Pomalý start PC, nelze instalovat/odinst. některý software

Zpráva

maicuss · #1 Příspěvek od **maicuss** » 29 čer 2011 08:51

Zdravím,
v poslední době se mi PC spouští cca 4-5 minut, po spuštění mi vždy ještě tak na minutu zamrzne, ale pak už šlape (téměř) jako hodinky. Až na některé "drobnosti". Například mi nejdou spustit / instalovat či odinstalovat některé programy (zobrazí se mi okno "zabezpečení systému windows" - "tyto soubory nelze otevřít - nastavení zabezpečení Internetu zabránilo v otevření jednoho či více souborů" (mám windows 7)...

#2 Příspěvek od **vyosek** » 29 čer 2011 08:54

Zdravim, pekne dopoledne preji a vitam vas u nas na foru

Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti, navic i pri jasnem pocasi jake ted v okrese Kromeriz panuje, neni nic videt

Ale dosti legracek, kouknem na to

Kliknete do meho podpisu na RSIT a dejte log z nej - navod Vas povede...

maicuss · #3 Příspěvek od **maicuss** » 29 čer 2011 09:00

Zde připojuji log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal at 2011-06-29 09:58:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 168 GB (28%) free of 600 GB
Total RAM: 3955 MB (51% free)

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 30518224
\??\C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2124
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\ThpSrv.exe" /logon
"C:\Program Files\Toshiba\Registration\ToshibaReminder.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:1252
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_4 concurrent_prefetch/DnsParallelism/parallel_14/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/" --channel=5292.05559480.1293611887 /prefetch:3
C:\windows\system32\rundll32.exe "C:\Users\Michal\AppData\Local\Google\Chrome\APPLIC~1\120742~1.112\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Michal\AppData\Local\Google\Chrome\Application\12.0.742.112\gcswf32.dll" --lang=cs --channel=5292.0ADBF1C0.49786768 /prefetch:4 --flash-broker=5532
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest="CacheSize/CacheSizeGroup_5/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_4 concurrent_prefetch/DnsParallelism/parallel_14/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/" --channel=5292.0821D600.740981776 /prefetch:3
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest="CacheSize/CacheSizeGroup_5/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_4 concurrent_prefetch/DnsParallelism/parallel_14/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/" --channel=5292.0AE53D80.1093238417 /prefetch:3
"taskhost.exe"
"C:\windows\system32\mspaint.exe"
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Michal\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-14 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2010-05-05 17412200]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-22 10134560]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-03-22 896032]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"ThpSrv"=C:\windows\system32\thpsrv /logon []
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-11-18 2919168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"=C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2010-02-22 352256]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-12-25 34160]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-04-01 252728]
"TRCMan"=C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [2009-07-21 701752]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2011-06-29 09:56:01 ----D---- C:\rsit
2011-06-29 09:56:01 ----D---- C:\Program Files\trend micro
2011-06-29 08:26:24 ----A---- C:\windows\system32\TURegOpt.exe
2011-06-29 08:26:23 ----A---- C:\windows\SYSWOW64\uxtuneup.dll
2011-06-29 08:26:23 ----A---- C:\windows\SYSWOW64\authuitu.dll
2011-06-29 08:26:23 ----A---- C:\windows\system32\uxtuneup.dll
2011-06-29 08:26:23 ----A---- C:\windows\system32\authuitu.dll
2011-06-29 08:25:57 ----D---- C:\Users\Michal\AppData\Roaming\TuneUp Software
2011-06-29 08:25:45 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2011-06-29 08:25:09 ----D---- C:\ProgramData\TuneUp Software
2011-06-29 08:25:05 ----SHD---- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-06-29 08:06:08 ----A---- C:\windows\SYSWOW64\drvinst.exe
2011-06-29 08:06:08 ----A---- C:\windows\system32\umpnpmgr.dll
2011-06-29 08:06:07 ----A---- C:\windows\SYSWOW64\devrtl.dll
2011-06-29 08:06:07 ----A---- C:\windows\SYSWOW64\devobj.dll
2011-06-29 08:06:07 ----A---- C:\windows\SYSWOW64\cfgmgr32.dll
2011-06-29 08:06:05 ----A---- C:\windows\system32\tquery.dll
2011-06-29 08:06:05 ----A---- C:\windows\system32\mssrch.dll
2011-06-29 08:06:04 ----A---- C:\windows\SYSWOW64\mssrch.dll
2011-06-29 08:06:04 ----A---- C:\windows\system32\SearchIndexer.exe
2011-06-29 08:06:03 ----A---- C:\windows\SYSWOW64\tquery.dll
2011-06-29 08:06:03 ----A---- C:\windows\system32\SearchProtocolHost.exe
2011-06-29 08:06:02 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2011-06-29 08:06:02 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2011-06-29 08:06:02 ----A---- C:\windows\SYSWOW64\mssph.dll
2011-06-29 08:06:02 ----A---- C:\windows\system32\SearchFilterHost.exe
2011-06-29 08:06:02 ----A---- C:\windows\system32\mssvp.dll
2011-06-29 08:06:02 ----A---- C:\windows\system32\mssph.dll
2011-06-29 08:06:01 ----A---- C:\windows\SYSWOW64\mssvp.dll
2011-06-29 08:06:01 ----A---- C:\windows\system32\mssphtb.dll
2011-06-29 08:06:00 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2011-06-29 08:06:00 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2011-06-29 08:06:00 ----A---- C:\windows\system32\msscntrs.dll
2011-06-29 08:05:59 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2011-06-28 22:59:38 ----D---- C:\Program Files (x86)\PC Tools Security
2011-06-28 22:59:37 ----AD---- C:\ProgramData\TEMP
2011-06-28 22:50:11 ----D---- C:\Users\Michal\AppData\Roaming\Reviversoft
2011-06-28 22:47:30 ----A---- C:\windows\system32\roboot64.exe
2011-06-27 16:22:34 ----HDC---- C:\ProgramData\{954361E8-665B-4E93-918D-21C1F708FBD8}
2011-06-26 14:23:33 ----D---- C:\Users\Michal\AppData\Roaming\Waves Audio
2011-06-26 14:23:33 ----D---- C:\Users\Michal\AppData\Roaming\iZotope
2011-06-26 14:19:23 ----D---- C:\Program Files (x86)\WinPcap
2011-06-26 14:17:27 ----A---- C:\windows\SYSWOW64\msvcp71.dll
2011-06-26 14:13:00 ----D---- C:\Program Files (x86)\Waves
2011-06-15 17:52:05 ----A---- C:\windows\system32\drivers\tcpip.sys
2011-06-15 17:52:05 ----A---- C:\windows\system32\drivers\afd.sys
2011-06-15 17:52:02 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 17:52:02 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 17:52:02 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2011-06-15 17:52:00 ----A---- C:\windows\system32\win32k.sys
2011-06-15 17:51:53 ----A---- C:\windows\system32\mshtml.dll
2011-06-15 17:51:47 ----A---- C:\windows\system32\ieframe.dll
2011-06-15 17:51:42 ----A---- C:\windows\SYSWOW64\mshtml.dll
2011-06-15 17:51:40 ----A---- C:\windows\SYSWOW64\ieframe.dll
2011-06-15 17:51:38 ----A---- C:\windows\system32\urlmon.dll
2011-06-15 17:51:36 ----A---- C:\windows\SYSWOW64\urlmon.dll
2011-06-15 17:51:34 ----A---- C:\windows\SYSWOW64\iertutil.dll
2011-06-15 17:51:34 ----A---- C:\windows\system32\msfeeds.dll
2011-06-15 17:51:34 ----A---- C:\windows\system32\iertutil.dll
2011-06-15 17:51:33 ----A---- C:\windows\SYSWOW64\wininet.dll
2011-06-15 17:51:33 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2011-06-15 17:51:33 ----A---- C:\windows\system32\wininet.dll
2011-06-15 17:51:32 ----A---- C:\windows\SYSWOW64\ieui.dll
2011-06-15 17:51:31 ----A---- C:\windows\system32\jsproxy.dll
2011-06-15 17:51:31 ----A---- C:\windows\system32\ieui.dll
2011-06-15 17:51:30 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2011-06-15 17:51:24 ----A---- C:\windows\system32\d3d10_1.dll
2011-06-15 17:51:23 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2011-06-15 17:51:23 ----A---- C:\windows\system32\drivers\srv2.sys
2011-06-15 17:51:22 ----A---- C:\windows\system32\drivers\srvnet.sys
2011-06-15 17:51:22 ----A---- C:\windows\system32\drivers\srv.sys
2011-06-15 17:51:01 ----A---- C:\windows\system32\oleaut32.dll
2011-06-15 17:51:00 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2011-06-15 17:50:59 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2011-06-15 17:50:59 ----A---- C:\windows\system32\inetcomm.dll

======List of files/folders modified in the last 1 months======

2011-06-29 09:58:14 ----D---- C:\windows\Temp
2011-06-29 09:56:01 ----RD---- C:\Program Files
2011-06-29 09:16:18 ----D---- C:\windows\system32\config
2011-06-29 09:06:06 ----SHD---- C:\windows\Installer
2011-06-29 09:06:06 ----D---- C:\Program Files (x86)\Microsoft Office
2011-06-29 09:05:52 ----SHD---- C:\System Volume Information
2011-06-29 09:00:15 ----D---- C:\windows\winsxs
2011-06-29 09:00:10 ----A---- C:\windows\SYSWOW64\log.txt
2011-06-29 08:58:14 ----D---- C:\windows\SysWOW64
2011-06-29 08:58:14 ----AD---- C:\windows\System32
2011-06-29 08:58:13 ----SD---- C:\windows\Fonts
2011-06-29 08:46:10 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2011-06-29 08:43:58 ----D---- C:\windows\system32\Tasks
2011-06-29 08:25:45 ----RD---- C:\Program Files (x86)
2011-06-29 08:25:09 ----HD---- C:\ProgramData
2011-06-29 08:25:06 ----AD---- C:\Windows
2011-06-29 08:05:51 ----D---- C:\windows\system32\catroot
2011-06-29 08:05:50 ----D---- C:\windows\system32\catroot2
2011-06-28 23:47:50 ----D---- C:\windows\system32\drivers
2011-06-28 22:59:38 ----D---- C:\Program Files (x86)\Common Files
2011-06-28 22:41:23 ----D---- C:\Program Files (x86)\QuickTime
2011-06-27 16:22:28 ----D---- C:\Program Files (x86)\VstPlugins
2011-06-27 16:22:26 ----D---- C:\Program Files\Native Instruments
2011-06-27 16:22:26 ----D---- C:\Program Files (x86)\Native Instruments
2011-06-26 21:42:24 ----D---- C:\windows\inf
2011-06-26 21:42:24 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-06-26 14:56:42 ----D---- C:\windows\Tasks
2011-06-25 11:41:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-06-25 11:41:59 ----D---- C:\Program Files (x86)\Software602
2011-06-24 13:29:15 ----D---- C:\windows\Prefetch
2011-06-24 13:27:57 ----D---- C:\Program Files (x86)\NOD32view
2011-06-24 13:27:14 ----D---- C:\Program Files (x86)\Total Video Converter
2011-06-24 13:26:43 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2011-06-24 13:26:42 ----D---- C:\Users\Michal\AppData\Roaming\SignGoLite
2011-06-16 20:27:31 ----D---- C:\windows\Microsoft.NET
2011-06-16 19:38:07 ----RSD---- C:\windows\assembly
2011-06-16 02:01:36 ----D---- C:\Program Files\Internet Explorer
2011-06-16 02:01:36 ----D---- C:\Program Files (x86)\Internet Explorer
2011-06-16 02:01:35 ----D---- C:\windows\SYSWOW64\migration
2011-06-16 02:01:35 ----D---- C:\windows\system32\migration
2011-06-15 22:44:49 ----A---- C:\windows\system32\MRT.exe
2011-06-15 22:44:43 ----D---- C:\ProgramData\Microsoft Help
2011-06-15 22:41:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-15 22:40:29 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-06-15 15:17:05 ----D---- C:\Users\Michal\AppData\Roaming\Audacity
2011-06-13 16:49:44 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-12-14 834544]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 Tpkd;Tpkd; C:\windows\system32\drivers\Tpkd.sys [2009-12-23 105592]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2010-07-29 171152]
R2 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 50624]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-07-29 3058168]
R3 enecir;ENE CIR Receiver; C:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
R3 enecirhid;ENE CIR HID Receiver; C:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 14848]
R3 enecirhidma;ENE CIR HIDmini Filter; C:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 6656]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 33632]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-03-22 2298400]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2010-01-28 86120]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-04-09 330856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-05-18 11856]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 acpials;Filtr zařízení ALS Sensor; C:\windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
S3 ahpa4xly;ahpa4xly; C:\windows\system32\drivers\ahpa4xly.sys []
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2010-05-26 164464]
S3 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-18 810144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-09-16 5018624]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2010-05-05 393320]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-05-05 1604200]
R2 Thpsrv;Ochrana HDD TOSHIBA; C:\windows\system32\ThpSrv.exe [2009-10-21 531520]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-06-06 2026304]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-11-18 42360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-12-07 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 29 čer 2011 09:05

Co budem delat s tim nelegalnim ESET Smart Security

maicuss · #5 Příspěvek od **maicuss** » 29 čer 2011 09:18

aha

.....v tom příípadě mi nepomůžete?

nebo, mám ho odinstalovat a znovu pripojit log?

#6 Příspěvek od **vyosek** » 29 čer 2011 09:21

Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava Obrázek

, pachate trestny cin a ten jako takovy nebude nasim forem podporovan. Uvedomte si, ze jste na bezpecnostnim foru - podpora warezu (zvlaste bezpecnostnich programu) by byla zcela proti logice fora

Obstarejte si proto legalni ochranu Vaseho PC (antivir), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.

Osobne Vam doporucuji Avast, Aviru ci MSE. Prehled antiviru mate ZDE.

Log z RSITu - viz muj podpis

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

maicuss · #7 Příspěvek od **maicuss** » 29 čer 2011 09:44

Tak teď už snad bude vše v pořádku. Log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal at 2011-06-29 10:42:07
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 168 GB (28%) free of 600 GB
Total RAM: 3955 MB (58% free)

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 2972496
\??\C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1668
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:1412
C:\windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\ThpSrv.exe" /logon
"C:\Program Files\Toshiba\Registration\ToshibaReminder.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end --restore-last-session
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_10/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=3460.05296C88.707579458 /prefetch:3
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_10/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=3460.052DA518.1007485501 /prefetch:3
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_10/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=3460.052E7DF8.15493661 /prefetch:3
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_10/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=3460.052F5628.288104039 /prefetch:3
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_250ms_queue_prefetch/DnsParallelism/parallel_10/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_disabled/SpdyCwnd/cwnd16/SpdyImpact/npn_with_spdy/ --channel=3460.0530CCB8.24499878 /prefetch:3
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
C:\windows\system32\rundll32.exe "C:\Users\Michal\AppData\Local\Google\Chrome\APPLIC~1\120742~1.112\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Michal\AppData\Local\Google\Chrome\Application\12.0.742.112\gcswf32.dll" --lang=cs --channel=3460.08724EA8.1304344219 /prefetch:4 --flash-broker=4828
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\servicing\TrustedInstaller.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\system32\msiexec.exe /V
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\setup\avast.setup" /downloadpkgs /noreboot /updatevps /verysilent /session "0" /limitcpu
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /welcome
"C:\Users\Michal\Desktop\RSITx64.exe"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-05-10 977472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-05-10 977472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2010-05-05 17412200]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-22 10134560]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-03-22 896032]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"ThpSrv"=C:\windows\system32\thpsrv /logon []
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"=C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2010-02-22 352256]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-12-25 34160]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-04-01 252728]
"TRCMan"=C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [2009-07-21 701752]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-05-10 3459712]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2011-06-29 10:39:19 ----A---- C:\windows\system32\drivers\aswSP.sys
2011-06-29 10:39:19 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2011-06-29 10:39:03 ----A---- C:\windows\system32\drivers\aswTdi.sys
2011-06-29 10:39:03 ----A---- C:\windows\system32\drivers\aswSnx.sys
2011-06-29 10:39:03 ----A---- C:\windows\system32\drivers\aswRdr.sys
2011-06-29 10:39:02 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2011-06-29 10:39:02 ----A---- C:\windows\system32\aswBoot.exe
2011-06-29 10:38:31 ----A---- C:\windows\SYSWOW64\aswBoot.exe
2011-06-29 10:38:21 ----D---- C:\ProgramData\AVAST Software
2011-06-29 10:38:21 ----D---- C:\Program Files\AVAST Software
2011-06-29 09:56:01 ----D---- C:\rsit
2011-06-29 09:56:01 ----D---- C:\Program Files\trend micro
2011-06-29 08:26:24 ----A---- C:\windows\system32\TURegOpt.exe
2011-06-29 08:26:23 ----A---- C:\windows\SYSWOW64\uxtuneup.dll
2011-06-29 08:26:23 ----A---- C:\windows\SYSWOW64\authuitu.dll
2011-06-29 08:26:23 ----A---- C:\windows\system32\uxtuneup.dll
2011-06-29 08:26:23 ----A---- C:\windows\system32\authuitu.dll
2011-06-29 08:25:57 ----D---- C:\Users\Michal\AppData\Roaming\TuneUp Software
2011-06-29 08:25:45 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2011-06-29 08:25:09 ----D---- C:\ProgramData\TuneUp Software
2011-06-29 08:25:05 ----SHD---- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-06-29 08:06:08 ----A---- C:\windows\SYSWOW64\drvinst.exe
2011-06-29 08:06:08 ----A---- C:\windows\system32\umpnpmgr.dll
2011-06-29 08:06:07 ----A---- C:\windows\SYSWOW64\devrtl.dll
2011-06-29 08:06:07 ----A---- C:\windows\SYSWOW64\devobj.dll
2011-06-29 08:06:07 ----A---- C:\windows\SYSWOW64\cfgmgr32.dll
2011-06-29 08:06:05 ----A---- C:\windows\system32\tquery.dll
2011-06-29 08:06:05 ----A---- C:\windows\system32\mssrch.dll
2011-06-29 08:06:04 ----A---- C:\windows\SYSWOW64\mssrch.dll
2011-06-29 08:06:04 ----A---- C:\windows\system32\SearchIndexer.exe
2011-06-29 08:06:03 ----A---- C:\windows\SYSWOW64\tquery.dll
2011-06-29 08:06:03 ----A---- C:\windows\system32\SearchProtocolHost.exe
2011-06-29 08:06:02 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2011-06-29 08:06:02 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2011-06-29 08:06:02 ----A---- C:\windows\SYSWOW64\mssph.dll
2011-06-29 08:06:02 ----A---- C:\windows\system32\SearchFilterHost.exe
2011-06-29 08:06:02 ----A---- C:\windows\system32\mssvp.dll
2011-06-29 08:06:02 ----A---- C:\windows\system32\mssph.dll
2011-06-29 08:06:01 ----A---- C:\windows\SYSWOW64\mssvp.dll
2011-06-29 08:06:01 ----A---- C:\windows\system32\mssphtb.dll
2011-06-29 08:06:00 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2011-06-29 08:06:00 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2011-06-29 08:06:00 ----A---- C:\windows\system32\msscntrs.dll
2011-06-29 08:05:59 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2011-06-28 22:59:38 ----D---- C:\Program Files (x86)\PC Tools Security
2011-06-28 22:59:37 ----AD---- C:\ProgramData\TEMP
2011-06-28 22:50:11 ----D---- C:\Users\Michal\AppData\Roaming\Reviversoft
2011-06-28 22:47:30 ----A---- C:\windows\system32\roboot64.exe
2011-06-27 16:22:34 ----HDC---- C:\ProgramData\{954361E8-665B-4E93-918D-21C1F708FBD8}
2011-06-26 14:23:33 ----D---- C:\Users\Michal\AppData\Roaming\Waves Audio
2011-06-26 14:23:33 ----D---- C:\Users\Michal\AppData\Roaming\iZotope
2011-06-26 14:19:23 ----D---- C:\Program Files (x86)\WinPcap
2011-06-26 14:17:27 ----A---- C:\windows\SYSWOW64\msvcp71.dll
2011-06-26 14:13:00 ----D---- C:\Program Files (x86)\Waves
2011-06-15 17:52:05 ----A---- C:\windows\system32\drivers\tcpip.sys
2011-06-15 17:52:05 ----A---- C:\windows\system32\drivers\afd.sys
2011-06-15 17:52:02 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 17:52:02 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 17:52:02 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2011-06-15 17:52:00 ----A---- C:\windows\system32\win32k.sys
2011-06-15 17:51:53 ----A---- C:\windows\system32\mshtml.dll
2011-06-15 17:51:47 ----A---- C:\windows\system32\ieframe.dll
2011-06-15 17:51:42 ----A---- C:\windows\SYSWOW64\mshtml.dll
2011-06-15 17:51:40 ----A---- C:\windows\SYSWOW64\ieframe.dll
2011-06-15 17:51:38 ----A---- C:\windows\system32\urlmon.dll
2011-06-15 17:51:36 ----A---- C:\windows\SYSWOW64\urlmon.dll
2011-06-15 17:51:34 ----A---- C:\windows\SYSWOW64\iertutil.dll
2011-06-15 17:51:34 ----A---- C:\windows\system32\msfeeds.dll
2011-06-15 17:51:34 ----A---- C:\windows\system32\iertutil.dll
2011-06-15 17:51:33 ----A---- C:\windows\SYSWOW64\wininet.dll
2011-06-15 17:51:33 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2011-06-15 17:51:33 ----A---- C:\windows\system32\wininet.dll
2011-06-15 17:51:32 ----A---- C:\windows\SYSWOW64\ieui.dll
2011-06-15 17:51:31 ----A---- C:\windows\system32\jsproxy.dll
2011-06-15 17:51:31 ----A---- C:\windows\system32\ieui.dll
2011-06-15 17:51:30 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2011-06-15 17:51:24 ----A---- C:\windows\system32\d3d10_1.dll
2011-06-15 17:51:23 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2011-06-15 17:51:23 ----A---- C:\windows\system32\drivers\srv2.sys
2011-06-15 17:51:22 ----A---- C:\windows\system32\drivers\srvnet.sys
2011-06-15 17:51:22 ----A---- C:\windows\system32\drivers\srv.sys
2011-06-15 17:51:01 ----A---- C:\windows\system32\oleaut32.dll
2011-06-15 17:51:00 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2011-06-15 17:50:59 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2011-06-15 17:50:59 ----A---- C:\windows\system32\inetcomm.dll

======List of files/folders modified in the last 1 months======

2011-06-29 10:42:09 ----D---- C:\windows\Temp
2011-06-29 10:39:19 ----D---- C:\windows\system32\drivers
2011-06-29 10:39:02 ----D---- C:\windows\SysWOW64
2011-06-29 10:39:02 ----AD---- C:\windows\System32
2011-06-29 10:39:01 ----SHD---- C:\windows\Installer
2011-06-29 10:38:57 ----D---- C:\windows\winsxs
2011-06-29 10:38:31 ----AD---- C:\Windows
2011-06-29 10:38:21 ----RD---- C:\Program Files
2011-06-29 10:38:21 ----HD---- C:\ProgramData
2011-06-29 10:38:18 ----SHD---- C:\System Volume Information
2011-06-29 10:37:35 ----D---- C:\windows\system32\config
2011-06-29 10:34:31 ----A---- C:\windows\SYSWOW64\log.txt
2011-06-29 10:31:22 ----D---- C:\windows\system32\DriverStore
2011-06-29 10:31:22 ----D---- C:\windows\system32\catroot
2011-06-29 10:31:22 ----D---- C:\windows\inf
2011-06-29 09:06:06 ----D---- C:\Program Files (x86)\Microsoft Office
2011-06-29 08:58:13 ----SD---- C:\windows\Fonts
2011-06-29 08:46:10 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2011-06-29 08:43:58 ----D---- C:\windows\system32\Tasks
2011-06-29 08:25:45 ----RD---- C:\Program Files (x86)
2011-06-29 08:05:50 ----D---- C:\windows\system32\catroot2
2011-06-28 22:59:38 ----D---- C:\Program Files (x86)\Common Files
2011-06-28 22:41:23 ----D---- C:\Program Files (x86)\QuickTime
2011-06-27 16:22:28 ----D---- C:\Program Files (x86)\VstPlugins
2011-06-27 16:22:26 ----D---- C:\Program Files\Native Instruments
2011-06-27 16:22:26 ----D---- C:\Program Files (x86)\Native Instruments
2011-06-26 21:42:24 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-06-26 14:56:42 ----D---- C:\windows\Tasks
2011-06-25 11:41:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-06-25 11:41:59 ----D---- C:\Program Files (x86)\Software602
2011-06-24 13:29:15 ----D---- C:\windows\Prefetch
2011-06-24 13:27:57 ----D---- C:\Program Files (x86)\NOD32view
2011-06-24 13:27:14 ----D---- C:\Program Files (x86)\Total Video Converter
2011-06-24 13:26:43 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2011-06-24 13:26:42 ----D---- C:\Users\Michal\AppData\Roaming\SignGoLite
2011-06-16 20:27:31 ----D---- C:\windows\Microsoft.NET
2011-06-16 19:38:07 ----RSD---- C:\windows\assembly
2011-06-16 02:01:36 ----D---- C:\Program Files\Internet Explorer
2011-06-16 02:01:36 ----D---- C:\Program Files (x86)\Internet Explorer
2011-06-16 02:01:35 ----D---- C:\windows\SYSWOW64\migration
2011-06-16 02:01:35 ----D---- C:\windows\system32\migration
2011-06-15 22:44:49 ----A---- C:\windows\system32\MRT.exe
2011-06-15 22:44:43 ----D---- C:\ProgramData\Microsoft Help
2011-06-15 22:41:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-15 22:40:29 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-06-15 15:17:05 ----D---- C:\Users\Michal\AppData\Roaming\Audacity
2011-06-13 16:49:44 ----D---- C:\windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-12-14 834544]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 Tpkd;Tpkd; C:\windows\system32\drivers\Tpkd.sys [2009-12-23 105592]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-05-10 31064]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-05-10 287576]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-05-10 53592]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-05-10 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 64344]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-07-29 3058168]
R3 enecir;ENE CIR Receiver; C:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
R3 enecirhid;ENE CIR HID Receiver; C:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 14848]
R3 enecirhidma;ENE CIR HIDmini Filter; C:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 6656]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-03-22 2298400]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2010-01-28 86120]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-04-09 330856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-05-18 11856]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-05-10 600920]
S3 a106y85v;a106y85v; C:\windows\system32\drivers\a106y85v.sys []
S3 acpials;Filtr zařízení ALS Sensor; C:\windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2010-05-26 164464]
S3 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-05-10 42184]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-09-16 5018624]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2010-05-05 393320]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-05-05 1604200]
R2 Thpsrv;Ochrana HDD TOSHIBA; C:\windows\system32\ThpSrv.exe [2009-10-21 531520]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-06-06 2026304]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-12-07 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#8 Příspěvek od **vyosek** » 29 čer 2011 09:52

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

maicuss · #9 Příspěvek od **maicuss** » 29 čer 2011 10:23

OTL logfile created on: 29.6.2011 10:55:50 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Michal\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Zde je OTL.txt

Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 49,29% Memory free
7,72 Gb Paging File | 5,82 Gb Available in Paging File | 75,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 586,24 Gb Total Space | 163,66 Gb Free Space | 27,92% Space Free | Partition Type: NTFS

Computer Name: MICHAL-TOSHIBA | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.06.29 10:53:28 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe
PRC - [2011.06.29 10:44:43 | 000,459,264 | ---- | M] () -- C:\Users\Michal\Downloads\CKScanner.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010.06.17 08:55:00 | 003,680,568 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
PRC - [2010.05.05 07:20:00 | 001,604,200 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.02.24 16:54:04 | 002,721,120 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2010.02.04 15:06:00 | 000,427,416 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2009.11.18 15:10:00 | 000,664,904 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2009.04.03 18:17:00 | 000,447,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2008.07.24 11:24:00 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.03.12 14:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

========== Modules (SafeList) ==========

MOD - [2011.06.29 10:53:28 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe
MOD - [2011.05.10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.06.06 18:24:06 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.09.16 17:00:00 | 005,018,624 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2009.10.21 09:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.06.06 18:28:28 | 002,026,304 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.06.06 18:23:58 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.05.05 07:20:00 | 001,604,200 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.02.25 13:07:14 | 000,196,464 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.05.10 13:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.14 20:53:50 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.07.29 12:09:34 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.05.26 11:00:00 | 000,164,464 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010.04.09 15:49:20 | 000,330,856 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.03.10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.02.10 15:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.03 11:04:00 | 000,060,408 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2010.01.28 06:25:04 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.24 17:55:00 | 000,212,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.28 20:02:00 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2009.07.24 11:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009.07.13 22:12:00 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009.06.29 16:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009.06.29 10:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009.06.29 10:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009.06.22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.19 10:00:00 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.06.19 09:59:00 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2009.06.17 12:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.19 21:59:00 | 000,014,848 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecirhid.sys -- (enecirhid)
DRV:64bit: - [2008.04.24 18:16:00 | 000,006,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecirhidma.sys -- (enecirhidma)
DRV - [2011.05.18 16:19:40 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3068241414-3554310210-4154796672-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKU\S-1-5-21-3068241414-3554310210-4154796672-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
IE - HKU\S-1-5-21-3068241414-3554310210-4154796672-1002\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3068241414-3554310210-4154796672-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

O1 HOSTS File: ([2010.12.12 16:13:36 | 000,000,861 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000..\Run: [TOSHIBA Online Product Information] File not found
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1002..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000..\RunOnce: [SysOff] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {00000000-0000-0000-0000-123456789012} https://bezpecne.podani.gov.cz/ClientOb ... T35x86.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.06.29 10:39:19 | 000,287,576 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2011.06.29 10:39:19 | 000,022,360 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2011.06.29 10:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.06.29 10:39:03 | 000,600,920 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2011.06.29 10:39:03 | 000,053,592 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2011.06.29 10:39:03 | 000,031,064 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr.sys
[2011.06.29 10:39:02 | 000,253,888 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2011.06.29 10:39:02 | 000,064,344 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2011.06.29 10:38:31 | 000,199,304 | ---- | C] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe
[2011.06.29 10:38:31 | 000,040,112 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2011.06.29 10:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.06.29 10:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.06.29 09:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.06.29 09:56:01 | 000,000,000 | ---D | C] -- C:\rsit
[2011.06.29 08:26:24 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\TURegOpt.exe
[2011.06.29 08:26:23 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\uxtuneup.dll
[2011.06.29 08:26:23 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\windows\SysWow64\uxtuneup.dll
[2011.06.29 08:26:23 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\authuitu.dll
[2011.06.29 08:26:23 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\windows\SysWow64\authuitu.dll
[2011.06.29 08:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011.06.29 08:25:57 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\TuneUp Software
[2011.06.29 08:25:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2011.06.29 08:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011.06.29 08:25:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.06.29 08:24:58 | 020,994,976 | ---- | C] (TuneUp Software) -- C:\Users\Michal\Desktop\TuneUpUtilities2011_en-US-install.exe
[2011.06.29 08:06:08 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe
[2011.06.29 08:06:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll
[2011.06.29 08:06:05 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2011.06.29 08:06:05 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2011.06.29 08:06:04 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2011.06.29 08:06:03 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2011.06.29 08:06:03 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe
[2011.06.29 08:06:02 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2011.06.29 08:06:02 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll
[2011.06.29 08:06:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll
[2011.06.29 08:06:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe
[2011.06.29 08:06:01 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2011.06.29 08:06:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2011.06.29 08:06:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssphtb.dll
[2011.06.29 08:06:00 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll
[2011.06.29 08:05:59 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll
[2011.06.28 22:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011.06.28 22:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011.06.28 22:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.06.28 22:50:11 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Reviversoft
[2011.06.28 22:47:30 | 000,018,240 | ---- | C] (ReviverSoft) -- C:\windows\SysNative\roboot64.exe
[2011.06.27 16:22:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\{954361E8-665B-4E93-918D-21C1F708FBD8}
[2011.06.26 21:01:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voxengo
[2011.06.26 14:23:33 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Waves Audio
[2011.06.26 14:23:33 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\iZotope
[2011.06.26 14:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2011.06.26 14:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2011.06.26 14:17:27 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp71.dll
[2011.06.26 14:17:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VST3
[2011.06.26 14:13:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Waves
[2011.06.26 12:16:05 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iZotope
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.06.29 10:41:41 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.29 10:41:41 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.29 10:39:19 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.06.29 10:39:02 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2011.06.29 10:33:49 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.06.29 10:32:48 | 3110,080,512 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.29 10:27:00 | 000,000,966 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002UA.job
[2011.06.29 09:44:40 | 000,832,273 | ---- | M] () -- C:\Users\Michal\Desktop\RSITx64.exe
[2011.06.29 08:58:21 | 031,695,472 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011.06.29 08:28:00 | 000,002,424 | ---- | M] () -- C:\Users\Michal\Desktop\Google Chrome.lnk
[2011.06.29 08:26:19 | 000,002,224 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2011.06.29 08:26:19 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011.06.28 23:00:34 | 001,663,954 | ---- | M] () -- C:\windows\SysNative\drivers\Cat.DB
[2011.06.27 15:33:23 | 000,000,914 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002Core.job
[2011.06.26 21:42:24 | 001,470,062 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011.06.26 21:42:24 | 000,631,292 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2011.06.26 21:42:24 | 000,616,008 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011.06.26 21:42:24 | 000,121,914 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2011.06.26 21:42:24 | 000,106,388 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011.06.26 14:17:31 | 000,001,238 | ---- | M] () -- C:\Users\Michal\Desktop\MultiRack SoundGrid.lnk
[2011.06.26 14:17:29 | 000,001,168 | ---- | M] () -- C:\Users\Michal\Desktop\MultiRack.lnk
[2011.06.26 14:17:29 | 000,001,014 | ---- | M] () -- C:\Users\Michal\Desktop\GTR 3.5.lnk
[2011.06.24 13:27:45 | 000,001,547 | ---- | M] () -- C:\Users\Michal\Desktop\Windows Media Player.lnk
[2011.06.23 11:27:35 | 020,994,976 | ---- | M] (TuneUp Software) -- C:\Users\Michal\Desktop\TuneUpUtilities2011_en-US-install.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.06.29 10:39:19 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.06.29 10:39:02 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt
[2011.06.29 09:44:39 | 000,832,273 | ---- | C] () -- C:\Users\Michal\Desktop\RSITx64.exe
[2011.06.29 08:41:01 | 086,349,632 | ---- | C] () -- C:\Users\Michal\Desktop\mwav.exe
[2011.06.29 08:26:19 | 000,002,224 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2011.06.29 08:26:19 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011.06.29 08:26:18 | 000,002,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011.06.28 22:59:53 | 001,663,954 | ---- | C] () -- C:\windows\SysNative\drivers\Cat.DB
[2011.06.26 14:17:31 | 000,001,238 | ---- | C] () -- C:\Users\Michal\Desktop\MultiRack SoundGrid.lnk
[2011.06.26 14:17:29 | 000,001,168 | ---- | C] () -- C:\Users\Michal\Desktop\MultiRack.lnk
[2011.06.26 14:17:29 | 000,001,014 | ---- | C] () -- C:\Users\Michal\Desktop\GTR 3.5.lnk
[2011.06.24 13:27:45 | 000,001,547 | ---- | C] () -- C:\Users\Michal\Desktop\Windows Media Player.lnk
[2010.12.27 22:31:54 | 000,005,120 | ---- | C] () -- C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.09 22:32:14 | 039,452,608 | ---- | C] () -- C:\Program Files (x86)\mwav.exe
[2010.12.09 21:04:31 | 001,038,336 | ---- | C] () -- C:\Program Files (x86)\WinRAR.exe
[2010.12.07 21:07:52 | 000,000,000 | ---- | C] () -- C:\Users\Michal\AppData\Roaming\wklnhst.dat
[2010.07.29 12:23:45 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\windows\SysWow64\pthreadVC.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 04:58:16 | 000,258,048 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\windows\SysWow64\SPCtl.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2011.05.02 10:41:40 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\602Installer
[2011.05.02 10:41:46 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\602XML
[2011.02.03 18:22:17 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Ableton
[2011.06.15 15:17:05 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Audacity
[2011.04.29 11:43:50 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Cycling '74
[2010.12.14 20:58:35 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2010.12.07 19:58:28 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ESET
[2010.12.27 10:54:09 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\GHISLER
[2010.12.11 17:01:04 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Hardcore
[2011.06.26 14:23:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\iZotope
[2011.02.16 11:53:15 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\NCH Swift Sound
[2011.05.13 19:52:45 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\PACE Anti-Piracy
[2011.06.28 22:50:11 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Reviversoft
[2011.06.24 13:26:42 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\SignGoLite
[2010.12.07 18:51:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Toshiba
[2011.06.29 08:25:57 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\TuneUp Software
[2011.06.29 08:46:10 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2011.06.26 14:23:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Waves Audio
[2010.12.07 18:50:37 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\WinBatch
[2011.02.18 22:24:57 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Windows Live Writer
[2011.03.22 09:06:52 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.05.02 10:41:40 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\602Installer
[2011.05.02 10:41:46 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\602XML
[2011.02.03 18:22:17 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Ableton
[2011.05.19 21:46:12 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Adobe
[2010.12.11 20:13:20 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Ahead
[2011.06.15 15:17:05 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Audacity
[2011.04.29 11:43:50 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Cycling '74
[2010.12.14 20:58:35 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2010.12.07 19:58:28 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ESET
[2010.12.27 10:54:09 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\GHISLER
[2010.12.11 17:01:04 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Hardcore
[2010.12.07 18:49:53 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Identities
[2011.06.26 14:23:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\iZotope
[2010.05.07 20:38:09 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Media Center Programs
[2011.06.24 13:26:43 | 000,000,000 | --SD | M] -- C:\Users\Michal\AppData\Roaming\Microsoft
[2011.02.16 11:53:15 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\NCH Swift Sound
[2010.12.07 19:37:26 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Nero
[2011.05.13 19:52:45 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\PACE Anti-Piracy
[2011.06.28 22:50:11 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Reviversoft
[2011.06.24 13:26:42 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\SignGoLite
[2011.02.01 10:28:20 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Skype
[2010.12.07 18:51:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Toshiba
[2011.06.29 08:25:57 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\TuneUp Software
[2011.06.29 08:46:10 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2011.02.26 17:21:35 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\vlc
[2011.06.26 14:23:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Waves Audio
[2010.12.07 18:50:37 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\WinBatch
[2011.02.18 22:24:57 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Windows Live Writer
[2010.12.09 21:04:44 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.02.01 02:45:40 | 000,038,784 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_5d42c6448888c5bd\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.06.29 10:39:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysWOW64\config.nt
[2011.06.29 10:34:33 | 000,000,018 | ---- | M] () -- C:\Windows\SysWOW64\log.txt

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 1233 bytes -> C:\Users\Michal\AppData\Local\4wUry2B6FMAnucT:iYtqK91grBzrHClvupQS36

< End of report >

maicuss · #10 Příspěvek od **maicuss** » 29 čer 2011 10:25

A tady Extras.txt

(ještě se zeptám, zda mám poslat i log z CK scanneru,jak jste mi psal hned na začátku?)

OTL Extras logfile created on: 29.6.2011 10:55:50 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Michal\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 49,29% Memory free
7,72 Gb Paging File | 5,82 Gb Available in Paging File | 75,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 586,24 Gb Total Space | 163,66 Gb Free Space | 27,92% Space Free | Partition Type: NTFS

Computer Name: MICHAL-TOSHIBA | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{110C673D-E8C1-44C6-85D3-4BD29513FC88}" = Native Instruments Acoustic Refractions
"{14C1DD2C-D54E-464A-9588-C109E3E39EEF}" = Native Instruments Vintage Organs
"{199c6b63-fcb2-49f4-9859-ff78ddd0bb90}" = Native Instruments Scarbee Clavinet Pianet
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Mobile IO Driver
"{332DB63A-14F2-465D-9C7E-B0D04353323F}" = Registry Reviver
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{35DE6B98-31C9-4A01-AB64-20A3C71BE1D0}" = Native Instruments Reflektor
"{36ccb7d4-42c7-473e-b293-72e41a8ec766}" = Native Instruments Berlin Concert Grand
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{45da1e94-82eb-4778-be0d-47c8d9e8451b}" = Native Instruments Scarbee Mark I
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{52931732-892F-4D54-A84A-3EDE25F9BCA2}" = Native Instruments Komplete 7
"{5B841301-3649-4891-BC10-7A66820397C9}" = Native Instruments Reaktor Prism
"{5cd7e481-59d1-4961-a964-019f162b1f27}" = Native Instruments Scarbee A-200
"{5D03CB59-6F91-4097-922C-9DCA057D2A76}" = Native Instruments The Finger R2
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60BB45B2-E8E4-41C5-B69F-C6DC5D991DF5}" = Native Instruments Abbey Road 60s Drums
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Session IO Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8C04CE01-F7B8-4961-884B-6CE7EFFADCD4}" = Native Instruments Reaktor Spark R2
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9be187da-7d1c-4e8b-8b66-6132ca7697d8}" = Native Instruments New York Concert Grand
"{A4BD55F5-65F5-44A6-A130-5FC39433EE9C}" = Max 5.1.7
"{a63e8179-0381-4b59-8876-0755be48eb6a}" = Native Instruments Scarbee MM-Bass
"{B2552FA6-86E3-410D-84AD-265C2242D410}" = Native Instruments FM8
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{C9BCE8B9-2510-48D4-B93A-EA7BEA81D6E7}" = Native Instruments Traktors 12
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D597935A-5F0E-44F8-A028-A0EF9C647D95}" = Native Instruments Rammfire
"{d8650fdb-9422-4a07-9f57-585c06d9d760}" = Native Instruments Upright Piano
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{dc8b9571-8363-44c2-85e0-ea13ab89d032}" = Native Instruments Vienna Concert Grand
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FF600C37-6328-4348-A67A-3F85D8039604}" = Native Instruments Kore Player
"2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042" = ENE CIR Receiver Driver
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Registry Reviver" = Registry Reviver
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 25
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}" = TOSHIBA Remote Control Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"avast" = avast! Free Antivirus
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FL Studio 9" = FL Studio 9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IL Download Manager" = IL Download Manager
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Heslo správce
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Live 8.2" = Live 8.2
"Native Instruments Abbey Road 60s Drums" = Native Instruments Abbey Road 60s Drums
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments Acoustic Refractions" = Native Instruments Acoustic Refractions
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Berlin Concert Grand" = Native Instruments Berlin Concert Grand
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Guitar Rig Mobile IO Driver" = Native Instruments Guitar Rig Mobile IO Driver
"Native Instruments Guitar Rig Session IO Driver" = Native Instruments Guitar Rig Session IO Driver
"Native Instruments Komplete 7" = Native Instruments Komplete 7
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Kore Player" = Native Instruments Kore Player
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments New York Concert Grand" = Native Instruments New York Concert Grand
"Native Instruments Rammfire" = Native Instruments Rammfire
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Prism" = Native Instruments Reaktor Prism
"Native Instruments Reaktor Spark R2" = Native Instruments Reaktor Spark R2
"Native Instruments Reflektor" = Native Instruments Reflektor
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Scarbee A-200" = Native Instruments Scarbee A-200
"Native Instruments Scarbee Clavinet Pianet" = Native Instruments Scarbee Clavinet Pianet
"Native Instruments Scarbee Mark I" = Native Instruments Scarbee Mark I
"Native Instruments Scarbee MM-Bass" = Native Instruments Scarbee MM-Bass
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments The Finger R2" = Native Instruments The Finger R2
"Native Instruments Traktors 12" = Native Instruments Traktors 12
"Native Instruments Upright Piano" = Native Instruments Upright Piano
"Native Instruments Vienna Concert Grand" = Native Instruments Vienna Concert Grand
"Native Instruments Vintage Organs" = Native Instruments Vintage Organs
"NVIDIA.Updatus" = NVIDIA Updatus
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"reFX Vanguard_is1" = reFX Vanguard VSTi RTAS v1.8.0
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"uTorrent" = µTorrent
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 1.1.7
"Waves Complete v7_is1" = Waves Complete VST RTAS TDM v7.1.16
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3068241414-3554310210-4154796672-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.5.2011 8:10:10 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program AcroRd32.exe verze 9.4.0.195 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1428 Čas spuštění: 01cc1d301d1a65d0 Čas ukončení: 41 Cesta k aplikaci: C:\Program
Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe ID hlášení: 68c1163f-8923-11e0-a755-e839df2b9f16

Error - 30.5.2011 17:20:30 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program wmplayer.exe verze 12.0.7601.17514 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1544 Čas spuštění: 01cc1f0f1f06f90c Čas ukončení: 126 Cesta k aplikaci: C:\Program
Files (x86)\Windows Media Player\wmplayer.exe ID hlášení: 9cc9643e-8b02-11e0-ac88-e839df2b9f16

Error - 30.5.2011 17:21:29 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program wmplayer.exe verze 12.0.7601.17514 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 12a8 Čas spuštění: 01cc1f0f7421a65e Čas ukončení: 52 Cesta k aplikaci: C:\Program
Files (x86)\Windows Media Player\wmplayer.exe ID hlášení: c43d9bf2-8b02-11e0-ac88-e839df2b9f16

Error - 1.6.2011 4:50:10 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE verze 12.0.6545.5000 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: f84 Čas spuštění: 01cc1eae3ed4e6a2 Čas ukončení: 3075 Cesta k aplikaci: C:\Program
Files (x86)\Microsoft Office\Office12\WINWORD.EXE ID hlášení: 11cbdbd0-8c2c-11e0-ac88-e839df2b9f16

Error - 1.6.2011 14:59:02 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE verze 12.0.6545.5000 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 15a8 Čas spuštění: 01cc208c792136e9 Čas ukončení: 20 Cesta k aplikaci: C:\Program
Files (x86)\Microsoft Office\Office12\WINWORD.EXE ID hlášení: 27c635a4-8c81-11e0-a98c-e839df2b9f16

Error - 1.6.2011 17:51:34 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program AcroRd32.exe verze 9.4.2.220 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
550 Čas spuštění: 01cc20a5e57112e6 Čas ukončení: 9 Cesta k aplikaci: C:\Program Files
(x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe ID hlášení: 47dad146-8c99-11e0-a98c-e839df2b9f16

Error - 3.6.2011 7:15:26 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program SoftwareUpdate.exe verze 2.1.1.116 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1c48 Čas spuštění: 01cc21c69ed3b124 Čas ukončení: 8 Cesta k aplikaci: C:\Program
Files (x86)\Apple Software Update\SoftwareUpdate.exe ID hlášení: bc9c83c1-8dd2-11e0-b165-e839df2b9f16

Error - 4.6.2011 5:43:40 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program AcroRd32.exe verze 9.4.2.220 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
2558 Čas spuštění: 01cc229bbc5f02ea Čas ukončení: 57 Cesta k aplikaci: C:\Program
Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe ID hlášení: 17866ef5-8e8f-11e0-b165-e839df2b9f16

Error - 4.6.2011 5:44:29 | Computer Name = Michal-TOSHIBA | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE verze 12.0.6545.5000 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 134c Čas spuštění: 01cc212926acab00 Čas ukončení: 211 Cesta k aplikaci: C:\Program
Files (x86)\Microsoft Office\Office12\WINWORD.EXE ID hlášení: 3206e10c-8e8f-11e0-b165-e839df2b9f16

Error - 13.6.2011 10:46:42 | Computer Name = Michal-TOSHIBA | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.

[ Media Center Events ]
Error - 31.1.2011 3:11:51 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 8:11:51 - Chyba při připojování k Internetu 8:11:51 - Nelze kontaktovat
server..

Error - 31.1.2011 3:12:00 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 8:11:56 - Chyba při připojování k Internetu 8:11:56 - Nelze kontaktovat
server..

Error - 11.2.2011 9:49:23 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 14:49:23 - Načtení položky Directory se nezdařilo. (Chyba: Invalid
security token.)

Error - 11.2.2011 9:50:03 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 14:50:03 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při příjmu.)

Error - 11.2.2011 9:50:53 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 14:50:49 - Načtení položky Broadband se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při příjmu.)

Error - 11.2.2011 10:52:11 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 15:52:11 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při příjmu.)

Error - 11.2.2011 10:55:25 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 15:53:42 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Vzdálený
název nelze rozpoznat: 'data.tvdownload.microsoft.com')

Error - 11.2.2011 10:55:25 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 15:55:25 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 17.2.2011 5:18:33 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 10:18:33 - Chyba při připojování k Internetu 10:18:33 - Nelze kontaktovat
server..

Error - 17.2.2011 5:18:41 | Computer Name = Michal-TOSHIBA | Source = MCUpdate | ID = 0
Description = 10:18:38 - Chyba při připojování k Internetu 10:18:38 - Nelze kontaktovat
server..

[ System Events ]
Error - 1.6.2011 12:09:20 | Computer Name = Michal-TOSHIBA | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WMPNetworkSvc bylo dosaženo
časového limitu (30000 ms).

Error - 2.6.2011 3:23:50 | Computer Name = Michal-TOSHIBA | Source = Service Control Manager | ID = 7022
Description = Služba Mezipaměť písem Windows přestala během spouštění reagovat.

Error - 2.6.2011 3:44:50 | Computer Name = Michal-TOSHIBA | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového
limitu (30000 ms).

Error - 2.6.2011 3:45:21 | Computer Name = Michal-TOSHIBA | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového
limitu (30000 ms).

Error - 2.6.2011 8:33:42 | Computer Name = Michal-TOSHIBA | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Wlansvc bylo dosaženo časového
limitu (30000 ms).

Error - 5.6.2011 4:06:18 | Computer Name = Michal-TOSHIBA | Source = Tcpip | ID = 4199
Description = Systém zjistil konflikt IP adresy 192.168.1.2 se systémem, jehož síťová
hardwarová adresa je 00-18-F3-4A-8B-E3. Síťové operace v systému mohou být přerušeny.

Error - 6.6.2011 5:13:45 | Computer Name = Michal-TOSHIBA | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:29:32, ?6.?6.?2011) bylo neočekávané.

Error - 6.6.2011 5:18:14 | Computer Name = Michal-TOSHIBA | Source = Service Control Manager | ID = 7022
Description = Služba Mezipaměť písem Windows přestala během spouštění reagovat.

Error - 6.6.2011 5:34:06 | Computer Name = Michal-TOSHIBA | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového
limitu (30000 ms).

Error - 6.6.2011 5:34:36 | Computer Name = Michal-TOSHIBA | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového
limitu (30000 ms).

< End of report >

#11 Příspěvek od **vyosek** » 29 čer 2011 10:28

Ano, o log z CKScanneru tez poprosim...

maicuss · #12 Příspěvek od **maicuss** » 29 čer 2011 10:29

CKScanner - Additional Security Risks - These are not necessarily bad
c:\fonts\#\true type\2peas animal crackers.ttf
c:\fonts\#\true type\2peas graham cracker.ttf
c:\fonts\a\true type\animal crackers (eval).ttf
c:\fonts\c\post script\crackhouse.pfb
c:\fonts\c\post script\crackhouse.pfm
c:\fonts\c\true type\crack demo.ttf
c:\fonts\c\true type\crack fir lefty.ttf
c:\fonts\c\true type\crack regular.ttf
c:\fonts\c\true type\crackdown o1 -brk-.ttf
c:\fonts\c\true type\crackdown o2 -brk-.ttf
c:\fonts\c\true type\crackdown r -brk-.ttf
c:\fonts\c\true type\cracked brain.ttf
c:\fonts\c\true type\cracked dendrite.ttf
c:\fonts\c\true type\cracked johnnie.ttf
c:\fonts\c\true type\crackfir.ttf
c:\fonts\c\true type\crackhouse.ttf
c:\fonts\c\true type\crackling fire.ttf
c:\fonts\c\true type\crackling plain.ttf
c:\fonts\c\true type\crackling regular.ttf
c:\fonts\c\true type\cracklingfire medium.ttf
c:\fonts\c\true type\cracklingfire.ttf
c:\fonts\c\true type\crackman.ttf
c:\fonts\c\true type\crackpot.ttf
c:\fonts\c\true type\crackwhore.ttf
c:\fonts\f\post script\fz-jazzy13crackedlefty.pfb
c:\fonts\f\post script\fz-jazzy13crackedlefty.pfm
c:\fonts\f\post script\fz-jazzy32crackedex.pfb
c:\fonts\f\post script\fz-jazzy32crackedex.pfm
c:\fonts\f\post script\fz-jazzy32crackedlefty.pfb
c:\fonts\f\post script\fz-jazzy32crackedlefty.pfm
c:\fonts\f\true type\fz jazzy 12 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 12 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 12 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 12 cracked.ttf
c:\fonts\f\true type\fz jazzy 13 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 13 cracked.ttf
c:\fonts\f\true type\fz jazzy 14 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 14 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 14 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 14 cracked.ttf
c:\fonts\f\true type\fz jazzy 17 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 17 cracked.ttf
c:\fonts\f\true type\fz jazzy 19 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 19 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 19 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 19 cracked.ttf
c:\fonts\f\true type\fz jazzy 21 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 21 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 21 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 21 cracked.ttf
c:\fonts\f\true type\fz jazzy 24 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 24 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 24 cracked.ttf
c:\fonts\f\true type\fz jazzy 26 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 26 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 26 cracked.ttf
c:\fonts\f\true type\fz jazzy 29 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 29 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 29 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 29 cracked.ttf
c:\fonts\f\true type\fz jazzy 31 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 31 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 31 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 31 cracked.ttf
c:\fonts\f\true type\fz jazzy 32 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 32 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 32 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 32 cracked.ttf
c:\fonts\f\true type\fz jazzy 33 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 33 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 33 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 33 cracked.ttf
c:\fonts\f\true type\fz jazzy 34 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 34 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 34 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 34 cracked.ttf
c:\fonts\f\true type\fz jazzy 36 cracked ex.ttf
c:\fonts\f\true type\fz jazzy 36 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 36 cracked lefty.ttf
c:\fonts\f\true type\fz jazzy 36 cracked.ttf
c:\fonts\f\true type\fz jazzy 38 cracked italic.ttf
c:\fonts\f\true type\fz jazzy 38 cracked.ttf
c:\fonts\f\true type\fz unique 11 cracked ex.ttf
c:\fonts\f\true type\fz unique 11 cracked italic.ttf
c:\fonts\f\true type\fz unique 11 cracked lefty.ttf
c:\fonts\f\true type\fz unique 11 cracked.ttf
c:\fonts\f\true type\fz unique 17 cracked lefty.ttf
c:\fonts\f\true type\fz unique 17 cracked.ttf
c:\fonts\f\true type\fz unique 19 cracked ex.ttf
c:\fonts\f\true type\fz unique 19 cracked lefty.ttf
c:\fonts\f\true type\fz unique 20 cracked lefty.ttf
c:\fonts\f\true type\fz unique 20 cracked.ttf
c:\fonts\f\true type\fz unique 22 cracked ex.ttf
c:\fonts\f\true type\fz unique 22 cracked italic.ttf
c:\fonts\f\true type\fz unique 22 cracked.ttf
c:\fonts\g\true type\genius of crack.ttf
c:\fonts\l\true type\ld firecracker.ttf
c:\fonts\l\true type\lots of dead crack babies.ttf
c:\fonts\n\post script\nutcracker.pfb
c:\fonts\n\post script\nutcracker.pfm
c:\fonts\s\true type\sallooncracked.ttf
c:\fonts\w\true type\wherecracksappear.ttf
c:\fonts\w\true type\wisecrack.ttf
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\crack\flengine.dll
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\crack\read me (how to use crack).txt
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\crack\vsti cracks\hardcore.dll
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\crack\vsti cracks\poizone.dll
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\crack\vsti cracks\sawer.dll
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\crack\vsti cracks\toxic biohazard.dll
c:\install\dj software\virtual dj 7.0 pro + crack\chattchitto rg.nfo
c:\install\dj software\virtual dj 7.0 pro + crack\chattchitto rg.url
c:\install\dj software\virtual dj 7.0 pro + crack\virtual dj v7.0 pro + crack [chattchitto rg].exe
c:\program files\common files\native instruments\kontakt 4\presets\effects\convolution\05 drum reverbs\0.4s firecracker snare orven.nkp
c:\program files\common files\native instruments\shared content\sounds\absynth 5\absynth 3\crackling water bottles.ksd
c:\program files\common files\native instruments\shared content\sounds\absynth 5\instruments\tin crackling.ksd
c:\program files (x86)\common files\native instruments\kontakt 4\presets\effects\convolution\05 drum reverbs\0.4s firecracker snare orven.nkp
c:\program files (x86)\common files\native instruments\shared content\sounds\absynth 5\absynth 3\crackling water bottles.ksd
c:\program files (x86)\common files\native instruments\shared content\sounds\absynth 5\instruments\tin crackling.ksd
c:\program files (x86)\common files\native instruments\shared content\sounds\fm8\fm7 factory\beam cracker bass.ksd
c:\program files (x86)\common files\native instruments\shared content\sounds\fm8\fm7 factory\cracklephone.ksd
c:\program files (x86)\common files\native instruments\shared content\sounds\massive\crackle carl.ksd
c:\program files (x86)\common files\native instruments\shared content\sounds\massive\digitoy crackle.ksd
c:\program files (x86)\image-line\sawer\presets\ambient\mc cracked.sawer
c:\program files (x86)\native instruments\battery 3\presets\effects\convolution\small rooms\firecracker snare.b3p
c:\program files (x86)\native instruments\battery 3\presets\effects\strip-cell-ifx\snare cracker.b3p
c:\program files (x86)\waves\plug-ins\x-crackle.dll
c:\program files (x86)\waves\plug-ins\documents\x-crackle.pdf
c:\users\michal\documents\ableton\library\presets\audio effects\vinyl distortion\crack.adv
c:\users\michal\documents\ableton\library\presets\instruments\instrument rack\guitars and plucked\synthetic\lead-cracker.adg
c:\users\michal\downloads\mwav-keygen-core.zip
c:\users\michal\music\moje\samples packs\sample logic morphestra\morphestra library\instruments\percussives\rhythms\loops\action packed\crack down.nki
c:\users\public\documents\battery 3 library\10 - cell library\01 - bass drums\analog\kick crackly (live srapyard).cl3
c:\users\public\documents\battery 3 library\10 - cell library\02 - snare drums\acoustic\firecracker drum rh (marching band).cl3
c:\users\public\documents\battery 3 library\10 - cell library\02 - snare drums\rim shot and side stick\firecracker drum rim rh (marching band).cl3
c:\users\public\documents\battery 3 library\10 - cell library\02 - snare drums\rolls and bounces\firecracker drum roll (marching band).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\cd crack2 (cd 1).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\chonge (orgami).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\clip (orgami).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\crackle11 (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\crackle6 (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\crackle8 (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\creak (dakeat).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\fm perc (robati).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\fubky tone (dusty circuit).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\fun9 (cd 2).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\gramonasty (toksin 2).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\grunker (robati).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\jingle roll 1 (orgami).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\kickroom (prepared percussion).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\mw fm c1 08 (microwave).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\paper (noise).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\perc 1 (alkaloid).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\pieces (robati).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\pipe drag 1 (prepared percussion).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\scrath1 (hip hop b1).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\static (rnb).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\swa_cl1 (apparat).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\crackle\violent (alais).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle10 (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle2 (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle3 (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle4 (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle5 (glitch).cl3
c:\users\public\documents\battery 3 library\10 - cell library\07 - synthetic\glitch and click\crackle7 (glitch).cl3
scanner sequence 3.ZZ.11.GLNAGJ
----- EOF -----

#13 Příspěvek od **vyosek** » 29 čer 2011 10:49

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-3068241414-3554310210-4154796672-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
IE - HKU\S-1-5-21-3068241414-3554310210-4154796672-1002\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-3068241414-3554310210-4154796672-1000..\RunOnce: [SysOff] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {00000000-0000-0000-0000-123456789012} https://bezpecne.podani.gov.cz/ClientOb ... T35x86.CAB (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2010.12.07 19:58:28 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ESET
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 1233 bytes -> C:\Users\Michal\AppData\Local\4wUry2B6FMAnucT:iYtqK91grBzrHClvupQS36

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"=-
 
:files
C:\Program Files (x86)\NOD32view /d
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002UA.job
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\crack /d
c:\install\dj software\virtual dj 7.0 pro + crack /d
c:\users\michal\downloads\mwav-keygen-core.zip /d
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

maicuss · #14 Příspěvek od **maicuss** » 29 čer 2011 11:06

OTL provedl opravu, pc se restartoval, ale log nikde.....kde bych ho měl najít, popř. pod jakým názvem?

maicuss · #15 Příspěvek od **maicuss** » 29 čer 2011 11:13

Asi jsem ho našel, snad to je ono:

All processes killed
========== OTL ==========
HKU\S-1-5-21-3068241414-3554310210-4154796672-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3068241414-3554310210-4154796672-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3068241414-3554310210-4154796672-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3068241414-3554310210-4154796672-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3068241414-3554310210-4154796672-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SysOff deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {00000000-0000-0000-0000-123456789012}
C:\Windows\Downloaded Program Files\SignatureControlInstallerNET35x86.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000000-0000-0000-0000-123456789012}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-0000-0000-0000-123456789012}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000000-0000-0000-0000-123456789012}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-0000-0000-0000-123456789012}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ not found.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.
File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\msdownld.tmp folder deleted successfully.
C:\Users\Michal\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
C:\Users\Michal\AppData\Roaming\ESET folder moved successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Users\Michal\AppData\Local\4wUry2B6FMAnucT:iYtqK91grBzrHClvupQS36 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NBAgent deleted successfully.
========== FILES ==========
C:\Program Files (x86)\NOD32view\Temp\62_67_184_68_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\62_67_184_68_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\62_67_184_68_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\89_202_149_36_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\89_202_149_36_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\89_202_149_36_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\89_202_157_227_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\89_202_157_227_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\89_202_157_227_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\90_183_101_10_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\90_183_101_10_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\90_183_101_10_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\93_184_71_27_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\93_184_71_27_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\93_184_71_27_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um10_eset_com_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um10_eset_com_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um10_eset_com_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um12_eset_com_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um12_eset_com_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um12_eset_com_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um14_eset_com_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um14_eset_com_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um14_eset_com_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um16_eset_com_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um16_eset_com_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um16_eset_com_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um18_eset_com_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um18_eset_com_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\um18_eset_com_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\update_eset_com_eset_eval.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\update_eset_com_eset_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\update_eset_com_eset_upd_v4.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\www_nod32_com_nod_eval.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp\www_nod32_com_nod_upd.ver deleted successfully.
C:\Program Files (x86)\NOD32view\Temp folder deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\v4\update.ver deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\v4 folder deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em000_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em000_64_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em001_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em001_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em001_32_l2.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em002_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em002_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em002_32_l2.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em003_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em003_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em004_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em004_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em004_32_l2.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em005_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em005_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em005_32_l2.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em006_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em006_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em006_64_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em006_64_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em008_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em008_64_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em008_64_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em009_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em009_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em009_64_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em009_64_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em013_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em013_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em013_32_l2.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em013_64_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em013_64_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em013_64_l2.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em015_32_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em015_32_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em015_32_l2.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em015_64_l0.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em015_64_l1.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd\em015_64_l2.nup deleted successfully.
C:\Program Files (x86)\NOD32view\eset_upd folder deleted successfully.
C:\Program Files (x86)\NOD32view folder deleted successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3068241414-3554310210-4154796672-1002UA.job moved successfully.
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\Crack\VSTi Cracks\Hardcore.dll deleted successfully.
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\Crack\VSTi Cracks\PoiZone.dll deleted successfully.
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\Crack\VSTi Cracks\Sawer.dll deleted successfully.
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\Crack\VSTi Cracks\Toxic Biohazard.dll deleted successfully.
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\Crack\VSTi Cracks folder deleted successfully.
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\Crack\FLEngine.dll deleted successfully.
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\Crack\Read Me (How To Use Crack).txt deleted successfully.
c:\install\dj software\fl studio 9.0 xxl producer edition + expansions\Crack folder deleted successfully.
c:\install\dj software\Virtual DJ 7.0 PRO + Crack\ChattChitto RG.nfo deleted successfully.
c:\install\dj software\Virtual DJ 7.0 PRO + Crack\ChattChitto RG.url deleted successfully.
c:\install\dj software\Virtual DJ 7.0 PRO + Crack\Virtual DJ v7.0 PRO + Crack [ChattChitto RG].exe deleted successfully.
c:\install\dj software\Virtual DJ 7.0 PRO + Crack folder deleted successfully.
c:\users\michal\downloads\mwav-keygen-core.zip deleted successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Michal
->Temp folder emptied: 167857398 bytes
->Temporary Internet Files folder emptied: 443061591 bytes
->Java cache emptied: 88658 bytes
->Google Chrome cache emptied: 737219794 bytes
->Flash cache emptied: 161012 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1213099 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 287,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Michal
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.24.1 log created on 06292011_115340

Files\Folders moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_4 moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache\data_5 moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

VIRY.CZ

Pomalý start PC, nelze instalovat/odinst. některý software

Pomalý start PC, nelze instalovat/odinst. některý software

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa

Re: Pomalý start PC, nelze instalovat/odinst. některý softwa