Prosím o kontrolu logu-netbook Vyřešeno

[Vikinic]

Netbook Toshiba NB100 starý 3.roky.Pomalý start Win.celkové zpomalení počítače.Nechce se mi dělat reinstal,mám pouze Recovery CD a nemám externí mechaniku.Nebo radu jak dostat Recovery CD na USB flešku boot Windows.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:21, on 23.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17109)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Spravce\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Spravce\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com/ig/redirectdomain?brand=TSED&bmod=TSED
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Update Service (gupdate1c9a1031ed622f6) (gupdate1c9a1031ed622f6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 6443 bytes

Předem Děkuji.

[Reklama]

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Spravce\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Vikinic]

Děkuji za odpověď pane Jaro.
Vše provedeno podle návodu,přikládám log z M.Anti-malware.


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.05.23.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Spravce :: TOSHIBA-MINI [administrátor]

23.5.2012 18:22:09
mbam-log-2012-05-23 (18-22-09).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 181538
Uplynulý čas: 5 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Zatím žádné změny.

[jaro3]

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Vikinic]

Vkládám log z TDSS Kller


19:30:08.0109 3968 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
19:30:08.0296 3968 ============================================================
19:30:08.0296 3968 Current date / time: 2012/05/23 19:30:08.0296
19:30:08.0296 3968 SystemInfo:
19:30:08.0296 3968
19:30:08.0296 3968 OS Version: 5.1.2600 ServicePack: 3.0
19:30:08.0296 3968 Product type: Workstation
19:30:08.0296 3968 ComputerName: TOSHIBA-MINI
19:30:08.0296 3968 UserName: Spravce
19:30:08.0296 3968 Windows directory: C:\WINDOWS
19:30:08.0296 3968 System windows directory: C:\WINDOWS
19:30:08.0296 3968 Processor architecture: Intel x86
19:30:08.0296 3968 Number of processors: 2
19:30:08.0296 3968 Page size: 0x1000
19:30:08.0296 3968 Boot type: Normal boot
19:30:08.0296 3968 ============================================================
19:30:10.0250 3968 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:30:10.0250 3968 ============================================================
19:30:10.0250 3968 \Device\Harddisk0\DR0:
19:30:10.0250 3968 MBR partitions:
19:30:10.0250 3968 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF94371
19:30:10.0250 3968 ============================================================
19:30:10.0281 3968 C: <-> \Device\Harddisk0\DR0\Partition0
19:30:10.0296 3968 ============================================================
19:30:10.0296 3968 Initialize success
19:30:10.0296 3968 ============================================================
19:30:13.0109 2764 ============================================================
19:30:13.0109 2764 Scan started
19:30:13.0109 2764 Mode: Manual;
19:30:13.0109 2764 ============================================================
19:30:13.0609 2764 Abiosdsk - ok
19:30:13.0609 2764 abp480n5 - ok
19:30:13.0875 2764 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:30:13.0875 2764 ACDaemon - ok
19:30:13.0921 2764 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:30:13.0937 2764 ACPI - ok
19:30:13.0937 2764 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:30:13.0953 2764 ACPIEC - ok
19:30:14.0062 2764 ACS (2bad567ddba52cc96518b06682e78940) C:\WINDOWS\system32\acs.exe
19:30:14.0484 2764 ACS - ok
19:30:14.0578 2764 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:30:14.0593 2764 AdobeFlashPlayerUpdateSvc - ok
19:30:14.0593 2764 adpu160m - ok
19:30:14.0734 2764 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:30:14.0765 2764 aec - ok
19:30:14.0828 2764 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
19:30:14.0828 2764 Afc - ok
19:30:14.0875 2764 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:30:14.0875 2764 AFD - ok
19:30:14.0890 2764 Aha154x - ok
19:30:14.0890 2764 aic78u2 - ok
19:30:14.0906 2764 aic78xx - ok
19:30:14.0953 2764 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
19:30:14.0968 2764 Alerter - ok
19:30:15.0000 2764 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
19:30:15.0000 2764 ALG - ok
19:30:15.0015 2764 AliIde - ok
19:30:15.0015 2764 amsint - ok
19:30:15.0031 2764 AppMgmt - ok
19:30:15.0250 2764 AR5416 (1aae4be8097a2ba9a4bdb477c3b3bdcd) C:\WINDOWS\system32\DRIVERS\athw.sys
19:30:15.0296 2764 AR5416 - ok
19:30:15.0468 2764 asc - ok
19:30:15.0468 2764 asc3350p - ok
19:30:15.0484 2764 asc3550 - ok
19:30:15.0609 2764 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:30:15.0640 2764 aspnet_state - ok
19:30:15.0671 2764 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:30:15.0671 2764 AsyncMac - ok
19:30:15.0718 2764 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:30:15.0718 2764 atapi - ok
19:30:15.0718 2764 Atdisk - ok
19:30:15.0765 2764 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:30:15.0765 2764 Atmarpc - ok
19:30:15.0812 2764 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
19:30:15.0812 2764 AudioSrv - ok
19:30:15.0828 2764 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:30:15.0828 2764 audstub - ok
19:30:15.0828 2764 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:30:15.0843 2764 Beep - ok
19:30:15.0921 2764 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
19:30:15.0937 2764 BITS - ok
19:30:15.0984 2764 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
19:30:15.0984 2764 Browser - ok
19:30:16.0015 2764 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:30:16.0015 2764 cbidf2k - ok
19:30:16.0031 2764 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:30:16.0031 2764 CCDECODE - ok
19:30:16.0046 2764 cd20xrnt - ok
19:30:16.0062 2764 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:30:16.0062 2764 Cdaudio - ok
19:30:16.0093 2764 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:30:16.0093 2764 Cdfs - ok
19:30:16.0125 2764 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:30:16.0125 2764 Cdrom - ok
19:30:16.0296 2764 CFSvcs (3cb0cc8879956c187e87e18634ee5164) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
19:30:16.0296 2764 CFSvcs - ok
19:30:16.0312 2764 Changer - ok
19:30:16.0359 2764 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
19:30:16.0359 2764 CiSvc - ok
19:30:16.0390 2764 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
19:30:16.0390 2764 ClipSrv - ok
19:30:16.0421 2764 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:30:16.0468 2764 clr_optimization_v2.0.50727_32 - ok
19:30:16.0500 2764 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:30:16.0500 2764 CmBatt - ok
19:30:16.0515 2764 CmdIde - ok
19:30:16.0578 2764 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:30:16.0578 2764 Compbatt - ok
19:30:16.0593 2764 COMSysApp - ok
19:30:16.0609 2764 Cpqarray - ok
19:30:16.0656 2764 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
19:30:16.0671 2764 CryptSvc - ok
19:30:16.0671 2764 dac2w2k - ok
19:30:16.0687 2764 dac960nt - ok
19:30:16.0781 2764 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
19:30:16.0812 2764 DcomLaunch - ok
19:30:16.0906 2764 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
19:30:16.0906 2764 Dhcp - ok
19:30:16.0937 2764 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:30:16.0937 2764 Disk - ok
19:30:16.0937 2764 dmadmin - ok
19:30:17.0078 2764 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
19:30:17.0093 2764 dmboot - ok
19:30:17.0156 2764 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
19:30:17.0156 2764 dmio - ok
19:30:17.0203 2764 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:30:17.0203 2764 dmload - ok
19:30:17.0218 2764 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
19:30:17.0218 2764 dmserver - ok
19:30:17.0265 2764 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:30:17.0265 2764 DMusic - ok
19:30:17.0328 2764 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
19:30:17.0328 2764 Dnscache - ok
19:30:17.0375 2764 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
19:30:17.0375 2764 Dot3svc - ok
19:30:17.0375 2764 dpti2o - ok
19:30:17.0390 2764 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:30:17.0390 2764 drmkaud - ok
19:30:17.0421 2764 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
19:30:17.0421 2764 EapHost - ok
19:30:17.0437 2764 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
19:30:17.0437 2764 ERSvc - ok
19:30:17.0484 2764 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
19:30:17.0515 2764 Eventlog - ok
19:30:17.0578 2764 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
19:30:17.0578 2764 EventSystem - ok
19:30:17.0640 2764 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:30:17.0640 2764 Fastfat - ok
19:30:17.0687 2764 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:30:17.0687 2764 FastUserSwitchingCompatibility - ok
19:30:17.0718 2764 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:30:17.0734 2764 Fdc - ok
19:30:17.0937 2764 FileObjInfo (e178b7080361266ebbba7609ef541fec) C:\Documents and Settings\Spravce\Dokumenty\Programy\FileObjInfo.sys
19:30:17.0968 2764 FileObjInfo - ok
19:30:18.0000 2764 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
19:30:18.0000 2764 Fips - ok
19:30:18.0031 2764 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:30:18.0031 2764 Flpydisk - ok
19:30:18.0093 2764 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:30:18.0093 2764 FltMgr - ok
19:30:18.0234 2764 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:30:18.0250 2764 FontCache3.0.0.0 - ok
19:30:18.0265 2764 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:30:18.0265 2764 Fs_Rec - ok
19:30:18.0281 2764 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:30:18.0281 2764 Ftdisk - ok
19:30:18.0296 2764 FwLnk (4d52c52101492c450518124c592d8925) C:\WINDOWS\system32\DRIVERS\FwLnk.sys
19:30:18.0296 2764 FwLnk - ok
19:30:18.0343 2764 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
19:30:18.0343 2764 ggflt - ok
19:30:18.0359 2764 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
19:30:18.0359 2764 ggsemc - ok
19:30:18.0390 2764 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:30:18.0390 2764 Gpc - ok
19:30:18.0546 2764 gupdate1c9a1031ed622f6 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:30:18.0546 2764 gupdate1c9a1031ed622f6 - ok
19:30:18.0546 2764 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:30:18.0546 2764 gupdatem - ok
19:30:18.0578 2764 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:30:18.0578 2764 HDAudBus - ok
19:30:18.0640 2764 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:30:18.0640 2764 helpsvc - ok
19:30:18.0687 2764 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
19:30:18.0687 2764 HidServ - ok
19:30:18.0718 2764 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:30:18.0718 2764 HidUsb - ok
19:30:18.0765 2764 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
19:30:18.0765 2764 hkmsvc - ok
19:30:18.0781 2764 hpn - ok
19:30:18.0843 2764 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:30:18.0859 2764 HTTP - ok
19:30:18.0906 2764 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
19:30:18.0906 2764 HTTPFilter - ok
19:30:18.0906 2764 i2omgmt - ok
19:30:18.0921 2764 i2omp - ok
19:30:18.0968 2764 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:30:18.0968 2764 i8042prt - ok
19:30:19.0484 2764 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:30:19.0718 2764 ialm - ok
19:30:19.0937 2764 iaStor (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\drivers\iaStor.sys
19:30:19.0937 2764 iaStor - ok
19:30:20.0062 2764 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:30:20.0140 2764 IDriverT - ok
19:30:20.0343 2764 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:30:20.0359 2764 idsvc - ok
19:30:20.0453 2764 IJPLMSVC (755519f49906b73c1fe9cbbf75e347ea) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
19:30:20.0453 2764 IJPLMSVC - ok
19:30:20.0593 2764 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:30:20.0593 2764 Imapi - ok
19:30:20.0625 2764 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
19:30:20.0625 2764 ImapiService - ok
19:30:20.0640 2764 ini910u - ok
19:30:21.0046 2764 IntcAzAudAddService (49bb03047b32c4ab7dd5e6042ae248f4) C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:30:21.0109 2764 IntcAzAudAddService - ok
19:30:21.0234 2764 IntelIde - ok
19:30:21.0281 2764 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:30:21.0281 2764 intelppm - ok
19:30:21.0296 2764 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:30:21.0296 2764 Ip6Fw - ok
19:30:21.0312 2764 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:30:21.0312 2764 IpFilterDriver - ok
19:30:21.0328 2764 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:30:21.0328 2764 IpInIp - ok
19:30:21.0375 2764 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:30:21.0375 2764 IpNat - ok
19:30:21.0390 2764 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:30:21.0390 2764 IPSec - ok
19:30:21.0421 2764 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:30:21.0421 2764 IRENUM - ok
19:30:21.0453 2764 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:30:21.0453 2764 isapnp - ok
19:30:21.0687 2764 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
19:30:21.0687 2764 JavaQuickStarterService - ok
19:30:21.0734 2764 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:30:21.0734 2764 Kbdclass - ok
19:30:21.0765 2764 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:30:21.0765 2764 kbdhid - ok
19:30:21.0812 2764 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:30:21.0812 2764 kmixer - ok
19:30:21.0875 2764 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:30:21.0875 2764 KSecDD - ok
19:30:21.0921 2764 LanmanServer (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
19:30:21.0921 2764 LanmanServer - ok
19:30:21.0968 2764 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
19:30:21.0968 2764 lanmanworkstation - ok
19:30:21.0984 2764 lbrtfdc - ok
19:30:22.0031 2764 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
19:30:22.0031 2764 LmHosts - ok
19:30:22.0046 2764 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
19:30:22.0046 2764 Messenger - ok
19:30:22.0078 2764 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:30:22.0078 2764 mnmdd - ok
19:30:22.0109 2764 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
19:30:22.0109 2764 mnmsrvc - ok
19:30:22.0156 2764 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
19:30:22.0156 2764 Modem - ok
19:30:22.0156 2764 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:30:22.0171 2764 Mouclass - ok
19:30:22.0187 2764 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:30:22.0187 2764 mouhid - ok
19:30:22.0234 2764 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:30:22.0234 2764 MountMgr - ok
19:30:22.0265 2764 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
19:30:22.0265 2764 MPE - ok
19:30:22.0296 2764 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:30:22.0296 2764 MpFilter - ok
19:30:22.0437 2764 MpKsla20b45bf (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{237578A4-5D71-44C5-A14C-F3F82B3B2C2F}\MpKsla20b45bf.sys
19:30:22.0437 2764 MpKsla20b45bf - ok
19:30:22.0437 2764 mraid35x - ok
19:30:22.0484 2764 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:30:22.0484 2764 MRxDAV - ok
19:30:22.0562 2764 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:30:22.0578 2764 MRxSmb - ok
19:30:22.0625 2764 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
19:30:22.0625 2764 MSDTC - ok
19:30:22.0640 2764 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:30:22.0640 2764 Msfs - ok
19:30:22.0656 2764 MSIServer - ok
19:30:22.0687 2764 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:30:22.0687 2764 MSKSSRV - ok
19:30:22.0812 2764 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:30:22.0812 2764 MsMpSvc - ok
19:30:22.0843 2764 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:30:22.0843 2764 MSPCLOCK - ok
19:30:22.0875 2764 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:30:22.0890 2764 MSPQM - ok
19:30:22.0906 2764 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:30:22.0906 2764 mssmbios - ok
19:30:22.0921 2764 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:30:22.0937 2764 MSTEE - ok
19:30:22.0984 2764 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:30:22.0984 2764 Mup - ok
19:30:23.0031 2764 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:30:23.0031 2764 NABTSFEC - ok
19:30:23.0078 2764 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
19:30:23.0093 2764 napagent - ok
19:30:23.0156 2764 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:30:23.0156 2764 NDIS - ok
19:30:23.0187 2764 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:30:23.0187 2764 NdisIP - ok
19:30:23.0218 2764 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:30:23.0218 2764 NdisTapi - ok
19:30:23.0218 2764 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:30:23.0234 2764 Ndisuio - ok
19:30:23.0250 2764 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:30:23.0265 2764 NdisWan - ok
19:30:23.0296 2764 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:30:23.0296 2764 NDProxy - ok
19:30:23.0328 2764 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:30:23.0328 2764 NetBIOS - ok
19:30:23.0343 2764 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:30:23.0359 2764 NetBT - ok
19:30:23.0406 2764 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
19:30:23.0406 2764 NetDDE - ok
19:30:23.0406 2764 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
19:30:23.0421 2764 NetDDEdsdm - ok
19:30:23.0437 2764 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
19:30:23.0437 2764 Netdevio - ok
19:30:23.0484 2764 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:30:23.0484 2764 Netlogon - ok
19:30:23.0515 2764 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
19:30:23.0531 2764 Netman - ok
19:30:23.0671 2764 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:30:23.0671 2764 NetTcpPortSharing - ok
19:30:23.0750 2764 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
19:30:23.0750 2764 Nla - ok
19:30:23.0796 2764 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\WINDOWS\system32\drivers\ccdcmb.sys
19:30:23.0796 2764 nmwcd - ok
19:30:23.0812 2764 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\WINDOWS\system32\drivers\ccdcmbo.sys
19:30:23.0828 2764 nmwcdc - ok
19:30:23.0859 2764 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
19:30:23.0859 2764 nmwcdnsu - ok
19:30:23.0875 2764 nmwcdnsuc (faee7b61c6885b091cec1ff06da2e1ab) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
19:30:23.0875 2764 nmwcdnsuc - ok
19:30:23.0890 2764 NPF - ok
19:30:23.0937 2764 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:30:23.0937 2764 Npfs - ok
19:30:23.0937 2764 NSNDIS5 - ok
19:30:24.0000 2764 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:30:24.0015 2764 Ntfs - ok
19:30:24.0062 2764 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:30:24.0062 2764 NtLmSsp - ok
19:30:24.0140 2764 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
19:30:24.0156 2764 NtmsSvc - ok
19:30:24.0171 2764 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:30:24.0171 2764 Null - ok
19:30:24.0187 2764 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:30:24.0187 2764 NwlnkFlt - ok
19:30:24.0218 2764 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:30:24.0218 2764 NwlnkFwd - ok
19:30:24.0437 2764 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:30:24.0437 2764 odserv - ok
19:30:24.0484 2764 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:30:24.0484 2764 ose - ok
19:30:24.0531 2764 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
19:30:24.0531 2764 Parport - ok
19:30:24.0562 2764 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:30:24.0562 2764 PartMgr - ok
19:30:24.0578 2764 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
19:30:24.0578 2764 ParVdm - ok
19:30:24.0593 2764 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
19:30:24.0593 2764 PCI - ok
19:30:24.0609 2764 PCIDump - ok
19:30:24.0609 2764 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:30:24.0625 2764 PCIIde - ok
19:30:24.0640 2764 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:30:24.0640 2764 Pcmcia - ok
19:30:24.0640 2764 PDCOMP - ok
19:30:24.0656 2764 PDFRAME - ok
19:30:24.0671 2764 PDRELI - ok
19:30:24.0671 2764 PDRFRAME - ok
19:30:24.0687 2764 perc2 - ok
19:30:24.0703 2764 perc2hib - ok
19:30:24.0765 2764 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
19:30:24.0765 2764 PlugPlay - ok
19:30:24.0796 2764 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:30:24.0812 2764 PolicyAgent - ok
19:30:24.0828 2764 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:30:24.0828 2764 PptpMiniport - ok
19:30:24.0828 2764 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:30:24.0843 2764 ProtectedStorage - ok
19:30:24.0859 2764 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:30:24.0859 2764 PSched - ok
19:30:24.0890 2764 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:30:24.0890 2764 Ptilink - ok
19:30:24.0890 2764 ql1080 - ok
19:30:24.0906 2764 Ql10wnt - ok
19:30:24.0921 2764 ql12160 - ok
19:30:24.0921 2764 ql1240 - ok
19:30:24.0937 2764 ql1280 - ok
19:30:24.0953 2764 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:30:24.0953 2764 RasAcd - ok
19:30:24.0984 2764 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
19:30:24.0984 2764 RasAuto - ok
19:30:25.0000 2764 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:30:25.0000 2764 Rasl2tp - ok
19:30:25.0031 2764 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
19:30:25.0046 2764 RasMan - ok
19:30:25.0062 2764 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:30:25.0062 2764 RasPppoe - ok
19:30:25.0078 2764 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:30:25.0093 2764 Raspti - ok
19:30:25.0140 2764 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:30:25.0140 2764 Rdbss - ok
19:30:25.0171 2764 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:30:25.0171 2764 RDPCDD - ok
19:30:25.0234 2764 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:30:25.0234 2764 RDPWD - ok
19:30:25.0296 2764 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
19:30:25.0296 2764 RDSessMgr - ok
19:30:25.0343 2764 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:30:25.0343 2764 redbook - ok
19:30:25.0406 2764 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
19:30:25.0406 2764 RemoteAccess - ok
19:30:25.0437 2764 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
19:30:25.0453 2764 ROOTMODEM - ok
19:30:25.0468 2764 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
19:30:25.0484 2764 RpcLocator - ok
19:30:25.0546 2764 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
19:30:25.0546 2764 RpcSs - ok
19:30:25.0593 2764 RSUSBSTOR (2cb299f6cc04bac8889a52b0ff48a9d7) C:\WINDOWS\system32\Drivers\RTS5121.sys
19:30:25.0593 2764 RSUSBSTOR - ok
19:30:25.0640 2764 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
19:30:25.0656 2764 RSVP - ok
19:30:25.0656 2764 rt2870 - ok
19:30:25.0703 2764 RTLE8023xp (7174f20ad9b7b7878a51ecca03c499c2) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:30:25.0703 2764 RTLE8023xp - ok
19:30:25.0734 2764 Rts516xIR - ok
19:30:25.0765 2764 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
19:30:25.0765 2764 SamSs - ok
19:30:25.0781 2764 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
19:30:25.0781 2764 SCardSvr - ok
19:30:25.0812 2764 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
19:30:25.0828 2764 Schedule - ok
19:30:25.0890 2764 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:30:25.0890 2764 Secdrv - ok
19:30:25.0921 2764 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
19:30:25.0921 2764 seclogon - ok
19:30:25.0953 2764 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
19:30:25.0953 2764 seehcri - ok
19:30:25.0984 2764 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
19:30:26.0000 2764 SENS - ok
19:30:26.0031 2764 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
19:30:26.0031 2764 Serial - ok
19:30:26.0078 2764 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:30:26.0078 2764 Sfloppy - ok
19:30:26.0125 2764 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
19:30:26.0125 2764 SharedAccess - ok
19:30:26.0187 2764 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:30:26.0187 2764 ShellHWDetection - ok
19:30:26.0203 2764 Simbad - ok
19:30:26.0218 2764 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:30:26.0234 2764 SLIP - ok
19:30:26.0234 2764 Sparrow - ok
19:30:26.0281 2764 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:30:26.0281 2764 splitter - ok
19:30:26.0343 2764 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:30:26.0343 2764 Spooler - ok
19:30:26.0453 2764 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
19:30:26.0453 2764 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
19:30:26.0453 2764 sptd ( LockedFile.Multi.Generic ) - warning
19:30:26.0453 2764 sptd - detected LockedFile.Multi.Generic (1)
19:30:26.0468 2764 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
19:30:26.0468 2764 sr - ok
19:30:26.0515 2764 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
19:30:26.0531 2764 srservice - ok
19:30:26.0578 2764 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:30:26.0593 2764 Srv - ok
19:30:26.0609 2764 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
19:30:26.0625 2764 SSDPSRV - ok
19:30:26.0671 2764 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
19:30:26.0687 2764 stisvc - ok
19:30:26.0718 2764 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:30:26.0734 2764 streamip - ok
19:30:26.0734 2764 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:30:26.0734 2764 swenum - ok
19:30:26.0765 2764 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:30:26.0765 2764 swmidi - ok
19:30:26.0765 2764 SwPrv - ok
19:30:26.0781 2764 symc810 - ok
19:30:26.0796 2764 symc8xx - ok
19:30:26.0796 2764 sym_hi - ok
19:30:26.0812 2764 sym_u3 - ok
19:30:26.0843 2764 SynTP (d7b9ad3abd0f7f9f694d71f38b5c7b72) C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:30:26.0859 2764 SynTP - ok
19:30:26.0875 2764 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:30:26.0890 2764 sysaudio - ok
19:30:26.0921 2764 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
19:30:26.0937 2764 SysmonLog - ok
19:30:26.0984 2764 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
19:30:27.0000 2764 TapiSrv - ok
19:30:27.0156 2764 TAPPSRV (92d8b98a3058c570d82134b1b14d9374) C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
19:30:27.0156 2764 TAPPSRV - ok
19:30:27.0234 2764 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:30:27.0234 2764 Tcpip - ok
19:30:27.0265 2764 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:30:27.0265 2764 TDPIPE - ok
19:30:27.0281 2764 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:30:27.0281 2764 TDTCP - ok
19:30:27.0312 2764 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:30:27.0312 2764 TermDD - ok
19:30:27.0421 2764 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
19:30:27.0421 2764 TermService - ok
19:30:27.0484 2764 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
19:30:27.0484 2764 Themes - ok
19:30:27.0625 2764 TNaviSrv (0cc1a31fbc7b488c0da5b612b0d0d0a6) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
19:30:27.0625 2764 TNaviSrv - ok
19:30:27.0734 2764 TomTomHOMEService (747e60b773e95f6c93d5621b550d6865) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
19:30:27.0734 2764 TomTomHOMEService - ok
19:30:27.0843 2764 TOSHIBA Bluetooth Service (d9a627a7f98c3e1a47ec7d8724f06c4f) c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
19:30:27.0843 2764 TOSHIBA Bluetooth Service - ok
19:30:27.0859 2764 TosIde - ok
19:30:27.0890 2764 tosporte (2c15b4856f929ac7dd144044d8334b54) C:\WINDOWS\system32\DRIVERS\tosporte.sys
19:30:27.0906 2764 tosporte - ok
19:30:27.0937 2764 tosrfbd (a2c4929b3922879eb12914e5b4d484ac) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
19:30:27.0937 2764 tosrfbd - ok
19:30:27.0953 2764 tosrfbnp (181e217a7a326817d97946d045b3cb46) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
19:30:27.0968 2764 tosrfbnp - ok
19:30:27.0984 2764 Tosrfcom (70215935318e3d5455b16037152cbca8) C:\WINDOWS\system32\Drivers\tosrfcom.sys
19:30:28.0000 2764 Tosrfcom - ok
19:30:28.0015 2764 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
19:30:28.0015 2764 tosrfec - ok
19:30:28.0031 2764 Tosrfhid (d3f87c46c7c9e5db99fbd3d17121b891) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
19:30:28.0031 2764 Tosrfhid - ok
19:30:28.0062 2764 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
19:30:28.0062 2764 tosrfnds - ok
19:30:28.0078 2764 TosRfSnd (07da8049b4510c80de53d47a5a50ad28) C:\WINDOWS\system32\drivers\tosrfsnd.sys
19:30:28.0078 2764 TosRfSnd - ok
19:30:28.0093 2764 Tosrfusb (f6680c77be134c81cc67f91986022701) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
19:30:28.0093 2764 Tosrfusb - ok
19:30:28.0156 2764 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\WINDOWS\system32\DRIVERS\tos_sps32.sys
19:30:28.0156 2764 tos_sps32 - ok
19:30:28.0203 2764 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
19:30:28.0218 2764 TrkWks - ok
19:30:28.0375 2764 TS_AR5416 (1f855378a1fb733350f8531bb509179a) C:\WINDOWS\system32\DRIVERS\ts_athw.sys
19:30:28.0468 2764 TS_AR5416 - ok
19:30:28.0656 2764 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:30:28.0656 2764 Udfs - ok
19:30:28.0656 2764 ultra - ok
19:30:28.0718 2764 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:30:28.0734 2764 Update - ok
19:30:28.0765 2764 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
19:30:28.0781 2764 upnphost - ok
19:30:28.0812 2764 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
19:30:28.0812 2764 upperdev - ok
19:30:28.0843 2764 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
19:30:28.0843 2764 UPS - ok
19:30:28.0859 2764 usbbus - ok
19:30:28.0921 2764 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:30:28.0921 2764 usbccgp - ok
19:30:28.0921 2764 USBCCID - ok
19:30:28.0937 2764 UsbDiag - ok
19:30:28.0968 2764 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:30:28.0968 2764 usbehci - ok
19:30:29.0000 2764 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:30:29.0000 2764 usbhub - ok
19:30:29.0015 2764 USBModem - ok
19:30:29.0046 2764 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:30:29.0046 2764 usbprint - ok
19:30:29.0078 2764 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:30:29.0078 2764 usbscan - ok
19:30:29.0109 2764 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
19:30:29.0109 2764 usbser - ok
19:30:29.0140 2764 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
19:30:29.0140 2764 UsbserFilt - ok
19:30:29.0187 2764 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:30:29.0187 2764 usbstor - ok
19:30:29.0203 2764 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:30:29.0203 2764 usbuhci - ok
19:30:29.0250 2764 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:30:29.0250 2764 usbvideo - ok
19:30:29.0296 2764 UVCFTR (237c444fbd1c697a2e3fa60f02c61f22) C:\WINDOWS\system32\Drivers\UVCFTR_S.SYS
19:30:29.0296 2764 UVCFTR - ok
19:30:29.0375 2764 uxkx1 (ef8bf4d7184a3e36f10f8adbb0270642) C:\WINDOWS\system32\DRIVERS\uxkx1.sys
19:30:29.0390 2764 uxkx1 - ok
19:30:29.0421 2764 UxTuneUp (d81cd7e761c1a52dec20f0d4eaea3259) C:\WINDOWS\System32\uxtuneup.dll
19:30:29.0421 2764 UxTuneUp - ok
19:30:29.0453 2764 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:30:29.0453 2764 VgaSave - ok
19:30:29.0468 2764 ViaIde - ok
19:30:29.0515 2764 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
19:30:29.0515 2764 VolSnap - ok
19:30:29.0578 2764 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
19:30:29.0593 2764 VSS - ok
19:30:29.0625 2764 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
19:30:29.0640 2764 W32Time - ok
19:30:29.0703 2764 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:30:29.0703 2764 Wanarp - ok
19:30:29.0765 2764 wceusbsh (a2a8cacb5b80ac45cc69692e60621864) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
19:30:29.0765 2764 wceusbsh - ok
19:30:29.0859 2764 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
19:30:29.0859 2764 Wdf01000 - ok
19:30:29.0875 2764 WDICA - ok
19:30:29.0890 2764 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:30:29.0906 2764 wdmaud - ok
19:30:29.0937 2764 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
19:30:29.0937 2764 WebClient - ok
19:30:30.0015 2764 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:30:30.0015 2764 winmgmt - ok
19:30:30.0062 2764 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:30:30.0062 2764 WmdmPmSN - ok
19:30:30.0109 2764 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:30:30.0109 2764 WmiApSrv - ok
19:30:30.0156 2764 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:30:30.0156 2764 WpdUsb - ok
19:30:30.0187 2764 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
19:30:30.0203 2764 wscsvc - ok
19:30:30.0234 2764 WSIMD (0091d78c5f8fde0cdf2b214823de6e48) C:\WINDOWS\system32\DRIVERS\wsimd.sys
19:30:30.0250 2764 WSIMD - ok
19:30:30.0281 2764 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:30:30.0281 2764 WSTCODEC - ok
19:30:30.0296 2764 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
19:30:30.0296 2764 wuauserv - ok
19:30:30.0343 2764 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:30:30.0343 2764 WudfPf - ok
19:30:30.0375 2764 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:30:30.0390 2764 WudfRd - ok
19:30:30.0406 2764 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:30:30.0406 2764 WudfSvc - ok
19:30:30.0500 2764 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
19:30:30.0515 2764 WZCSVC - ok
19:30:30.0546 2764 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
19:30:30.0609 2764 xmlprov - ok
19:30:30.0640 2764 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:30:31.0390 2764 \Device\Harddisk0\DR0 - ok
19:30:31.0390 2764 Boot (0x1200) (c8790e934ac957222bf77c936f12607f) \Device\Harddisk0\DR0\Partition0
19:30:31.0390 2764 \Device\Harddisk0\DR0\Partition0 - ok
19:30:31.0406 2764 ============================================================
19:30:31.0406 2764 Scan finished
19:30:31.0406 2764 ============================================================
19:30:31.0421 2756 Detected object count: 1
19:30:31.0421 2756 Actual detected object count: 1
19:30:43.0796 2756 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:30:43.0796 2756 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:30:46.0671 2580 Deinitialize success

Log z Combo Fix

ComboFix 12-05-23.05 - Spravce 23.05.2012 19:38:29.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.606 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Spravce\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

ADS - system32: deleted 12 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\Spravce\WINDOWS
C:\Program Files\xp-AntiSpy
C:\Program Files\xp-AntiSpy\Uninstall.exe
C:\Program Files\xp-AntiSpy\xp-AntiSpy.exe
C:\Program Files\xp-AntiSpy\xp-AntiSpy.chm
C:\Program Files\xp-AntiSpy\xp-AntiSpy.url


((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((( Soubory vytvořené od 2012-04-23 do 2012-05-23 )))))))))))))))))))))))))))))))


2012-05-23 16:20:24 . 2012-04-04 13:56:40 22344 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2012-05-23 16:20:23 . 2012-05-23 16:20:37 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2012-05-23 08:57:27 . 2012-05-08 16:40:12 6737808 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{237578A4-5D71-44C5-A14C-F3F82B3B2C2F}\mpengine.dll
2012-05-22 05:17:27 . 2012-05-22 05:17:27 -------- d-----w- C:\Documents and Settings\Spravce\Data aplikací\Malwarebytes
2012-05-22 05:17:10 . 2012-05-22 05:17:10 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-05-22 04:43:30 . 2012-05-08 16:40:12 6737808 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-14 11:11:20 . 2012-05-14 11:11:20 -------- d-----w- C:\Documents and Settings\Spravce\Data aplikací\WinBatch
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-05-05 13:15:35 . 2012-04-07 16:44:56 419488 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-05-05 13:15:34 . 2011-05-24 08:43:56 70304 -c--a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:55:27 . 2008-04-14 08:06:44 2028544 ----a-w- C:\WINDOWS\system32\ntkrnlpa.exe
2012-04-11 13:55:17 . 2008-09-25 06:39:05 1862272 ----a-w- C:\WINDOWS\system32\win32k.sys
2012-04-11 13:55:05 . 2008-04-14 08:06:18 2150400 ----a-w- C:\WINDOWS\system32\ntoskrnl.exe
2012-03-25 10:05:33 . 2008-09-25 07:17:59 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2012-03-25 10:05:32 . 2011-11-25 12:07:39 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2012-03-20 18:44:12 . 2009-12-02 14:23:40 171064 ----a-w- C:\WINDOWS\system32\drivers\MpFilter.sys
2012-03-01 01:14:55 . 2008-09-25 06:39:05 832512 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-03-01 01:14:54 . 2008-09-25 06:39:01 1830912 ------w- C:\WINDOWS\system32\inetcpl.cpl
2012-03-01 01:14:53 . 2008-09-25 06:39:01 78336 ----a-w- C:\WINDOWS\system32\ieencode.dll
2012-03-01 01:14:53 . 2008-09-25 06:38:57 17408 ----a-w- C:\WINDOWS\system32\corpol.dll
2012-02-29 14:10:19 . 2008-09-25 06:39:05 177664 ----a-w- C:\WINDOWS\system32\wintrust.dll
2012-02-29 14:10:19 . 2008-09-25 06:39:01 148480 ----a-w- C:\WINDOWS\system32\imagehlp.dll
2012-04-12 18:59:35 . 2011-05-22 07:54:06 97208 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2009-04-23 13:51:38 691656]
"ShowBatteryBar"="C:\Program Files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 21:02:28 90624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-08-12 14:18:30 159744]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" [2012-03-26 15:08:12 931200]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 12:00:00 15360]
"TOSHIBA Online Product Information"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2008-09-08 09:49:30 5567800]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 00:44:24 435096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02:04 254696 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38:16 247144 ----a-w- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Java\\jre1.6.0_06\\launch4j-tmp\\frd.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1234:UDP"= 1234:UDP:port
"1234:TCP"= 1234:TCP:port

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [8.1.2009 23:56:53 721904]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [24.8.2010 11:38:18 92008]
R3 FwLnk;FwLnk Driver;C:\WINDOWS\system32\drivers\FwLnk.sys [25.9.2008 9:31:29 5888]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;C:\WINDOWS\system32\drivers\RTS5121.sys [25.9.2008 9:27:06 157696]
R3 seehcri;Sony Ericsson seehcri Device Driver;C:\WINDOWS\system32\drivers\seehcri.sys [26.1.2011 22:10:27 27632]
S1 MpKsla20b45bf;MpKsla20b45bf;\??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{237578A4-5D71-44C5-A14C-F3F82B3B2C2F}\MpKsla20b45bf.sys --> c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{237578A4-5D71-44C5-A14C-F3F82B3B2C2F}\MpKsla20b45bf.sys [?]
S2 gupdate1c9a1031ed622f6;Google Update Service (gupdate1c9a1031ed622f6);C:\Program Files\Google\Update\GoogleUpdate.exe [10.3.2009 0:05:12 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [7.4.2012 18:44:56 257696]
S3 FileObjInfo;STFileDriver;C:\Documents and Settings\Spravce\Dokumenty\Programy\FileObjInfo.sys [21.1.2009 16:58:38 5733]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\drivers\ggflt.sys [26.1.2011 22:10:13 13224]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [10.3.2009 0:05:12 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [8.10.2011 22:51:52 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8.10.2011 22:51:53 8576]
S3 Rts516xIR;Realtek IR Driver;C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys --> C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys [?]
S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7;C:\WINDOWS\system32\drivers\ts_athw.sys [26.7.2010 13:20:37 1630056]
S3 uxkx1;ASUS My Cinema U3100 Mini DVBT;C:\WINDOWS\system32\drivers\uxkx1.sys [23.6.2010 23:19:10 459264]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - WS2IFSL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

Obsah adresáře 'Naplánované úlohy'

2012-05-23 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 16:44:56 . 2012-05-05 13:16:12]

2012-05-23 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-09 22:05:12 . 2009-03-09 22:05:08]

2012-05-23 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-09 22:05:12 . 2009-03-09 22:05:08]

2012-05-23 C:\WINDOWS\Tasks\MpIdleTask.job
- c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03:40 . 2012-03-26 15:03:40]


------- Doplňkový sken -------

uStart Page = hxxp://www.seznam.cz
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Documents and Settings\Spravce\Data aplikací\Mozilla\Firefox\Profiles\0xhego0k.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.4&q=

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-xp-AntiSpy - C:\Program Files\xp-AntiSpy\Uninstall.exe

Díky.

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
gupdate1c9a1031ed622f6
gupdatem


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Vikinic]

Log Combo Fix

ComboFix 12-05-23.05 - Spravce 23.05.2012 21:19:25.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.585 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Spravce\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Spravce\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FILE ::
"C:\Program Files\Google\Update\GoogleUpdate.exe"
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job"
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job"


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


---- Předchozí spuštění -------

C:\Program Files\xp-AntiSpy\Uninstall.exe
C:\Program Files\xp-AntiSpy\xp-AntiSpy.exe
C:\Program Files\xp-AntiSpy\xp-AntiSpy.chm
C:\Program Files\xp-AntiSpy\xp-AntiSpy.url


((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF
-------\Legacy_GUPDATE1C9A1031ED622F6
-------\Service_gupdate1c9a1031ed622f6
-------\Service_gupdatem


((((((((((((((((((((((((( Soubory vytvořené od 2012-04-23 do 2012-05-23 )))))))))))))))))))))))))))))))


2012-05-23 19:17:08 . 2012-05-23 19:17:08 29904 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{09CB2A95-4B3B-47AE-A714-0DA95965D20C}\MpKslaceffd8c.sys
2012-05-23 17:51:00 . 2012-05-08 16:40:12 6737808 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{09CB2A95-4B3B-47AE-A714-0DA95965D20C}\mpengine.dll
2012-05-23 16:20:24 . 2012-04-04 13:56:40 22344 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2012-05-23 16:20:23 . 2012-05-23 16:20:37 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2012-05-22 05:17:27 . 2012-05-22 05:17:27 -------- d-----w- C:\Documents and Settings\Spravce\Data aplikací\Malwarebytes
2012-05-22 05:17:10 . 2012-05-22 05:17:10 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-05-22 04:43:30 . 2012-05-08 16:40:12 6737808 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-14 11:11:20 . 2012-05-14 11:11:20 -------- d-----w- C:\Documents and Settings\Spravce\Data aplikací\WinBatch
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-05-05 13:15:35 . 2012-04-07 16:44:56 419488 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-05-05 13:15:34 . 2011-05-24 08:43:56 70304 -c--a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:55:27 . 2008-04-14 08:06:44 2028544 ----a-w- C:\WINDOWS\system32\ntkrnlpa.exe
2012-04-11 13:55:17 . 2008-09-25 06:39:05 1862272 ----a-w- C:\WINDOWS\system32\win32k.sys
2012-04-11 13:55:05 . 2008-04-14 08:06:18 2150400 ----a-w- C:\WINDOWS\system32\ntoskrnl.exe
2012-03-25 10:05:33 . 2008-09-25 07:17:59 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2012-03-25 10:05:32 . 2011-11-25 12:07:39 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2012-03-20 18:44:12 . 2009-12-02 14:23:40 171064 ----a-w- C:\WINDOWS\system32\drivers\MpFilter.sys
2012-03-01 01:14:55 . 2008-09-25 06:39:05 832512 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-03-01 01:14:54 . 2008-09-25 06:39:01 1830912 ------w- C:\WINDOWS\system32\inetcpl.cpl
2012-03-01 01:14:53 . 2008-09-25 06:39:01 78336 ----a-w- C:\WINDOWS\system32\ieencode.dll
2012-03-01 01:14:53 . 2008-09-25 06:38:57 17408 ----a-w- C:\WINDOWS\system32\corpol.dll
2012-02-29 14:10:19 . 2008-09-25 06:39:05 177664 ----a-w- C:\WINDOWS\system32\wintrust.dll
2012-02-29 14:10:19 . 2008-09-25 06:39:01 148480 ----a-w- C:\WINDOWS\system32\imagehlp.dll
2012-04-12 18:59:35 . 2011-05-22 07:54:06 97208 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


((((((((((((((((((((((((((((( SnapShot@2012-05-23_17.46.16 )))))))))))))))))))))))))))))))))))))))))

+ 2012-05-23 19:26:26 . 2012-05-23 19:26:26 16384 C:\WINDOWS\temp\Perflib_Perfdata_2d0.dat

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2009-04-23 13:51:38 691656]
"ShowBatteryBar"="C:\Program Files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 21:02:28 90624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-08-12 14:18:30 159744]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" [2012-03-26 15:08:12 931200]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 12:00:00 15360]
"TOSHIBA Online Product Information"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2008-09-08 09:49:30 5567800]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 00:44:24 435096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02:04 254696 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38:16 247144 ----a-w- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Java\\jre1.6.0_06\\launch4j-tmp\\frd.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1234:UDP"= 1234:UDP:port
"1234:TCP"= 1234:TCP:port

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [8.1.2009 23:56:53 721904]
R1 MpKslaceffd8c;MpKslaceffd8c;C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{09CB2A95-4B3B-47AE-A714-0DA95965D20C}\MpKslaceffd8c.sys [23.5.2012 21:17:08 29904]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [24.8.2010 11:38:18 92008]
R3 FwLnk;FwLnk Driver;C:\WINDOWS\system32\drivers\FwLnk.sys [25.9.2008 9:31:29 5888]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;C:\WINDOWS\system32\drivers\RTS5121.sys [25.9.2008 9:27:06 157696]
R3 seehcri;Sony Ericsson seehcri Device Driver;C:\WINDOWS\system32\drivers\seehcri.sys [26.1.2011 22:10:27 27632]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [7.4.2012 18:44:56 257696]
S3 FileObjInfo;STFileDriver;C:\Documents and Settings\Spravce\Dokumenty\Programy\FileObjInfo.sys [21.1.2009 16:58:38 5733]
S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\drivers\ggflt.sys [26.1.2011 22:10:13 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [8.10.2011 22:51:52 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8.10.2011 22:51:53 8576]
S3 Rts516xIR;Realtek IR Driver;C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys --> C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys [?]
S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7;C:\WINDOWS\system32\drivers\ts_athw.sys [26.7.2010 13:20:37 1630056]
S3 uxkx1;ASUS My Cinema U3100 Mini DVBT;C:\WINDOWS\system32\drivers\uxkx1.sys [23.6.2010 23:19:10 459264]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

Obsah adresáře 'Naplánované úlohy'

2012-05-23 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 16:44:56 . 2012-05-05 13:16:12]

2012-05-23 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-09 22:05:12 . 2009-03-09 22:05:08]

2012-05-23 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-09 22:05:12 . 2009-03-09 22:05:08]

2012-05-23 C:\WINDOWS\Tasks\MpIdleTask.job
- c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03:40 . 2012-03-26 15:03:40]


------- Doplňkový sken -------

uStart Page = hxxp://www.seznam.cz
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Documents and Settings\Spravce\Data aplikací\Mozilla\Firefox\Profiles\0xhego0k.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.4&q=

Log HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:31:40, on 23.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17109)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Spravce\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com/ig/redirectdomain?brand=TSED&bmod=TSED
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 5404 bytes

Log aswMBR

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-23 21:33:51
-----------------------------
21:33:51.437 OS Version: Windows 5.1.2600 Service Pack 3
21:33:51.437 Number of processors: 2 586 0x1C02
21:33:51.437 ComputerName: TOSHIBA-MINI UserName: Spravce
21:33:52.546 Initialize success
21:34:08.140 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:34:08.156 Disk 0 Vendor: Hitachi_ FBBO Size: 114473MB BusType: 3
21:34:08.156 Disk 0 MBR read successfully
21:34:08.156 Disk 0 MBR scan
21:34:08.156 Disk 0 Windows XP default MBR code
21:34:08.156 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 114472 MB offset 63
21:34:08.171 Disk 0 scanning sectors +234439600
21:34:08.250 Disk 0 scanning C:\WINDOWS\system32\drivers
21:34:14.093 Service scanning
21:34:22.250 Service MpKslf4ef9f62 c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8EA0A053-B40C-4BD1-B1DC-5D398137028C}\MpKslf4ef9f62.sys **LOCKED** 32
21:34:27.593 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
21:34:32.734 Modules scanning
21:34:44.203 Disk 0 trace - called modules:
21:34:44.218 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys spmz.sys >>UNKNOWN [0x86789938]<<
21:34:44.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86704ab8]
21:34:44.234 3 CLASSPNP.SYS[f763afd7] -> nt!IofCallDriver -> \Device\0000006f[0x86706910]
21:34:44.234 5 ACPI.sys[f7498620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8618e028]
21:34:44.250 Scan finished successfully
21:34:54.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Spravce\Plocha\MBR.dat"
21:34:54.750 The log file has been saved successfully to "C:\Documents and Settings\Spravce\Plocha\aswMBR.txt"

Dík.

[Žbeky]

Tyto porty máš otevřené naschvál?

"1234:UDP"= 1234:UDP:port
"1234:TCP"= 1234:TCP:port

[Vikinic]

Asi ano otvíral jsem ty porty aby mi šla IPTV v netbooku,vadí to něčemu?Mohu je zas zavřít.Jinak netbook se trochu zrychlil děkuji moc panu Jarovi 3.

[Žbeky]

Ještě to tu nezsvírej!

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

[Vikinic]

PC se zrychlilo start trvá 2.30 min. předtím až 4.min práce se také zrychlila.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:40:20, on 24.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17109)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Documents and Settings\Spravce\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spravce\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spravce\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spravce\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Spravce\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com/ig/redirectdomain?brand=TSED&bmod=TSED
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 5775 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.