgent C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
16:34:37.0781 1468 BrcmMgmtAgent - ok
16:34:37.0843 1468 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
16:34:37.0843 1468 Browser - ok
16:34:37.0859 1468 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:34:37.0859 1468 cbidf2k - ok
16:34:37.0906 1468 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:34:37.0906 1468 CCDECODE - ok
16:34:37.0921 1468 cd20xrnt - ok
16:34:37.0937 1468 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:34:37.0937 1468 Cdaudio - ok
16:34:37.0968 1468 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:34:37.0968 1468 Cdfs - ok
16:34:37.0984 1468 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:34:38.0000 1468 Cdrom - ok
16:34:38.0000 1468 Changer - ok
16:34:38.0031 1468 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:34:38.0031 1468 CiSvc - ok
16:34:38.0031 1468 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:34:38.0046 1468 ClipSrv - ok
16:34:38.0078 1468 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:34:38.0203 1468 clr_optimization_v2.0.50727_32 - ok
16:34:38.0203 1468 CmdIde - ok
16:34:38.0218 1468 COMSysApp - ok
16:34:38.0234 1468 Cpqarray - ok
16:34:38.0250 1468 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:34:38.0250 1468 CryptSvc - ok
16:34:38.0250 1468 dac2w2k - ok
16:34:38.0265 1468 dac960nt - ok
16:34:38.0296 1468 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:34:38.0312 1468 DcomLaunch - ok
16:34:38.0343 1468 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:34:38.0343 1468 Dhcp - ok
16:34:38.0375 1468 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:34:38.0375 1468 Disk - ok
16:34:38.0375 1468 dmadmin - ok
16:34:38.0453 1468 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:34:38.0453 1468 dmboot - ok
16:34:38.0468 1468 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:34:38.0468 1468 dmio - ok
16:34:38.0484 1468 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:34:38.0484 1468 dmload - ok
16:34:38.0515 1468 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:34:38.0515 1468 dmserver - ok
16:34:38.0531 1468 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:34:38.0531 1468 DMusic - ok
16:34:38.0562 1468 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:34:38.0562 1468 Dnscache - ok
16:34:38.0609 1468 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:34:38.0625 1468 Dot3svc - ok
16:34:38.0625 1468 dpti2o - ok
16:34:38.0640 1468 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:34:38.0640 1468 drmkaud - ok
16:34:38.0671 1468 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
16:34:38.0671 1468 DrvAgent32 - ok
16:34:38.0703 1468 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
16:34:38.0718 1468 dtsoftbus01 - ok
16:34:38.0734 1468 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:34:38.0734 1468 EapHost - ok
16:34:38.0765 1468 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:34:38.0765 1468 ERSvc - ok
16:34:38.0765 1468 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
16:34:38.0781 1468 Eventlog - ok
16:34:38.0828 1468 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
16:34:38.0843 1468 EventSystem - ok
16:34:38.0906 1468 FairplayKD - ok
16:34:38.0937 1468 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:34:38.0937 1468 Fastfat - ok
16:34:38.0953 1468 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:34:38.0953 1468 FastUserSwitchingCompatibility - ok
16:34:38.0968 1468 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
16:34:38.0968 1468 Fdc - ok
16:34:38.0984 1468 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:34:38.0984 1468 Fips - ok
16:34:39.0000 1468 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
16:34:39.0000 1468 Flpydisk - ok
16:34:39.0031 1468 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:34:39.0031 1468 FltMgr - ok
16:34:39.0078 1468 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:34:39.0078 1468 FontCache3.0.0.0 - ok
16:34:39.0109 1468 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:34:39.0109 1468 Fs_Rec - ok
16:34:39.0109 1468 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:34:39.0109 1468 Ftdisk - ok
16:34:39.0125 1468 GGSAFERDriver - ok
16:34:39.0140 1468 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:34:39.0140 1468 Gpc - ok
16:34:39.0187 1468 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:34:39.0187 1468 gupdate - ok
16:34:39.0187 1468 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:34:39.0203 1468 gupdatem - ok
16:34:39.0234 1468 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
16:34:39.0234 1468 hamachi - ok
16:34:39.0312 1468 [ 176825151F2F93415BCB37C29AF11A3D ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
16:34:39.0312 1468 Hamachi2Svc - ok
16:34:39.0375 1468 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:34:39.0375 1468 helpsvc - ok
16:34:39.0406 1468 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
16:34:39.0406 1468 HidServ - ok
16:34:39.0437 1468 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:34:39.0437 1468 hidusb - ok
16:34:39.0468 1468 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:34:39.0468 1468 hkmsvc - ok
16:34:39.0468 1468 hpn - ok
16:34:39.0515 1468 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:34:39.0515 1468 HTTP - ok
16:34:39.0546 1468 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:34:39.0546 1468 HTTPFilter - ok
16:34:39.0546 1468 i2omgmt - ok
16:34:39.0562 1468 i2omp - ok
16:34:39.0593 1468 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
16:34:39.0593 1468 i8042prt - ok
16:34:39.0656 1468 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
16:34:39.0671 1468 ialm - ok
16:34:39.0765 1468 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:34:39.0765 1468 IDriverT - ok
16:34:39.0828 1468 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:34:39.0859 1468 idsvc - ok
16:34:39.0890 1468 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:34:39.0890 1468 Imapi - ok
16:34:39.0937 1468 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:34:39.0937 1468 ImapiService - ok
16:34:39.0953 1468 ini910u - ok
16:34:39.0953 1468 IntelIde - ok
16:34:39.0984 1468 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:34:39.0984 1468 intelppm - ok
16:34:40.0000 1468 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
16:34:40.0000 1468 Ip6Fw - ok
16:34:40.0031 1468 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:34:40.0031 1468 IpFilterDriver - ok
16:34:40.0062 1468 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:34:40.0062 1468 IpInIp - ok
16:34:40.0078 1468 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:34:40.0093 1468 IpNat - ok
16:34:40.0125 1468 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:34:40.0125 1468 IPSec - ok
16:34:40.0140 1468 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:34:40.0140 1468 IRENUM - ok
16:34:40.0171 1468 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:34:40.0171 1468 isapnp - ok
16:34:40.0250 1468 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:34:40.0250 1468 JavaQuickStarterService - ok
16:34:40.0281 1468 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:34:40.0281 1468 Kbdclass - ok
16:34:40.0312 1468 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:34:40.0312 1468 kbdhid - ok
16:34:40.0359 1468 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:34:40.0359 1468 kmixer - ok
16:34:40.0375 1468 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:34:40.0375 1468 KSecDD - ok
16:34:40.0406 1468 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
16:34:40.0406 1468 lanmanserver - ok
16:34:40.0437 1468 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:34:40.0453 1468 lanmanworkstation - ok
16:34:40.0453 1468 lbrtfdc - ok
16:34:40.0468 1468 LgBttPort - ok
16:34:40.0468 1468 lgbusenum - ok
16:34:40.0484 1468 LGVMODEM - ok
16:34:40.0515 1468 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:34:40.0515 1468 LmHosts - ok
16:34:40.0531 1468 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:34:40.0546 1468 Messenger - ok
16:34:40.0593 1468 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:34:40.0640 1468 Microsoft Office Groove Audit Service - ok
16:34:40.0656 1468 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:34:40.0656 1468 mnmdd - ok
16:34:40.0703 1468 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:34:40.0703 1468 mnmsrvc - ok
16:34:40.0750 1468 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:34:40.0750 1468 Modem - ok
16:34:40.0765 1468 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:34:40.0781 1468 Mouclass - ok
16:34:40.0796 1468 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:34:40.0796 1468 mouhid - ok
16:34:40.0812 1468 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:34:40.0812 1468 MountMgr - ok
16:34:40.0828 1468 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:34:40.0828 1468 MozillaMaintenance - ok
16:34:40.0828 1468 mraid35x - ok
16:34:40.0890 1468 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:34:40.0906 1468 MRxDAV - ok
16:34:40.0953 1468 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:34:40.0953 1468 MRxSmb - ok
16:34:40.0984 1468 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:34:40.0984 1468 MSDTC - ok
16:34:41.0000 1468 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:34:41.0000 1468 Msfs - ok
16:34:41.0000 1468 MSIServer - ok
16:34:41.0031 1468 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:34:41.0031 1468 MSKSSRV - ok
16:34:41.0046 1468 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:34:41.0046 1468 MSPCLOCK - ok
16:34:41.0062 1468 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:34:41.0062 1468 MSPQM - ok
16:34:41.0078 1468 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:34:41.0078 1468 mssmbios - ok
16:34:41.0109 1468 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:34:41.0109 1468 MSTEE - ok
16:34:41.0140 1468 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:34:41.0140 1468 Mup - ok
16:34:41.0156 1468 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:34:41.0156 1468 NABTSFEC - ok
16:34:41.0203 1468 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:34:41.0218 1468 napagent - ok
16:34:41.0234 1468 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:34:41.0250 1468 NDIS - ok
16:34:41.0265 1468 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:34:41.0265 1468 NdisIP - ok
16:34:41.0296 1468 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:34:41.0296 1468 NdisTapi - ok
16:34:41.0312 1468 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:34:41.0312 1468 Ndisuio - ok
16:34:41.0328 1468 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:34:41.0328 1468 NdisWan - ok
16:34:41.0343 1468 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:34:41.0343 1468 NDProxy - ok
16:34:41.0375 1468 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
16:34:41.0375 1468 Net Driver HPZ12 - ok
16:34:41.0390 1468 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:34:41.0390 1468 NetBIOS - ok
16:34:41.0406 1468 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:34:41.0406 1468 NetBT - ok
16:34:41.0437 1468 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
16:34:41.0437 1468 NetDDE - ok
16:34:41.0453 1468 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:34:41.0453 1468 NetDDEdsdm - ok
16:34:41.0484 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:34:41.0484 1468 Netlogon - ok
16:34:41.0500 1468 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
16:34:41.0515 1468 Netman - ok
16:34:41.0562 1468 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:34:41.0562 1468 NetTcpPortSharing - ok
16:34:41.0593 1468 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
16:34:41.0593 1468 Nla - ok
16:34:41.0609 1468 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:34:41.0609 1468 Npfs - ok
16:34:41.0640 1468 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:34:41.0656 1468 Ntfs - ok
16:34:41.0656 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:34:41.0656 1468 NtLmSsp - ok
16:34:41.0687 1468 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:34:41.0687 1468 NtmsSvc - ok
16:34:41.0703 1468 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:34:41.0703 1468 Null - ok
16:34:41.0734 1468 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:34:41.0750 1468 NwlnkFlt - ok
16:34:41.0750 1468 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:34:41.0750 1468 NwlnkFwd - ok
16:34:41.0828 1468 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:34:41.0828 1468 odserv - ok
16:34:41.0859 1468 [ ECB4976C878946290679F8E1724DC130 ] OracleClientCache80 C:\orant\BIN\ONRSD80.EXE
16:34:41.0859 1468 OracleClientCache80 - ok
16:34:41.0859 1468 OracleFormsServer-Forms60Server - ok
16:34:41.0906 1468 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:34:41.0906 1468 ose - ok
16:34:41.0953 1468 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:34:41.0953 1468 Parport - ok
16:34:41.0968 1468 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:34:41.0968 1468 PartMgr - ok
16:34:42.0000 1468 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:34:42.0000 1468 ParVdm - ok
16:34:42.0000 1468 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:34:42.0015 1468 PCI - ok
16:34:42.0015 1468 PCIDump - ok
16:34:42.0062 1468 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:34:42.0062 1468 PCIIde - ok
16:34:42.0109 1468 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:34:42.0109 1468 Pcmcia - ok
16:34:42.0109 1468 PDCOMP - ok
16:34:42.0125 1468 PDFRAME - ok
16:34:42.0125 1468 PDRELI - ok
16:34:42.0140 1468 PDRFRAME - ok
16:34:42.0140 1468 perc2 - ok
16:34:42.0140 1468 perc2hib - ok
16:34:42.0187 1468 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
16:34:42.0203 1468 PlugPlay - ok
16:34:42.0218 1468 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
16:34:42.0234 1468 Pml Driver HPZ12 - ok
16:34:42.0250 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:34:42.0250 1468 PolicyAgent - ok
16:34:42.0265 1468 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:34:42.0265 1468 PptpMiniport - ok
16:34:42.0265 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:34:42.0281 1468 ProtectedStorage - ok
16:34:42.0312 1468 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:34:42.0312 1468 Ptilink - ok
16:34:42.0343 1468 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:34:42.0343 1468 PxHelp20 - ok
16:34:42.0343 1468 ql1080 - ok
16:34:42.0359 1468 Ql10wnt - ok
16:34:42.0359 1468 ql12160 - ok
16:34:42.0375 1468 ql1240 - ok
16:34:42.0375 1468 ql1280 - ok
16:34:42.0390 1468 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:34:42.0390 1468 RasAcd - ok
16:34:42.0421 1468 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:34:42.0437 1468 RasAuto - ok
16:34:42.0437 1468 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:34:42.0437 1468 Rasl2tp - ok
16:34:42.0484 1468 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:34:42.0484 1468 RasMan - ok
16:34:42.0500 1468 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:34:42.0500 1468 RasPppoe - ok
16:34:42.0515 1468 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:34:42.0515 1468 Raspti - ok
16:34:42.0546 1468 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:34:42.0546 1468 Rdbss - ok
16:34:42.0562 1468 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:34:42.0562 1468 RDPCDD - ok
16:34:42.0578 1468 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:34:42.0578 1468 rdpdr - ok
16:34:42.0625 1468 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:34:42.0625 1468 RDPWD - ok
16:34:42.0640 1468 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:34:42.0656 1468 RDSessMgr - ok
16:34:42.0671 1468 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:34:42.0671 1468 redbook - ok
16:34:42.0703 1468 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:34:42.0703 1468 RemoteAccess - ok
16:34:42.0734 1468 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:34:42.0734 1468 RemoteRegistry - ok
16:34:42.0765 1468 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:34:42.0781 1468 RpcLocator - ok
16:34:42.0812 1468 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:34:42.0828 1468 RpcSs - ok
16:34:42.0843 1468 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:34:42.0859 1468 RSVP - ok
16:34:42.0875 1468 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
16:34:42.0875 1468 SamSs - ok
16:34:42.0875 1468 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:34:42.0875 1468 SCardSvr - ok
16:34:42.0921 1468 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:34:42.0937 1468 Schedule - ok
16:34:42.0968 1468 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:34:42.0968 1468 Secdrv - ok
16:34:42.0984 1468 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:34:42.0984 1468 seclogon - ok
16:34:43.0000 1468 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
16:34:43.0000 1468 SENS - ok
16:34:43.0046 1468 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:34:43.0046 1468 serenum - ok
16:34:43.0062 1468 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:34:43.0078 1468 Serial - ok
16:34:43.0093 1468 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:34:43.0093 1468 Sfloppy - ok
16:34:43.0125 1468 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:34:43.0125 1468 SharedAccess - ok
16:34:43.0156 1468 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:34:43.0156 1468 ShellHWDetection - ok
16:34:43.0156 1468 Simbad - ok
16:34:43.0203 1468 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:34:43.0203 1468 SkypeUpdate - ok
16:34:43.0218 1468 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:34:43.0218 1468 SLIP - ok
16:34:43.0281 1468 [ 4AA922332433CDEB8B82C072C212E32E ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
16:34:43.0281 1468 smwdm - ok
16:34:43.0296 1468 Sparrow - ok
16:34:43.0328 1468 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:34:43.0328 1468 splitter - ok
16:34:43.0359 1468 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:34:43.0359 1468 Spooler - ok
16:34:43.0390 1468 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:34:43.0390 1468 sr - ok
16:34:43.0421 1468 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
16:34:43.0437 1468 srservice - ok
16:34:43.0453 1468 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:34:43.0468 1468 Srv - ok
16:34:43.0484 1468 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:34:43.0484 1468 SSDPSRV - ok
16:34:43.0515 1468 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:34:43.0515 1468 stisvc - ok
16:34:43.0546 1468 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:34:43.0546 1468 streamip - ok
16:34:43.0562 1468 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:34:43.0578 1468 swenum - ok
16:34:43.0609 1468 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:34:43.0609 1468 swmidi - ok
16:34:43.0625 1468 SwPrv - ok
16:34:43.0625 1468 symc810 - ok
16:34:43.0640 1468 symc8xx - ok
16:34:43.0640 1468 sym_hi - ok
16:34:43.0656 1468 sym_u3 - ok
16:34:43.0671 1468 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:34:43.0687 1468 sysaudio - ok
16:34:43.0703 1468 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:34:43.0703 1468 SysmonLog - ok
16:34:43.0734 1468 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:34:43.0734 1468 TapiSrv - ok
16:34:43.0781 1468 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:34:43.0781 1468 Tcpip - ok
16:34:43.0812 1468 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:34:43.0812 1468 TDPIPE - ok
16:34:43.0828 1468 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:34:43.0828 1468 TDTCP - ok
16:34:43.0843 1468 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:34:43.0859 1468 TermDD - ok
16:34:43.0875 1468 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
16:34:43.0875 1468 TermService - ok
16:34:43.0890 1468 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
16:34:43.0890 1468 Themes - ok
16:34:43.0906 1468 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:34:43.0937 1468 TlntSvr - ok
16:34:43.0953 1468 TosIde - ok
16:34:43.0968 1468 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:34:43.0984 1468 TrkWks - ok
16:34:44.0000 1468 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:34:44.0000 1468 Udfs - ok
16:34:44.0000 1468 ultra - ok
16:34:44.0015 1468 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:34:44.0031 1468 Update - ok
16:34:44.0046 1468 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:34:44.0046 1468 upnphost - ok
16:34:44.0062 1468 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
16:34:44.0062 1468 UPS - ok
16:34:44.0078 1468 usbbus - ok
16:34:44.0093 1468 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:34:44.0093 1468 usbccgp - ok
16:34:44.0109 1468 UsbDiag - ok
16:34:44.0125 1468 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:34:44.0125 1468 usbehci - ok
16:34:44.0156 1468 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:34:44.0156 1468 usbhub - ok
16:34:44.0187 1468 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:34:44.0187 1468 USBSTOR - ok
16:34:44.0203 1468 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:34:44.0203 1468 usbuhci - ok
16:34:44.0234 1468 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:34:44.0234 1468 VgaSave - ok
16:34:44.0234 1468 ViaIde - ok
16:34:44.0250 1468 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:34:44.0250 1468 VolSnap - ok
16:34:44.0296 1468 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
16:34:44.0296 1468 VSS - ok
16:34:44.0312 1468 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
16:34:44.0328 1468 W32Time - ok
16:34:44.0343 1468 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:34:44.0343 1468 Wanarp - ok
16:34:44.0359 1468 WDICA - ok
16:34:44.0390 1468 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:34:44.0390 1468 wdmaud - ok
16:34:44.0421 1468 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:34:44.0421 1468 WebClient - ok
16:34:44.0484 1468 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
16:34:44.0484 1468 WinDefend - ok
16:34:44.0546 1468 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:34:44.0546 1468 winmgmt - ok
16:34:44.0578 1468 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:34:44.0578 1468 WmdmPmSN - ok
16:34:44.0625 1468 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:34:44.0640 1468 Wmi - ok
16:34:44.0656 1468 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:34:44.0671 1468 WmiApSrv - ok
16:34:44.0734 1468 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:34:44.0765 1468 WMPNetworkSvc - ok
16:34:44.0781 1468 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:34:44.0781 1468 WpdUsb - ok
16:34:44.0812 1468 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:34:44.0812 1468 wscsvc - ok
16:34:44.0828 1468 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:34:44.0828 1468 WSTCODEC - ok
16:34:44.0859 1468 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:34:44.0875 1468 wuauserv - ok
16:34:44.0906 1468 [ ED6DE10EA607FB074868537E62AE69B6 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:34:44.0906 1468 WudfPf - ok
16:34:44.0921 1468 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:34:44.0921 1468 WudfRd - ok
16:34:44.0937 1468 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:34:44.0968 1468 WudfSvc - ok
16:34:45.0031 1468 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:34:45.0031 1468 WZCSVC - ok
16:34:45.0062 1468 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:34:45.0062 1468 xmlprov - ok
16:34:45.0109 1468 [ ACBA895B45E65232AD54AD7D71EC542F ] ZSMC211 C:\WINDOWS\system32\Drivers\ZS211.sys
16:34:45.0109 1468 ZSMC211 - ok
16:34:45.0125 1468 ================ Scan global ===============================
16:34:45.0140 1468 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:34:45.0171 1468 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:34:45.0187 1468 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:34:45.0203 1468 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:34:45.0218 1468 [Global] - ok
16:34:45.0218 1468 ================ Scan MBR ==================================
16:34:45.0250 1468 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
16:34:45.0546 1468 \Device\Harddisk0\DR0 - ok
16:34:45.0562 1468 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
16:34:45.0703 1468 \Device\Harddisk1\DR1 - ok
16:34:45.0703 1468 ================ Scan VBR ==================================
16:34:45.0718 1468 [ F733E1B56976AB9A56097F983F054519 ] \Device\Harddisk0\DR0\Partition1
16:34:45.0718 1468 \Device\Harddisk0\DR0\Partition1 - ok
16:34:45.0734 1468 [ 87EC8D3529876A9ACDB91630FB9FBB5D ] \Device\Harddisk1\DR1\Partition1
16:34:45.0734 1468 \Device\Harddisk1\DR1\Partition1 - ok
16:34:45.0734 1468 ============================================================
16:34:45.0734 1468 Scan finished
16:34:45.0734 1468 ============================================================
16:34:45.0750 2248 Detected object count: 0
16:34:45.0750 2248 Actual detected object count: 0
16:35:04.0515 3580 Deinitialize success

Příspěvekod **Žbeky** » 16 črc 2013 17:57

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si Memtest:
Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048), dej Start, nech nejméně 2h běžet a pokud bude po 2h stále 0 errors, jsou v pořádku.

Zkontroluj teploty HW monitorem a dej sem screen

LightclawSK · Příspěvekod **LightclawSK** » 16 črc 2013 21:33

Ok, hotovo.

CrystalDiskInfo

----------------------------------------------------------------------------
CrystalDiskInfo 5.6.1 Shizuku Edition (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2013/07/16 18:08:53

-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801FB/FBM Ultra ATA Storage Controllers - 266F [ATA]
+ Primary IDE Channel (0)
- MAXTOR STM3250820A
- SONY DVD-ROM DDU1615
+ Intel(R) 82801FB Ultra ATA Storage Controllers - 2651 [ATA]
+ Primary IDE Channel (0)
- ST380013AS

-- Disk List ---------------------------------------------------------------
(1) MAXTOR STM3250820A : 250,0 GB [0/0/1, pd1]
(2) ST380013AS : 80,0 GB [1/1/0, pd1] - st

----------------------------------------------------------------------------
(1) MAXTOR STM3250820A
----------------------------------------------------------------------------
Model : MAXTOR STM3250820A
Firmware : 3.AAE
Serial Number : 5QE2VPYL
Disk Size : 250,0 GB (8,4/137,4/250,0/250,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 379 hod. (?)
Power On Count : 2791 krát
Temparature : 44 C (111 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _92 __6 00000A56AE8D Počet chybných čítaní
03 _96 _95 __0 000000000000 Čas na roztočenie platní
04 _98 _98 _20 000000000AC9 Počet spustení/zastavení
05 100 100 _36 000000000000 Počet premapovaných sektorov
07 _86 _60 _30 00001AA77378 Počet chybných vyhľadávaní
09 _75 _75 __0 0000000058E1 Počet odpracovaných hodín
0A 100 100 _97 000000000000 Počet opakovaných pokusov o roztočenie platní
0C _98 _98 _20 000000000AE7 Počet cyklov zapnutia zariadenia
BB 100 100 __0 000000000000 Zaznamenané neopraviteľné chyby
BD 100 100 __0 000000000000 Zápisy veľkého preletu
BE _56 _50 _45 00002D1F002C Teplota toku vzduchu
C2 _44 _50 __0 00100000002C Teplota
C3 _58 _54 __0 00000A632F9B Počet opráv chybného čítania
C5 100 100 __0 000000000000 Počet podozrivých sektorov
C6 100 100 __0 000000000000 Počet neopraviteľných sektorov
C7 200 200 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 100 253 __0 000000000000 Počet chýb pri zápise sektorov
CA 100 253 __0 000000000000 Počet chýb pri adresovaní údajov

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3551 4532 5650 594C
020: 0000 4000 0004 332E 4141 4520 2020 4D41 5854 4F52
030: 2053 544D 3332 3530 3832 3041 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0407 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 0000 346B 7D01 4023 3469 3C01 4023 003F 0000
090: 0000 FEFE FFFE 6B00 D000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0002
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 5970
130: 1D1C 5970 1D1C 2020 0002 02B6 0000 008A 3C06 3C0A
140: 0000 07C6 0100 0800 0F14 1200 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 1200 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7EA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 76 5C 8D AE 56 0A 00 00 00 03 03
010: 00 60 5F 00 00 00 00 00 00 00 04 32 00 62 62 C9
020: 0A 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 56 3C 78 73 A7 1A 00 00 00 09 32
040: 00 4B 4B E1 58 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 62 62 E7 0A 00 00 00
060: 00 00 BB 32 00 64 64 00 00 00 00 00 00 00 BD 3A
070: 00 64 64 00 00 00 00 00 00 00 BE 22 00 38 32 2C
080: 00 1F 2D 00 00 00 C2 22 00 2C 32 2C 00 00 00 10
090: 00 00 C3 1A 00 3A 36 9B 2F 63 0A 00 00 00 C5 12
0A0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 5C 02 00 00 00 00 00 00 00 00 00
180: 00 00 01 00 00 00 04 05 04 05 05 05 01 05 05 00
190: 00 00 00 00 00 00 00 01 C5 5A 9D 12 00 00 00 00
1A0: 01 00 9B 9F DD 37 1C 0B 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 C5 5A 9D 12 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 D6 F9 BB 0C 04 00
1D0: 00 00 42 D2 02 00 00 00 00 00 E1 58 00 00 00 00
1E0: 37 6E 0E 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00
070: 00 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26

----------------------------------------------------------------------------
(2) ST380013AS
----------------------------------------------------------------------------
Model : ST380013AS
Firmware : 8.12
Serial Number : 5MR27YY0
Disk Size : 80,0 GB (8,4/80,0/80,0/80,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 156250000
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-6
Minor Version : ATA/ATAPI-6 T13 1410D version 2
Transfer Mode : SATA/150
Power On Hours : 11221 hod.
Power On Count : 1464 krát
Temparature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 8000h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _63 _49 __6 00000851DC19 Počet chybných čítaní
03 _98 _98 __0 000000000000 Čas na roztočenie platní
04 _99 _99 _20 0000000005BE Počet spustení/zastavení
05 100 100 _36 000000000000 Počet premapovaných sektorov
07 _87 _60 _30 00001E86D3AE Počet chybných vyhľadávaní
09 _88 _88 __0 000000002BD5 Počet odpracovaných hodín
0A 100 100 _97 000000000000 Počet opakovaných pokusov o roztočenie platní
0C _99 _99 _20 0000000005B8 Počet cyklov zapnutia zariadenia
C2 _42 _47 __0 000A0000002A Teplota
C3 _63 _49 __0 00000851DC19 Počet opráv chybného čítania
C5 100 100 __0 000000000000 Počet podozrivých sektorov
C6 100 100 __0 000000000000 Počet neopraviteľných sektorov
C7 200 200 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 100 253 __0 000000000000 Počet chýb pri zápise sektorov
CA 100 253 __0 000000000000 Počet chýb pri adresovaní údajov

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 354D 5232 3759 5930
020: 0000 4000 0004 382E 3132 2020 2020 5354 3338 3030
030: 3133 4153 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: 2F90 0950 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 001F 0102 0000 0040 0040
080: 007E 001B 346B 7F01 4003 3469 3C01 4003 207F 0000
090: 0000 FEFE FFFE 0000 8000 0000 0000 0000 0000 0000
100: 2F90 0950 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 2F90
130: 0950 2F90 0950 2020 0002 42B6 0000 008A 3C06 3C0A
140: 0000 07C6 0100 0800 0F78 1000 0002 0080 0000 0000
150: 0000 0002 0000 FE03 0050 0000 0000 0000 00A9 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 85A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 3F 31 19 DC 51 08 00 00 00 03 03
010: 00 62 62 00 00 00 00 00 00 00 04 32 00 63 63 BE
020: 05 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 57 3C AE D3 86 1E 00 00 00 09 32
040: 00 58 58 D5 2B 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 63 63 B8 05 00 00 00
060: 00 00 C2 22 00 2A 2F 2A 00 00 00 0A 00 00 C3 1A
070: 00 3F 31 19 DC 51 08 00 00 00 C5 12 00 64 64 00
080: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
090: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 C8 00
0A0: 00 64 FD 00 00 00 00 00 00 00 CA 32 00 64 FD 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 2F 00 00 00 00 00 00 00 00 00 00
180: 00 00 AB 9E 04 00 06 02 02 02 02 02 02 02 03 00
190: 00 00 00 00 00 00 00 01 10 F3 77 06 00 00 00 00
1A0: 81 00 C5 18 FE 8E D3 01 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 10 F3 77 06 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 2A 7C 64 86 01 00
1D0: 00 00 0C 64 7C 02 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 77

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
070: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
080: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
090: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0A0: 00 00 00 00 00 00 00 00 00 00 CA 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

Obrázek

Příspěvekod **memphisto** » 16 črc 2013 22:21

Disky jsou OK. Co ten Memtest?

LightclawSK · Příspěvekod **LightclawSK** » 16 črc 2013 22:23

Memtest bežal cez 2 hod. = 0 errors

Příspěvekod **memphisto** » 17 črc 2013 08:10

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Prosim o kontrolu logu. Vyřešeno

Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Re: Prosim o kontrolu logu.

Kdo je online