Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomy at 2010-11-03 19:31:33
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 4 GB (12%) free of 33 GB
Total RAM: 2047 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:39, on 3.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\-==-\Avast\aswUpdSv.exe
C:\Program Files\-==-\Avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\-__-~1\Avast\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Dhipec.exe
C:\WINDOWS\system32\astsrv.exe
C:\Program Files\-==-\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\-==-\Avast\ashMaiSv.exe
C:\Program Files\-==-\Avast\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\-==-\Total Commander\TOTALCMD.EXE
D:\Downloadz\RSIT.exe
C:\Program Files\trend micro\Tomy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\-==-\Adobe Acrobat Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\-==-\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\-==-\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\-__-~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\-==-\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [C8H1KKCTZV] C:\DOCUME~1\Tomy\LOCALS~1\Temp\Dnz.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\-__-~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\-__-~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\-__-~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\astsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\-==-\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\-==-\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\-==-\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\-==-\Avast\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\-==-\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 4779 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\-==-\Adobe Acrobat Reader\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\-==-\Java\jre6\bin\jp2ssv.dll [2009-12-06 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\-==-\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-06 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\-__-~1\Avast\ashDisp.exe [2009-11-25 81000]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
"QuickTime Task"=C:\Program Files\-==-\QuickTime Alternative\qttask.exe [2009-09-05 417792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"C8H1KKCTZV"=C:\DOCUME~1\Tomy\LOCALS~1\Temp\Dnz.exe [2010-11-03 212992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\-==-\DAEMON Tools\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErgoMedia]
C:\PROGRA~1\-__-~1\ERGOME~1\SyTray.exe [2007-02-27 1843200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\-==-\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\-==-\QuickTime Alternative\qttask.exe [2009-09-05 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
C:\Program Files\-==-\Registry Mechanic\RegMech.exe [2009-10-14 3217368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\-==-\Java\jre6\bin\jusched.exe [2009-12-06 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\-__-~1\ADOBEA~1\Reader\READER~1.EXE [2004-12-14 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\-__-~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomy^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\-__-~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\-==-\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\-==-\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\-==-\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\-==-\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\-==-\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\-==-\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\-==-\Ninja Trader 6.5\bin\NinjaTrader.exe"="C:\Program Files\-==-\Ninja Trader 6.5\bin\NinjaTrader.exe:*:Enabled:NinjaTrader application"
"C:\Program Files\-==-\Java\jre6\bin\javaw.exe"="C:\Program Files\-==-\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\-==-\TVUPlayer\TVUPlayer.exe"="C:\Program Files\-==-\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Program Files\-==-\Ninja Trader 7\bin\NinjaTrader.exe"="C:\Program Files\-==-\Ninja Trader 7\bin\NinjaTrader.exe:*:Enabled:NinjaTrader application"
"C:\Program Files\-==-\Trillian\trillian.exe"="C:\Program Files\-==-\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\-==-\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\-==-\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\-==-\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\-==-\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\-==-\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\-==-\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\-==-\MktDelta\mktdelta.exe"="C:\Program Files\-==-\MktDelta\mktdelta.exe:*:Enabled:MarketDelta 10.2.1"
"C:\Program Files\-==-\SopCast\SopCast.exe"="C:\Program Files\-==-\SopCast\SopCast.exe:*:Enabled:SopCast"
"C:\Program Files\-==-\VLC\vlc.exe"="C:\Program Files\-==-\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\-==-\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\-==-\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\-==-\QuickTime Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\-==-\QuickTime Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\Windows Media Player\mplayer2.exe"="C:\Program Files\Windows Media Player\mplayer2.exe:*:Enabled:Windows Media Player"
"C:\Program Files\-==-\Mafia 2 DEMO\Steam\Steam.exe"="C:\Program Files\-==-\Mafia 2 DEMO\Steam\Steam.exe:*:Enabled:Steam"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-11-03 19:31:33 ----D---- C:\rsit
2010-11-03 19:31:33 ----D---- C:\Program Files\trend micro
2010-11-03 19:04:44 ----A---- C:\WINDOWS\Dhipec.exe
2010-11-03 17:24:20 ----A---- C:\WINDOWS\Dhipeb.exe
2010-11-03 10:53:18 ----A---- C:\WINDOWS\system32\drivers\lbrtfdc.sys
2010-11-03 10:53:02 ----A---- C:\WINDOWS\system32\drivers\i2omgmt.sys
2010-11-03 10:52:34 ----A---- C:\WINDOWS\system32\drivers\changer.sys
2010-11-03 10:51:47 ----A---- C:\WINDOWS\Dhipea.exe
2010-10-30 11:02:18 ----D---- C:\Documents and Settings\Tomy\Data aplikací\avidemux
2010-10-29 23:49:17 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-10-14 00:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-14 00:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-14 00:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-14 00:33:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-14 00:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-14 00:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-14 00:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2360131$
2010-10-14 00:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-14 00:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-14 00:31:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
======List of files/folders modified in the last 1 months======
2010-11-03 19:31:33 ----RD---- C:\Program Files
2010-11-03 19:31:27 ----A---- C:\WINDOWS\wincmd.ini
2010-11-03 19:29:04 ----D---- C:\WINDOWS\Prefetch
2010-11-03 19:29:01 ----SD---- C:\WINDOWS\Tasks
2010-11-03 19:08:25 ----D---- C:\Program Files\Mozilla Firefox
2010-11-03 19:07:46 ----D---- C:\WINDOWS\Temp
2010-11-03 19:04:44 ----AD---- C:\WINDOWS
2010-11-03 19:02:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-03 17:30:52 ----D---- C:\WINDOWS\system32
2010-11-03 17:27:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-03 10:55:29 ----SHD---- C:\System Volume Information
2010-11-03 10:55:29 ----D---- C:\WINDOWS\system32\Restore
2010-11-03 10:54:49 ----D---- C:\WINDOWS\system32\drivers
2010-11-03 10:54:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-02 12:19:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-01 02:12:11 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-10-30 11:02:05 ----D---- C:\Program Files\-==-
2010-10-29 23:49:17 ----D---- C:\Program Files\Common Files
2010-10-15 20:45:37 ----HD---- C:\WINDOWS\inf
2010-10-14 00:33:59 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-14 00:33:58 ----A---- C:\WINDOWS\imsins.BAK
2010-10-14 00:33:49 ----D---- C:\WINDOWS\WinSxS
2010-10-14 00:33:43 ----SHD---- C:\WINDOWS\Installer
2010-10-14 00:33:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-10-14 00:31:16 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-06 18:12:42 ----RSD---- C:\WINDOWS\assembly
2010-10-06 18:12:27 ----D---- C:\WINDOWS\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-08-31 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2004-10-04 75925]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2004-10-04 36423]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2004-10-04 10005]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [2006-07-26 248832]
S3 a0mh8lim;a0mh8lim; C:\WINDOWS\system32\drivers\a0mh8lim.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 astcc;AST Service; C:\WINDOWS\system32\astsrv.exe [2008-01-07 57344]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\-==-\Avast\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\-==-\Avast\ashServ.exe [2009-11-25 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\-==-\Java\jre6\bin\jqs.exe [2009-12-06 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2009-10-14 583640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\-==-\Avast\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\-==-\Avast\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
při startu na pár minut zamrzají windows, nefunguje TV
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: při startu na pár minut zamrzají windows, nefunguje TV
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: při startu na pár minut zamrzají windows, nefunguje TV
ComboFix 10-11-02.06 - Tomy 03.11.2010 20:30:08.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1455 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tomy\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101103-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Dokumenty\Server\admin.txt
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-03 do 2010-11-03 )))))))))))))))))))))))))))))))
.
2010-11-03 18:31 . 2010-11-03 18:31 -------- d-----w- C:\rsit
2010-11-03 18:31 . 2010-11-03 18:31 -------- d-----w- c:\program files\trend micro
2010-11-03 18:04 . 2010-11-03 09:51 212992 ----a-w- c:\windows\Dhipec.exe
2010-11-03 16:24 . 2010-11-03 09:51 212992 ----a-w- c:\windows\Dhipeb.exe
2010-11-03 09:53 . 2008-04-13 18:40 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-11-03 09:53 . 2008-04-13 18:40 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-11-03 09:53 . 2008-04-13 18:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-11-03 09:53 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-11-03 09:52 . 2008-04-13 18:40 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-11-03 09:52 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-11-03 09:51 . 2010-11-03 09:51 212992 ----a-w- c:\windows\Dhipea.exe
2010-10-30 10:02 . 2010-10-30 10:05 -------- d-----w- c:\documents and settings\Tomy\Data aplikací\avidemux
2010-10-29 22:49 . 2010-10-30 09:48 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-10-13 23:16 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 23:16 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 23:15 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2002-09-23 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2002-09-23 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2002-09-23 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2002-09-23 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-09 14:23 . 2002-09-23 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 14:23 . 2002-09-23 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-09-09 14:23 . 2009-12-05 16:15 81920 ------w- c:\windows\system32\ieencode.dll
2010-09-09 14:16 . 2009-12-05 16:15 370176 ------w- c:\windows\system32\html.iec
2010-09-01 11:52 . 2002-09-23 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2002-09-23 12:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 19:25 . 2010-08-31 19:25 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-27 08:03 . 2002-09-23 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2002-09-23 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2002-09-23 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2002-09-23 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2002-09-23 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2002-09-23 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\-__-~1\Avast\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"QuickTime Task"="c:\program files\-==-\QuickTime Alternative\qttask.exe" [2009-09-05 417792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Tomy^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 03:22 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\-==-\DAEMON Tools\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErgoMedia]
2007-02-27 08:52 1843200 ----a-w- c:\progra~1\-__-~1\ERGOME~1\SyTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 21:12 49152 ----a-w- c:\program files\-==-\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-04-30 23:30 13750272 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-04-30 23:30 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-04-30 23:31 1657376 ----a-w- c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-05 00:54 417792 ----a-w- c:\program files\-==-\QuickTime Alternative\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
2009-10-14 14:43 3217368 ----a-w- c:\program files\-==-\Registry Mechanic\RegMech.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-01-30 10:54 16116224 ------r- c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-12-06 19:32 149280 ----a-w- c:\program files\-==-\Java\jre6\bin\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\-==-\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\-==-\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\-==-\\WinFast\\WFDTV\\DVBTAP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\-==-\\Ninja Trader 6.5\\bin\\NinjaTrader.exe"=
"c:\\Program Files\\-==-\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\-==-\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\-==-\\Ninja Trader 7\\bin\\NinjaTrader.exe"=
"c:\\Program Files\\-==-\\Trillian\\trillian.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\-==-\\MktDelta\\mktdelta.exe"=
"c:\\Program Files\\-==-\\SopCast\\SopCast.exe"=
"c:\\Program Files\\-==-\\VLC\\vlc.exe"=
"c:\\Program Files\\-==-\\Real Alternative\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\-==-\\QuickTime Alternative\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\Windows Media Player\\mplayer2.exe"=
"c:\\Program Files\\-==-\\Mafia 2 DEMO\\Steam\\Steam.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.8.2010 20:25 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5.12.2009 17:21 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.12.2009 17:21 20560]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [6.12.2009 16:22 75925]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [14.12.2009 13:01 583640]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [6.12.2009 16:22 36423]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [6.12.2009 16:22 10005]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\-__-~1\MICROS~1\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tomy\Data aplikací\Mozilla\Firefox\Profiles\8i3gnf8w.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\program files\-==-\Adobe Acrobat Reader\Reader\browser\nppdf32.dll
FF - plugin: c:\program files\-==-\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: c:\program files\-==-\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\-==-\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\-==-\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\-==-\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\-==-\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\-==-\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\program files\-==-\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-03 20:33
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\-==-\Avast\aswUpdSv.exe
c:\program files\-==-\Avast\ashServ.exe
c:\windows\system32\astsrv.exe
c:\program files\-==-\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wdfmgr.exe
c:\program files\-==-\Avast\ashMaiSv.exe
c:\program files\-==-\Avast\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2010-11-03 20:36:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-03 19:35
Před spuštěním: 4 108 726 272
Po spuštění: 4 584 955 904
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
- - End Of File - - 17F2A83C6E2E8EEEA144BAB7C839A4AB
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1455 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tomy\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101103-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Dokumenty\Server\admin.txt
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-03 do 2010-11-03 )))))))))))))))))))))))))))))))
.
2010-11-03 18:31 . 2010-11-03 18:31 -------- d-----w- C:\rsit
2010-11-03 18:31 . 2010-11-03 18:31 -------- d-----w- c:\program files\trend micro
2010-11-03 18:04 . 2010-11-03 09:51 212992 ----a-w- c:\windows\Dhipec.exe
2010-11-03 16:24 . 2010-11-03 09:51 212992 ----a-w- c:\windows\Dhipeb.exe
2010-11-03 09:53 . 2008-04-13 18:40 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-11-03 09:53 . 2008-04-13 18:40 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-11-03 09:53 . 2008-04-13 18:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-11-03 09:53 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-11-03 09:52 . 2008-04-13 18:40 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-11-03 09:52 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-11-03 09:51 . 2010-11-03 09:51 212992 ----a-w- c:\windows\Dhipea.exe
2010-10-30 10:02 . 2010-10-30 10:05 -------- d-----w- c:\documents and settings\Tomy\Data aplikací\avidemux
2010-10-29 22:49 . 2010-10-30 09:48 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-10-13 23:16 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 23:16 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 23:15 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2002-09-23 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2002-09-23 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2002-09-23 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2002-09-23 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-09 14:23 . 2002-09-23 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 14:23 . 2002-09-23 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-09-09 14:23 . 2009-12-05 16:15 81920 ------w- c:\windows\system32\ieencode.dll
2010-09-09 14:16 . 2009-12-05 16:15 370176 ------w- c:\windows\system32\html.iec
2010-09-01 11:52 . 2002-09-23 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2002-09-23 12:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 19:25 . 2010-08-31 19:25 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-27 08:03 . 2002-09-23 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2002-09-23 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2002-09-23 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2002-09-23 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2002-09-23 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2002-09-23 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\-__-~1\Avast\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"QuickTime Task"="c:\program files\-==-\QuickTime Alternative\qttask.exe" [2009-09-05 417792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Tomy^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 03:22 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\-==-\DAEMON Tools\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErgoMedia]
2007-02-27 08:52 1843200 ----a-w- c:\progra~1\-__-~1\ERGOME~1\SyTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 21:12 49152 ----a-w- c:\program files\-==-\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-04-30 23:30 13750272 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-04-30 23:30 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-04-30 23:31 1657376 ----a-w- c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-05 00:54 417792 ----a-w- c:\program files\-==-\QuickTime Alternative\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
2009-10-14 14:43 3217368 ----a-w- c:\program files\-==-\Registry Mechanic\RegMech.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-01-30 10:54 16116224 ------r- c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-12-06 19:32 149280 ----a-w- c:\program files\-==-\Java\jre6\bin\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\-==-\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\-==-\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\-==-\\WinFast\\WFDTV\\DVBTAP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\-==-\\Ninja Trader 6.5\\bin\\NinjaTrader.exe"=
"c:\\Program Files\\-==-\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\-==-\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\-==-\\Ninja Trader 7\\bin\\NinjaTrader.exe"=
"c:\\Program Files\\-==-\\Trillian\\trillian.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\-==-\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\-==-\\MktDelta\\mktdelta.exe"=
"c:\\Program Files\\-==-\\SopCast\\SopCast.exe"=
"c:\\Program Files\\-==-\\VLC\\vlc.exe"=
"c:\\Program Files\\-==-\\Real Alternative\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\-==-\\QuickTime Alternative\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\Windows Media Player\\mplayer2.exe"=
"c:\\Program Files\\-==-\\Mafia 2 DEMO\\Steam\\Steam.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.8.2010 20:25 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5.12.2009 17:21 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.12.2009 17:21 20560]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [6.12.2009 16:22 75925]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [14.12.2009 13:01 583640]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [6.12.2009 16:22 36423]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [6.12.2009 16:22 10005]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\-__-~1\MICROS~1\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tomy\Data aplikací\Mozilla\Firefox\Profiles\8i3gnf8w.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\program files\-==-\Adobe Acrobat Reader\Reader\browser\nppdf32.dll
FF - plugin: c:\program files\-==-\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: c:\program files\-==-\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\-==-\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\-==-\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\-==-\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\-==-\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\-==-\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\program files\-==-\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-03 20:33
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\-==-\Avast\aswUpdSv.exe
c:\program files\-==-\Avast\ashServ.exe
c:\windows\system32\astsrv.exe
c:\program files\-==-\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wdfmgr.exe
c:\program files\-==-\Avast\ashMaiSv.exe
c:\program files\-==-\Avast\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2010-11-03 20:36:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-03 19:35
Před spuštěním: 4 108 726 272
Po spuštění: 4 584 955 904
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
- - End Of File - - 17F2A83C6E2E8EEEA144BAB7C839A4AB
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: při startu na pár minut zamrzají windows, nefunguje TV
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.Collect::
c:\windows\Dhipea.exe
c:\windows\Dhipec.exe
c:\windows\Dhipeb.exe
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: při startu na pár minut zamrzají windows, nefunguje TV
PC dělá stále ty stejné problémy. Při startu naskočí plocha windows, ale lišta za přesýpacích hodin nějakou dobu nereaguje. Až poté zazní znělka windows. Poté když zapnu WinFast TV program se zasekne a nereaguje. Začalo to dnes, kdy mi Avast začal hlásit nebezpečné soubory jeden za druhým. Nechal jsem ho tedy proskenovat PC a asi po 40 minutách skončil a smazal napadené soubory. Od té doby PC dělá zmíněné problémy. Děkuju za pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: při startu na pár minut zamrzají windows, nefunguje TV
Co to bylo za soubory?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: při startu na pár minut zamrzají windows, nefunguje TV
Konkrétní jména si nepamatuju, ale Avast u nich psal WIN32:BUBAK. Na to jsem tady na foru našel jeden odkaz, ale tam se problém podařilo vyřešit tím, co jsme teď udělali. Ten WinFast můžu zkusit přeinstalovat, ale co s tím chováním windows nevím.
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: při startu na pár minut zamrzají windows, nefunguje TV
Proto se ptám, jestli nesmazal něco ze systému. Dejte log z posledního skenu CF......ale co s tím chováním windows nevím.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: při startu na pár minut zamrzají windows, nefunguje TV
ComboFix mi už žádný log nevyhodil, ani když jsem ho spustil znovu. V adresářích na C: jsem taky žádný log nenašel.
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: při startu na pár minut zamrzají windows, nefunguje TV
Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte. Nedělám si ale iluze, vypadá to na poškozený systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: při startu na pár minut zamrzají windows, nefunguje TV
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 5038
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
3.11.2010 23:29:25
mbam-log-2010-11-03 (23-29-25).txt
Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 190193
Uplynulý čas: 28 minuta(y), 39 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\C8H1KKCTZV (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> No action taken.
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\System Volume Information\_restore{4964934C-D193-4101-9133-D08DA380C580}\RP1\A0002237.exe (Trojan.Downloader) -> No action taken.
www.malwarebytes.org
Verze databáze: 5038
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
3.11.2010 23:29:25
mbam-log-2010-11-03 (23-29-25).txt
Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 190193
Uplynulý čas: 28 minuta(y), 39 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\C8H1KKCTZV (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> No action taken.
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\System Volume Information\_restore{4964934C-D193-4101-9133-D08DA380C580}\RP1\A0002237.exe (Trojan.Downloader) -> No action taken.
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: při startu na pár minut zamrzají windows, nefunguje TV
Nalezené položky smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: při startu na pár minut zamrzají windows, nefunguje TV
Zkuste ještě toto: http://www.esagelab.com/files/bootkit_remover.rar . Po skenu vložte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: při startu na pár minut zamrzají windows, nefunguje TV
.\debug.cpp(238) : Debug log started at 04.11.2010 - 18:47:05
.\boot_cleaner.cpp(527) : Bootkit Remover
.\boot_cleaner.cpp(528) : (c) 2009 eSage Lab
.\boot_cleaner.cpp(529) : www.esagelab.com
.\boot_cleaner.cpp(533) : Program version: 1.2.0.0
.\boot_cleaner.cpp(540) : OS Version: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
.\debug.cpp(248) : **********************************************
.\debug.cpp(249) : *** [ LOADED MODULES INFORMATION ] ***********
.\debug.cpp(250) : **********************************************
.\debug.cpp(256) : 0x804d7000 0x0020d000 "\WINDOWS\system32\ntkrnlpa.exe"
.\debug.cpp(256) : 0x806e4000 0x00020d00 "\WINDOWS\system32\hal.dll"
.\debug.cpp(256) : 0xb85a8000 0x00002000 "\WINDOWS\system32\KDCOM.DLL"
.\debug.cpp(256) : 0xb84b8000 0x00003000 "\WINDOWS\system32\BOOTVID.dll"
.\debug.cpp(256) : 0xb7eb4000 0x000f3000 "spjx.sys"
.\debug.cpp(256) : 0xb85aa000 0x00002000 "\WINDOWS\System32\Drivers\WMILIB.SYS"
.\debug.cpp(256) : 0xb7e9c000 0x00018000 "\WINDOWS\System32\Drivers\SCSIPORT.SYS"
.\debug.cpp(256) : 0xb7e6e000 0x0002e000 "ACPI.sys"
.\debug.cpp(256) : 0xb7e5d000 0x00011000 "pci.sys"
.\debug.cpp(256) : 0xb80a8000 0x00010000 "ohci1394.sys"
.\debug.cpp(256) : 0xb80b8000 0x0000e000 "\WINDOWS\System32\DRIVERS\1394BUS.SYS"
.\debug.cpp(256) : 0xb80c8000 0x0000a000 "isapnp.sys"
.\debug.cpp(256) : 0xb8670000 0x00001000 "pciide.sys"
.\debug.cpp(256) : 0xb8328000 0x00007000 "\WINDOWS\System32\DRIVERS\PCIIDEX.SYS"
.\debug.cpp(256) : 0xb80d8000 0x0000b000 "MountMgr.sys"
.\debug.cpp(256) : 0xb7e3e000 0x0001f000 "ftdisk.sys"
.\debug.cpp(256) : 0xb8330000 0x00005000 "PartMgr.sys"
.\debug.cpp(256) : 0xb80e8000 0x0000d000 "VolSnap.sys"
.\debug.cpp(256) : 0xb7e26000 0x00018000 "atapi.sys"
.\debug.cpp(256) : 0xb80f8000 0x00009000 "disk.sys"
.\debug.cpp(256) : 0xb8108000 0x0000d000 "\WINDOWS\System32\DRIVERS\CLASSPNP.SYS"
.\debug.cpp(256) : 0xb7e06000 0x00020000 "fltmgr.sys"
.\debug.cpp(256) : 0xb7df4000 0x00012000 "sr.sys"
.\debug.cpp(256) : 0xb7ddd000 0x00017000 "KSecDD.sys"
.\debug.cpp(256) : 0xb7d50000 0x0008d000 "Ntfs.sys"
.\debug.cpp(256) : 0xb7d23000 0x0002d000 "NDIS.sys"
.\debug.cpp(256) : 0xb7d09000 0x0001a000 "Mup.sys"
.\debug.cpp(256) : 0xb7794000 0x0000a000 "\SystemRoot\System32\DRIVERS\intelppm.sys"
.\debug.cpp(256) : 0xb6f55000 0x007af000 "\SystemRoot\system32\DRIVERS\nv4_mini.sys"
.\debug.cpp(256) : 0xb6f41000 0x00014000 "\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS"
.\debug.cpp(256) : 0xb83f0000 0x00006000 "\SystemRoot\System32\DRIVERS\usbuhci.sys"
.\debug.cpp(256) : 0xb6f1d000 0x00024000 "\SystemRoot\System32\DRIVERS\USBPORT.SYS"
.\debug.cpp(256) : 0xb83f8000 0x00008000 "\SystemRoot\System32\DRIVERS\usbehci.sys"
.\debug.cpp(256) : 0xb6ef8000 0x00025000 "\SystemRoot\System32\DRIVERS\HDAudBus.sys"
.\debug.cpp(256) : 0xb7784000 0x0000b000 "\SystemRoot\System32\DRIVERS\imapi.sys"
.\debug.cpp(256) : 0xb8400000 0x00007000 "\SystemRoot\System32\Drivers\ULCDRHlp.sys"
.\debug.cpp(256) : 0xb7774000 0x00010000 "\SystemRoot\System32\DRIVERS\cdrom.sys"
.\debug.cpp(256) : 0xb7764000 0x0000f000 "\SystemRoot\System32\DRIVERS\redbook.sys"
.\debug.cpp(256) : 0xb6ed5000 0x00023000 "\SystemRoot\System32\DRIVERS\ks.sys"
.\debug.cpp(256) : 0xb6e98000 0x0003d000 "\SystemRoot\System32\DRIVERS\yk51x86.sys"
.\debug.cpp(256) : 0xb6e87000 0x00011000 "\SystemRoot\system32\drivers\wf2kvcap.sys"
.\debug.cpp(256) : 0xb7754000 0x0000d000 "\SystemRoot\system32\drivers\STREAM.SYS"
.\debug.cpp(256) : 0xb7744000 0x00010000 "\SystemRoot\System32\DRIVERS\nic1394.sys"
.\debug.cpp(256) : 0xb8408000 0x00007000 "\SystemRoot\System32\DRIVERS\fdc.sys"
.\debug.cpp(256) : 0xb6e4f000 0x00014000 "\SystemRoot\System32\DRIVERS\parport.sys"
.\debug.cpp(256) : 0xb85c2000 0x00002000 "\SystemRoot\System32\DRIVERS\ASACPI.sys"
.\debug.cpp(256) : 0xb7734000 0x00010000 "\SystemRoot\System32\DRIVERS\serial.sys"
.\debug.cpp(256) : 0xb8570000 0x00004000 "\SystemRoot\System32\DRIVERS\serenum.sys"
.\debug.cpp(256) : 0xb7724000 0x0000d000 "\SystemRoot\System32\DRIVERS\i8042prt.sys"
.\debug.cpp(256) : 0xb8410000 0x00006000 "\SystemRoot\System32\DRIVERS\kbdclass.sys"
.\debug.cpp(256) : 0xb6e16000 0x00039000 "\SystemRoot\System32\Drivers\av4ozlyj.SYS"
.\debug.cpp(256) : 0xb8724000 0x00001000 "\SystemRoot\System32\DRIVERS\audstub.sys"
.\debug.cpp(256) : 0xb7714000 0x0000d000 "\SystemRoot\System32\DRIVERS\rasl2tp.sys"
.\debug.cpp(256) : 0xb8580000 0x00003000 "\SystemRoot\System32\DRIVERS\ndistapi.sys"
.\debug.cpp(256) : 0xb6dff000 0x00017000 "\SystemRoot\System32\DRIVERS\ndiswan.sys"
.\debug.cpp(256) : 0xb7704000 0x0000b000 "\SystemRoot\System32\DRIVERS\raspppoe.sys"
.\debug.cpp(256) : 0xb8178000 0x0000c000 "\SystemRoot\System32\DRIVERS\raspptp.sys"
.\debug.cpp(256) : 0xb8478000 0x00005000 "\SystemRoot\System32\DRIVERS\TDI.SYS"
.\debug.cpp(256) : 0xb6dee000 0x00011000 "\SystemRoot\System32\DRIVERS\psched.sys"
.\debug.cpp(256) : 0xb8188000 0x00009000 "\SystemRoot\System32\DRIVERS\msgpc.sys"
.\debug.cpp(256) : 0xb8488000 0x00005000 "\SystemRoot\System32\DRIVERS\ptilink.sys"
.\debug.cpp(256) : 0xb8490000 0x00005000 "\SystemRoot\System32\DRIVERS\raspti.sys"
.\debug.cpp(256) : 0xb81b8000 0x0000a000 "\SystemRoot\System32\DRIVERS\termdd.sys"
.\debug.cpp(256) : 0xb8498000 0x00006000 "\SystemRoot\System32\DRIVERS\mouclass.sys"
.\debug.cpp(256) : 0xb85c8000 0x00002000 "\SystemRoot\System32\DRIVERS\swenum.sys"
.\debug.cpp(256) : 0xb6d90000 0x0005e000 "\SystemRoot\System32\DRIVERS\update.sys"
.\debug.cpp(256) : 0xb8594000 0x00004000 "\SystemRoot\System32\DRIVERS\mssmbios.sys"
.\debug.cpp(256) : 0xb81c8000 0x0000a000 "\SystemRoot\System32\Drivers\NDProxy.SYS"
.\debug.cpp(256) : 0xb81e8000 0x0000f000 "\SystemRoot\System32\DRIVERS\usbhub.sys"
.\debug.cpp(256) : 0xb85d0000 0x00002000 "\SystemRoot\System32\DRIVERS\USBD.SYS"
.\debug.cpp(256) : 0xb47fe000 0x0046a000 "\SystemRoot\system32\drivers\RtkHDAud.sys"
.\debug.cpp(256) : 0xb47da000 0x00024000 "\SystemRoot\system32\drivers\portcls.sys"
.\debug.cpp(256) : 0xb8218000 0x0000f000 "\SystemRoot\system32\drivers\drmk.sys"
.\debug.cpp(256) : 0xb8228000 0x00009000 "\SystemRoot\system32\drivers\wf2ktunr.sys"
.\debug.cpp(256) : 0xb858c000 0x00003000 "\SystemRoot\system32\drivers\wf2kxbar.sys"
.\debug.cpp(256) : 0xb84b0000 0x00005000 "\SystemRoot\System32\DRIVERS\flpydisk.sys"
.\debug.cpp(256) : 0xb85ea000 0x00002000 "\SystemRoot\System32\Drivers\Fs_Rec.SYS"
.\debug.cpp(256) : 0xb86d7000 0x00001000 "\SystemRoot\System32\Drivers\Null.SYS"
.\debug.cpp(256) : 0xb85ec000 0x00002000 "\SystemRoot\System32\Drivers\Beep.SYS"
.\debug.cpp(256) : 0xb8340000 0x00006000 "\SystemRoot\System32\drivers\vga.sys"
.\debug.cpp(256) : 0xb85ee000 0x00002000 "\SystemRoot\System32\Drivers\mnmdd.SYS"
.\debug.cpp(256) : 0xb85f0000 0x00002000 "\SystemRoot\System32\DRIVERS\RDPCDD.sys"
.\debug.cpp(256) : 0xb8348000 0x00005000 "\SystemRoot\System32\Drivers\Msfs.SYS"
.\debug.cpp(256) : 0xb8380000 0x00008000 "\SystemRoot\System32\Drivers\Npfs.SYS"
.\debug.cpp(256) : 0xb7cd1000 0x00003000 "\SystemRoot\System32\DRIVERS\rasacd.sys"
.\debug.cpp(256) : 0xb46b7000 0x00013000 "\SystemRoot\System32\DRIVERS\ipsec.sys"
.\debug.cpp(256) : 0xb465e000 0x00059000 "\SystemRoot\System32\DRIVERS\tcpip.sys"
.\debug.cpp(256) : 0xb8248000 0x0000a000 "\SystemRoot\System32\Drivers\aswTdi.SYS"
.\debug.cpp(256) : 0xb4638000 0x00026000 "\SystemRoot\System32\DRIVERS\ipnat.sys"
.\debug.cpp(256) : 0xb4610000 0x00028000 "\SystemRoot\System32\DRIVERS\netbt.sys"
.\debug.cpp(256) : 0xb8258000 0x00009000 "\SystemRoot\System32\DRIVERS\wanarp.sys"
.\debug.cpp(256) : 0xb45ee000 0x00022000 "\SystemRoot\System32\drivers\afd.sys"
.\debug.cpp(256) : 0xb8268000 0x00009000 "\SystemRoot\System32\DRIVERS\netbios.sys"
.\debug.cpp(256) : 0xb8278000 0x0000f000 "\SystemRoot\System32\DRIVERS\arp1394.sys"
.\debug.cpp(256) : 0xb45c3000 0x0002b000 "\SystemRoot\System32\DRIVERS\rdbss.sys"
.\debug.cpp(256) : 0xb4553000 0x00070000 "\SystemRoot\System32\DRIVERS\mrxsmb.sys"
.\debug.cpp(256) : 0xb8298000 0x0000b000 "\SystemRoot\System32\Drivers\Fips.SYS"
.\debug.cpp(256) : 0xb4532000 0x00021000 "\SystemRoot\System32\Drivers\aswSP.SYS"
.\debug.cpp(256) : 0xb8388000 0x00005000 "\SystemRoot\System32\Drivers\Aavmker4.SYS"
.\debug.cpp(256) : 0xb4c6c000 0x00003000 "\SystemRoot\System32\DRIVERS\hidusb.sys"
.\debug.cpp(256) : 0xb82b8000 0x00009000 "\SystemRoot\System32\DRIVERS\HIDCLASS.SYS"
.\debug.cpp(256) : 0xb8390000 0x00007000 "\SystemRoot\System32\DRIVERS\HIDPARSE.SYS"
.\debug.cpp(256) : 0xb4c68000 0x00003000 "\SystemRoot\System32\DRIVERS\mouhid.sys"
.\debug.cpp(256) : 0xb82c8000 0x00010000 "\SystemRoot\System32\Drivers\Cdfs.SYS"
.\debug.cpp(256) : 0xb44f2000 0x00018000 "\SystemRoot\System32\Drivers\dump_atapi.sys"
.\debug.cpp(256) : 0xb85f8000 0x00002000 "\SystemRoot\System32\Drivers\dump_WMILIB.SYS"
.\debug.cpp(256) : 0xbf800000 0x001c5000 "\SystemRoot\System32\win32k.sys"
.\debug.cpp(256) : 0xb47b6000 0x00003000 "\SystemRoot\System32\drivers\Dxapi.sys"
.\debug.cpp(256) : 0xb83a0000 0x00005000 "\SystemRoot\System32\watchdog.sys"
.\debug.cpp(256) : 0xbd000000 0x00012000 "\SystemRoot\System32\drivers\dxg.sys"
.\debug.cpp(256) : 0xb878f000 0x00001000 "\SystemRoot\System32\drivers\dxgthk.sys"
.\debug.cpp(256) : 0xbd012000 0x005a0000 "\SystemRoot\System32\nv4_disp.dll"
.\debug.cpp(256) : 0xbffa0000 0x00046000 "\SystemRoot\System32\ATMFD.DLL"
.\debug.cpp(256) : 0xb83c8000 0x00008000 "\SystemRoot\system32\DRIVERS\aswFsBlk.sys"
.\debug.cpp(256) : 0xb41de000 0x00004000 "\SystemRoot\System32\DRIVERS\ndisuio.sys"
.\debug.cpp(256) : 0xb405c000 0x00016000 "\SystemRoot\System32\Drivers\aswMon2.SYS"
.\debug.cpp(256) : 0xb3d27000 0x00015000 "\SystemRoot\system32\drivers\wdmaud.sys"
.\debug.cpp(256) : 0xb3ecc000 0x0000f000 "\SystemRoot\system32\drivers\sysaudio.sys"
.\debug.cpp(256) : 0xb3c5a000 0x0002d000 "\SystemRoot\System32\DRIVERS\mrxdav.sys"
.\debug.cpp(256) : 0xb862a000 0x00002000 "\SystemRoot\System32\Drivers\ParVdm.SYS"
.\debug.cpp(256) : 0xb3bb2000 0x00058000 "\SystemRoot\System32\DRIVERS\srv.sys"
.\debug.cpp(256) : 0xb3ace000 0x00003000 "\??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS"
.\debug.cpp(256) : 0xb3906000 0x00004000 "\SystemRoot\System32\Drivers\aswRdr.SYS"
.\debug.cpp(256) : 0xb360b000 0x00041000 "\SystemRoot\System32\Drivers\HTTP.sys"
.\debug.cpp(256) : 0x7c900000 0x000b1000 "\WINDOWS\system32\ntdll.dll"
.\debug.cpp(256) : 0x10000000 0x0022d000 "\Program Files\-==-\DAEMON Tools\Engine.dll"
.\debug.cpp(263) : **********************************************
.\debug.cpp(307) : *** [ DEVICE OBJECTS INFORMATION ] ***********
.\debug.cpp(308) : **********************************************
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\D:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDIS"
.\debug.cpp(400) : Destination "\Device\Ndis"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi3:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{86841137-ed8e-4d97-9975-f2ed56b4430e}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY1"
.\debug.cpp(400) : Destination "\Device\Video0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_UVAH&Prod_UZ49MNK&Rev_1.03#5&36e5972&0&000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\av4ozlyj1Port6Path0Target0Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWSP"
.\debug.cpp(400) : Destination "\Device\aswSP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY2"
.\debug.cpp(400) : Destination "\Device\Video1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{44BBC365-13E1-47EC-A3DD-061D7E459A9A}"
.\debug.cpp(400) : Destination "\Device\{44BBC365-13E1-47EC-A3DD-061D7E459A9A}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{71985f4a-1ca1-11d3-9cc8-00c04f7971e0}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip"
.\debug.cpp(400) : Destination "\Device\Ip"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_046d&Pid_c050#5&2e981854&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Pot2"
.\debug.cpp(400) : Destination "\Device\aswSP_Pot2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY3"
.\debug.cpp(400) : Destination "\Device\Video2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Stream#ltxbar.boardmux#5&2c553863&2&1#{a799a801-a46d-11d0-a18c-00a02401dcd4}"
.\debug.cpp(400) : Destination "\Device\00000079"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2935&SUBSYS_82771043&REV_02#3&11583659&0&E9#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0011"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&Signature6FD06FDOffset7FFD6A000Length4285D6E200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\E:"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPSECDev"
.\debug.cpp(400) : Destination "\Device\IPSEC"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY4"
.\debug.cpp(400) : Destination "\Device\Video3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0401#4&1400782c&0#{97f76ef0-f883-11d0-af1f-0000f800845c}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ATKACPI"
.\debug.cpp(400) : Destination "\Device\ATKACPI"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDPROXY"
.\debug.cpp(400) : Destination "\Device\NDProxy"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWMON"
.\debug.cpp(400) : Destination "\Device\aswMon"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi4:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&5793eda&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9aa4a2cc-81e0-4cfd-802f-0f74526d2bd3}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\$VDMLPT1"
.\debug.cpp(400) : Destination "\Device\ParallelVdm0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Stream#lttuner.philips#5&2c553863&2&0#{a799a800-a46d-11d0-a18c-00a02401dcd4}"
.\debug.cpp(400) : Destination "\Device\00000078"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2939&SUBSYS_82771043&REV_02#3&11583659&0&D2#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0004"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3c0d501a-140b-11d1-b40f-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{fd0a5af4-b41d-11d2-9c95-00c04f7971e0}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&f0a46d8&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIDataDevice"
.\debug.cpp(400) : Destination "\Device\WMIDataDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\F:"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi5:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\COM1"
.\debug.cpp(400) : Destination "\Device\Serial0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{D7D0D921-7EB3-4B18-9330-ECC1E93BDB69}"
.\debug.cpp(400) : Destination "\Device\{D7D0D921-7EB3-4B18-9330-ECC1E93BDB69}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PIPE"
.\debug.cpp(400) : Destination "\Device\NamedPipe"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{2eb07ea0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H12N________________UL01____#344b364b4d413539323120362020202020202020#{1186654d-47b8-48b9-beb9-7df113ae3c67}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T1L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_15#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000038"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSched"
.\debug.cpp(400) : Destination "\Device\PSched"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_UVAH&Prod_UZ49MNK&Rev_1.03#5&36e5972&0&000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\av4ozlyj1Port6Path0Target0Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UNC"
.\debug.cpp(400) : Destination "\Device\Mup"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPNAT"
.\debug.cpp(400) : Destination "\Device\IPNAT"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2934&SUBSYS_82771043&REV_02#3&11583659&0&E8#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0010"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{99EF8462-A82F-4228-8FED-B51666E9C9A0}"
.\debug.cpp(400) : Destination "\Device\{99EF8462-A82F-4228-8FED-B51666E9C9A0}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{0a4252a0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H12N________________UL01____#344b364b4d413539323120362020202020202020#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T1L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD0"
.\debug.cpp(400) : Destination "\Device\USBFDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWTDI"
.\debug.cpp(400) : Destination "\Device\ASWTDI"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi6:"
.\debug.cpp(400) : Destination "\Device\Scsi\av4ozlyj1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tcp"
.\debug.cpp(400) : Destination "\Device\Tcp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_109E&DEV_036E&SUBSYS_6609107D&REV_11#4&19abe7de&0&08F0#{a799a802-a46d-11d0-a18c-00a02401dcd4}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0019"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgrMsg"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgrMsg"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LCD"
.\debug.cpp(400) : Destination "\Device\VideoPdo0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD1"
.\debug.cpp(400) : Destination "\Device\USBFDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000030"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive0"
.\debug.cpp(400) : Destination "\Device\Harddisk0\DR0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PRN"
.\debug.cpp(400) : Destination "\DosDevices\LPT1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD2"
.\debug.cpp(400) : Destination "\Device\USBFDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{cf1dda2c-9743-11d0-a3ee-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{53172480-4791-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{88ABAD45-7420-4B3E-9716-EBCBD5BB56E4}"
.\debug.cpp(400) : Destination "\Device\{88ABAD45-7420-4B3E-9716-EBCBD5BB56E4}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\sysaudio"
.\debug.cpp(400) : Destination "\Device\sysaudio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fsWrap"
.\debug.cpp(400) : Destination "\Device\FsWrap"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD3"
.\debug.cpp(400) : Destination "\Device\USBFDO-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom0"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD4"
.\debug.cpp(400) : Destination "\Device\USBFDO-4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2937&SUBSYS_82771043&REV_02#3&11583659&0&D0#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom1"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD5"
.\debug.cpp(400) : Destination "\Device\USBFDO-5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&24798f4b&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#FixedButton#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000003d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0C#aa#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000003c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Global"
.\debug.cpp(400) : Destination "\GLOBAL??"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0501#1#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(400) : Destination "\Device\00000061"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LPTENUM#MicrosoftRawPort#5&1042ac50&0&LPT1#{811fc6a5-f728-11d0-a537-0000f8753ed1}"
.\debug.cpp(400) : Destination "\Device\Parallel0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD6"
.\debug.cpp(400) : Destination "\Device\USBFDO-6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD7"
.\debug.cpp(400) : Destination "\Device\USBFDO-7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2936&SUBSYS_82771043&REV_02#3&11583659&0&EA#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0012"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\V1394#NIC1394#1926a01e8c00#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000053"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3e227e76-690d-11d2-8161-0000f8775bf1}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c050#6&5c474f3&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\0000007c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10DE&DEV_0421&SUBSYS_34451458&REV_A1#4&196afe53&0&0008#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0022"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNPA000#4&5d18f2df&0#{2accfe60-c130-11d2-b082-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\0000003f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H12N________________UL01____#344b364b4d413539323120362020202020202020#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T1L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ARP1394"
.\debug.cpp(400) : Destination "\Device\ARP1394"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&c7613f9&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{07dad660-22f1-11d1-a9f4-00c04fbbde8f}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8a3607c6-e1a5-11de-921c-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\Floppy0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_109E&DEV_036E&SUBSYS_6609107D&REV_11#4&19abe7de&0&08F0#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0019"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0501#1#{4d36e978-e325-11ce-bfc1-08002be10318}"
.\debug.cpp(400) : Destination "\Device\00000061"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FDC#GENERIC_FLOPPY_DRIVE#5&2f5382bd&0&0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\FloppyPDO0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&2b4a457f&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_15#_1#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000039"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8a3607c9-e1a5-11de-921c-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MountPointManager"
.\debug.cpp(400) : Destination "\Device\MountPointManager"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AAVMKER4"
.\debug.cpp(400) : Destination "\Device\AavmKer4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArp"
.\debug.cpp(400) : Destination "\Device\WANARP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ftdisk#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8a3607c8-e1a5-11de-921c-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\A:"
.\debug.cpp(400) : Destination "\Device\Floppy0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WFIOCTL"
.\debug.cpp(400) : Destination "\Device\WFIOCTL"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIP"
.\debug.cpp(400) : Destination "\Device\NdisWanIp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&1400782c&0#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000063"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi0:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&19b04fbe&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_293A&SUBSYS_82771043&REV_02#3&11583659&0&EF#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0013"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{AA50BDF6-C4CD-45A2-868D-4EA33CEB31F7}"
.\debug.cpp(400) : Destination "\Device\{AA50BDF6-C4CD-45A2-868D-4EA33CEB31F7}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\1394BUS0"
.\debug.cpp(400) : Destination "\Device\1394BUS0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c050#6&5c474f3&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\0000007c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_109E&DEV_036E&SUBSYS_6609107D&REV_11#4&19abe7de&0&08F0#{6994ad05-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0019"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&45983f6&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2938&SUBSYS_82771043&REV_02#3&11583659&0&D1#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0003"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{4747b320-62ce-11cf-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK1"
.\debug.cpp(400) : Destination "\Device\ParTechInc0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8a3607c7-e1a5-11de-921c-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISTAPI"
.\debug.cpp(400) : Destination "\Device\NdisTapi"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NdisWan"
.\debug.cpp(400) : Destination "\Device\NdisWan"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskWDC_WD3200AAKS-00VYA0___________________12.01B02#5&18fda9ce&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP2T0L0-10"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi1:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPMULTICAST"
.\debug.cpp(400) : Destination "\Device\IPMULTICAST"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LPT1"
.\debug.cpp(400) : Destination "\Device\Parallel0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{578D45E4-F7B5-4541-963B-18AF0037BFEA}"
.\debug.cpp(400) : Destination "\Device\{578D45E4-F7B5-4541-963B-18AF0037BFEA}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK2"
.\debug.cpp(400) : Destination "\Device\ParTechInc1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Shadow"
.\debug.cpp(400) : Destination "\Device\LanmanRedirector"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK3"
.\debug.cpp(400) : Destination "\Device\ParTechInc2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12#4&625283&0&00E5#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0024"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgr"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FtControl"
.\debug.cpp(400) : Destination "\Device\FtControl"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\C:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Avar"
.\debug.cpp(400) : Destination "\Device\aswSP_Avar"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWRDR"
.\debug.cpp(400) : Destination "\Device\ASWRDR"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MAILSLOT"
.\debug.cpp(400) : Destination "\Device\MailSlot"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AUX"
.\debug.cpp(400) : Destination "\DosDevices\COM1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&1400782c&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\00000063"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\GLOBALROOT"
.\debug.cpp(400) : Destination ""
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ndisuio"
.\debug.cpp(400) : Destination "\Device\Ndisuio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000032"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi2:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NUL"
.\debug.cpp(400) : Destination "\Device\Null"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&15dafd0c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{7bc7054a-b536-11df-8f95-001e8c6d61da}"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&Signature6FD06FDOffset7E00Length7FFD5A400#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_KBD#0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000031"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_293C&SUBSYS_82771043&REV_02#3&11583659&0&D7#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0005"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{CF848F95-CA7A-40C1-8114-C30F912C69F8}"
.\debug.cpp(400) : Destination "\Device\{CF848F95-CA7A-40C1-8114-C30F912C69F8}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{4A2523BC-4265-4CCA-BD67-374C4F8BB3CF}"
.\debug.cpp(400) : Destination "\Device\{4A2523BC-4265-4CCA-BD67-374C4F8BB3CF}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1106&DEV_3044&SUBSYS_81FE1043&REV_C0#4&19abe7de&0&10F0#{6bdd1fc1-810f-11d0-bec7-08002be2092f}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0021"
.\debug.cpp(409) : --
.\debug.cpp(453) : **********************************************
.\boot_cleaner.cpp(565) : System volume is \\.\C:
.\boot_cleaner.cpp(600) : \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
.\boot_cleaner.cpp(276) : Boot sector MD5 is: ee7fe9f24bc949ea3a78cf7064fbe50b
.\boot_cleaner.cpp(1060) :
.\boot_cleaner.cpp(1061) : Size Device Name MBR Status
.\boot_cleaner.cpp(1062) : --------------------------------------------
.\boot_cleaner.cpp(1106) : 298 GB \\.\PhysicalDrive0 Unknown boot code
.\boot_cleaner.cpp(1112) :
.\boot_cleaner.cpp(1118) : Unknown boot code has been found on some of your physical disks.
.\boot_cleaner.cpp(1120) : To inspect the boot code manually, dump the master boot sector:
.\boot_cleaner.cpp(1121) : remover.exe dump <device_name> [output_file]
.\boot_cleaner.cpp(1125) : To disinfect the master boot sector, use the following command:
.\boot_cleaner.cpp(1126) : remover.exe fix <device_name>
.\boot_cleaner.cpp(1129) :
.\boot_cleaner.cpp(1151) : Done;
.\boot_cleaner.cpp(527) : Bootkit Remover
.\boot_cleaner.cpp(528) : (c) 2009 eSage Lab
.\boot_cleaner.cpp(529) : www.esagelab.com
.\boot_cleaner.cpp(533) : Program version: 1.2.0.0
.\boot_cleaner.cpp(540) : OS Version: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
.\debug.cpp(248) : **********************************************
.\debug.cpp(249) : *** [ LOADED MODULES INFORMATION ] ***********
.\debug.cpp(250) : **********************************************
.\debug.cpp(256) : 0x804d7000 0x0020d000 "\WINDOWS\system32\ntkrnlpa.exe"
.\debug.cpp(256) : 0x806e4000 0x00020d00 "\WINDOWS\system32\hal.dll"
.\debug.cpp(256) : 0xb85a8000 0x00002000 "\WINDOWS\system32\KDCOM.DLL"
.\debug.cpp(256) : 0xb84b8000 0x00003000 "\WINDOWS\system32\BOOTVID.dll"
.\debug.cpp(256) : 0xb7eb4000 0x000f3000 "spjx.sys"
.\debug.cpp(256) : 0xb85aa000 0x00002000 "\WINDOWS\System32\Drivers\WMILIB.SYS"
.\debug.cpp(256) : 0xb7e9c000 0x00018000 "\WINDOWS\System32\Drivers\SCSIPORT.SYS"
.\debug.cpp(256) : 0xb7e6e000 0x0002e000 "ACPI.sys"
.\debug.cpp(256) : 0xb7e5d000 0x00011000 "pci.sys"
.\debug.cpp(256) : 0xb80a8000 0x00010000 "ohci1394.sys"
.\debug.cpp(256) : 0xb80b8000 0x0000e000 "\WINDOWS\System32\DRIVERS\1394BUS.SYS"
.\debug.cpp(256) : 0xb80c8000 0x0000a000 "isapnp.sys"
.\debug.cpp(256) : 0xb8670000 0x00001000 "pciide.sys"
.\debug.cpp(256) : 0xb8328000 0x00007000 "\WINDOWS\System32\DRIVERS\PCIIDEX.SYS"
.\debug.cpp(256) : 0xb80d8000 0x0000b000 "MountMgr.sys"
.\debug.cpp(256) : 0xb7e3e000 0x0001f000 "ftdisk.sys"
.\debug.cpp(256) : 0xb8330000 0x00005000 "PartMgr.sys"
.\debug.cpp(256) : 0xb80e8000 0x0000d000 "VolSnap.sys"
.\debug.cpp(256) : 0xb7e26000 0x00018000 "atapi.sys"
.\debug.cpp(256) : 0xb80f8000 0x00009000 "disk.sys"
.\debug.cpp(256) : 0xb8108000 0x0000d000 "\WINDOWS\System32\DRIVERS\CLASSPNP.SYS"
.\debug.cpp(256) : 0xb7e06000 0x00020000 "fltmgr.sys"
.\debug.cpp(256) : 0xb7df4000 0x00012000 "sr.sys"
.\debug.cpp(256) : 0xb7ddd000 0x00017000 "KSecDD.sys"
.\debug.cpp(256) : 0xb7d50000 0x0008d000 "Ntfs.sys"
.\debug.cpp(256) : 0xb7d23000 0x0002d000 "NDIS.sys"
.\debug.cpp(256) : 0xb7d09000 0x0001a000 "Mup.sys"
.\debug.cpp(256) : 0xb7794000 0x0000a000 "\SystemRoot\System32\DRIVERS\intelppm.sys"
.\debug.cpp(256) : 0xb6f55000 0x007af000 "\SystemRoot\system32\DRIVERS\nv4_mini.sys"
.\debug.cpp(256) : 0xb6f41000 0x00014000 "\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS"
.\debug.cpp(256) : 0xb83f0000 0x00006000 "\SystemRoot\System32\DRIVERS\usbuhci.sys"
.\debug.cpp(256) : 0xb6f1d000 0x00024000 "\SystemRoot\System32\DRIVERS\USBPORT.SYS"
.\debug.cpp(256) : 0xb83f8000 0x00008000 "\SystemRoot\System32\DRIVERS\usbehci.sys"
.\debug.cpp(256) : 0xb6ef8000 0x00025000 "\SystemRoot\System32\DRIVERS\HDAudBus.sys"
.\debug.cpp(256) : 0xb7784000 0x0000b000 "\SystemRoot\System32\DRIVERS\imapi.sys"
.\debug.cpp(256) : 0xb8400000 0x00007000 "\SystemRoot\System32\Drivers\ULCDRHlp.sys"
.\debug.cpp(256) : 0xb7774000 0x00010000 "\SystemRoot\System32\DRIVERS\cdrom.sys"
.\debug.cpp(256) : 0xb7764000 0x0000f000 "\SystemRoot\System32\DRIVERS\redbook.sys"
.\debug.cpp(256) : 0xb6ed5000 0x00023000 "\SystemRoot\System32\DRIVERS\ks.sys"
.\debug.cpp(256) : 0xb6e98000 0x0003d000 "\SystemRoot\System32\DRIVERS\yk51x86.sys"
.\debug.cpp(256) : 0xb6e87000 0x00011000 "\SystemRoot\system32\drivers\wf2kvcap.sys"
.\debug.cpp(256) : 0xb7754000 0x0000d000 "\SystemRoot\system32\drivers\STREAM.SYS"
.\debug.cpp(256) : 0xb7744000 0x00010000 "\SystemRoot\System32\DRIVERS\nic1394.sys"
.\debug.cpp(256) : 0xb8408000 0x00007000 "\SystemRoot\System32\DRIVERS\fdc.sys"
.\debug.cpp(256) : 0xb6e4f000 0x00014000 "\SystemRoot\System32\DRIVERS\parport.sys"
.\debug.cpp(256) : 0xb85c2000 0x00002000 "\SystemRoot\System32\DRIVERS\ASACPI.sys"
.\debug.cpp(256) : 0xb7734000 0x00010000 "\SystemRoot\System32\DRIVERS\serial.sys"
.\debug.cpp(256) : 0xb8570000 0x00004000 "\SystemRoot\System32\DRIVERS\serenum.sys"
.\debug.cpp(256) : 0xb7724000 0x0000d000 "\SystemRoot\System32\DRIVERS\i8042prt.sys"
.\debug.cpp(256) : 0xb8410000 0x00006000 "\SystemRoot\System32\DRIVERS\kbdclass.sys"
.\debug.cpp(256) : 0xb6e16000 0x00039000 "\SystemRoot\System32\Drivers\av4ozlyj.SYS"
.\debug.cpp(256) : 0xb8724000 0x00001000 "\SystemRoot\System32\DRIVERS\audstub.sys"
.\debug.cpp(256) : 0xb7714000 0x0000d000 "\SystemRoot\System32\DRIVERS\rasl2tp.sys"
.\debug.cpp(256) : 0xb8580000 0x00003000 "\SystemRoot\System32\DRIVERS\ndistapi.sys"
.\debug.cpp(256) : 0xb6dff000 0x00017000 "\SystemRoot\System32\DRIVERS\ndiswan.sys"
.\debug.cpp(256) : 0xb7704000 0x0000b000 "\SystemRoot\System32\DRIVERS\raspppoe.sys"
.\debug.cpp(256) : 0xb8178000 0x0000c000 "\SystemRoot\System32\DRIVERS\raspptp.sys"
.\debug.cpp(256) : 0xb8478000 0x00005000 "\SystemRoot\System32\DRIVERS\TDI.SYS"
.\debug.cpp(256) : 0xb6dee000 0x00011000 "\SystemRoot\System32\DRIVERS\psched.sys"
.\debug.cpp(256) : 0xb8188000 0x00009000 "\SystemRoot\System32\DRIVERS\msgpc.sys"
.\debug.cpp(256) : 0xb8488000 0x00005000 "\SystemRoot\System32\DRIVERS\ptilink.sys"
.\debug.cpp(256) : 0xb8490000 0x00005000 "\SystemRoot\System32\DRIVERS\raspti.sys"
.\debug.cpp(256) : 0xb81b8000 0x0000a000 "\SystemRoot\System32\DRIVERS\termdd.sys"
.\debug.cpp(256) : 0xb8498000 0x00006000 "\SystemRoot\System32\DRIVERS\mouclass.sys"
.\debug.cpp(256) : 0xb85c8000 0x00002000 "\SystemRoot\System32\DRIVERS\swenum.sys"
.\debug.cpp(256) : 0xb6d90000 0x0005e000 "\SystemRoot\System32\DRIVERS\update.sys"
.\debug.cpp(256) : 0xb8594000 0x00004000 "\SystemRoot\System32\DRIVERS\mssmbios.sys"
.\debug.cpp(256) : 0xb81c8000 0x0000a000 "\SystemRoot\System32\Drivers\NDProxy.SYS"
.\debug.cpp(256) : 0xb81e8000 0x0000f000 "\SystemRoot\System32\DRIVERS\usbhub.sys"
.\debug.cpp(256) : 0xb85d0000 0x00002000 "\SystemRoot\System32\DRIVERS\USBD.SYS"
.\debug.cpp(256) : 0xb47fe000 0x0046a000 "\SystemRoot\system32\drivers\RtkHDAud.sys"
.\debug.cpp(256) : 0xb47da000 0x00024000 "\SystemRoot\system32\drivers\portcls.sys"
.\debug.cpp(256) : 0xb8218000 0x0000f000 "\SystemRoot\system32\drivers\drmk.sys"
.\debug.cpp(256) : 0xb8228000 0x00009000 "\SystemRoot\system32\drivers\wf2ktunr.sys"
.\debug.cpp(256) : 0xb858c000 0x00003000 "\SystemRoot\system32\drivers\wf2kxbar.sys"
.\debug.cpp(256) : 0xb84b0000 0x00005000 "\SystemRoot\System32\DRIVERS\flpydisk.sys"
.\debug.cpp(256) : 0xb85ea000 0x00002000 "\SystemRoot\System32\Drivers\Fs_Rec.SYS"
.\debug.cpp(256) : 0xb86d7000 0x00001000 "\SystemRoot\System32\Drivers\Null.SYS"
.\debug.cpp(256) : 0xb85ec000 0x00002000 "\SystemRoot\System32\Drivers\Beep.SYS"
.\debug.cpp(256) : 0xb8340000 0x00006000 "\SystemRoot\System32\drivers\vga.sys"
.\debug.cpp(256) : 0xb85ee000 0x00002000 "\SystemRoot\System32\Drivers\mnmdd.SYS"
.\debug.cpp(256) : 0xb85f0000 0x00002000 "\SystemRoot\System32\DRIVERS\RDPCDD.sys"
.\debug.cpp(256) : 0xb8348000 0x00005000 "\SystemRoot\System32\Drivers\Msfs.SYS"
.\debug.cpp(256) : 0xb8380000 0x00008000 "\SystemRoot\System32\Drivers\Npfs.SYS"
.\debug.cpp(256) : 0xb7cd1000 0x00003000 "\SystemRoot\System32\DRIVERS\rasacd.sys"
.\debug.cpp(256) : 0xb46b7000 0x00013000 "\SystemRoot\System32\DRIVERS\ipsec.sys"
.\debug.cpp(256) : 0xb465e000 0x00059000 "\SystemRoot\System32\DRIVERS\tcpip.sys"
.\debug.cpp(256) : 0xb8248000 0x0000a000 "\SystemRoot\System32\Drivers\aswTdi.SYS"
.\debug.cpp(256) : 0xb4638000 0x00026000 "\SystemRoot\System32\DRIVERS\ipnat.sys"
.\debug.cpp(256) : 0xb4610000 0x00028000 "\SystemRoot\System32\DRIVERS\netbt.sys"
.\debug.cpp(256) : 0xb8258000 0x00009000 "\SystemRoot\System32\DRIVERS\wanarp.sys"
.\debug.cpp(256) : 0xb45ee000 0x00022000 "\SystemRoot\System32\drivers\afd.sys"
.\debug.cpp(256) : 0xb8268000 0x00009000 "\SystemRoot\System32\DRIVERS\netbios.sys"
.\debug.cpp(256) : 0xb8278000 0x0000f000 "\SystemRoot\System32\DRIVERS\arp1394.sys"
.\debug.cpp(256) : 0xb45c3000 0x0002b000 "\SystemRoot\System32\DRIVERS\rdbss.sys"
.\debug.cpp(256) : 0xb4553000 0x00070000 "\SystemRoot\System32\DRIVERS\mrxsmb.sys"
.\debug.cpp(256) : 0xb8298000 0x0000b000 "\SystemRoot\System32\Drivers\Fips.SYS"
.\debug.cpp(256) : 0xb4532000 0x00021000 "\SystemRoot\System32\Drivers\aswSP.SYS"
.\debug.cpp(256) : 0xb8388000 0x00005000 "\SystemRoot\System32\Drivers\Aavmker4.SYS"
.\debug.cpp(256) : 0xb4c6c000 0x00003000 "\SystemRoot\System32\DRIVERS\hidusb.sys"
.\debug.cpp(256) : 0xb82b8000 0x00009000 "\SystemRoot\System32\DRIVERS\HIDCLASS.SYS"
.\debug.cpp(256) : 0xb8390000 0x00007000 "\SystemRoot\System32\DRIVERS\HIDPARSE.SYS"
.\debug.cpp(256) : 0xb4c68000 0x00003000 "\SystemRoot\System32\DRIVERS\mouhid.sys"
.\debug.cpp(256) : 0xb82c8000 0x00010000 "\SystemRoot\System32\Drivers\Cdfs.SYS"
.\debug.cpp(256) : 0xb44f2000 0x00018000 "\SystemRoot\System32\Drivers\dump_atapi.sys"
.\debug.cpp(256) : 0xb85f8000 0x00002000 "\SystemRoot\System32\Drivers\dump_WMILIB.SYS"
.\debug.cpp(256) : 0xbf800000 0x001c5000 "\SystemRoot\System32\win32k.sys"
.\debug.cpp(256) : 0xb47b6000 0x00003000 "\SystemRoot\System32\drivers\Dxapi.sys"
.\debug.cpp(256) : 0xb83a0000 0x00005000 "\SystemRoot\System32\watchdog.sys"
.\debug.cpp(256) : 0xbd000000 0x00012000 "\SystemRoot\System32\drivers\dxg.sys"
.\debug.cpp(256) : 0xb878f000 0x00001000 "\SystemRoot\System32\drivers\dxgthk.sys"
.\debug.cpp(256) : 0xbd012000 0x005a0000 "\SystemRoot\System32\nv4_disp.dll"
.\debug.cpp(256) : 0xbffa0000 0x00046000 "\SystemRoot\System32\ATMFD.DLL"
.\debug.cpp(256) : 0xb83c8000 0x00008000 "\SystemRoot\system32\DRIVERS\aswFsBlk.sys"
.\debug.cpp(256) : 0xb41de000 0x00004000 "\SystemRoot\System32\DRIVERS\ndisuio.sys"
.\debug.cpp(256) : 0xb405c000 0x00016000 "\SystemRoot\System32\Drivers\aswMon2.SYS"
.\debug.cpp(256) : 0xb3d27000 0x00015000 "\SystemRoot\system32\drivers\wdmaud.sys"
.\debug.cpp(256) : 0xb3ecc000 0x0000f000 "\SystemRoot\system32\drivers\sysaudio.sys"
.\debug.cpp(256) : 0xb3c5a000 0x0002d000 "\SystemRoot\System32\DRIVERS\mrxdav.sys"
.\debug.cpp(256) : 0xb862a000 0x00002000 "\SystemRoot\System32\Drivers\ParVdm.SYS"
.\debug.cpp(256) : 0xb3bb2000 0x00058000 "\SystemRoot\System32\DRIVERS\srv.sys"
.\debug.cpp(256) : 0xb3ace000 0x00003000 "\??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS"
.\debug.cpp(256) : 0xb3906000 0x00004000 "\SystemRoot\System32\Drivers\aswRdr.SYS"
.\debug.cpp(256) : 0xb360b000 0x00041000 "\SystemRoot\System32\Drivers\HTTP.sys"
.\debug.cpp(256) : 0x7c900000 0x000b1000 "\WINDOWS\system32\ntdll.dll"
.\debug.cpp(256) : 0x10000000 0x0022d000 "\Program Files\-==-\DAEMON Tools\Engine.dll"
.\debug.cpp(263) : **********************************************
.\debug.cpp(307) : *** [ DEVICE OBJECTS INFORMATION ] ***********
.\debug.cpp(308) : **********************************************
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\D:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDIS"
.\debug.cpp(400) : Destination "\Device\Ndis"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi3:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{86841137-ed8e-4d97-9975-f2ed56b4430e}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY1"
.\debug.cpp(400) : Destination "\Device\Video0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_UVAH&Prod_UZ49MNK&Rev_1.03#5&36e5972&0&000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\av4ozlyj1Port6Path0Target0Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWSP"
.\debug.cpp(400) : Destination "\Device\aswSP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY2"
.\debug.cpp(400) : Destination "\Device\Video1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{44BBC365-13E1-47EC-A3DD-061D7E459A9A}"
.\debug.cpp(400) : Destination "\Device\{44BBC365-13E1-47EC-A3DD-061D7E459A9A}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{71985f4a-1ca1-11d3-9cc8-00c04f7971e0}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip"
.\debug.cpp(400) : Destination "\Device\Ip"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_046d&Pid_c050#5&2e981854&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Pot2"
.\debug.cpp(400) : Destination "\Device\aswSP_Pot2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY3"
.\debug.cpp(400) : Destination "\Device\Video2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Stream#ltxbar.boardmux#5&2c553863&2&1#{a799a801-a46d-11d0-a18c-00a02401dcd4}"
.\debug.cpp(400) : Destination "\Device\00000079"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2935&SUBSYS_82771043&REV_02#3&11583659&0&E9#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0011"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&Signature6FD06FDOffset7FFD6A000Length4285D6E200#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\E:"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPSECDev"
.\debug.cpp(400) : Destination "\Device\IPSEC"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY4"
.\debug.cpp(400) : Destination "\Device\Video3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0401#4&1400782c&0#{97f76ef0-f883-11d0-af1f-0000f800845c}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ATKACPI"
.\debug.cpp(400) : Destination "\Device\ATKACPI"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDPROXY"
.\debug.cpp(400) : Destination "\Device\NDProxy"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWMON"
.\debug.cpp(400) : Destination "\Device\aswMon"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi4:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&5793eda&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9aa4a2cc-81e0-4cfd-802f-0f74526d2bd3}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\$VDMLPT1"
.\debug.cpp(400) : Destination "\Device\ParallelVdm0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Stream#lttuner.philips#5&2c553863&2&0#{a799a800-a46d-11d0-a18c-00a02401dcd4}"
.\debug.cpp(400) : Destination "\Device\00000078"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2939&SUBSYS_82771043&REV_02#3&11583659&0&D2#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0004"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3c0d501a-140b-11d1-b40f-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{fd0a5af4-b41d-11d2-9c95-00c04f7971e0}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&f0a46d8&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIDataDevice"
.\debug.cpp(400) : Destination "\Device\WMIDataDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\F:"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi5:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\COM1"
.\debug.cpp(400) : Destination "\Device\Serial0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{D7D0D921-7EB3-4B18-9330-ECC1E93BDB69}"
.\debug.cpp(400) : Destination "\Device\{D7D0D921-7EB3-4B18-9330-ECC1E93BDB69}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PIPE"
.\debug.cpp(400) : Destination "\Device\NamedPipe"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{2eb07ea0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H12N________________UL01____#344b364b4d413539323120362020202020202020#{1186654d-47b8-48b9-beb9-7df113ae3c67}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T1L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_15#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000038"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSched"
.\debug.cpp(400) : Destination "\Device\PSched"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_UVAH&Prod_UZ49MNK&Rev_1.03#5&36e5972&0&000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\av4ozlyj1Port6Path0Target0Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UNC"
.\debug.cpp(400) : Destination "\Device\Mup"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPNAT"
.\debug.cpp(400) : Destination "\Device\IPNAT"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2934&SUBSYS_82771043&REV_02#3&11583659&0&E8#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0010"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{99EF8462-A82F-4228-8FED-B51666E9C9A0}"
.\debug.cpp(400) : Destination "\Device\{99EF8462-A82F-4228-8FED-B51666E9C9A0}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{0a4252a0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H12N________________UL01____#344b364b4d413539323120362020202020202020#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T1L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD0"
.\debug.cpp(400) : Destination "\Device\USBFDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWTDI"
.\debug.cpp(400) : Destination "\Device\ASWTDI"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi6:"
.\debug.cpp(400) : Destination "\Device\Scsi\av4ozlyj1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tcp"
.\debug.cpp(400) : Destination "\Device\Tcp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_109E&DEV_036E&SUBSYS_6609107D&REV_11#4&19abe7de&0&08F0#{a799a802-a46d-11d0-a18c-00a02401dcd4}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0019"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgrMsg"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgrMsg"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LCD"
.\debug.cpp(400) : Destination "\Device\VideoPdo0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD1"
.\debug.cpp(400) : Destination "\Device\USBFDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000030"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive0"
.\debug.cpp(400) : Destination "\Device\Harddisk0\DR0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PRN"
.\debug.cpp(400) : Destination "\DosDevices\LPT1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD2"
.\debug.cpp(400) : Destination "\Device\USBFDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{cf1dda2c-9743-11d0-a3ee-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{53172480-4791-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{88ABAD45-7420-4B3E-9716-EBCBD5BB56E4}"
.\debug.cpp(400) : Destination "\Device\{88ABAD45-7420-4B3E-9716-EBCBD5BB56E4}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\sysaudio"
.\debug.cpp(400) : Destination "\Device\sysaudio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fsWrap"
.\debug.cpp(400) : Destination "\Device\FsWrap"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD3"
.\debug.cpp(400) : Destination "\Device\USBFDO-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom0"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD4"
.\debug.cpp(400) : Destination "\Device\USBFDO-4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2937&SUBSYS_82771043&REV_02#3&11583659&0&D0#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom1"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD5"
.\debug.cpp(400) : Destination "\Device\USBFDO-5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&24798f4b&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#FixedButton#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000003d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0C#aa#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000003c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Global"
.\debug.cpp(400) : Destination "\GLOBAL??"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0501#1#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(400) : Destination "\Device\00000061"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LPTENUM#MicrosoftRawPort#5&1042ac50&0&LPT1#{811fc6a5-f728-11d0-a537-0000f8753ed1}"
.\debug.cpp(400) : Destination "\Device\Parallel0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD6"
.\debug.cpp(400) : Destination "\Device\USBFDO-6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD7"
.\debug.cpp(400) : Destination "\Device\USBFDO-7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2936&SUBSYS_82771043&REV_02#3&11583659&0&EA#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0012"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\V1394#NIC1394#1926a01e8c00#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000053"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3e227e76-690d-11d2-8161-0000f8775bf1}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c050#6&5c474f3&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\0000007c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10DE&DEV_0421&SUBSYS_34451458&REV_A1#4&196afe53&0&0008#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0022"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNPA000#4&5d18f2df&0#{2accfe60-c130-11d2-b082-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\0000003f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomHL-DT-ST_DVDRAM_GSA-H12N________________UL01____#344b364b4d413539323120362020202020202020#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T1L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ARP1394"
.\debug.cpp(400) : Destination "\Device\ARP1394"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&c7613f9&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{07dad660-22f1-11d1-a9f4-00c04fbbde8f}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8a3607c6-e1a5-11de-921c-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\Floppy0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_109E&DEV_036E&SUBSYS_6609107D&REV_11#4&19abe7de&0&08F0#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0019"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0501#1#{4d36e978-e325-11ce-bfc1-08002be10318}"
.\debug.cpp(400) : Destination "\Device\00000061"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FDC#GENERIC_FLOPPY_DRIVE#5&2f5382bd&0&0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\FloppyPDO0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&2b4a457f&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_15#_1#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000039"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8a3607c9-e1a5-11de-921c-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MountPointManager"
.\debug.cpp(400) : Destination "\Device\MountPointManager"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AAVMKER4"
.\debug.cpp(400) : Destination "\Device\AavmKer4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArp"
.\debug.cpp(400) : Destination "\Device\WANARP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ftdisk#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8a3607c8-e1a5-11de-921c-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\A:"
.\debug.cpp(400) : Destination "\Device\Floppy0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WFIOCTL"
.\debug.cpp(400) : Destination "\Device\WFIOCTL"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIP"
.\debug.cpp(400) : Destination "\Device\NdisWanIp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&1400782c&0#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000063"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi0:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&19b04fbe&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_293A&SUBSYS_82771043&REV_02#3&11583659&0&EF#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0013"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{AA50BDF6-C4CD-45A2-868D-4EA33CEB31F7}"
.\debug.cpp(400) : Destination "\Device\{AA50BDF6-C4CD-45A2-868D-4EA33CEB31F7}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\1394BUS0"
.\debug.cpp(400) : Destination "\Device\1394BUS0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_046d&Pid_c050#6&5c474f3&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\0000007c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_109E&DEV_036E&SUBSYS_6609107D&REV_11#4&19abe7de&0&08F0#{6994ad05-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0019"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&45983f6&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2938&SUBSYS_82771043&REV_02#3&11583659&0&D1#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0003"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{4747b320-62ce-11cf-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000002d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK1"
.\debug.cpp(400) : Destination "\Device\ParTechInc0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}"
.\debug.cpp(400) : Destination "\Device\00000033"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{8a3607c7-e1a5-11de-921c-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISTAPI"
.\debug.cpp(400) : Destination "\Device\NdisTapi"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NdisWan"
.\debug.cpp(400) : Destination "\Device\NdisWan"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskWDC_WD3200AAKS-00VYA0___________________12.01B02#5&18fda9ce&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP2T0L0-10"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi1:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPMULTICAST"
.\debug.cpp(400) : Destination "\Device\IPMULTICAST"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LPT1"
.\debug.cpp(400) : Destination "\Device\Parallel0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{578D45E4-F7B5-4541-963B-18AF0037BFEA}"
.\debug.cpp(400) : Destination "\Device\{578D45E4-F7B5-4541-963B-18AF0037BFEA}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK2"
.\debug.cpp(400) : Destination "\Device\ParTechInc1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Shadow"
.\debug.cpp(400) : Destination "\Device\LanmanRedirector"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK3"
.\debug.cpp(400) : Destination "\Device\ParTechInc2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12#4&625283&0&00E5#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0024"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgr"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FtControl"
.\debug.cpp(400) : Destination "\Device\FtControl"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\C:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\aswSP_Avar"
.\debug.cpp(400) : Destination "\Device\aswSP_Avar"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ASWRDR"
.\debug.cpp(400) : Destination "\Device\ASWRDR"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MAILSLOT"
.\debug.cpp(400) : Destination "\Device\MailSlot"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AUX"
.\debug.cpp(400) : Destination "\DosDevices\COM1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&1400782c&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\00000063"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\GLOBALROOT"
.\debug.cpp(400) : Destination ""
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ndisuio"
.\debug.cpp(400) : Destination "\Device\Ndisuio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000032"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi2:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NUL"
.\debug.cpp(400) : Destination "\Device\Null"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&15dafd0c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{7bc7054a-b536-11df-8f95-001e8c6d61da}"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&Signature6FD06FDOffset7E00Length7FFD5A400#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_KBD#0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000031"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_293C&SUBSYS_82771043&REV_02#3&11583659&0&D7#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0005"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{CF848F95-CA7A-40C1-8114-C30F912C69F8}"
.\debug.cpp(400) : Destination "\Device\{CF848F95-CA7A-40C1-8114-C30F912C69F8}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{4A2523BC-4265-4CCA-BD67-374C4F8BB3CF}"
.\debug.cpp(400) : Destination "\Device\{4A2523BC-4265-4CCA-BD67-374C4F8BB3CF}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1043829E&REV_1000#4&b3ddc6a&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000072"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1106&DEV_3044&SUBSYS_81FE1043&REV_C0#4&19abe7de&0&10F0#{6bdd1fc1-810f-11d0-bec7-08002be2092f}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0021"
.\debug.cpp(409) : --
.\debug.cpp(453) : **********************************************
.\boot_cleaner.cpp(565) : System volume is \\.\C:
.\boot_cleaner.cpp(600) : \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
.\boot_cleaner.cpp(276) : Boot sector MD5 is: ee7fe9f24bc949ea3a78cf7064fbe50b
.\boot_cleaner.cpp(1060) :
.\boot_cleaner.cpp(1061) : Size Device Name MBR Status
.\boot_cleaner.cpp(1062) : --------------------------------------------
.\boot_cleaner.cpp(1106) : 298 GB \\.\PhysicalDrive0 Unknown boot code
.\boot_cleaner.cpp(1112) :
.\boot_cleaner.cpp(1118) : Unknown boot code has been found on some of your physical disks.
.\boot_cleaner.cpp(1120) : To inspect the boot code manually, dump the master boot sector:
.\boot_cleaner.cpp(1121) : remover.exe dump <device_name> [output_file]
.\boot_cleaner.cpp(1125) : To disinfect the master boot sector, use the following command:
.\boot_cleaner.cpp(1126) : remover.exe fix <device_name>
.\boot_cleaner.cpp(1129) :
.\boot_cleaner.cpp(1151) : Done;
Přispějete na provoz fóra?