prosím o kontrolu logu Vyřešeno

[kudr8]

nefunguje mi mikrofon, už jsem zkoušel všechno možné, všude jsem všechno zhlasil, všechno jsem povolil, dokonce jsme si koupil extertní zvukovku. nic nepomohlo tak mi kamarád říkal že mám ještě nechat zkontrolovat log, že to třeba pomůže..

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:28, on 16.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\EslWire\service\WireHelperSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Frantisek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Frantisek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Frantisek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Frantisek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Frantisek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Frantisek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\HJT\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/cz/c ... efault.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.split.im/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5660153859
O17 - HKLM\System\CCS\Services\Tcpip\..\{86A0B92E-98E3-43D9-AFE4-4300C4E2B11A}: Domain = gumotex.cz
O17 - HKLM\System\CS1\Services\Tcpip\..\{86A0B92E-98E3-43D9-AFE4-4300C4E2B11A}: Domain = gumotex.cz
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ESL Wire Helper Service (EslWireHelper) - Unknown owner - C:\Program Files\EslWire\service\WireHelperSvc.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7734 bytes

[Reklama]

[Orcus]

Odinstaluj uTorrentControl2 Toolbar.

Fixni:

Kód: Vybrat vše

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5660153859


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

===================================================

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[kudr8]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.0.1400
www.malwarebytes.org

Verze databáze: v2012.10.16.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Frantisek :: KOVALCIK [administrátor]

Ochrana: Povolena

16.10.2012 17:38:53
mbam-log-2012-10-16 (17-48-59).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 213124
Uplynulý čas: 9 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|Windows System Controler (Trojan.Agent) -> Data: c:\windows\nvsvc32.exe -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Žádná instrukce nebyla provedena.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[memphisto]

- Takže spus znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[kudr8]

zapoměl jsem na ten log a už jsem restartoval počítač, vadí to? (zatím normálně pokračuju v dalším postupu...)

[kudr8]

log z TDSSKiller:

18:43:19.0843 4044 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
18:43:20.0031 4044 ============================================================
18:43:20.0031 4044 Current date / time: 2012/10/16 18:43:20.0031
18:43:20.0031 4044 SystemInfo:
18:43:20.0031 4044
18:43:20.0031 4044 OS Version: 5.1.2600 ServicePack: 3.0
18:43:20.0031 4044 Product type: Workstation
18:43:20.0031 4044 ComputerName: KOVALCIK
18:43:20.0031 4044 UserName: Frantisek
18:43:20.0031 4044 Windows directory: C:\WINDOWS
18:43:20.0031 4044 System windows directory: C:\WINDOWS
18:43:20.0031 4044 Processor architecture: Intel x86
18:43:20.0031 4044 Number of processors: 1
18:43:20.0031 4044 Page size: 0x1000
18:43:20.0031 4044 Boot type: Normal boot
18:43:20.0031 4044 ============================================================
18:43:21.0562 4044 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:43:21.0562 4044 ============================================================
18:43:21.0562 4044 \Device\Harddisk0\DR0:
18:43:21.0562 4044 MBR partitions:
18:43:21.0562 4044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x4A65CF8
18:43:21.0562 4044 ============================================================
18:43:21.0578 4044 C: <-> \Device\Harddisk0\DR0\Partition1
18:43:21.0578 4044 ============================================================
18:43:21.0578 4044 Initialize success
18:43:21.0578 4044 ============================================================
18:43:29.0078 3096 ============================================================
18:43:29.0078 3096 Scan started
18:43:29.0078 3096 Mode: Manual;
18:43:29.0078 3096 ============================================================
18:43:29.0406 3096 ================ Scan system memory ========================
18:43:29.0406 3096 System memory - ok
18:43:29.0406 3096 ================ Scan services =============================
18:43:29.0515 3096 1394hub - ok
18:43:29.0562 3096 [ 0B27AE82C113D3687024D18459440426 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
18:43:29.0562 3096 Aavmker4 - ok
18:43:29.0578 3096 Abiosdsk - ok
18:43:29.0625 3096 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
18:43:29.0625 3096 abp480n5 - ok
18:43:29.0703 3096 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:43:29.0703 3096 ACPI - ok
18:43:29.0734 3096 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:43:29.0734 3096 ACPIEC - ok
18:43:29.0765 3096 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\System32\DRIVERS\adpu160m.sys
18:43:29.0765 3096 adpu160m - ok
18:43:29.0890 3096 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
18:43:29.0906 3096 AdvancedSystemCareService5 - ok
18:43:29.0937 3096 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
18:43:29.0937 3096 aeaudio - ok
18:43:29.0984 3096 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:43:29.0984 3096 aec - ok
18:43:30.0015 3096 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:43:30.0015 3096 AFD - ok
18:43:30.0062 3096 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\System32\DRIVERS\agp440.sys
18:43:30.0062 3096 agp440 - ok
18:43:30.0093 3096 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
18:43:30.0109 3096 agpCPQ - ok
18:43:30.0125 3096 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\System32\DRIVERS\aha154x.sys
18:43:30.0125 3096 Aha154x - ok
18:43:30.0140 3096 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\System32\DRIVERS\aic78u2.sys
18:43:30.0140 3096 aic78u2 - ok
18:43:30.0156 3096 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\System32\DRIVERS\aic78xx.sys
18:43:30.0156 3096 aic78xx - ok
18:43:30.0187 3096 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:43:30.0187 3096 Alerter - ok
18:43:30.0218 3096 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
18:43:30.0218 3096 ALG - ok
18:43:30.0250 3096 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\System32\DRIVERS\aliide.sys
18:43:30.0250 3096 AliIde - ok
18:43:30.0265 3096 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\System32\DRIVERS\alim1541.sys
18:43:30.0265 3096 alim1541 - ok
18:43:30.0281 3096 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\System32\DRIVERS\amdagp.sys
18:43:30.0281 3096 amdagp - ok
18:43:30.0296 3096 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\System32\DRIVERS\amsint.sys
18:43:30.0296 3096 amsint - ok
18:43:30.0343 3096 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:43:30.0359 3096 AppMgmt - ok
18:43:30.0375 3096 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\System32\DRIVERS\asc.sys
18:43:30.0390 3096 asc - ok
18:43:30.0390 3096 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\System32\DRIVERS\asc3350p.sys
18:43:30.0390 3096 asc3350p - ok
18:43:30.0421 3096 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\System32\DRIVERS\asc3550.sys
18:43:30.0421 3096 asc3550 - ok
18:43:30.0468 3096 [ 13FABBDEE493500DA23C2AD10A028084 ] ASFAgent C:\Program Files\Intel\ASF Agent\ASFAgent.exe
18:43:30.0468 3096 ASFAgent - ok
18:43:30.0500 3096 [ E301DD2B6CCED65E0537CEAEE8F954B6 ] AsfAlrt C:\WINDOWS\System32\drivers\AsfAlrt.sys
18:43:30.0500 3096 AsfAlrt - ok
18:43:30.0609 3096 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:43:30.0640 3096 aspnet_state - ok
18:43:30.0671 3096 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:43:30.0671 3096 aswFsBlk - ok
18:43:30.0718 3096 [ 81E695913FEFD4E23360A69C0F151797 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
18:43:30.0718 3096 aswKbd - ok
18:43:30.0734 3096 [ 9E912FE7B41650701EF2B227ACA440F3 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
18:43:30.0734 3096 aswMon2 - ok
18:43:30.0750 3096 [ 982E275D1C5801042FE94209FB0160FB ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
18:43:30.0750 3096 AswRdr - ok
18:43:30.0796 3096 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
18:43:30.0796 3096 aswSnx - ok
18:43:30.0843 3096 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
18:43:30.0859 3096 aswSP - ok
18:43:30.0875 3096 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
18:43:30.0875 3096 aswTdi - ok
18:43:30.0921 3096 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:43:30.0921 3096 AsyncMac - ok
18:43:30.0968 3096 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:43:30.0968 3096 atapi - ok
18:43:30.0968 3096 Atdisk - ok
18:43:31.0000 3096 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:43:31.0000 3096 Atmarpc - ok
18:43:31.0046 3096 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:43:31.0062 3096 AudioSrv - ok
18:43:31.0093 3096 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:43:31.0093 3096 audstub - ok
18:43:31.0140 3096 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:43:31.0140 3096 avast! Antivirus - ok
18:43:31.0156 3096 avast! Firewall - ok
18:43:31.0218 3096 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:43:31.0218 3096 Beep - ok
18:43:31.0265 3096 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
18:43:31.0312 3096 BITS - ok
18:43:31.0359 3096 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
18:43:31.0375 3096 Browser - ok
18:43:31.0406 3096 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
18:43:31.0406 3096 cbidf - ok
18:43:31.0421 3096 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:43:31.0421 3096 cbidf2k - ok
18:43:31.0453 3096 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
18:43:31.0453 3096 cd20xrnt - ok
18:43:31.0484 3096 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:43:31.0484 3096 Cdaudio - ok
18:43:31.0515 3096 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:43:31.0515 3096 Cdfs - ok
18:43:31.0546 3096 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:43:31.0546 3096 Cdrom - ok
18:43:31.0562 3096 Changer - ok
18:43:31.0593 3096 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:43:31.0593 3096 CiSvc - ok
18:43:31.0640 3096 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:43:31.0640 3096 ClipSrv - ok
18:43:31.0687 3096 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:43:31.0796 3096 clr_optimization_v2.0.50727_32 - ok
18:43:31.0828 3096 [ 964D0F042ACA51D5644779EB9D9EE40F ] CmdIde C:\WINDOWS\System32\DRIVERS\cmdide.sys
18:43:31.0828 3096 CmdIde - ok
18:43:31.0843 3096 COMSysApp - ok
18:43:31.0859 3096 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\System32\DRIVERS\cpqarray.sys
18:43:31.0859 3096 Cpqarray - ok
18:43:31.0906 3096 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:43:31.0906 3096 CryptSvc - ok
18:43:31.0953 3096 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
18:43:31.0953 3096 dac2w2k - ok
18:43:31.0968 3096 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\System32\DRIVERS\dac960nt.sys
18:43:31.0968 3096 dac960nt - ok
18:43:32.0015 3096 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:43:32.0046 3096 DcomLaunch - ok
18:43:32.0078 3096 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:43:32.0078 3096 Dhcp - ok
18:43:32.0125 3096 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:43:32.0125 3096 Disk - ok
18:43:32.0125 3096 dmadmin - ok
18:43:32.0234 3096 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:43:32.0250 3096 dmboot - ok
18:43:32.0296 3096 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:43:32.0296 3096 dmio - ok
18:43:32.0328 3096 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:43:32.0328 3096 dmload - ok
18:43:32.0359 3096 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:43:32.0359 3096 dmserver - ok
18:43:32.0390 3096 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:43:32.0390 3096 DMusic - ok
18:43:32.0421 3096 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:43:32.0421 3096 Dnscache - ok
18:43:32.0484 3096 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:43:32.0484 3096 Dot3svc - ok
18:43:32.0515 3096 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\System32\DRIVERS\dpti2o.sys
18:43:32.0515 3096 dpti2o - ok
18:43:32.0546 3096 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:43:32.0546 3096 drmkaud - ok
18:43:32.0578 3096 [ A97B4360ACC61D9D3CAE50CD155EF02C ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
18:43:32.0578 3096 E1000 - ok
18:43:32.0593 3096 EagleXNt - ok
18:43:32.0640 3096 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:43:32.0640 3096 EapHost - ok
18:43:32.0656 3096 [ 6E883BF518296A40959131C2304AF714 ] EL90XBC C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
18:43:32.0656 3096 EL90XBC - ok
18:43:32.0703 3096 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:43:32.0703 3096 ERSvc - ok
18:43:32.0750 3096 [ 176FB7ED196DC57F9D622E000D9EC1CD ] ESLWireAC C:\WINDOWS\system32\drivers\ESLWireACD.sys
18:43:32.0765 3096 ESLWireAC - ok
18:43:32.0859 3096 [ 54187445E0A4DF6741DD382C5C38B848 ] EslWireHelper C:\Program Files\EslWire\service\WireHelperSvc.exe
18:43:32.0875 3096 EslWireHelper - ok
18:43:32.0921 3096 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
18:43:32.0921 3096 Eventlog - ok
18:43:32.0968 3096 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\System32\es.dll
18:43:32.0968 3096 EventSystem - ok
18:43:33.0015 3096 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:43:33.0015 3096 Fastfat - ok
18:43:33.0046 3096 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:43:33.0062 3096 FastUserSwitchingCompatibility - ok
18:43:33.0093 3096 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:43:33.0109 3096 Fdc - ok
18:43:33.0125 3096 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:43:33.0125 3096 Fips - ok
18:43:33.0156 3096 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:43:33.0156 3096 Flpydisk - ok
18:43:33.0203 3096 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:43:33.0203 3096 FltMgr - ok
18:43:33.0281 3096 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:43:33.0281 3096 FontCache3.0.0.0 - ok
18:43:33.0312 3096 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:43:33.0312 3096 Fs_Rec - ok
18:43:33.0343 3096 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:43:33.0343 3096 Ftdisk - ok
18:43:33.0390 3096 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:43:33.0390 3096 Gpc - ok
18:43:33.0437 3096 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:43:33.0437 3096 helpsvc - ok
18:43:33.0468 3096 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:43:33.0484 3096 HidServ - ok
18:43:33.0515 3096 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:43:33.0515 3096 HidUsb - ok
18:43:33.0562 3096 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:43:33.0562 3096 hkmsvc - ok
18:43:33.0609 3096 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\System32\DRIVERS\hpn.sys
18:43:33.0609 3096 hpn - ok
18:43:33.0671 3096 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:43:33.0671 3096 HTTP - ok
18:43:33.0703 3096 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:43:33.0718 3096 HTTPFilter - ok
18:43:33.0750 3096 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
18:43:33.0750 3096 i2omgmt - ok
18:43:33.0796 3096 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\System32\DRIVERS\i2omp.sys
18:43:33.0796 3096 i2omp - ok
18:43:33.0828 3096 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:43:33.0828 3096 i8042prt - ok
18:43:33.0859 3096 [ 06B7EF73BA5F302EECC294CDF7E19702 ] i81x C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
18:43:33.0859 3096 i81x - ok
18:43:33.0890 3096 [ 7B5B44EFE5EB9DADFB8EE29700885D23 ] iAimFP0 C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
18:43:33.0890 3096 iAimFP0 - ok
18:43:33.0906 3096 [ EB1F6BAB6C22EDE0BA551B527475F7E9 ] iAimFP1 C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
18:43:33.0906 3096 iAimFP1 - ok
18:43:33.0921 3096 [ 03CE989D846C1AA81145CB22FCB86D06 ] iAimFP2 C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
18:43:33.0921 3096 iAimFP2 - ok
18:43:33.0968 3096 [ 525849B4469DE021D5D61B4DB9BE3A9D ] iAimFP3 C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
18:43:33.0984 3096 iAimFP3 - ok
18:43:33.0984 3096 [ 589C2BCDB5BD602BF7B63D210407EF8C ] iAimFP4 C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
18:43:34.0000 3096 iAimFP4 - ok
18:43:34.0046 3096 [ D83BDD5C059667A2F647A6BE5703A4D2 ] iAimTV0 C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
18:43:34.0062 3096 iAimTV0 - ok
18:43:34.0093 3096 [ ED968D23354DAA0D7C621580C012A1F6 ] iAimTV1 C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
18:43:34.0093 3096 iAimTV1 - ok
18:43:34.0109 3096 iAimTV2 - ok
18:43:34.0125 3096 [ D738273F218A224C1DDAC04203F27A84 ] iAimTV3 C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
18:43:34.0125 3096 iAimTV3 - ok
18:43:34.0140 3096 [ 0052D118995CBAB152DAABE6106D1442 ] iAimTV4 C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
18:43:34.0140 3096 iAimTV4 - ok
18:43:34.0218 3096 [ 9A883C3C4D91292C0D09DE7C728E781C ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:43:34.0265 3096 ialm - ok
18:43:34.0343 3096 [ 10B554A36160C79374A660BB4BCC9D6B ] Iap C:\Program Files\Dell\OpenManage\Client\Iap.exe
18:43:34.0343 3096 Iap - ok
18:43:34.0437 3096 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:43:34.0468 3096 idsvc - ok
18:43:34.0515 3096 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:43:34.0515 3096 Imapi - ok
18:43:34.0546 3096 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\System32\imapi.exe
18:43:34.0562 3096 ImapiService - ok
18:43:34.0609 3096 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\System32\DRIVERS\ini910u.sys
18:43:34.0609 3096 ini910u - ok
18:43:34.0625 3096 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\System32\DRIVERS\intelide.sys
18:43:34.0625 3096 IntelIde - ok
18:43:34.0718 3096 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:43:34.0718 3096 intelppm - ok
18:43:34.0734 3096 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:43:34.0734 3096 Ip6Fw - ok
18:43:34.0781 3096 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:43:34.0781 3096 IpFilterDriver - ok
18:43:34.0828 3096 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:43:34.0828 3096 IpInIp - ok
18:43:34.0859 3096 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:43:34.0859 3096 IpNat - ok
18:43:34.0875 3096 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:43:34.0875 3096 IPSec - ok
18:43:34.0921 3096 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:43:34.0921 3096 IRENUM - ok
18:43:34.0968 3096 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:43:34.0968 3096 isapnp - ok
18:43:35.0031 3096 [ 9A337AE3DB478034A7839E753BBFF1AB ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:43:35.0046 3096 JavaQuickStarterService - ok
18:43:35.0078 3096 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:43:35.0078 3096 Kbdclass - ok
18:43:35.0109 3096 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:43:35.0109 3096 kbdhid - ok
18:43:35.0156 3096 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:43:35.0156 3096 kmixer - ok
18:43:35.0203 3096 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:43:35.0203 3096 KSecDD - ok
18:43:35.0234 3096 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:43:35.0250 3096 lanmanserver - ok
18:43:35.0281 3096 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:43:35.0296 3096 lanmanworkstation - ok
18:43:35.0312 3096 lbrtfdc - ok
18:43:35.0359 3096 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:43:35.0359 3096 LmHosts - ok
18:43:35.0390 3096 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
18:43:35.0390 3096 MBAMProtector - ok
18:43:35.0453 3096 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:43:35.0453 3096 MBAMScheduler - ok
18:43:35.0500 3096 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:43:35.0500 3096 MBAMService - ok
18:43:35.0640 3096 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
18:43:35.0640 3096 MDM - ok
18:43:35.0734 3096 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:43:35.0734 3096 Messenger - ok
18:43:35.0890 3096 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:43:35.0890 3096 mnmdd - ok
18:43:35.0921 3096 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
18:43:35.0937 3096 mnmsrvc - ok
18:43:35.0984 3096 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:43:35.0984 3096 Modem - ok
18:43:36.0015 3096 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:43:36.0015 3096 Mouclass - ok
18:43:36.0062 3096 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:43:36.0062 3096 mouhid - ok
18:43:36.0078 3096 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:43:36.0078 3096 MountMgr - ok
18:43:36.0125 3096 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\System32\DRIVERS\mraid35x.sys
18:43:36.0125 3096 mraid35x - ok
18:43:36.0156 3096 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:43:36.0171 3096 MRxDAV - ok
18:43:36.0218 3096 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:43:36.0218 3096 MRxSmb - ok
18:43:36.0250 3096 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\System32\msdtc.exe
18:43:36.0265 3096 MSDTC - ok
18:43:36.0281 3096 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:43:36.0281 3096 Msfs - ok
18:43:36.0296 3096 MSIServer - ok
18:43:36.0328 3096 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:43:36.0343 3096 MSKSSRV - ok
18:43:36.0375 3096 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:43:36.0375 3096 MSPCLOCK - ok
18:43:36.0390 3096 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:43:36.0390 3096 MSPQM - ok
18:43:36.0437 3096 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:43:36.0437 3096 mssmbios - ok
18:43:36.0468 3096 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:43:36.0468 3096 Mup - ok
18:43:36.0515 3096 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:43:36.0531 3096 napagent - ok
18:43:36.0578 3096 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:43:36.0578 3096 NDIS - ok
18:43:36.0625 3096 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:43:36.0625 3096 NdisTapi - ok
18:43:36.0656 3096 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:43:36.0656 3096 Ndisuio - ok
18:43:36.0671 3096 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:43:36.0671 3096 NdisWan - ok
18:43:36.0765 3096 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:43:36.0765 3096 NDProxy - ok
18:43:36.0781 3096 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:43:36.0781 3096 NetBIOS - ok
18:43:36.0828 3096 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:43:36.0828 3096 NetBT - ok
18:43:36.0875 3096 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
18:43:36.0890 3096 NetDDE - ok
18:43:36.0890 3096 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:43:36.0906 3096 NetDDEdsdm - ok
18:43:36.0937 3096 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\System32\lsass.exe
18:43:36.0937 3096 Netlogon - ok
18:43:36.0953 3096 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
18:43:36.0968 3096 Netman - ok
18:43:37.0046 3096 [ 737351F39FEF765234037770ABDD72BD ] NetSvc C:\Program Files\Intel\NCS\Sync\NetSvc.exe
18:43:37.0046 3096 NetSvc - ok
18:43:37.0093 3096 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:43:37.0093 3096 NetTcpPortSharing - ok
18:43:37.0140 3096 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
18:43:37.0140 3096 Nla - ok
18:43:37.0187 3096 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:43:37.0187 3096 Npfs - ok
18:43:37.0234 3096 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:43:37.0250 3096 Ntfs - ok
18:43:37.0265 3096 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
18:43:37.0281 3096 NtLmSsp - ok
18:43:37.0343 3096 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:43:37.0359 3096 NtmsSvc - ok
18:43:37.0390 3096 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:43:37.0390 3096 Null - ok
18:43:37.0500 3096 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:43:37.0546 3096 nv - ok
18:43:37.0593 3096 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:43:37.0593 3096 NwlnkFlt - ok
18:43:37.0609 3096 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:43:37.0609 3096 NwlnkFwd - ok
18:43:37.0640 3096 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
18:43:37.0640 3096 NwlnkIpx - ok
18:43:37.0656 3096 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
18:43:37.0656 3096 NwlnkNb - ok
18:43:37.0687 3096 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
18:43:37.0687 3096 NwlnkSpx - ok
18:43:37.0765 3096 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:43:37.0765 3096 odserv - ok
18:43:37.0812 3096 [ 53D5F1278D9EDB21689BBBCECC09108D ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
18:43:37.0812 3096 omci - ok
18:43:37.0875 3096 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:43:37.0875 3096 ose - ok
18:43:37.0937 3096 [ 3FC38E7FBE91DB40C34731195F4116C2 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
18:43:37.0937 3096 P3 - ok
18:43:37.0968 3096 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:43:37.0968 3096 Parport - ok
18:43:38.0015 3096 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:43:38.0015 3096 PartMgr - ok
18:43:38.0031 3096 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:43:38.0031 3096 ParVdm - ok
18:43:38.0046 3096 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:43:38.0046 3096 PCI - ok
18:43:38.0062 3096 PCIDump - ok
18:43:38.0093 3096 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:43:38.0093 3096 PCIIde - ok
18:43:38.0125 3096 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:43:38.0125 3096 Pcmcia - ok
18:43:38.0140 3096 PDCOMP - ok
18:43:38.0156 3096 PDFRAME - ok
18:43:38.0171 3096 PDRELI - ok
18:43:38.0187 3096 PDRFRAME - ok
18:43:38.0187 3096 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\System32\DRIVERS\perc2.sys
18:43:38.0187 3096 perc2 - ok
18:43:38.0218 3096 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\System32\DRIVERS\perc2hib.sys
18:43:38.0218 3096 perc2hib - ok
18:43:38.0281 3096 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
18:43:38.0281 3096 PlugPlay - ok
18:43:38.0328 3096 [ 1713D9DE407313138118D501B0E3C05B ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
18:43:38.0328 3096 PnkBstrA - ok
18:43:38.0375 3096 [ 27F1BE4A53441C9F1F48B9ADC145B0A5 ] PnkBstrB C:\WINDOWS\system32\PnkBstrB.exe
18:43:38.0375 3096 PnkBstrB - ok
18:43:38.0390 3096 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
18:43:38.0390 3096 PolicyAgent - ok
18:43:38.0421 3096 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:43:38.0421 3096 PptpMiniport - ok
18:43:38.0453 3096 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
18:43:38.0453 3096 Processor - ok
18:43:38.0484 3096 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:43:38.0484 3096 ProtectedStorage - ok
18:43:38.0500 3096 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:43:38.0500 3096 PSched - ok
18:43:38.0546 3096 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:43:38.0546 3096 Ptilink - ok
18:43:38.0593 3096 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:43:38.0593 3096 PxHelp20 - ok
18:43:38.0640 3096 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\System32\DRIVERS\ql1080.sys
18:43:38.0640 3096 ql1080 - ok
18:43:38.0656 3096 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
18:43:38.0656 3096 Ql10wnt - ok
18:43:38.0671 3096 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\System32\DRIVERS\ql12160.sys
18:43:38.0671 3096 ql12160 - ok
18:43:38.0687 3096 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\System32\DRIVERS\ql1240.sys
18:43:38.0687 3096 ql1240 - ok
18:43:38.0703 3096 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\System32\DRIVERS\ql1280.sys
18:43:38.0703 3096 ql1280 - ok
18:43:38.0734 3096 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:43:38.0734 3096 RasAcd - ok
18:43:38.0781 3096 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:43:38.0781 3096 RasAuto - ok
18:43:38.0812 3096 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:43:38.0812 3096 Rasl2tp - ok
18:43:38.0859 3096 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:43:38.0859 3096 RasMan - ok
18:43:38.0890 3096 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:43:38.0890 3096 RasPppoe - ok
18:43:38.0906 3096 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:43:38.0921 3096 Raspti - ok
18:43:38.0937 3096 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:43:38.0937 3096 Rdbss - ok
18:43:38.0953 3096 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:43:38.0953 3096 RDPCDD - ok
18:43:39.0000 3096 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:43:39.0000 3096 rdpdr - ok
18:43:39.0078 3096 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:43:39.0078 3096 RDPWD - ok
18:43:39.0125 3096 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:43:39.0140 3096 RDSessMgr - ok
18:43:39.0171 3096 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:43:39.0171 3096 redbook - ok
18:43:39.0203 3096 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:43:39.0218 3096 RemoteAccess - ok
18:43:39.0250 3096 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:43:39.0250 3096 RemoteRegistry - ok
18:43:39.0281 3096 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\System32\locator.exe
18:43:39.0281 3096 RpcLocator - ok
18:43:39.0312 3096 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:43:39.0328 3096 RpcSs - ok
18:43:39.0375 3096 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
18:43:39.0375 3096 RSVP - ok
18:43:39.0406 3096 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
18:43:39.0406 3096 SamSs - ok
18:43:39.0437 3096 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:43:39.0453 3096 SCardSvr - ok
18:43:39.0500 3096 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:43:39.0500 3096 Schedule - ok
18:43:39.0562 3096 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:43:39.0562 3096 Secdrv - ok
18:43:39.0625 3096 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:43:39.0625 3096 seclogon - ok
18:43:39.0640 3096 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
18:43:39.0656 3096 SENS - ok
18:43:39.0703 3096 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:43:39.0718 3096 serenum - ok
18:43:39.0718 3096 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:43:39.0734 3096 Serial - ok
18:43:39.0765 3096 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:43:39.0765 3096 Sfloppy - ok
18:43:39.0812 3096 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:43:39.0828 3096 SharedAccess - ok
18:43:39.0859 3096 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:43:39.0859 3096 ShellHWDetection - ok
18:43:39.0875 3096 Simbad - ok
18:43:39.0937 3096 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\System32\DRIVERS\sisagp.sys
18:43:39.0937 3096 sisagp - ok
18:43:39.0984 3096 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:43:39.0984 3096 SkypeUpdate - ok
18:43:40.0031 3096 [ 5018A9DB5EB62E3EDB3110F82F556285 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
18:43:40.0046 3096 smwdm - ok
18:43:40.0093 3096 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\System32\DRIVERS\sparrow.sys
18:43:40.0093 3096 Sparrow - ok
18:43:40.0125 3096 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:43:40.0125 3096 splitter - ok
18:43:40.0171 3096 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:43:40.0171 3096 Spooler - ok
18:43:40.0203 3096 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\System32\DRIVERS\sr.sys
18:43:40.0203 3096 sr - ok
18:43:40.0234 3096 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\System32\srsvc.dll
18:43:40.0250 3096 srservice - ok
18:43:40.0296 3096 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:43:40.0312 3096 Srv - ok
18:43:40.0328 3096 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:43:40.0328 3096 SSDPSRV - ok
18:43:40.0359 3096 Steam Client Service - ok
18:43:40.0390 3096 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:43:40.0406 3096 stisvc - ok
18:43:40.0437 3096 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:43:40.0437 3096 swenum - ok
18:43:40.0484 3096 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:43:40.0484 3096 swmidi - ok
18:43:40.0500 3096 SwPrv - ok
18:43:40.0531 3096 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\System32\DRIVERS\symc810.sys
18:43:40.0531 3096 symc810 - ok
18:43:40.0562 3096 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\System32\DRIVERS\symc8xx.sys
18:43:40.0562 3096 symc8xx - ok
18:43:40.0562 3096 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\System32\DRIVERS\sym_hi.sys
18:43:40.0578 3096 sym_hi - ok
18:43:40.0593 3096 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\System32\DRIVERS\sym_u3.sys
18:43:40.0593 3096 sym_u3 - ok
18:43:40.0609 3096 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:43:40.0609 3096 sysaudio - ok
18:43:40.0656 3096 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:43:40.0671 3096 SysmonLog - ok
18:43:40.0750 3096 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:43:40.0750 3096 TapiSrv - ok
18:43:40.0796 3096 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:43:40.0812 3096 Tcpip - ok
18:43:40.0843 3096 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:43:40.0859 3096 TDPIPE - ok
18:43:40.0875 3096 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:43:40.0875 3096 TDTCP - ok
18:43:40.0906 3096 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:43:40.0906 3096 TermDD - ok
18:43:40.0953 3096 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
18:43:40.0968 3096 TermService - ok
18:43:40.0984 3096 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
18:43:41.0000 3096 Themes - ok
18:43:41.0031 3096 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
18:43:41.0046 3096 TlntSvr - ok
18:43:41.0078 3096 [ FD4FD7D6FDA5C019ED86025D7BE1510F ] TosIde C:\WINDOWS\System32\DRIVERS\toside.sys
18:43:41.0078 3096 TosIde - ok
18:43:41.0125 3096 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:43:41.0125 3096 TrkWks - ok
18:43:41.0171 3096 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:43:41.0171 3096 Udfs - ok
18:43:41.0203 3096 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\System32\DRIVERS\ultra.sys
18:43:41.0203 3096 ultra - ok
18:43:41.0250 3096 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:43:41.0265 3096 Update - ok
18:43:41.0312 3096 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
18:43:41.0312 3096 upnphost - ok
18:43:41.0359 3096 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
18:43:41.0359 3096 UPS - ok
18:43:41.0390 3096 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:43:41.0406 3096 usbaudio - ok
18:43:41.0421 3096 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:43:41.0421 3096 usbccgp - ok
18:43:41.0468 3096 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:43:41.0468 3096 usbehci - ok
18:43:41.0500 3096 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:43:41.0500 3096 usbhub - ok
18:43:41.0546 3096 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:43:41.0546 3096 USBSTOR - ok
18:43:41.0578 3096 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:43:41.0578 3096 usbuhci - ok
18:43:41.0593 3096 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:43:41.0593 3096 VgaSave - ok
18:43:41.0625 3096 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\System32\DRIVERS\viaagp.sys
18:43:41.0625 3096 viaagp - ok
18:43:41.0671 3096 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\System32\DRIVERS\viaide.sys
18:43:41.0671 3096 ViaIde - ok
18:43:41.0750 3096 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:43:41.0750 3096 VolSnap - ok
18:43:41.0796 3096 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
18:43:41.0796 3096 VSS - ok
18:43:41.0843 3096 [ FA4E1CDBA256787F2149F4AAD07BC91F ] w32time C:\WINDOWS\system32\w32time.dll
18:43:41.0843 3096 w32time - ok
18:43:41.0890 3096 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:43:41.0890 3096 Wanarp - ok
18:43:41.0906 3096 WDICA - ok
18:43:41.0953 3096 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:43:41.0953 3096 wdmaud - ok
18:43:41.0968 3096 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:43:41.0984 3096 WebClient - ok
18:43:42.0046 3096 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:43:42.0062 3096 winmgmt - ok
18:43:42.0125 3096 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
18:43:42.0156 3096 WinRM - ok
18:43:42.0234 3096 [ 7043DDF51D7135C1D1B83B4213DFED61 ] WinVNC4 C:\Program Files\RealVNC\VNC4\WinVNC4.exe
18:43:42.0234 3096 WinVNC4 - ok
18:43:42.0265 3096 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:43:42.0281 3096 WmdmPmSN - ok
18:43:42.0328 3096 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:43:42.0343 3096 Wmi - ok
18:43:42.0390 3096 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
18:43:42.0390 3096 WmiApSrv - ok
18:43:42.0484 3096 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:43:42.0500 3096 WMPNetworkSvc - ok
18:43:42.0531 3096 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:43:42.0531 3096 wscsvc - ok
18:43:42.0546 3096 WSearch - ok
18:43:42.0609 3096 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:43:42.0609 3096 wuauserv - ok
18:43:42.0671 3096 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:43:42.0671 3096 WudfPf - ok
18:43:42.0687 3096 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:43:42.0687 3096 WudfRd - ok
18:43:42.0718 3096 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:43:42.0734 3096 WudfSvc - ok
18:43:42.0781 3096 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:43:42.0796 3096 WZCSVC - ok
18:43:42.0843 3096 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:43:42.0843 3096 xmlprov - ok
18:43:42.0906 3096 [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
18:43:42.0906 3096 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
18:43:42.0937 3096 [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
18:43:42.0937 3096 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
18:43:42.0937 3096 ================ Scan global ===============================
18:43:42.0984 3096 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
18:43:43.0031 3096 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
18:43:43.0046 3096 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
18:43:43.0078 3096 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
18:43:43.0078 3096 [Global] - ok
18:43:43.0078 3096 ================ Scan MBR ==================================
18:43:43.0109 3096 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:43:43.0281 3096 \Device\Harddisk0\DR0 - ok
18:43:43.0296 3096 ================ Scan VBR ==================================
18:43:43.0296 3096 [ EC79AEBD501EB03E10B3BA946DC01317 ] \Device\Harddisk0\DR0\Partition1
18:43:43.0296 3096 \Device\Harddisk0\DR0\Partition1 - ok
18:43:43.0296 3096 ============================================================
18:43:43.0296 3096 Scan finished
18:43:43.0296 3096 ============================================================
18:43:43.0328 3028 Detected object count: 0
18:43:43.0328 3028 Actual detected object count: 0

[memphisto]

Bylo by dobré jej sem dát. ALespoň uvidíme, jestli se to smazalo. Logy najdeš pod záložkou protokoly

[kudr8]

log z combofix:

ComboFix 12-10-16.02 - Frantisek 16.10.2012 19:01:27.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1278.787 [GMT 1:00]
Spuštěný z: c:\documents and settings\Frantisek\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Data aplikací\---čítaj ma!---.txt
c:\documents and settings\Frantisek\WINDOWS
c:\windows\4.exe
c:\windows\help\wmplayer.bak
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\system32\msstdfmt.dll
c:\windows\system32\SET17A.tmp
c:\windows\system32\SET184.tmp
c:\windows\system32\SET185.tmp
c:\windows\system32\SET186.tmp
c:\windows\system32\SET18B.tmp
c:\windows\system32\SET18C.tmp
c:\windows\system32\SET18D.tmp
c:\windows\system32\SET191.tmp
c:\windows\system32\SET193.tmp
c:\windows\system32\SET194.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-16 do 2012-10-16 )))))))))))))))))))))))))))))))
.
.
2012-10-16 16:35 . 2012-10-16 16:35 -------- d-----w- c:\documents and settings\Frantisek\Data aplikací\Malwarebytes
2012-10-16 16:34 . 2012-10-16 16:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-10-16 16:34 . 2012-09-07 16:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-16 16:34 . 2012-10-16 16:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-16 15:32 . 2008-04-14 04:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-10-16 15:32 . 2008-04-14 04:21 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2012-10-16 15:32 . 2008-04-13 19:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2012-10-16 15:32 . 2008-04-13 19:45 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys
2012-10-16 15:32 . 2008-04-13 19:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-10-16 15:32 . 2008-04-13 19:45 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2012-10-16 15:15 . 2012-10-16 15:15 388096 ----a-r- c:\documents and settings\Frantisek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-16 15:15 . 2012-10-16 15:15 -------- d-----w- c:\program files\HJT
2012-10-05 09:09 . 2012-10-05 09:09 -------- d-----w- c:\windows\system32\winrm
2012-10-05 09:09 . 2012-10-05 09:09 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2012-09-29 21:54 . 2012-10-05 10:18 -------- d-----w- c:\documents and settings\Frantisek\Local Settings\Data aplikací\ESL Wire Game Client
2012-09-29 21:54 . 2012-09-04 11:15 836496 ----a-w- c:\windows\system32\drivers\ESLWireACD.sys
2012-09-29 21:53 . 2012-10-02 08:27 -------- d-----w- c:\program files\EslWire
2012-09-29 21:53 . 2012-09-29 21:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESL Wire
2012-09-26 08:53 . 2012-09-26 08:53 -------- d-----w- c:\documents and settings\Frantisek\Data aplikací\OpenCandy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 15:18 . 2002-09-23 05:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2002-09-23 05:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:37 . 2012-08-28 12:37 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-08-28 12:37 . 2012-05-27 20:02 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-28 12:37 . 2012-05-27 20:02 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-28 12:37 . 2012-05-27 20:02 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-28 12:07 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2012-05-28 14:56 288128 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 03:22 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESL Wire]
2012-09-28 12:09 2728960 ----a-w- c:\program files\EslWire\wire.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-05-27 18:48 116648 ----atw- c:\documents and settings\Frantisek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-09-20 08:32 77824 ----a-w- c:\windows\SYSTEM32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-09-20 08:36 114688 ----a-w- c:\windows\SYSTEM32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-09-20 08:35 94208 ----a-w- c:\windows\SYSTEM32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 12:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-08-04 18:20 1353080 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 08:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2007-01-05 18:57 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\RealVNC\\VNC4\\winvnc4.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\SYSTEM32\\PnkBstrA.exe"=
"c:\\WINDOWS\\SYSTEM32\\PnkBstrB.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\EslWire\\wire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\kudr007\\counter-strike\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"57494:TCP"= 57494:TCP:Pando Media Booster
"57494:UDP"= 57494:UDP:Pando Media Booster
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 aswKbd;aswKbd;c:\windows\SYSTEM32\DRIVERS\aswKbd.sys [20.6.2012 7:25 24408]
R1 aswSnx;aswSnx;c:\windows\SYSTEM32\DRIVERS\aswSnx.sys [30.5.2012 21:00 721000]
R1 aswSP;aswSP;c:\windows\SYSTEM32\DRIVERS\aswSP.sys [30.5.2012 21:00 353688]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [3.7.2012 18:19 913792]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [10.2.2003 5:52 114688]
R2 AsfAlrt;AsfAlrt;c:\windows\SYSTEM32\DRIVERS\Asfalrt.sys [18.12.2002 5:31 36064]
R2 aswFsBlk;aswFsBlk;c:\windows\SYSTEM32\DRIVERS\aswFsBlk.sys [30.5.2012 21:00 21256]
R2 ESLWireAC;ESLWireAC;c:\windows\SYSTEM32\DRIVERS\ESLWireACD.sys [29.9.2012 22:54 836496]
R2 EslWireHelper;ESL Wire Helper Service;c:\program files\EslWire\service\WireHelperSvc.exe [29.9.2012 22:54 615440]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16.10.2012 17:34 676936]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [16.10.2012 17:34 22856]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 1394hub;1394 Enabled Hub;c:\windows\system32\svchost.exe -k netsvcs [23.9.2002 6:00 14336]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-16 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-08-04 16:21]
.
2012-10-06 c:\windows\Tasks\Norton Security Scan for Frantisek.job
- c:\progra~1\NORTON~2\Engine\372~1.5\Nss.exe [2012-08-31 09:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.split.im/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.17.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Re-Volt - c:\program files\Acclaim Entertainment\Re-Volt\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-16 19:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Celkový čas: 2012-10-16 19:11:18
ComboFix-quarantined-files.txt 2012-10-16 18:11
.
Před spuštěním: Volných bajtů: 14 743 793 664
Po spuštění: Volných bajtů: 14 809 563 136
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - DA2E2DBAD385A0FD8FB0261EE94CCD83

[kudr8]

tady je dodatečně ten log z malware...:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.0.1400
www.malwarebytes.org

Verze databáze: v2012.10.16.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Frantisek :: KOVALCIK [administrátor]

Ochrana: Povolena

16.10.2012 17:38:53
mbam-log-2012-10-16 (17-38-53).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 213124
Uplynulý čas: 9 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run|Windows System Controler (Trojan.Agent) -> Data: c:\windows\nvsvc32.exe -> Umístnění do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Umístnění do karantény a opravení se zdařilo.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Orcus]

Odinstaluj Norton Security Scan a smaž tento soubor:
c:\windows\Tasks\Norton Security Scan for Frantisek.job

====================================================

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si OTC na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku. Z mé strany to je vše, logy jsou čisté.

Zkusil bych založit téma v patřičné sekci zde na fóru. Dostane se Ti rad, jak řešit potíže se zvukovou kartou.

[kudr8]

soubor c:\windows\Tasks\Norton Security Scan for Frantisek.job jsem po odinstalování nenašel, je tam pouze něco od avastu

[Orcus]

Tak se to odinstalováním smazalo. O to míň budeš mít práce.