VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

NT authority/system !!! Pomoc !

https://forum.viry.cz:443/viewtopic.php?t=128025

Stránka 2 z 3

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 12:46
od stefanjozef
RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : oco [Práva správce]
Mód : Kontrola -- Datum : 02/11/2013 12:45:58
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD1200BB-00DWA0 +++++
--- User ---
[MBR] 96bad032495e85da9b79bb2286acec21
[BSP] f588637e59ff20dab3d2b3fb8b366ee3 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 234420480 | Size: 7 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_02112013_02d1245.txt >>
RKreport[1]_S_02112013_02d1245.txt

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 12:48
od vyosek
:arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 12:48
od stefanjozef
RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : oco [Práva správce]
Mód : Kontrola -- Datum : 02/11/2013 12:45:58
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD1200BB-00DWA0 +++++
--- User ---
[MBR] 96bad032495e85da9b79bb2286acec21
[BSP] f588637e59ff20dab3d2b3fb8b366ee3 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 234420480 | Size: 7 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_02112013_02d1245.txt >>
RKreport[1]_S_02112013_02d1245.txt

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 12:57
od stefanjozef
už to mám :
RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : oco [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/11/2013 12:52:10
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[5]_H_02112013_02d1252.txt >>
RKreport[1]_S_02112013_02d1245.txt ; RKreport[2]_S_02112013_02d1250.txt ; RKreport[3]_D_02112013_02d1251.txt ; RKreport[4]_H_02112013_02d1252.txt ; RKreport[5]_H_02112013_02d1252.txt



----------------------------------------------------------------------------------------

RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : oco [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/11/2013 12:52:05
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_02112013_02d1252.txt >>
RKreport[1]_S_02112013_02d1245.txt ; RKreport[2]_S_02112013_02d1250.txt ; RKreport[3]_D_02112013_02d1251.txt ; RKreport[4]_H_02112013_02d1252.txt

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 12:59
od vyosek
:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    KillAll::

File::
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-725345543-1957994488-1644491937-1004Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-725345543-1957994488-1644491937-1004UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"vProt"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASRockIES]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASRockOCTuner]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

Folder::
C:\Program Files\Common Files\AVG Secure Search

Driver::
vToolbarUpdater14.1.7

ClearJavaCache::

Reboot::
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 13:43
od stefanjozef
mám ten log ,ale počas testu sa vyskytla táto chyba : Dumphive.3xe

ComboFix 13-02-07.02 - oco . 02. 2013 13:14:48.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.895.505 [GMT 1:00]
Running from: C:\Documents and Settings\oco\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\oco\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"C:\WINDOWS\tasks\Adobe Flash Player Updater.job"
"C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-725345543-1957994488-1644491937-1004Core.job"
"C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-725345543-1957994488-1644491937-1004UA.job"
"C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job"
"C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job"
"C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job"
"C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job"


((((((((((((((((((((((((( Files Created from 2013-01-11 to 2013-02-11 )))))))))))))))))))))))))))))))


2013-02-11 10:42:25 . 2012-10-30 22:51:56 21256 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-02-11 10:42:24 . 2012-10-30 22:51:58 361032 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2013-02-11 10:42:20 . 2012-10-30 22:51:58 54232 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-02-11 10:42:20 . 2012-10-30 22:51:58 35928 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-02-11 10:42:18 . 2012-10-30 22:51:58 738504 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-02-11 10:42:17 . 2012-10-30 22:51:57 97608 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2013-02-11 10:42:17 . 2012-10-30 22:51:57 89752 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2013-02-11 10:42:16 . 2012-10-30 22:51:56 25256 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2013-02-11 10:41:36 . 2012-10-30 22:51:07 41224 ----a-w- C:\WINDOWS\avastSS.scr
2013-02-11 10:41:35 . 2012-10-30 22:50:59 227648 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2013-02-11 10:41:02 . 2013-02-11 10:41:02 -------- d-----w- C:\Program Files\AVAST Software
2013-02-11 10:41:02 . 2013-02-11 10:41:02 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-02-11 08:36:43 . 2013-02-11 08:36:57 -------- d-----w- C:\Program Files\trend micro
2013-02-11 08:36:42 . 2013-02-11 08:37:01 -------- d-----w- C:\rsit
2013-02-08 14:29:01 . 2013-02-08 14:29:01 16365936 ----a-w- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-02-07 14:17:24 . 2013-02-07 14:19:18 -------- d---a-w- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-02-07 14:16:59 . 2013-02-07 14:40:24 -------- d-----w- C:\Program Files\HDD Regenerator
2013-02-07 14:16:33 . 2013-02-07 14:16:33 -------- d-----w- C:\Documents and Settings\oco\Local Settings\Data aplikací\Downloaded Installations
2013-02-06 13:28:51 . 2013-02-06 13:29:18 -------- d-----w- C:\Documents and Settings\oco\Local Settings\Data aplikací\Facebook
2013-01-29 20:08:32 . 2013-01-29 20:08:32 -------- d-----w- C:\Documents and Settings\oco\Local Settings\Data aplikací\Eraser 6
2013-01-29 15:57:34 . 2013-01-29 15:57:35 -------- d-----w- C:\Program Files\Eraser
2013-01-28 10:43:04 . 2008-04-14 06:51:44 21504 -c--a-w- C:\WINDOWS\system32\dllcache\hidserv.dll
2013-01-28 10:43:04 . 2008-04-14 06:51:44 21504 ----a-w- C:\WINDOWS\system32\hidserv.dll
2013-01-28 10:42:56 . 2008-04-14 05:59:08 14592 -c--a-w- C:\WINDOWS\system32\dllcache\kbdhid.sys
2013-01-28 10:42:56 . 2008-04-14 05:59:08 14592 ----a-w- C:\WINDOWS\system32\drivers\kbdhid.sys
2013-01-28 10:42:44 . 2008-04-22 12:09:20 32384 -c--a-w- C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-01-28 10:42:44 . 2008-04-22 12:09:20 32384 ----a-w- C:\WINDOWS\system32\drivers\usbccgp.sys
2013-01-26 10:39:22 . 2013-01-26 10:39:22 -------- d-----w- C:\Program Files\Common Files\Skype
2013-01-23 14:31:44 . 2013-01-23 14:31:44 -------- d-----w- C:\Program Files\JGoodies
2013-01-15 08:36:54 . 2013-01-15 08:36:55 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
2013-01-15 08:35:39 . 2013-01-15 08:35:39 -------- d-----w- C:\Program Files\GreenTree Applications
2013-01-13 15:33:11 . 2013-01-13 15:33:11 29760 ----a-w- C:\WINDOWS\system32\drivers\FNETTBOH_305.SYS
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-02-08 14:29:16 . 2012-12-18 14:46:53 74096 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-02-08 14:29:16 . 2012-12-18 14:46:53 697712 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-01-02 11:43:05 . 2013-01-02 11:43:05 81920 ----a-w- C:\WINDOWS\system32\BIVBX11.DLL
2012-12-23 11:52:03 . 2012-12-23 11:52:03 639224 ----a-w- C:\WINDOWS\system32\drivers\sptd.sys
2012-12-16 12:31:02 . 2010-01-14 14:59:52 290560 ----a-w- C:\WINDOWS\system32\atmfd.dll
2012-12-10 18:00:00 . 2012-12-13 14:02:40 112640 ----a-w- C:\WINDOWS\system32\ff_vfw.dll
2012-12-05 16:25:38 . 2012-12-05 16:25:38 14656 ----a-w- C:\WINDOWS\system32\drivers\FNETURPX.SYS
2013-02-06 08:45:37 . 2013-02-06 08:45:00 262552 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[-] 2009-10-09 09:52:10 . FF876311F58C86EC3E1A24F585949C25 . 1571840 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfcfiles.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50:38 121528 ----a-w- C:\Program Files\AVAST Software\Avast\ashShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50:28 556648 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50:28 556648 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50:28 556648 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50:28 556648 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 11:00:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2009-04-14 07:03:00 13684736]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2012-10-30 22:50:59 4297136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 11:00:00 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-01-14 15:05:55 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^oco^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.3.lnk]
path=C:\Documents and Settings\oco\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 3.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 18:17:52 207424 ----a-w- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\asrRd]
2012-10-25 14:13:02 1592144 ----a-w- C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
2012-05-22 07:13:12 980920 ----a-w- C:\PROGRA~1\Eraser\Eraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47:42 31016 ----a-w- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2009-12-03 11:47:16 33718272 ----a-r- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X74-X75]
2002-10-14 14:09:12 57344 ----a-w- C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2007-12-10 14:55:26 323584 ----a-w- C:\WINDOWS\PixArt\PAC207\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52:38 1695232 ------w- C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-04-14 07:03:00 13684736 ----a-w- C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-04-14 07:03:00 86016 ----a-w- C:\WINDOWS\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC207_Monitor]
2007-12-10 14:55:26 323584 ----a-w- C:\WINDOWS\PixArt\PAC207\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XFast LAN]
2011-10-19 15:19:20 1202560 ----a-r- C:\Program Files\ASRock\XFast LAN\cfosspeed.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XFastUSB]
2012-12-05 16:25:38 5019360 ----a-w- C:\Program Files\XFastUSB\XFastUsb.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\SIMS\\RACER\\racer.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Documents and Settings\\oco\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=

R0 AsrRamDisk;AsrRamDisk;C:\WINDOWS\system32\drivers\AsrRamDisk.sys [5. 12. 2012 17:21:27 32592]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [23. 12. 2012 12:52:03 639224]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [11. 2. 2013 11:42:18 738504]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [11. 2. 2013 11:42:24 361032]
R1 FNETURPX;FNETURPX;C:\WINDOWS\system32\drivers\FNETURPX.SYS [5. 12. 2012 17:25:38 14656]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [11. 2. 2013 11:42:25 21256]
R2 Skype C2C Service;Skype C2C Service;C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31. 1. 2013 10:38:54 3289208]
R3 PAC207;PC Camer@;C:\WINDOWS\system32\drivers\PFC027.SYS [19. 12. 2012 11:29:19 618112]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\WINDOWS\system32\drivers\viahduaa.sys [5. 12. 2012 17:19:57 1617408]
S1 DumpDrv;Crash Dump Driver;C:\WINDOWS\system32\drivers\dumpdrv.sys [14. 1. 2010 16:04:10 9472]
S2 SkypeUpdate;Skype Updater;C:\Program Files\Skype\Updater\Updater.exe [8. 1. 2013 12:55:20 161536]
S3 AMBFilt;AMBFilt;C:\WINDOWS\system32\drivers\Ambfilt.sys [5. 12. 2012 17:19:57 1656960]
S3 FNETTBOH_305;FNETTBOH_305;C:\WINDOWS\system32\drivers\FNETTBOH_305.SYS [13. 1. 2013 16:33:11 29760]
S3 teamviewervpn;TeamViewer VPN Adapter;C:\WINDOWS\system32\drivers\teamviewervpn.sys [19. 12. 2012 16:48:06 25088]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-02 16:28:34 1607120 ----a-w- C:\Program Files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe

Contents of the 'Scheduled Tasks' folder

2013-02-11 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-18 14:46:53 . 2013-02-08 14:29:17]

2013-02-11 C:\WINDOWS\Tasks\avast! Emergency Update.job
- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-11 10:41:32 . 2012-10-30 22:50:59]

2013-02-11 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-18 15:23:13 . 2012-12-18 15:23:12]

2013-02-11 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-18 15:23:13 . 2012-12-18 15:23:12]


------- Supplementary Scan -------

uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Documents and Settings\oco\Data aplikací\Mozilla\Firefox\Profiles\quijvhmn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - ExtSQL: 2012-12-25 18:39; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2012-12-31 10:52; {003D3EDC-99B9-4a34-9C20-60CB94F7E829}; C:\Documents and Settings\oco\Data aplikací\Mozilla\Firefox\Profiles\quijvhmn.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}.xpi
FF - ExtSQL: 2013-02-11 11:41; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 14:45
od stefanjozef
čo sa deje ? nezabudli ste namňa ?

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 15:10
od vyosek
:arrow: Nezabudli, ale jsme tu ve svem volnem case, ja jsem v praci

:arrow: Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.
  • Utilitu spustte a prikazte ji, at skenuje - klik na Scan
  • Kliknutim na Save log ulozte log aswMBR na plochu
  • Obsah logu aswMBR mi sem vlozte

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 16:21
od stefanjozef
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-11 15:23:27
-----------------------------
15:23:27.843 OS Version: Windows 5.1.2600 Service Pack 3
15:23:27.843 Number of processors: 2 586 0x4B02
15:23:27.843 ComputerName: V-BDFD374473674 UserName: oco
15:23:28.828 Initialize success
15:23:31.265 AVAST engine defs: 13021100
15:23:33.406 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:23:33.406 Disk 0 Vendor: WDC_WD1200BB-00DWA0 15.05R15 Size: 114473MB BusType: 3
15:23:33.421 Disk 0 MBR read successfully
15:23:33.421 Disk 0 MBR scan
15:23:33.421 Disk 0 Windows XP default MBR code
15:23:33.421 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 114463 MB offset 63
15:23:33.421 Disk 0 Partition - 00 0F Extended LBA 7 MB offset 234420480
15:23:33.453 Disk 0 scanning sectors +234436545
15:23:33.500 Disk 0 scanning C:\WINDOWS\system32\drivers
15:23:42.656 Service scanning
15:23:56.312 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
15:24:00.843 Modules scanning
15:24:11.890 Disk 0 trace - called modules:
15:24:11.906 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x852ca7ac]<<
15:24:11.906 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x851d7ab8]
15:24:11.906 3 CLASSPNP.SYS[f74d7fd7] -> nt!IofCallDriver -> \Device\00000066[0x85263f18]
15:24:11.906 5 ACPI.sys[f726f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8526e940]
15:24:12.390 AVAST engine scan C:\WINDOWS
15:24:15.812 AVAST engine scan C:\WINDOWS\system32
15:26:44.000 AVAST engine scan C:\WINDOWS\system32\drivers
15:27:05.234 AVAST engine scan C:\Documents and Settings\oco
16:18:00.531 AVAST engine scan C:\Documents and Settings\All Users
16:19:25.890 Scan finished successfully
16:20:34.562 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\oco\Plocha\MBR.dat"
16:20:34.562 The log file has been saved successfully to "C:\Documents and Settings\oco\Plocha\aswMBR01.txt"

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 17:47
od vyosek
:arrow: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 18:58
od stefanjozef
tak je to tu :
18:52:41.0375 3244 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:52:41.0625 3244 ============================================================
18:52:41.0625 3244 Current date / time: 2013/02/11 18:52:41.0625
18:52:41.0625 3244 SystemInfo:
18:52:41.0625 3244
18:52:41.0625 3244 OS Version: 5.1.2600 ServicePack: 3.0
18:52:41.0625 3244 Product type: Workstation
18:52:41.0625 3244 ComputerName: V-BDFD374473674
18:52:41.0625 3244 UserName: oco
18:52:41.0625 3244 Windows directory: C:\WINDOWS
18:52:41.0625 3244 System windows directory: C:\WINDOWS
18:52:41.0625 3244 Processor architecture: Intel x86
18:52:41.0625 3244 Number of processors: 2
18:52:41.0625 3244 Page size: 0x1000
18:52:41.0625 3244 Boot type: Normal boot
18:52:41.0625 3244 ============================================================
18:52:43.0562 3244 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:52:43.0562 3244 ============================================================
18:52:43.0562 3244 \Device\Harddisk0\DR0:
18:52:43.0562 3244 MBR partitions:
18:52:43.0562 3244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
18:52:43.0593 3244 ============================================================
18:52:43.0625 3244 C: <-> \Device\Harddisk0\DR0\Partition1
18:52:43.0625 3244 ============================================================
18:52:43.0625 3244 Initialize success
18:52:43.0625 3244 ============================================================
18:53:20.0750 3524 ============================================================
18:53:20.0750 3524 Scan started
18:53:20.0750 3524 Mode: Manual; SigCheck; TDLFS;
18:53:20.0750 3524 ============================================================
18:53:20.0890 3524 ================ Scan system memory ========================
18:53:20.0890 3524 System memory - ok
18:53:20.0890 3524 ================ Scan services =============================
18:53:21.0062 3524 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
18:53:21.0218 3524 Aavmker4 - ok
18:53:21.0218 3524 Abiosdsk - ok
18:53:21.0234 3524 abp480n5 - ok
18:53:21.0328 3524 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:53:21.0343 3524 ACDaemon - ok
18:53:21.0375 3524 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:53:22.0093 3524 ACPI - ok
18:53:22.0125 3524 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:53:22.0265 3524 ACPIEC - ok
18:53:22.0343 3524 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:53:22.0375 3524 AdobeFlashPlayerUpdateSvc - ok
18:53:22.0375 3524 adpu160m - ok
18:53:22.0421 3524 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:53:22.0578 3524 aec - ok
18:53:22.0609 3524 [ F6B7B1ECD7B41736BDB6FF4B092BCB79 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:53:22.0687 3524 AFD - ok
18:53:22.0687 3524 Aha154x - ok
18:53:22.0703 3524 aic78u2 - ok
18:53:22.0703 3524 aic78xx - ok
18:53:22.0734 3524 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:53:22.0890 3524 Alerter - ok
18:53:22.0906 3524 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
18:53:22.0984 3524 ALG - ok
18:53:23.0000 3524 AliIde - ok
18:53:23.0078 3524 [ 57221EF8A056B5FB47CDDA3BA28DD377 ] AMBFilt C:\WINDOWS\system32\drivers\AMBFilt.sys
18:53:23.0234 3524 AMBFilt - ok
18:53:23.0281 3524 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
18:53:23.0328 3524 AmdK8 - ok
18:53:23.0343 3524 amsint - ok
18:53:23.0375 3524 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:53:23.0453 3524 AppMgmt - ok
18:53:23.0453 3524 asc - ok
18:53:23.0468 3524 asc3350p - ok
18:53:23.0468 3524 asc3550 - ok
18:53:23.0578 3524 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:53:23.0593 3524 aspnet_state - ok
18:53:23.0625 3524 [ A0B8E84F099233AAC23C110A40854A9D ] AsrRamDisk C:\WINDOWS\system32\DRIVERS\AsrRamDisk.sys
18:53:23.0640 3524 AsrRamDisk - ok
18:53:23.0687 3524 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:53:23.0687 3524 aswFsBlk - ok
18:53:23.0718 3524 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
18:53:23.0734 3524 aswMon2 - ok
18:53:23.0781 3524 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
18:53:23.0796 3524 AswRdr - ok
18:53:23.0859 3524 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
18:53:23.0906 3524 aswSnx - ok
18:53:23.0953 3524 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
18:53:24.0000 3524 aswSP - ok
18:53:24.0046 3524 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
18:53:24.0062 3524 aswTdi - ok
18:53:24.0109 3524 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:53:24.0265 3524 AsyncMac - ok
18:53:24.0281 3524 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:53:24.0453 3524 atapi - ok
18:53:24.0453 3524 Atdisk - ok
18:53:24.0468 3524 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:53:24.0625 3524 Atmarpc - ok
18:53:24.0656 3524 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:53:24.0828 3524 AudioSrv - ok
18:53:24.0859 3524 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:53:25.0000 3524 audstub - ok
18:53:25.0046 3524 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:53:25.0062 3524 avast! Antivirus - ok
18:53:25.0109 3524 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:53:25.0265 3524 Beep - ok
18:53:25.0328 3524 [ 3AEDE727580F0A7C3929DD6526145759 ] BITS C:\WINDOWS\system32\qmgr.dll
18:53:25.0468 3524 BITS - ok
18:53:25.0515 3524 [ 218B3BBB1FAD634A84FB1A1BB030D956 ] Browser C:\WINDOWS\System32\browser.dll
18:53:25.0593 3524 Browser - ok
18:53:25.0687 3524 catchme - ok
18:53:25.0703 3524 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:53:25.0875 3524 cbidf2k - ok
18:53:25.0890 3524 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:53:26.0046 3524 CCDECODE - ok
18:53:26.0062 3524 cd20xrnt - ok
18:53:26.0093 3524 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:53:26.0265 3524 Cdaudio - ok
18:53:26.0296 3524 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:53:26.0453 3524 Cdfs - ok
18:53:26.0468 3524 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:53:26.0515 3524 Cdrom - ok
18:53:26.0609 3524 [ D55E3B95DE489C1B039DB854924B0CDC ] cFosSpeed C:\WINDOWS\system32\DRIVERS\cfosspeed.sys
18:53:26.0703 3524 cFosSpeed - ok
18:53:26.0812 3524 [ C1CB3C324114614C7B7DCA2BA600F23B ] cFosSpeedS C:\Program Files\ASRock\XFast LAN\spd.exe
18:53:26.0875 3524 cFosSpeedS - ok
18:53:26.0890 3524 Changer - ok
18:53:26.0921 3524 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:53:27.0093 3524 CiSvc - ok
18:53:27.0109 3524 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:53:27.0265 3524 ClipSrv - ok
18:53:27.0296 3524 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:53:27.0328 3524 clr_optimization_v2.0.50727_32 - ok
18:53:27.0328 3524 CmdIde - ok
18:53:27.0343 3524 COMSysApp - ok
18:53:27.0359 3524 Cpqarray - ok
18:53:27.0406 3524 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:53:27.0593 3524 CryptSvc - ok
18:53:27.0593 3524 dac2w2k - ok
18:53:27.0609 3524 dac960nt - ok
18:53:27.0656 3524 [ C0BD34A62508BA68F146E22CE45919F9 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:53:27.0765 3524 DcomLaunch - ok
18:53:27.0796 3524 [ EB737F46D7D494C7760A932C9B6491A4 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:53:27.0843 3524 Dhcp - ok
18:53:27.0875 3524 [ 47B6AAEC570F2C11D8BAD80A064D8ED1 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:53:27.0921 3524 Disk - ok
18:53:27.0921 3524 dmadmin - ok
18:53:27.0984 3524 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:53:28.0203 3524 dmboot - ok
18:53:28.0234 3524 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:53:28.0390 3524 dmio - ok
18:53:28.0406 3524 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:53:28.0562 3524 dmload - ok
18:53:28.0578 3524 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:53:28.0796 3524 dmserver - ok
18:53:28.0843 3524 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:53:29.0000 3524 DMusic - ok
18:53:29.0031 3524 [ 38AAD7E982198CB4F642BB60E59511F1 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:53:29.0125 3524 Dnscache - ok
18:53:29.0156 3524 [ AACFC38E9D085D58F9F933CFD6AF1D2B ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:53:29.0203 3524 Dot3svc - ok
18:53:29.0203 3524 dpti2o - ok
18:53:29.0250 3524 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:53:29.0390 3524 drmkaud - ok
18:53:29.0421 3524 [ B327281012B48BD73F587799F9F29BE2 ] DumpDrv C:\WINDOWS\system32\drivers\DumpDrv.sys
18:53:29.0484 3524 DumpDrv - ok
18:53:29.0515 3524 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:53:29.0750 3524 EapHost - ok
18:53:29.0781 3524 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:53:29.0953 3524 ERSvc - ok
18:53:30.0000 3524 [ 3D107D45CCFDB266E91D84B52CD7F430 ] Eventlog C:\WINDOWS\system32\services.exe
18:53:30.0046 3524 Eventlog - ok
18:53:30.0078 3524 [ BE68EA4457E2E5717231CF91BE5448E0 ] EventSystem C:\WINDOWS\system32\es.dll
18:53:30.0140 3524 EventSystem - ok
18:53:30.0171 3524 [ 4D893323DAE445E34A4C9038B0551BC9 ] exFat C:\WINDOWS\system32\drivers\exFat.sys
18:53:30.0203 3524 exFat - ok
18:53:30.0250 3524 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:53:30.0406 3524 Fastfat - ok
18:53:30.0437 3524 [ 54A6BF743E0517528A5064CEAEB40EA7 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:53:30.0500 3524 FastUserSwitchingCompatibility - ok
18:53:30.0546 3524 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:53:30.0718 3524 Fdc - ok
18:53:30.0734 3524 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:53:30.0921 3524 Fips - ok
18:53:30.0921 3524 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:53:31.0171 3524 Flpydisk - ok
18:53:31.0203 3524 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:53:31.0421 3524 FltMgr - ok
18:53:31.0468 3524 [ 4BD9964632325802F8DC971F6987CD1B ] FNETTBOH_305 C:\WINDOWS\system32\drivers\FNETTBOH_305.SYS
18:53:31.0484 3524 FNETTBOH_305 - ok
18:53:31.0531 3524 [ 47BDA10316324CFA540F25AB7021F0D8 ] FNETURPX C:\WINDOWS\system32\drivers\FNETURPX.SYS
18:53:31.0531 3524 FNETURPX - ok
18:53:31.0593 3524 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:53:31.0609 3524 FontCache3.0.0.0 - ok
18:53:31.0656 3524 [ 30D42943A54704EF13E2562911DBFCEA ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:53:31.0687 3524 Fs_Rec - ok
18:53:31.0718 3524 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:53:31.0875 3524 Ftdisk - ok
18:53:31.0906 3524 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:53:32.0078 3524 Gpc - ok
18:53:32.0156 3524 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:53:32.0171 3524 gupdate - ok
18:53:32.0187 3524 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:53:32.0203 3524 gupdatem - ok
18:53:32.0234 3524 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:53:32.0406 3524 HDAudBus - ok
18:53:32.0484 3524 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:53:32.0640 3524 helpsvc - ok
18:53:32.0671 3524 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:53:32.0859 3524 HidServ - ok
18:53:32.0890 3524 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:53:33.0046 3524 hidusb - ok
18:53:33.0078 3524 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:53:33.0281 3524 hkmsvc - ok
18:53:33.0296 3524 hpn - ok
18:53:33.0328 3524 [ 937031C085718C1C04A9C0864625EC6B ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:53:33.0390 3524 HTTP - ok
18:53:33.0406 3524 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:53:33.0593 3524 HTTPFilter - ok
18:53:33.0593 3524 i2omgmt - ok
18:53:33.0609 3524 i2omp - ok
18:53:33.0640 3524 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:53:33.0796 3524 i8042prt - ok
18:53:33.0890 3524 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:53:33.0953 3524 idsvc - ok
18:53:33.0984 3524 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:53:34.0156 3524 Imapi - ok
18:53:34.0187 3524 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:53:34.0359 3524 ImapiService - ok
18:53:34.0359 3524 ini910u - ok
18:53:34.0375 3524 IntelIde - ok
18:53:34.0390 3524 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:53:34.0578 3524 Ip6Fw - ok
18:53:34.0609 3524 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:53:34.0812 3524 IpFilterDriver - ok
18:53:34.0828 3524 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:53:34.0968 3524 IpInIp - ok
18:53:35.0000 3524 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:53:35.0156 3524 IpNat - ok
18:53:35.0203 3524 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:53:35.0390 3524 IPSec - ok
18:53:35.0406 3524 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:53:35.0484 3524 IRENUM - ok
18:53:35.0500 3524 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:53:35.0687 3524 isapnp - ok
18:53:35.0734 3524 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:53:35.0953 3524 Kbdclass - ok
18:53:35.0968 3524 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:53:36.0171 3524 kbdhid - ok
18:53:36.0187 3524 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:53:36.0500 3524 kmixer - ok
18:53:36.0546 3524 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:53:36.0625 3524 KSecDD - ok
18:53:36.0656 3524 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
18:53:36.0718 3524 LanmanServer - ok
18:53:36.0765 3524 [ 9A2E7EE3989AAC0079E9D23555545D52 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:53:36.0859 3524 lanmanworkstation - ok
18:53:36.0859 3524 lbrtfdc - ok
18:53:36.0906 3524 [ 32362D0C789458EEA21ECC1B3534A901 ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE
18:53:37.0015 3524 LexBceS - ok
18:53:37.0062 3524 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:53:37.0265 3524 LmHosts - ok
18:53:37.0296 3524 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:53:37.0500 3524 Messenger - ok
18:53:37.0593 3524 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:53:37.0609 3524 Microsoft Office Groove Audit Service - ok
18:53:37.0640 3524 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:53:37.0859 3524 mnmdd - ok
18:53:37.0890 3524 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:53:38.0125 3524 mnmsrvc - ok
18:53:38.0187 3524 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:53:38.0406 3524 Modem - ok
18:53:38.0500 3524 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] MonFilt C:\WINDOWS\system32\drivers\MonFilt.sys
18:53:38.0609 3524 MonFilt - ok
18:53:38.0640 3524 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:53:38.0875 3524 Mouclass - ok
18:53:38.0890 3524 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:53:39.0046 3524 mouhid - ok
18:53:39.0109 3524 [ 1A1FAA5102466F418494E94FF9B0B091 ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:53:39.0156 3524 MountMgr - ok
18:53:39.0218 3524 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:53:39.0234 3524 MozillaMaintenance - ok
18:53:39.0234 3524 mraid35x - ok
18:53:39.0265 3524 [ 6A7C4AC5B52155115DEE97995C1CF157 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:53:39.0343 3524 MRxDAV - ok
18:53:39.0390 3524 [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:53:39.0484 3524 MRxSmb - ok
18:53:39.0531 3524 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:53:39.0734 3524 MSDTC - ok
18:53:39.0781 3524 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:53:40.0031 3524 Msfs - ok
18:53:40.0046 3524 MSIServer - ok
18:53:40.0093 3524 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:53:40.0250 3524 MSKSSRV - ok
18:53:40.0265 3524 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:53:40.0515 3524 MSPCLOCK - ok
18:53:40.0531 3524 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:53:40.0796 3524 MSPQM - ok
18:53:40.0828 3524 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:53:41.0093 3524 mssmbios - ok
18:53:41.0140 3524 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:53:41.0328 3524 MSTEE - ok
18:53:41.0375 3524 [ F7B1AD991491F02AF6DA70B00B8BF114 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:53:41.0421 3524 Mup - ok
18:53:41.0453 3524 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:53:41.0765 3524 NABTSFEC - ok
18:53:41.0812 3524 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:53:42.0109 3524 napagent - ok
18:53:42.0171 3524 [ B5B1080D35974C0E718D64280761BCD5 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:53:42.0218 3524 NDIS - ok
18:53:42.0250 3524 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:53:42.0562 3524 NdisIP - ok
18:53:42.0609 3524 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:53:42.0671 3524 NdisTapi - ok
18:53:42.0718 3524 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:53:42.0875 3524 Ndisuio - ok
18:53:42.0875 3524 [ B053A8411045FD0664B389A090CB2BBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:53:42.0906 3524 NdisWan - ok
18:53:42.0953 3524 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:53:43.0000 3524 NDProxy - ok
18:53:43.0031 3524 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:53:43.0203 3524 NetBIOS - ok
18:53:43.0234 3524 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:53:43.0484 3524 NetBT - ok
18:53:43.0515 3524 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
18:53:43.0765 3524 NetDDE - ok
18:53:43.0781 3524 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:53:43.0984 3524 NetDDEdsdm - ok
18:53:44.0031 3524 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:53:44.0234 3524 Netlogon - ok
18:53:44.0281 3524 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
18:53:44.0531 3524 Netman - ok
18:53:44.0562 3524 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:53:44.0578 3524 NetTcpPortSharing - ok
18:53:44.0625 3524 [ 0D594D828829E1BC727B870899376B19 ] Nla C:\WINDOWS\System32\mswsock.dll
18:53:44.0656 3524 Nla - ok
18:53:44.0687 3524 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:53:44.0906 3524 Npfs - ok
18:53:44.0953 3524 [ AE8CAD8F28DB13B515A68510A539B0B8 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:53:45.0078 3524 Ntfs - ok
18:53:45.0093 3524 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:53:45.0312 3524 NtLmSsp - ok
18:53:45.0375 3524 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:53:45.0640 3524 NtmsSvc - ok
18:53:45.0671 3524 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:53:45.0968 3524 Null - ok
18:53:46.0250 3524 [ 02E3A5CF6DE77DBA144550FD1C4A4CD9 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:53:46.0703 3524 nv - ok
18:53:46.0734 3524 [ 70217A23470F4BB4C8FB4ABE06813081 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
18:53:46.0796 3524 NVENETFD - ok
18:53:46.0828 3524 [ EA98BFE4931BD13D747D647C1859796E ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
18:53:46.0843 3524 nvgts - ok
18:53:46.0859 3524 [ BE8513730653384939A4D2D977C81027 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
18:53:46.0906 3524 nvnetbus - ok
18:53:46.0937 3524 [ 679B4BD1152079FB65F4A28D7E3BD5D8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
18:53:46.0984 3524 NVSvc - ok
18:53:47.0000 3524 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:53:47.0156 3524 NwlnkFlt - ok
18:53:47.0171 3524 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:53:47.0437 3524 NwlnkFwd - ok
18:53:47.0562 3524 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:53:47.0609 3524 odserv - ok
18:53:47.0640 3524 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:53:47.0656 3524 ose - ok
18:53:47.0734 3524 [ 4A410C7AEA51123519C20D43A20BCE96 ] PAC207 C:\WINDOWS\system32\DRIVERS\PFC027.SYS
18:53:47.0843 3524 PAC207 - ok
18:53:47.0890 3524 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:53:48.0046 3524 Parport - ok
18:53:48.0078 3524 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:53:48.0328 3524 PartMgr - ok
18:53:48.0375 3524 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:53:48.0609 3524 ParVdm - ok
18:53:48.0625 3524 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:53:48.0875 3524 PCI - ok
18:53:48.0875 3524 PCIDump - ok
18:53:48.0890 3524 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:53:49.0156 3524 PCIIde - ok
18:53:49.0203 3524 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:53:49.0515 3524 Pcmcia - ok
18:53:49.0531 3524 PDCOMP - ok
18:53:49.0562 3524 PDFRAME - ok
18:53:49.0578 3524 PDRELI - ok
18:53:49.0609 3524 PDRFRAME - ok
18:53:49.0640 3524 perc2 - ok
18:53:49.0656 3524 perc2hib - ok
18:53:49.0750 3524 [ 3D107D45CCFDB266E91D84B52CD7F430 ] PlugPlay C:\WINDOWS\system32\services.exe
18:53:49.0843 3524 PlugPlay - ok
18:53:49.0859 3524 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:53:50.0140 3524 PolicyAgent - ok
18:53:50.0187 3524 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:53:50.0734 3524 PptpMiniport - ok
18:53:50.0750 3524 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
18:53:51.0031 3524 Processor - ok
18:53:51.0078 3524 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:53:51.0359 3524 ProtectedStorage - ok
18:53:51.0375 3524 [ D8E11D311785F89F1D70A28B0E879127 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:53:51.0406 3524 PSched - ok
18:53:51.0437 3524 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:53:51.0765 3524 Ptilink - ok
18:53:51.0796 3524 ql1080 - ok
18:53:51.0812 3524 Ql10wnt - ok
18:53:51.0843 3524 ql12160 - ok
18:53:51.0859 3524 ql1240 - ok
18:53:51.0890 3524 ql1280 - ok
18:53:51.0937 3524 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:53:52.0187 3524 RasAcd - ok
18:53:52.0218 3524 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:53:52.0531 3524 RasAuto - ok
18:53:52.0562 3524 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:53:52.0875 3524 Rasl2tp - ok
18:53:52.0906 3524 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:53:53.0234 3524 RasMan - ok
18:53:53.0265 3524 [ 2C9D4620A0FD35DE1828370B392F6E2D ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:53:53.0343 3524 RasPppoe - ok
18:53:53.0390 3524 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:53:53.0859 3524 Raspti - ok
18:53:53.0906 3524 [ 77050C6615F6EB5402F832B27FD695E0 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:53:53.0984 3524 Rdbss - ok
18:53:54.0015 3524 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:53:54.0343 3524 RDPCDD - ok
18:53:54.0390 3524 [ 47EA20320E3D6FDC7B7BB22B2B881CA6 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:53:54.0453 3524 rdpdr - ok
18:53:54.0500 3524 [ C7D9BC54354B8C706ABF172D48313F1B ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:53:54.0546 3524 RDPWD - ok
18:53:54.0593 3524 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:53:55.0093 3524 RDSessMgr - ok
18:53:55.0156 3524 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:53:55.0390 3524 redbook - ok
18:53:55.0421 3524 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:53:55.0781 3524 RemoteAccess - ok
18:53:55.0828 3524 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:53:56.0187 3524 RemoteRegistry - ok
18:53:56.0234 3524 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:53:56.0625 3524 RpcLocator - ok
18:53:56.0671 3524 [ C0BD34A62508BA68F146E22CE45919F9 ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:53:56.0734 3524 RpcSs - ok
18:53:56.0796 3524 [ 743D7D59767073A617B1DCC6C546F234 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:53:56.0843 3524 rspndr - ok
18:53:56.0890 3524 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:53:57.0062 3524 RSVP - ok
18:53:57.0093 3524 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
18:53:57.0328 3524 SamSs - ok
18:53:57.0343 3524 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:53:57.0640 3524 SCardSvr - ok
18:53:57.0687 3524 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:53:58.0000 3524 Schedule - ok
18:53:58.0031 3524 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:53:58.0140 3524 Secdrv - ok
18:53:58.0171 3524 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:53:58.0593 3524 seclogon - ok
18:53:58.0609 3524 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
18:53:58.0937 3524 SENS - ok
18:53:58.0968 3524 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:53:59.0234 3524 serenum - ok
18:53:59.0250 3524 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:53:59.0578 3524 Serial - ok
18:53:59.0625 3524 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
18:53:59.0859 3524 Sfloppy - ok
18:53:59.0921 3524 [ 65EACFE3182AFEE8D222D0B17FE05EDA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:54:00.0015 3524 SharedAccess - ok
18:54:00.0046 3524 [ 54A6BF743E0517528A5064CEAEB40EA7 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:54:00.0109 3524 ShellHWDetection - ok
18:54:00.0125 3524 Simbad - ok
18:54:00.0328 3524 [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:54:00.0546 3524 Skype C2C Service - ok
18:54:00.0625 3524 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:54:00.0640 3524 SkypeUpdate - ok
18:54:00.0687 3524 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:54:00.0937 3524 SLIP - ok
18:54:00.0953 3524 Sparrow - ok
18:54:01.0015 3524 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:54:01.0296 3524 splitter - ok
18:54:01.0343 3524 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:54:01.0390 3524 Spooler - ok
18:54:01.0437 3524 [ 73205BD9A388639C210636793FE3FD61 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
18:54:01.0453 3524 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 73205BD9A388639C210636793FE3FD61
18:54:01.0453 3524 sptd ( LockedFile.Multi.Generic ) - warning
18:54:01.0453 3524 sptd - detected LockedFile.Multi.Generic (1)
18:54:01.0484 3524 [ 94610C8653635E4459316A0050D55CE7 ] SR C:\WINDOWS\system32\DRIVERS\sr.sys
18:54:01.0562 3524 SR - ok
18:54:01.0593 3524 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
18:54:01.0687 3524 srservice - ok
18:54:01.0750 3524 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:54:01.0843 3524 Srv - ok
18:54:01.0890 3524 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:54:01.0984 3524 SSDPSRV - ok
18:54:02.0031 3524 [ AB2B9349ADA4AC5EC74B622B8303FE23 ] StarWindService C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
18:54:02.0062 3524 StarWindService ( UnsignedFile.Multi.Generic ) - warning
18:54:02.0062 3524 StarWindService - detected UnsignedFile.Multi.Generic (1)
18:54:02.0125 3524 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:54:02.0375 3524 stisvc - ok
18:54:02.0406 3524 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:54:02.0812 3524 streamip - ok
18:54:02.0859 3524 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:54:03.0140 3524 swenum - ok
18:54:03.0187 3524 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:54:03.0593 3524 swmidi - ok
18:54:03.0609 3524 SwPrv - ok
18:54:03.0609 3524 symc810 - ok
18:54:03.0625 3524 symc8xx - ok
18:54:03.0625 3524 sym_hi - ok
18:54:03.0640 3524 sym_u3 - ok
18:54:03.0671 3524 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:54:04.0000 3524 sysaudio - ok
18:54:04.0046 3524 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:54:04.0453 3524 SysmonLog - ok
18:54:04.0468 3524 [ AF2A883CC63318A8BDA168BDD7AC80D9 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:54:04.0531 3524 TapiSrv - ok
18:54:04.0578 3524 [ 367DE8E5F638C091F49273144274F629 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:54:04.0640 3524 Tcpip - ok
18:54:04.0671 3524 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:54:04.0875 3524 TDPIPE - ok
18:54:04.0906 3524 [ C0578456F29E5F26285F81B7B71FE57D ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:54:04.0968 3524 TDTCP - ok
18:54:05.0000 3524 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
18:54:05.0046 3524 teamviewervpn - ok
18:54:05.0078 3524 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:54:05.0343 3524 TermDD - ok
18:54:05.0375 3524 [ 0E43A7CF302D85273FC86F5FCA9A1909 ] TermService C:\WINDOWS\System32\termsrv.dll
18:54:05.0484 3524 TermService - ok
18:54:05.0515 3524 [ 54A6BF743E0517528A5064CEAEB40EA7 ] Themes C:\WINDOWS\System32\shsvcs.dll
18:54:05.0531 3524 Themes - ok
18:54:05.0562 3524 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:54:05.0718 3524 TlntSvr - ok
18:54:05.0734 3524 TosIde - ok
18:54:05.0781 3524 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:54:06.0015 3524 TrkWks - ok
18:54:06.0046 3524 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:54:06.0437 3524 Udfs - ok
18:54:06.0484 3524 ultra - ok
18:54:06.0562 3524 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:54:06.0937 3524 Update - ok
18:54:07.0000 3524 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
18:54:07.0234 3524 upnphost - ok
18:54:07.0265 3524 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
18:54:07.0750 3524 UPS - ok
18:54:07.0796 3524 [ C18D6C74953621346DF6B0A11F80C1CC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:54:07.0906 3524 usbccgp - ok
18:54:07.0921 3524 [ 52674B5DBEE499342A599C7771ABECAA ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:54:07.0968 3524 usbehci - ok
18:54:08.0000 3524 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:54:08.0390 3524 usbhub - ok
18:54:08.0437 3524 [ C5E11CD822ADF0019A5A862D9C4E2222 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:54:08.0546 3524 usbohci - ok
18:54:08.0578 3524 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:54:09.0000 3524 usbprint - ok
18:54:09.0046 3524 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:54:09.0468 3524 usbscan - ok
18:54:09.0515 3524 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:54:10.0125 3524 USBSTOR - ok
18:54:10.0187 3524 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:54:10.0406 3524 VgaSave - ok
18:54:10.0562 3524 [ F29BFD0C5CCCC9823E5FCDEE71DBC054 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
18:54:10.0734 3524 VIAHdAudAddService - ok
18:54:10.0750 3524 ViaIde - ok
18:54:10.0765 3524 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:54:11.0015 3524 VolSnap - ok
18:54:11.0062 3524 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
18:54:11.0359 3524 VSS - ok
18:54:11.0406 3524 [ DF2E8EA96391126977DA1B8AB6FC39FC ] W32Time C:\WINDOWS\system32\w32time.dll
18:54:11.0531 3524 W32Time - ok
18:54:11.0578 3524 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:54:12.0046 3524 Wanarp - ok
18:54:12.0078 3524 WDICA - ok
18:54:12.0109 3524 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:54:12.0578 3524 wdmaud - ok
18:54:12.0609 3524 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:54:13.0000 3524 WebClient - ok
18:54:13.0109 3524 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:54:13.0421 3524 winmgmt - ok
18:54:13.0531 3524 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
18:54:13.0671 3524 WinRM - ok
18:54:13.0718 3524 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:54:13.0812 3524 WmdmPmSN - ok
18:54:13.0859 3524 [ 4E68A735673CE17152329428524BA1C3 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:54:13.0968 3524 Wmi - ok
18:54:14.0031 3524 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:54:14.0390 3524 WmiApSrv - ok
18:54:14.0500 3524 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:54:14.0625 3524 WMPNetworkSvc - ok
18:54:14.0687 3524 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:54:15.0046 3524 WS2IFSL - ok
18:54:15.0093 3524 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:54:15.0578 3524 wscsvc - ok
18:54:15.0625 3524 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:54:16.0140 3524 WSTCODEC - ok
18:54:16.0187 3524 [ 02E4055488047729B333F99D93877038 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:54:16.0281 3524 wuauserv - ok
18:54:16.0328 3524 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:54:16.0375 3524 WudfPf - ok
18:54:16.0406 3524 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:54:16.0437 3524 WudfRd - ok
18:54:16.0453 3524 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:54:16.0500 3524 WudfSvc - ok
18:54:16.0546 3524 [ F345FF726D92D58ABE5B0AEE08D29DF1 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:54:16.0703 3524 WZCSVC - ok
18:54:16.0765 3524 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:54:17.0015 3524 xmlprov - ok
18:54:17.0046 3524 ================ Scan global ===============================
18:54:17.0093 3524 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
18:54:17.0171 3524 [ 4FC123A5B7D8F5A9511CFF7B98F9596B ] C:\WINDOWS\system32\winsrv.dll
18:54:17.0218 3524 [ 4FC123A5B7D8F5A9511CFF7B98F9596B ] C:\WINDOWS\system32\winsrv.dll
18:54:17.0281 3524 [ 3D107D45CCFDB266E91D84B52CD7F430 ] C:\WINDOWS\system32\services.exe
18:54:17.0312 3524 [Global] - ok
18:54:17.0312 3524 ================ Scan MBR ==================================
18:54:17.0343 3524 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
18:54:17.0593 3524 \Device\Harddisk0\DR0 - ok
18:54:17.0593 3524 ================ Scan VBR ==================================
18:54:17.0609 3524 [ E8650D049AC5A1CCDC6E8463519573D8 ] \Device\Harddisk0\DR0\Partition1
18:54:17.0609 3524 \Device\Harddisk0\DR0\Partition1 - ok
18:54:17.0609 3524 ============================================================
18:54:17.0609 3524 Scan finished
18:54:17.0609 3524 ============================================================
18:54:17.0718 2368 Detected object count: 2
18:54:17.0718 2368 Actual detected object count: 2
18:55:04.0468 2368 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:55:04.0468 2368 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:55:04.0468 2368 StarWindService ( UnsignedFile.Multi.Generic ) - skipped by user
18:55:04.0468 2368 StarWindService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:55:19.0812 3272 Deinitialize success

Re: NT authority/system !!! Pomoc !

Napsal: 11 úno 2013 23:20
od vyosek
Fajn, jak se chova PC :???:

Re: NT authority/system !!! Pomoc !

Napsal: 12 úno 2013 15:53
od stefanjozef
Ahoj som online k vašej poslednej otázke uvádzam :
pc sa chová v celku normálne,len sa mi zdá,že je pomalí.

Re: NT authority/system !!! Pomoc !

Napsal: 12 úno 2013 15:58
od stefanjozef
mám docela problém sa dostat na vaše stránky v kuse mi hlási chybu :

General Error
SQL ERROR [ mysql4 ]

User igi has already more than 'max_user_connections' active connections [1203]

An sql error occurred while fetching this page. Please contact an administrator if this problem persists.

Re: NT authority/system !!! Pomoc !

Napsal: 12 úno 2013 17:06
od stefanjozef
General Error
SQL ERROR [ mysql4 ]

User igi has already more than 'max_user_connections' active connections [1203]

An sql error occurred while fetching this page. Please contact an administrator if this problem persists.
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz