prosim o kontrolu, PC je pomaly div ne stredoveke muceni

[heges]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pocitac at 2013-04-05 15:31:38
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 31 GB (40%) free of 76 GB
Total RAM: 1023 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:32:39, on 5.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fsproflt2.exe
C:\Documents and Settings\Pocitac\Data aplikací\id Software\Hide Folders 2012\hf.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\OSCAR Editor\OscarEditor.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\Pocitac\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Pocitac.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112555 ... 105aa5724d
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B28C670C-55A2-4C71-A0E2-54CA06DDBCEC}: NameServer = 94.142.233.120,94.142.233.140
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FSPro HFExt Service (fsphfext) - FSPro Labs - C:\WINDOWS\SYSTEM32\HFExtSvc.exe
O23 - Service: FSPro Filter Service 2 (fsproflt2) - FSPro Labs - C:\WINDOWS\system32\fsproflt2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 5819 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\YourFile Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-27 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-31 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-27 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-31 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-31 4297136]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 6756048]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-05 491008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OscarEditor"=C:\Program Files\OSCAR Editor\OscarEditor.exe [2009-11-24 2642432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTAPR2]
C:\Documents and Settings\Pocitac\Plocha\thx\Sound Blaster Tactic(3D) Control Panel\CTAPR2.exe [2009-11-11 65642]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX200 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE [2007-12-13 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
C:\PROGRA~1\Eraser\Eraser.exe [2012-05-22 980920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2003-08-15 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\fsproflt2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Pocitac\Data aplikací\id Software\quakelive\Wolfcam\wolfcamql7.5\wolfcamql.exe"="C:\Documents and Settings\Pocitac\Data aplikací\id Software\quakelive\Wolfcam\wolfcamql7.5\wolfcamql.exe:*:Enabled:wolfcamql"
"Q:\Tor Browser\App\tor.exe"="Q:\Tor Browser\App\tor.exe:*:Enabled:tor"
"C:\Program Files\YourFileDownloader\Downloader.exe"="C:\Program Files\YourFileDownloader\Downloader.exe:*:Enabled:YourFile Downloader"
"C:\Program Files\YourFileDownloader\YourFile.exe"="C:\Program Files\YourFileDownloader\YourFile.exe:*:Enabled:YourFile Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-04-05 15:31:38 ----D---- C:\rsit
2013-04-03 19:05:16 ----A---- C:\WINDOWS\Instit.ini
2013-04-03 19:05:15 ----D---- C:\Program Files\KYE
2013-04-03 19:05:15 ----A---- C:\WINDOWS\InstIt.exe
2013-04-03 19:05:14 ----A---- C:\WINDOWS\mHotkey.exe
2013-04-03 19:05:14 ----A---- C:\WINDOWS\HKNTDLL.dll
2013-03-29 01:35:27 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2013-03-23 14:42:13 ----D---- C:\Program Files\OSCAR Editor
2013-03-23 14:40:58 ----D---- C:\Program Files\OscarX7

======List of files/folders modified in the last 1 month======

2013-04-05 15:32:19 ----D---- C:\Program Files\trend micro
2013-04-05 15:31:51 ----D---- C:\Documents and Settings\Pocitac\Data aplikací\uTorrent
2013-04-05 15:31:32 ----D---- C:\WINDOWS\Prefetch
2013-04-05 13:41:42 ----D---- C:\WINDOWS\Temp
2013-04-04 22:41:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-04 22:41:13 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-03 19:05:16 ----D---- C:\WINDOWS
2013-04-03 19:05:15 ----RD---- C:\Program Files
2013-04-03 19:05:14 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-02 22:59:57 ----D---- C:\Documents and Settings\Pocitac\Data aplikací\vlc
2013-04-01 22:28:52 ----D---- C:\WINDOWS\system32
2013-04-01 22:28:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-03-25 17:22:34 ----HD---- C:\WINDOWS\inf
2013-03-23 14:43:36 ----SHD---- C:\WINDOWS\Installer
2013-03-21 21:31:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-03-21 21:30:54 ----D---- C:\WINDOWS\system32\drivers
2013-03-21 21:24:11 ----HD---- C:\WINDOWS\$hf_mig$
2013-03-21 01:43:44 ----D---- C:\WINDOWS\Debug
2013-03-14 17:51:22 ----A---- C:\WINDOWS\system32\MRT.exe
2013-03-14 17:50:55 ----D---- C:\Program Files\Internet Explorer
2013-03-14 17:50:34 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 FSProFilter2;FSPro File Filter 2; C:\WINDOWS\System32\Drivers\FSPFltd2.sys [2011-06-04 51760]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-11-08 99080]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\System32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 viasraid;viasraid; C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-08-05 77056]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-31 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-31 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-31 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-31 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-31 54232]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-11-08 497952]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-11-08 32640]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-01-20 31644]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2012-09-07 231760]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-31 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-31 97608]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-15 462684]
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-05-24 11392]
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 XENFilt;XENFilt; C:\WINDOWS\system32\drivers\XENFilt.sys [2010-07-24 2016640]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-31 44808]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 1990464]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2011-10-19 423424]
R2 fsproflt2;FSPro Filter Service 2; C:\WINDOWS\system32\fsproflt2.exe [2012-07-12 49512]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2012-09-02 126976]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsphfext;FSPro HFExt Service; C:\WINDOWS\SYSTEM32\HFExtSvc.exe [2012-11-16 153920]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


díky moc za nezištnou pomoc

[Roli]

Zdravím, tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112555 ... 105aa5724d
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\Pocitac.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[heges]

ComboFix 13-04-05.01 - Pocitac 06.04.2013 3:15.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.555 [GMT 2:00]
Spuštěný z: c:\documents and settings\Pocitac\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Pocitac\WINDOWS
c:\windows\IsUn0405.exe
c:\windows\system32\auto.exe
c:\windows\system32\dllcache\wmpvis.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-06 do 2013-04-06 )))))))))))))))))))))))))))))))
.
.
2013-04-05 13:31 . 2013-04-05 13:33 -------- d-----w- C:\rsit
2013-04-03 17:05 . 2002-11-06 13:14 4282 ----a-w- c:\windows\NT4_98.reg
2013-04-03 17:05 . 2002-11-06 08:15 4264 ----a-w- c:\windows\MeXP.reg
2013-04-03 17:05 . 2002-11-06 08:15 4280 ----a-w- c:\windows\2K.reg
2013-04-03 17:05 . 2013-04-03 17:05 -------- d-----w- c:\program files\KYE
2013-04-03 17:05 . 2001-09-06 18:45 233472 ----a-w- c:\windows\InstIt.exe
2013-04-03 17:05 . 2002-07-05 14:37 491008 ----a-w- c:\windows\mHotkey.exe
2013-04-03 17:05 . 2001-07-02 18:36 24576 ----a-w- c:\windows\HKNTDLL.dll
2013-04-03 17:05 . 2000-08-07 09:57 5280 ----a-w- c:\windows\hotbtnv.vxd
2013-03-23 12:42 . 2013-03-23 12:44 -------- d-----w- c:\program files\OSCAR Editor
2013-03-23 12:40 . 2013-03-23 12:41 -------- d-----w- c:\program files\OscarX7
2013-03-21 18:45 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-03-21 18:45 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-12 00:32 . 2012-08-27 13:04 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2001-10-25 13:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-05 20:15 . 2002-09-20 18:05 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:15 . 2002-09-20 18:04 43520 ------w- c:\windows\system32\licmgr10.dll
2013-02-05 20:15 . 2002-09-20 18:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2012-08-27 13:04 385024 ------w- c:\windows\system32\html.iec
2013-01-26 03:55 . 2002-09-20 18:04 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2002-09-20 17:12 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2002-09-20 17:12 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt2]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2002-07-05 14:37 491008 ----a-w- c:\windows\mHotkey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
2012-11-07 23:37 6756048 ----a-w- c:\program files\COMODO\COMODO Internet Security\cfp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTAPR2]
2009-11-11 09:44 65642 ------w- c:\documents and settings\Pocitac\Plocha\thx\Sound Blaster Tactic(3D) Control Panel\CTAPR2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX200 Series]
2007-12-13 04:00 188928 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIEFE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
2012-05-22 06:13 980920 ----a-w- c:\progra~1\Eraser\Eraser.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-03 03:46 13529088 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-03 03:46 1630208 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor]
2009-11-24 17:13 2642432 ----a-w- c:\program files\OSCAR Editor\OscarEditor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2003-08-15 07:34 57344 ----a-w- c:\windows\SOUNDMAN.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Pocitac\\Data aplikací\\id Software\\quakelive\\Wolfcam\\wolfcamql7.5\\wolfcamql.exe"=
.
R0 FSProFilter2;FSPro File Filter 2;c:\windows\system32\drivers\FSPFltd2.sys [16.11.2012 22:45 51760]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [27.8.2012 17:51 77056]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.8.2012 15:20 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.8.2012 15:20 361032]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [11.3.2012 21:13 497952]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [11.3.2012 21:13 32640]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.8.2012 15:20 21256]
R2 fsproflt2;FSPro Filter Service 2;c:\windows\system32\fsproflt2.exe [16.11.2012 22:45 49512]
S3 fsphfext;FSPro HFExt Service;c:\windows\system32\HFExtSvc.exe [16.11.2012 23:00 153920]
S3 XENFilt;XENFilt;c:\windows\system32\drivers\XENFilt.sys [3.1.2013 21:55 2016640]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-07 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-08-27 22:50]
.
.
------- Doplňkový sken -------
.
TCP: Interfaces\{B28C670C-55A2-4C71-A0E2-54CA06DDBCEC}: NameServer = 94.142.233.120,94.142.233.140
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-06 03:29
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\System32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(660)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(716)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'csrss.exe'(632)
c:\windows\system32\cmdcsr.dll
.
Celkový čas: 2013-04-06 03:33:46
ComboFix-quarantined-files.txt 2013-04-06 01:33
.
Před spuštěním: Volných bajtů: 32 667 279 360
Po spuštění: Volných bajtů: 32 678 338 560
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - E4F389EE8E7ED6513AD6A6F0AF27109E

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Stáhni TDSSKiller a ulož ho na plochu.

Spusť aplikaci, vyber volbu Spustit kontrolu a klik na Start sken

Pokud aplikace najde infikovaný soubor, ukáže se Ti předvolená akce Cure,

v tom případě potvrď tlačítko Continue

Pokud bude chtít apliakce restartovat počítač, klikni na tlačítko Reboot Now

Pokud si restart nevyžádá, klikni na tlačítko Report.

Po té na Tebe vypadne log, jeho obsah zkopíruj sem.

Pokud se log nezobrazí, je uložený na C:\TDSSKiller

[heges]

15:14:53.0312 3876 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:14:53.0531 3876 ============================================================
15:14:53.0531 3876 Current date / time: 2013/04/19 15:14:53.0531
15:14:53.0531 3876 SystemInfo:
15:14:53.0531 3876
15:14:53.0531 3876 OS Version: 5.1.2600 ServicePack: 3.0
15:14:53.0531 3876 Product type: Workstation
15:14:53.0531 3876 ComputerName: J-5NYKXGN4XAYH2
15:14:53.0531 3876 UserName: Pocitac
15:14:53.0531 3876 Windows directory: C:\WINDOWS
15:14:53.0531 3876 System windows directory: C:\WINDOWS
15:14:53.0531 3876 Processor architecture: Intel x86
15:14:53.0531 3876 Number of processors: 1
15:14:53.0531 3876 Page size: 0x1000
15:14:53.0531 3876 Boot type: Normal boot
15:14:53.0531 3876 ============================================================
15:14:55.0156 3876 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:14:55.0171 3876 ============================================================
15:14:55.0171 3876 \Device\Harddisk0\DR0:
15:14:55.0171 3876 MBR partitions:
15:14:55.0171 3876 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
15:14:55.0171 3876 ============================================================
15:14:55.0187 3876 C: <-> \Device\Harddisk0\DR0\Partition1
15:14:55.0187 3876 ============================================================
15:14:55.0187 3876 Initialize success
15:14:55.0187 3876 ============================================================
15:14:56.0953 3956 ============================================================
15:14:56.0953 3956 Scan started
15:14:56.0953 3956 Mode: Manual;
15:14:56.0953 3956 ============================================================
15:14:57.0734 3956 ================ Scan system memory ========================
15:14:57.0734 3956 System memory - ok
15:14:57.0765 3956 ================ Scan services =============================
15:14:58.0093 3956 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
15:14:58.0093 3956 Aavmker4 - ok
15:14:58.0156 3956 Abiosdsk - ok
15:14:58.0234 3956 abp480n5 - ok
15:14:58.0343 3956 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:14:58.0343 3956 ACPI - ok
15:14:58.0437 3956 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:14:58.0453 3956 ACPIEC - ok
15:14:58.0484 3956 adpu160m - ok
15:14:58.0578 3956 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:14:58.0625 3956 aec - ok
15:14:58.0718 3956 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:14:58.0718 3956 AFD - ok
15:14:58.0781 3956 Aha154x - ok
15:14:58.0859 3956 aic78u2 - ok
15:14:58.0921 3956 aic78xx - ok
15:14:58.0984 3956 [ A9355A51698F6901B362EF738B15631D ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
15:14:59.0000 3956 ALCXSENS - ok
15:14:59.0125 3956 [ B191753B1AA2E7B11A18D5FDE8248AA2 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
15:14:59.0140 3956 ALCXWDM - ok
15:14:59.0234 3956 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:14:59.0250 3956 Alerter - ok
15:14:59.0328 3956 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
15:14:59.0375 3956 ALG - ok
15:14:59.0453 3956 AliIde - ok
15:14:59.0531 3956 amsint - ok
15:14:59.0625 3956 AppMgmt - ok
15:14:59.0687 3956 asc - ok
15:14:59.0765 3956 asc3350p - ok
15:14:59.0828 3956 asc3550 - ok
15:14:59.0984 3956 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:15:00.0000 3956 aspnet_state - ok
15:15:00.0093 3956 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:15:00.0093 3956 aswFsBlk - ok
15:15:00.0187 3956 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
15:15:00.0218 3956 aswMon2 - ok
15:15:00.0312 3956 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
15:15:00.0312 3956 AswRdr - ok
15:15:00.0437 3956 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:15:00.0453 3956 aswSnx - ok
15:15:01.0031 3956 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:15:01.0062 3956 aswSP - ok
15:15:01.0078 3956 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
15:15:01.0093 3956 aswTdi - ok
15:15:01.0171 3956 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:15:01.0171 3956 AsyncMac - ok
15:15:01.0203 3956 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:15:01.0218 3956 atapi - ok
15:15:01.0234 3956 Atdisk - ok
15:15:01.0265 3956 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:15:01.0281 3956 Atmarpc - ok
15:15:01.0328 3956 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:15:01.0328 3956 AudioSrv - ok
15:15:01.0406 3956 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:15:01.0406 3956 audstub - ok
15:15:01.0484 3956 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:15:01.0500 3956 avast! Antivirus - ok
15:15:01.0546 3956 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:15:01.0562 3956 Beep - ok
15:15:01.0640 3956 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
15:15:01.0703 3956 BITS - ok
15:15:01.0750 3956 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
15:15:01.0750 3956 Browser - ok
15:15:01.0796 3956 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:15:01.0828 3956 cbidf2k - ok
15:15:01.0843 3956 cd20xrnt - ok
15:15:01.0890 3956 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:15:01.0906 3956 Cdaudio - ok
15:15:01.0953 3956 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:15:01.0953 3956 Cdfs - ok
15:15:01.0984 3956 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:15:01.0984 3956 Cdrom - ok
15:15:02.0000 3956 Changer - ok
15:15:02.0046 3956 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:15:02.0046 3956 CiSvc - ok
15:15:02.0078 3956 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:15:02.0093 3956 ClipSrv - ok
15:15:02.0140 3956 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:15:02.0156 3956 clr_optimization_v2.0.50727_32 - ok
15:15:02.0296 3956 [ 2A2D72271844C52F004901A60312B96A ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
15:15:02.0328 3956 cmdAgent - ok
15:15:02.0406 3956 [ 9181CC4D007ADBE21DB9A11BFECAFEF5 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
15:15:02.0406 3956 cmdGuard - ok
15:15:02.0421 3956 [ C5A9FB50E8CA7FD99F256255FEE71580 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
15:15:02.0437 3956 cmdHlp - ok
15:15:02.0453 3956 CmdIde - ok
15:15:02.0468 3956 COMSysApp - ok
15:15:02.0484 3956 Cpqarray - ok
15:15:02.0531 3956 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:15:02.0546 3956 CryptSvc - ok
15:15:02.0609 3956 [ EDBA1382E5D7D1E71442B43E170CF8D4 ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
15:15:02.0625 3956 CTAudSvcService - ok
15:15:02.0625 3956 dac2w2k - ok
15:15:03.0140 3956 dac960nt - ok
15:15:03.0203 3956 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:15:03.0453 3956 DcomLaunch - ok
15:15:03.0531 3956 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:15:03.0546 3956 Dhcp - ok
15:15:03.0578 3956 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:15:03.0578 3956 Disk - ok
15:15:03.0593 3956 dmadmin - ok
15:15:03.0656 3956 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:15:03.0671 3956 dmboot - ok
15:15:03.0687 3956 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:15:03.0687 3956 dmio - ok
15:15:03.0718 3956 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:15:03.0718 3956 dmload - ok
15:15:03.0765 3956 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:15:03.0781 3956 dmserver - ok
15:15:03.0859 3956 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:15:03.0875 3956 DMusic - ok
15:15:03.0921 3956 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:15:03.0937 3956 Dnscache - ok
15:15:03.0984 3956 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:15:03.0984 3956 Dot3svc - ok
15:15:04.0000 3956 dpti2o - ok
15:15:04.0015 3956 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:15:04.0031 3956 drmkaud - ok
15:15:04.0046 3956 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:15:04.0062 3956 EapHost - ok
15:15:04.0343 3956 [ 6E883BF518296A40959131C2304AF714 ] EL90XBC C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
15:15:04.0359 3956 EL90XBC - ok
15:15:04.0531 3956 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:15:04.0546 3956 ERSvc - ok
15:15:04.0593 3956 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
15:15:04.0640 3956 Eventlog - ok
15:15:04.0687 3956 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
15:15:04.0703 3956 EventSystem - ok
15:15:04.0734 3956 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:15:04.0734 3956 Fastfat - ok
15:15:04.0781 3956 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:15:04.0812 3956 FastUserSwitchingCompatibility - ok
15:15:04.0843 3956 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:15:04.0843 3956 Fdc - ok
15:15:04.0890 3956 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:15:04.0906 3956 Fips - ok
15:15:04.0921 3956 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:15:04.0937 3956 Flpydisk - ok
15:15:04.0968 3956 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:15:04.0984 3956 FltMgr - ok
15:15:05.0046 3956 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:15:05.0062 3956 FontCache3.0.0.0 - ok
15:15:05.0109 3956 [ C3D2D22FB2B9F47D45AFD391D7163F05 ] fsphfext C:\WINDOWS\SYSTEM32\HFExtSvc.exe
15:15:05.0125 3956 fsphfext - ok
15:15:05.0171 3956 [ 213B080590BF65E2285C232D7937885C ] FSProFilter2 C:\WINDOWS\system32\Drivers\FSPFltd2.sys
15:15:05.0203 3956 FSProFilter2 - ok
15:15:05.0218 3956 [ 8FB765FCD48C093F6276D43C05B9C5F1 ] fsproflt2 C:\WINDOWS\system32\fsproflt2.exe
15:15:05.0375 3956 fsproflt2 - ok
15:15:05.0468 3956 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:15:05.0484 3956 Fs_Rec - ok
15:15:05.0546 3956 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:15:05.0546 3956 Ftdisk - ok
15:15:05.0625 3956 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:15:05.0671 3956 Gpc - ok
15:15:05.0750 3956 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:15:05.0750 3956 helpsvc - ok
15:15:05.0828 3956 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:15:05.0984 3956 HidServ - ok
15:15:06.0109 3956 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:15:06.0156 3956 hidusb - ok
15:15:06.0234 3956 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:15:06.0843 3956 hkmsvc - ok
15:15:06.0875 3956 hpn - ok
15:15:06.0968 3956 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:15:07.0015 3956 HTTP - ok
15:15:07.0078 3956 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:15:07.0343 3956 HTTPFilter - ok
15:15:07.0359 3956 i2omgmt - ok
15:15:07.0359 3956 i2omp - ok
15:15:07.0390 3956 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:15:07.0406 3956 i8042prt - ok
15:15:07.0468 3956 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:15:07.0484 3956 IDriverT - ok
15:15:07.0578 3956 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:15:07.0593 3956 idsvc - ok
15:15:07.0625 3956 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:15:07.0640 3956 Imapi - ok
15:15:07.0703 3956 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:15:07.0718 3956 ImapiService - ok
15:15:07.0734 3956 ini910u - ok
15:15:07.0781 3956 [ E1DF634BEC066B3D4FFE437BCB78C282 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
15:15:07.0796 3956 Inspect - ok
15:15:07.0812 3956 IntelIde - ok
15:15:07.0859 3956 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:15:07.0859 3956 intelppm - ok
15:15:07.0875 3956 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:15:07.0890 3956 ip6fw - ok
15:15:07.0906 3956 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:15:07.0921 3956 IpFilterDriver - ok
15:15:07.0921 3956 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:15:07.0937 3956 IpInIp - ok
15:15:07.0968 3956 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:15:07.0984 3956 IpNat - ok
15:15:08.0000 3956 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:15:08.0000 3956 IPSec - ok
15:15:08.0015 3956 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:15:08.0031 3956 IRENUM - ok
15:15:08.0046 3956 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:15:08.0062 3956 isapnp - ok
15:15:08.0093 3956 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:15:08.0093 3956 Kbdclass - ok
15:15:08.0109 3956 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:15:08.0125 3956 kbdhid - ok
15:15:08.0171 3956 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:15:08.0187 3956 kmixer - ok
15:15:08.0218 3956 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:15:08.0234 3956 KSecDD - ok
15:15:08.0265 3956 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:15:08.0312 3956 lanmanserver - ok
15:15:08.0359 3956 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:15:08.0390 3956 lanmanworkstation - ok
15:15:08.0406 3956 lbrtfdc - ok
15:15:08.0468 3956 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:15:08.0484 3956 LmHosts - ok
15:15:08.0546 3956 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:15:08.0578 3956 Messenger - ok
15:15:08.0609 3956 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:15:08.0609 3956 mnmdd - ok
15:15:08.0656 3956 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
15:15:08.0687 3956 mnmsrvc - ok
15:15:08.0718 3956 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:15:08.0734 3956 Modem - ok
15:15:08.0765 3956 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:15:08.0781 3956 Mouclass - ok
15:15:08.0796 3956 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:15:08.0812 3956 mouhid - ok
15:15:08.0828 3956 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:15:08.0828 3956 MountMgr - ok
15:15:08.0843 3956 mraid35x - ok
15:15:08.0875 3956 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:15:08.0906 3956 MRxDAV - ok
15:15:08.0968 3956 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:15:08.0984 3956 MRxSmb - ok
15:15:09.0015 3956 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:15:09.0031 3956 MSDTC - ok
15:15:09.0062 3956 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:15:09.0078 3956 Msfs - ok
15:15:09.0093 3956 MSIServer - ok
15:15:09.0140 3956 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:15:09.0140 3956 MSKSSRV - ok
15:15:09.0156 3956 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:15:09.0171 3956 MSPCLOCK - ok
15:15:09.0171 3956 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:15:09.0187 3956 MSPQM - ok
15:15:09.0218 3956 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:15:09.0218 3956 mssmbios - ok
15:15:09.0265 3956 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:15:09.0281 3956 Mup - ok
15:15:09.0312 3956 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:15:09.0343 3956 napagent - ok
15:15:09.0406 3956 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:15:09.0406 3956 NDIS - ok
15:15:09.0453 3956 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:15:09.0468 3956 NdisTapi - ok
15:15:09.0484 3956 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:15:09.0484 3956 Ndisuio - ok
15:15:09.0500 3956 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:15:09.0515 3956 NdisWan - ok
15:15:09.0562 3956 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:15:09.0578 3956 NDProxy - ok
15:15:09.0593 3956 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:15:09.0593 3956 NetBIOS - ok
15:15:09.0625 3956 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:15:09.0640 3956 NetBT - ok
15:15:09.0671 3956 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
15:15:09.0703 3956 NetDDE - ok
15:15:09.0718 3956 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:15:09.0750 3956 NetDDEdsdm - ok
15:15:09.0781 3956 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:15:09.0796 3956 Netlogon - ok
15:15:09.0828 3956 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
15:15:09.0843 3956 Netman - ok
15:15:09.0890 3956 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:15:09.0890 3956 NetTcpPortSharing - ok
15:15:09.0937 3956 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
15:15:09.0968 3956 Nla - ok
15:15:10.0015 3956 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:15:10.0015 3956 Npfs - ok
15:15:10.0046 3956 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:15:10.0078 3956 Ntfs - ok
15:15:10.0093 3956 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
15:15:10.0109 3956 NtLmSsp - ok
15:15:10.0171 3956 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:15:10.0187 3956 NtmsSvc - ok
15:15:10.0218 3956 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:15:10.0234 3956 Null - ok
15:15:10.0515 3956 [ 8E72E452B9CC1E455D19E3C9FA964D37 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:15:10.0625 3956 nv - ok
15:15:10.0656 3956 [ 934833B3CD462A6F8A96F64D024C8B20 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:15:10.0687 3956 NVSvc - ok
15:15:10.0718 3956 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:15:10.0718 3956 NwlnkFlt - ok
15:15:10.0750 3956 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:15:10.0750 3956 NwlnkFwd - ok
15:15:10.0796 3956 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:15:10.0812 3956 Parport - ok
15:15:10.0828 3956 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:15:10.0843 3956 PartMgr - ok
15:15:10.0875 3956 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:15:10.0890 3956 ParVdm - ok
15:15:10.0906 3956 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:15:10.0906 3956 PCI - ok
15:15:10.0921 3956 PCIDump - ok
15:15:10.0953 3956 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:15:10.0953 3956 PCIIde - ok
15:15:10.0984 3956 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:15:10.0984 3956 Pcmcia - ok
15:15:11.0000 3956 PDCOMP - ok
15:15:11.0015 3956 PDFRAME - ok
15:15:11.0031 3956 PDRELI - ok
15:15:11.0046 3956 PDRFRAME - ok
15:15:11.0046 3956 perc2 - ok
15:15:11.0062 3956 perc2hib - ok
15:15:11.0125 3956 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
15:15:11.0171 3956 PlugPlay - ok
15:15:11.0171 3956 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:15:11.0203 3956 PolicyAgent - ok
15:15:11.0234 3956 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:15:11.0234 3956 PptpMiniport - ok
15:15:11.0265 3956 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:15:11.0265 3956 Processor - ok
15:15:11.0312 3956 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
15:15:11.0328 3956 prodrv06 - ok
15:15:11.0375 3956 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
15:15:11.0375 3956 prohlp02 - ok
15:15:11.0406 3956 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
15:15:11.0421 3956 prosync1 - ok
15:15:11.0453 3956 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:15:11.0468 3956 ProtectedStorage - ok
15:15:11.0500 3956 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:15:11.0500 3956 PSched - ok
15:15:11.0531 3956 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:15:11.0546 3956 Ptilink - ok
15:15:11.0546 3956 ql1080 - ok
15:15:11.0562 3956 Ql10wnt - ok
15:15:11.0578 3956 ql12160 - ok
15:15:11.0593 3956 ql1240 - ok
15:15:11.0609 3956 ql1280 - ok
15:15:11.0640 3956 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:15:11.0640 3956 RasAcd - ok
15:15:11.0687 3956 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:15:11.0734 3956 RasAuto - ok
15:15:11.0750 3956 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:15:11.0765 3956 Rasl2tp - ok
15:15:11.0828 3956 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:15:11.0859 3956 RasMan - ok
15:15:11.0859 3956 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:15:11.0890 3956 RasPppoe - ok
15:15:11.0906 3956 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:15:11.0921 3956 Raspti - ok
15:15:11.0984 3956 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:15:11.0984 3956 Rdbss - ok
15:15:12.0000 3956 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:15:12.0015 3956 RDPCDD - ok
15:15:12.0078 3956 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:15:12.0078 3956 RDPWD - ok
15:15:12.0109 3956 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:15:12.0140 3956 RDSessMgr - ok
15:15:12.0171 3956 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:15:12.0171 3956 redbook - ok
15:15:12.0218 3956 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:15:12.0234 3956 RemoteAccess - ok
15:15:12.0250 3956 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
15:15:12.0281 3956 RpcLocator - ok
15:15:12.0328 3956 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
15:15:12.0359 3956 RpcSs - ok
15:15:12.0390 3956 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
15:15:12.0421 3956 RSVP - ok
15:15:12.0468 3956 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
15:15:12.0484 3956 rtl8139 - ok
15:15:12.0500 3956 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
15:15:12.0515 3956 SamSs - ok
15:15:12.0562 3956 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:15:12.0593 3956 SCardSvr - ok
15:15:12.0640 3956 [ 46B50C07ABFDA51D9B22212EAEB82D2B ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
15:15:12.0656 3956 SCDEmu - ok
15:15:12.0703 3956 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:15:12.0734 3956 Schedule - ok
15:15:12.0781 3956 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:15:12.0781 3956 Secdrv - ok
15:15:12.0812 3956 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:15:12.0843 3956 seclogon - ok
15:15:12.0859 3956 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
15:15:12.0906 3956 SENS - ok
15:15:12.0921 3956 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:15:12.0921 3956 serenum - ok
15:15:12.0937 3956 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:15:12.0953 3956 Serial - ok
15:15:13.0000 3956 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
15:15:13.0000 3956 sfhlp01 - ok
15:15:13.0015 3956 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:15:13.0031 3956 Sfloppy - ok
15:15:13.0078 3956 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:15:13.0093 3956 SharedAccess - ok
15:15:13.0125 3956 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:15:13.0156 3956 ShellHWDetection - ok
15:15:13.0171 3956 Simbad - ok
15:15:13.0187 3956 Sparrow - ok
15:15:13.0234 3956 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:15:13.0250 3956 splitter - ok
15:15:13.0296 3956 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:15:13.0328 3956 Spooler - ok
15:15:13.0375 3956 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:15:13.0375 3956 sr - ok
15:15:13.0437 3956 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
15:15:13.0468 3956 srservice - ok
15:15:13.0531 3956 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:15:13.0531 3956 Srv - ok
15:15:13.0593 3956 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:15:13.0703 3956 SSDPSRV - ok
15:15:13.0750 3956 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:15:13.0796 3956 stisvc - ok
15:15:13.0812 3956 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:15:13.0812 3956 swenum - ok
15:15:13.0843 3956 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:15:13.0843 3956 swmidi - ok
15:15:13.0859 3956 SwPrv - ok
15:15:13.0875 3956 symc810 - ok
15:15:13.0890 3956 symc8xx - ok
15:15:13.0921 3956 sym_hi - ok
15:15:13.0921 3956 sym_u3 - ok
15:15:13.0984 3956 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:15:14.0000 3956 sysaudio - ok
15:15:14.0046 3956 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:15:14.0468 3956 SysmonLog - ok
15:15:14.0531 3956 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:15:14.0812 3956 TapiSrv - ok
15:15:14.0890 3956 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:15:14.0937 3956 Tcpip - ok
15:15:15.0031 3956 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:15:15.0031 3956 TDPIPE - ok
15:15:15.0046 3956 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:15:15.0062 3956 TDTCP - ok
15:15:15.0093 3956 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:15:15.0281 3956 TermDD - ok
15:15:15.0328 3956 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
15:15:15.0375 3956 TermService - ok
15:15:15.0406 3956 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:15:15.0437 3956 Themes - ok
15:15:15.0453 3956 TosIde - ok
15:15:15.0468 3956 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:15:15.0500 3956 TrkWks - ok
15:15:15.0562 3956 [ ED5E4CE36C54F55E7698642E94D32EC7 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
15:15:15.0578 3956 truecrypt - ok
15:15:15.0625 3956 [ D85938F272D1BCF3DB3A31FC0A048928 ] uagp35 C:\WINDOWS\system32\DRIVERS\uagp35.sys
15:15:15.0625 3956 uagp35 - ok
15:15:15.0671 3956 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:15:15.0671 3956 Udfs - ok
15:15:15.0687 3956 ultra - ok
15:15:15.0765 3956 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:15:15.0812 3956 Update - ok
15:15:15.0843 3956 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
15:15:15.0906 3956 upnphost - ok
15:15:15.0937 3956 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
15:15:15.0984 3956 UPS - ok
15:15:16.0031 3956 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:15:16.0093 3956 usbaudio - ok
15:15:16.0125 3956 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:15:16.0140 3956 usbccgp - ok
15:15:16.0187 3956 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:15:16.0187 3956 usbehci - ok
15:15:16.0218 3956 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:15:16.0234 3956 usbhub - ok
15:15:16.0281 3956 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:15:16.0281 3956 usbprint - ok
15:15:16.0328 3956 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:15:16.0343 3956 usbscan - ok
15:15:16.0390 3956 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:15:16.0406 3956 usbstor - ok
15:15:16.0468 3956 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:15:16.0484 3956 usbuhci - ok
15:15:16.0515 3956 [ 0EDFE36E05A62888EFF6D97AE494B2A5 ] UserAccess7 C:\WINDOWS\system32\UAService7.exe
15:15:16.0562 3956 UserAccess7 - ok
15:15:16.0593 3956 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:15:16.0609 3956 VgaSave - ok
15:15:16.0671 3956 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys
15:15:16.0718 3956 viaagp1 - ok
15:15:16.0781 3956 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
15:15:16.0859 3956 ViaIde - ok
15:15:16.0984 3956 [ 2EAB80850163B2A123D09F34574BEDCF ] viasraid C:\WINDOWS\system32\DRIVERS\viasraid.sys
15:15:17.0078 3956 viasraid - ok
15:15:17.0109 3956 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:15:17.0593 3956 VolSnap - ok
15:15:17.0640 3956 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
15:15:18.0187 3956 VSS - ok
15:15:18.0218 3956 [ 16409C468CEEE99B6B129FCAA5C0F206 ] vulfnths C:\WINDOWS\System32\Drivers\vulfnth.sys
15:15:18.0234 3956 vulfnths - ok
15:15:18.0250 3956 [ 9FCAD546C6285D5073FB926709203049 ] vulfntrs C:\WINDOWS\System32\Drivers\vulfntr.sys
15:15:18.0281 3956 vulfntrs - ok
15:15:18.0312 3956 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
15:15:18.0406 3956 W32Time - ok
15:15:18.0453 3956 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:15:18.0609 3956 Wanarp - ok
15:15:18.0640 3956 WDICA - ok
15:15:18.0671 3956 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:15:18.0828 3956 wdmaud - ok
15:15:18.0875 3956 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:15:19.0250 3956 WebClient - ok
15:15:19.0562 3956 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:15:19.0906 3956 winmgmt - ok
15:15:20.0000 3956 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
15:15:20.0468 3956 WmdmPmSN - ok
15:15:20.0546 3956 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
15:15:20.0656 3956 WmiApSrv - ok
15:15:20.0718 3956 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:15:20.0718 3956 WS2IFSL - ok
15:15:20.0921 3956 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:15:21.0125 3956 wscsvc - ok
15:15:21.0218 3956 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:15:21.0281 3956 wuauserv - ok
15:15:21.0328 3956 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:15:21.0375 3956 WZCSVC - ok
15:15:21.0687 3956 [ 9D59A5666CC2603E0E524A8F7133D494 ] XENFilt C:\WINDOWS\system32\drivers\XENFilt.sys
15:15:21.0750 3956 XENFilt - ok
15:15:21.0796 3956 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:15:21.0890 3956 xmlprov - ok
15:15:21.0906 3956 ================ Scan global ===============================
15:15:21.0953 3956 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
15:15:22.0031 3956 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
15:15:22.0140 3956 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
15:15:22.0218 3956 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
15:15:22.0312 3956 [Global] - ok
15:15:22.0328 3956 ================ Scan MBR ==================================
15:15:22.0359 3956 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
15:15:22.0687 3956 \Device\Harddisk0\DR0 - ok
15:15:22.0703 3956 ================ Scan VBR ==================================
15:15:22.0750 3956 [ C65006B3FBEAA280E328461FB77BC0D7 ] \Device\Harddisk0\DR0\Partition1
15:15:22.0750 3956 \Device\Harddisk0\DR0\Partition1 - ok
15:15:22.0750 3956 ============================================================
15:15:22.0750 3956 Scan finished
15:15:22.0750 3956 ============================================================
15:15:22.0781 3984 Detected object count: 0
15:15:22.0781 3984 Actual detected object count: 0

[Roli]

Nyní použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !

[heges]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.25.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Pocitac :: J-5NYKXGN4XAYH2 [administrátor]

25.4.2013 17:20:04
mbam-log-2013-04-25 (17-20-04).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 245612
Uplynulý čas: 1 hodin, 34 minut, 11 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Roli]

Bezva, jaký je stav PC ?