Prosím o kontrolu logu

[motji]

run fix

[SyncMaster]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.
File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-2225901858-1895840232-2621920809-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll moved successfully.
Prefs.js: "http://search.conduit.com/?ctid=CT10609 ... hSource=13" removed from browser.startup.homepage
Prefs.js: toolbar@ask.com:3.9.1.14019 removed from extensions.enabledItems
HKU\S-1-5-21-2225901858-1895840232-2621920809-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP431E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP60B9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAE20.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDD97.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP30F3.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3662.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4476.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA3E2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAF37.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE81F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF859.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFD17.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI1462.tmp moved successfully.
C:\WINDOWS\temp\Cab12E4.tmp moved successfully.
C:\WINDOWS\temp\Cab33BC.tmp moved successfully.
C:\WINDOWS\temp\Cab3783.tmp moved successfully.
C:\WINDOWS\temp\Cab3A60.tmp moved successfully.
C:\WINDOWS\temp\Cab3D1E.tmp moved successfully.
C:\WINDOWS\temp\Cab452A.tmp moved successfully.
C:\WINDOWS\temp\Cab559E.tmp moved successfully.
C:\WINDOWS\temp\Cab55BD.tmp moved successfully.
C:\WINDOWS\temp\Cab6315.tmp moved successfully.
C:\WINDOWS\temp\Cab6556.tmp moved successfully.
C:\WINDOWS\temp\Cab6D14.tmp moved successfully.
C:\WINDOWS\temp\Cab6F74.tmp moved successfully.
C:\WINDOWS\temp\Cab6F84.tmp moved successfully.
C:\WINDOWS\temp\Cab70EB.tmp moved successfully.
C:\WINDOWS\temp\Cab7AAB.tmp moved successfully.
C:\WINDOWS\temp\Cab7CFB.tmp moved successfully.
C:\WINDOWS\temp\Cab7E72.tmp moved successfully.
C:\WINDOWS\temp\Cab8593.tmp moved successfully.
C:\WINDOWS\temp\Cab85B2.tmp moved successfully.
C:\WINDOWS\temp\Cab85F1.tmp moved successfully.
C:\WINDOWS\temp\Cab8979.tmp moved successfully.
C:\WINDOWS\temp\Cab8AC1.tmp moved successfully.
C:\WINDOWS\temp\Cab9645.tmp moved successfully.
C:\WINDOWS\temp\Cab9C00.tmp moved successfully.
C:\WINDOWS\temp\CabAA81.tmp moved successfully.
C:\WINDOWS\temp\CabBBBF.tmp moved successfully.
C:\WINDOWS\temp\CabBC1D.tmp moved successfully.
C:\WINDOWS\temp\CabDB31.tmp moved successfully.
C:\WINDOWS\temp\CabF333.tmp moved successfully.
C:\WINDOWS\temp\CabF7A6.tmp moved successfully.
C:\WINDOWS\temp\NOD7D69.tmp moved successfully.
C:\WINDOWS\temp\NOD7D6A.tmp moved successfully.
C:\WINDOWS\temp\NOD7D6B.tmp moved successfully.
C:\WINDOWS\temp\NOD7D7C.tmp moved successfully.
C:\WINDOWS\temp\NOD7D7D.tmp moved successfully.
C:\WINDOWS\temp\NOD7D7E.tmp moved successfully.
C:\WINDOWS\temp\NOD7D7F.tmp moved successfully.
C:\WINDOWS\temp\NOD7D80.tmp moved successfully.
C:\WINDOWS\temp\NOD7D81.tmp moved successfully.
C:\WINDOWS\temp\NOD7D82.tmp moved successfully.
C:\WINDOWS\temp\NOD7D83.tmp moved successfully.
C:\WINDOWS\temp\NOD7D84.tmp moved successfully.
C:\WINDOWS\temp\NOD7D85.tmp moved successfully.
C:\WINDOWS\temp\NOD7D86.tmp moved successfully.
C:\WINDOWS\temp\NOD7D87.tmp moved successfully.
C:\WINDOWS\temp\NOD7D88.tmp moved successfully.
C:\WINDOWS\temp\NOD7D89.tmp moved successfully.
C:\WINDOWS\temp\NOD7D8A.tmp moved successfully.
C:\WINDOWS\temp\NOD7D9A.tmp moved successfully.
C:\WINDOWS\temp\NOD7D9B.tmp moved successfully.
C:\WINDOWS\temp\NOD7D9C.tmp moved successfully.
C:\WINDOWS\temp\NOD7D9D.tmp moved successfully.
C:\WINDOWS\temp\NOD7D9E.tmp moved successfully.
C:\WINDOWS\temp\NOD7D9F.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA0.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA1.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA2.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA3.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA4.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA5.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA6.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA7.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA8.tmp moved successfully.
C:\WINDOWS\temp\NOD7DA9.tmp moved successfully.
C:\WINDOWS\temp\NOD7DBA.tmp moved successfully.
C:\WINDOWS\temp\NOD7DBB.tmp moved successfully.
C:\WINDOWS\temp\NOD7DBC.tmp moved successfully.
C:\WINDOWS\temp\NOD7DBD.tmp moved successfully.
C:\WINDOWS\temp\NOD7DBE.tmp moved successfully.
C:\WINDOWS\temp\NOD7DBF.tmp moved successfully.
C:\WINDOWS\temp\NOD7DDF.tmp moved successfully.
C:\WINDOWS\temp\NOD7DE0.tmp moved successfully.
C:\WINDOWS\temp\NOD7E10.tmp moved successfully.
C:\WINDOWS\temp\NOD7E11.tmp moved successfully.
C:\WINDOWS\temp\NOD7E12.tmp moved successfully.
C:\WINDOWS\temp\NOD7E13.tmp moved successfully.
C:\WINDOWS\temp\NOD7E14.tmp moved successfully.
C:\WINDOWS\temp\NOD7E15.tmp moved successfully.
C:\WINDOWS\temp\NOD7E16.tmp moved successfully.
C:\WINDOWS\temp\NOD7E17.tmp moved successfully.
C:\WINDOWS\temp\NOD7E18.tmp moved successfully.
C:\WINDOWS\temp\NOD7E19.tmp moved successfully.
C:\WINDOWS\temp\NOD7E29.tmp moved successfully.
C:\WINDOWS\temp\NOD7E2A.tmp moved successfully.
C:\WINDOWS\temp\NOD7E2B.tmp moved successfully.
C:\WINDOWS\temp\NOD7E2C.tmp moved successfully.
C:\WINDOWS\temp\NOD7E2D.tmp moved successfully.
C:\WINDOWS\temp\NOD7E3E.tmp moved successfully.
C:\WINDOWS\temp\NOD7E3F.tmp moved successfully.
C:\WINDOWS\temp\NOD7E40.tmp moved successfully.
C:\WINDOWS\temp\NOD7E41.tmp moved successfully.
C:\WINDOWS\temp\NOD7E42.tmp moved successfully.
C:\WINDOWS\temp\NOD7E43.tmp moved successfully.
C:\WINDOWS\temp\NOD7E54.tmp moved successfully.
C:\WINDOWS\temp\NOD7E55.tmp moved successfully.
C:\WINDOWS\temp\NOD7E56.tmp moved successfully.
C:\WINDOWS\temp\NOD7E57.tmp moved successfully.
C:\WINDOWS\temp\NOD7E58.tmp moved successfully.
C:\WINDOWS\temp\NOD7E59.tmp moved successfully.
C:\WINDOWS\temp\NOD7E5A.tmp moved successfully.
C:\WINDOWS\temp\NOD7E5B.tmp moved successfully.
C:\WINDOWS\temp\NOD7E5C.tmp moved successfully.
C:\WINDOWS\temp\NOD7E5D.tmp moved successfully.
C:\WINDOWS\temp\NOD7E5E.tmp moved successfully.
C:\WINDOWS\temp\NOD7E5F.tmp moved successfully.
C:\WINDOWS\temp\NOD7E6F.tmp moved successfully.
C:\WINDOWS\temp\NOD7E70.tmp moved successfully.
C:\WINDOWS\temp\NOD7E71.tmp moved successfully.
C:\WINDOWS\temp\NOD7E72.tmp moved successfully.
C:\WINDOWS\temp\NOD7E73.tmp moved successfully.
C:\WINDOWS\temp\NOD7E74.tmp moved successfully.
C:\WINDOWS\temp\NOD7E75.tmp moved successfully.
C:\WINDOWS\temp\NOD7E76.tmp moved successfully.
C:\WINDOWS\temp\NOD7E77.tmp moved successfully.
C:\WINDOWS\temp\NOD7E78.tmp moved successfully.
C:\WINDOWS\temp\NOD7E79.tmp moved successfully.
C:\WINDOWS\temp\NOD7E7A.tmp moved successfully.
C:\WINDOWS\temp\NOD7E8B.tmp moved successfully.
C:\WINDOWS\temp\NOD7E8C.tmp moved successfully.
C:\WINDOWS\temp\NOD7E8D.tmp moved successfully.
C:\WINDOWS\temp\NOD7E8E.tmp moved successfully.
C:\WINDOWS\temp\NOD7E8F.tmp moved successfully.
C:\WINDOWS\temp\NOD7E90.tmp moved successfully.
C:\WINDOWS\temp\NOD7E91.tmp moved successfully.
C:\WINDOWS\temp\NOD7E92.tmp moved successfully.
C:\WINDOWS\temp\NOD7E93.tmp moved successfully.
C:\WINDOWS\temp\NOD7E94.tmp moved successfully.
C:\WINDOWS\temp\NOD7E95.tmp moved successfully.
C:\WINDOWS\temp\NOD7E96.tmp moved successfully.
C:\WINDOWS\temp\NOD7E97.tmp moved successfully.
C:\WINDOWS\temp\NOD7E98.tmp moved successfully.
C:\WINDOWS\temp\NOD7E99.tmp moved successfully.
C:\WINDOWS\temp\NOD7E9A.tmp moved successfully.
C:\WINDOWS\temp\NOD7E9B.tmp moved successfully.
C:\WINDOWS\temp\NOD7E9C.tmp moved successfully.
C:\WINDOWS\temp\NOD7E9D.tmp moved successfully.
C:\WINDOWS\temp\NOD7E9E.tmp moved successfully.
C:\WINDOWS\temp\NOD7EAE.tmp moved successfully.
C:\WINDOWS\temp\NOD7EAF.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB0.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB1.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB2.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB3.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB4.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB5.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB6.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB7.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB8.tmp moved successfully.
C:\WINDOWS\temp\NOD7EB9.tmp moved successfully.
C:\WINDOWS\temp\NOD7EBA.tmp moved successfully.
C:\WINDOWS\temp\NOD7EBB.tmp moved successfully.
C:\WINDOWS\temp\NOD7EBC.tmp moved successfully.
C:\WINDOWS\temp\NOD7EBD.tmp moved successfully.
C:\WINDOWS\temp\NOD7EBE.tmp moved successfully.
C:\WINDOWS\temp\NOD7EBF.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED0.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED1.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED2.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED3.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED4.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED5.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED6.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED7.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED8.tmp moved successfully.
C:\WINDOWS\temp\NOD7ED9.tmp moved successfully.
C:\WINDOWS\temp\NOD7EDA.tmp moved successfully.
C:\WINDOWS\temp\NOD7F58.tmp moved successfully.
C:\WINDOWS\temp\NOD7F59.tmp moved successfully.
C:\WINDOWS\temp\NOD7F5A.tmp moved successfully.
C:\WINDOWS\temp\NOD7F5B.tmp moved successfully.
C:\WINDOWS\temp\NOD7F5C.tmp moved successfully.
C:\WINDOWS\temp\NOD7F5D.tmp moved successfully.
C:\WINDOWS\temp\NOD7F5E.tmp moved successfully.
C:\WINDOWS\temp\NOD7F5F.tmp moved successfully.
C:\WINDOWS\temp\NOD7F60.tmp moved successfully.
C:\WINDOWS\temp\NOD7F61.tmp moved successfully.
C:\WINDOWS\temp\NOD7F62.tmp moved successfully.
C:\WINDOWS\temp\NOD7F63.tmp moved successfully.
C:\WINDOWS\temp\NOD7F64.tmp moved successfully.
C:\WINDOWS\temp\NOD7F65.tmp moved successfully.
C:\WINDOWS\temp\NOD7F66.tmp moved successfully.
C:\WINDOWS\temp\NOD7F67.tmp moved successfully.
C:\WINDOWS\temp\NOD7F68.tmp moved successfully.
C:\WINDOWS\temp\NOD7F69.tmp moved successfully.
C:\WINDOWS\temp\NOD7F6A.tmp moved successfully.
C:\WINDOWS\temp\NOD7F6B.tmp moved successfully.
C:\WINDOWS\temp\NOD7F6C.tmp moved successfully.
C:\WINDOWS\temp\NOD7F7C.tmp moved successfully.
C:\WINDOWS\temp\NOD7F7D.tmp moved successfully.
C:\WINDOWS\temp\NOD7F7E.tmp moved successfully.
C:\WINDOWS\temp\NOD7F7F.tmp moved successfully.
C:\WINDOWS\temp\NOD7F80.tmp moved successfully.
C:\WINDOWS\temp\NOD7F81.tmp moved successfully.
C:\WINDOWS\temp\NOD7F82.tmp moved successfully.
C:\WINDOWS\temp\NOD7F83.tmp moved successfully.
C:\WINDOWS\temp\NOD7F84.tmp moved successfully.
C:\WINDOWS\temp\NOD7F85.tmp moved successfully.
C:\WINDOWS\temp\NOD7F86.tmp moved successfully.
C:\WINDOWS\temp\NOD7F87.tmp moved successfully.
C:\WINDOWS\temp\NOD7F88.tmp moved successfully.
C:\WINDOWS\temp\NOD7F89.tmp moved successfully.
C:\WINDOWS\temp\NOD7F8A.tmp moved successfully.
C:\WINDOWS\temp\NOD7F8B.tmp moved successfully.
C:\WINDOWS\temp\NOD7F8C.tmp moved successfully.
C:\WINDOWS\temp\NOD7F8D.tmp moved successfully.
C:\WINDOWS\temp\NOD7F8E.tmp moved successfully.
C:\WINDOWS\temp\NOD7F8F.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA0.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA1.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA2.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA3.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA4.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA5.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA6.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA7.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA8.tmp moved successfully.
C:\WINDOWS\temp\NOD7FA9.tmp moved successfully.
C:\WINDOWS\temp\NOD7FAA.tmp moved successfully.
C:\WINDOWS\temp\NOD7FAB.tmp moved successfully.
C:\WINDOWS\temp\NOD7FAC.tmp moved successfully.
C:\WINDOWS\temp\NOD7FAD.tmp moved successfully.
C:\WINDOWS\temp\NOD7FAE.tmp moved successfully.
C:\WINDOWS\temp\NOD7FAF.tmp moved successfully.
C:\WINDOWS\temp\NOD7FB0.tmp moved successfully.
C:\WINDOWS\temp\NOD7FB1.tmp moved successfully.
C:\WINDOWS\temp\NOD7FB2.tmp moved successfully.
C:\WINDOWS\temp\NOD7FB3.tmp moved successfully.
C:\WINDOWS\temp\NOD7FC4.tmp moved successfully.
C:\WINDOWS\temp\NOD7FC5.tmp moved successfully.
C:\WINDOWS\temp\NOD7FC6.tmp moved successfully.
C:\WINDOWS\temp\NOD7FC7.tmp moved successfully.
C:\WINDOWS\temp\NOD7FC8.tmp moved successfully.
C:\WINDOWS\temp\NOD7FC9.tmp moved successfully.
C:\WINDOWS\temp\NOD7FCA.tmp moved successfully.
C:\WINDOWS\temp\NOD7FCB.tmp moved successfully.
C:\WINDOWS\temp\NOD7FCC.tmp moved successfully.
C:\WINDOWS\temp\NOD7FCD.tmp moved successfully.
C:\WINDOWS\temp\NOD7FCE.tmp moved successfully.
C:\WINDOWS\temp\NOD7FCF.tmp moved successfully.
C:\WINDOWS\temp\NOD7FD0.tmp moved successfully.
C:\WINDOWS\temp\NOD7FD1.tmp moved successfully.
C:\WINDOWS\temp\NOD7FD2.tmp moved successfully.
C:\WINDOWS\temp\NOD7FD3.tmp moved successfully.
C:\WINDOWS\temp\NOD7FD4.tmp moved successfully.
C:\WINDOWS\temp\NOD7FD5.tmp moved successfully.
C:\WINDOWS\temp\NOD7FD6.tmp moved successfully.
C:\WINDOWS\temp\NOD7FD7.tmp moved successfully.
C:\WINDOWS\temp\NOD7FE7.tmp moved successfully.
C:\WINDOWS\temp\NOD7FE8.tmp moved successfully.
C:\WINDOWS\temp\NOD7FE9.tmp moved successfully.
C:\WINDOWS\temp\NOD7FEA.tmp moved successfully.
C:\WINDOWS\temp\NOD7FEB.tmp moved successfully.
C:\WINDOWS\temp\NOD7FEC.tmp moved successfully.
C:\WINDOWS\temp\NOD7FED.tmp moved successfully.
C:\WINDOWS\temp\NOD7FEE.tmp moved successfully.
C:\WINDOWS\temp\NOD7FEF.tmp moved successfully.
C:\WINDOWS\temp\NOD7FF0.tmp moved successfully.
C:\WINDOWS\temp\NOD7FF1.tmp moved successfully.
C:\WINDOWS\temp\NOD7FF2.tmp moved successfully.
C:\WINDOWS\temp\NOD7FF3.tmp moved successfully.
C:\WINDOWS\temp\NOD7FF4.tmp moved successfully.
C:\WINDOWS\temp\NOD7FF5.tmp moved successfully.
C:\WINDOWS\temp\NOD7FF6.tmp moved successfully.
C:\WINDOWS\temp\NOD7FF7.tmp moved successfully.
C:\WINDOWS\temp\NOD8017.tmp moved successfully.
C:\WINDOWS\temp\NOD8018.tmp moved successfully.
C:\WINDOWS\temp\NOD8019.tmp moved successfully.
C:\WINDOWS\temp\NOD801A.tmp moved successfully.
C:\WINDOWS\temp\NOD801B.tmp moved successfully.
C:\WINDOWS\temp\NOD801C.tmp moved successfully.
C:\WINDOWS\temp\NOD801D.tmp moved successfully.
C:\WINDOWS\temp\NOD801E.tmp moved successfully.
C:\WINDOWS\temp\NOD801F.tmp moved successfully.
C:\WINDOWS\temp\NOD8020.tmp moved successfully.
C:\WINDOWS\temp\NOD8021.tmp moved successfully.
C:\WINDOWS\temp\NOD8022.tmp moved successfully.
C:\WINDOWS\temp\NOD8023.tmp moved successfully.
C:\WINDOWS\temp\NOD8024.tmp moved successfully.
C:\WINDOWS\temp\NOD8035.tmp moved successfully.
C:\WINDOWS\temp\NOD8036.tmp moved successfully.
C:\WINDOWS\temp\NOD8037.tmp moved successfully.
C:\WINDOWS\temp\NOD8038.tmp moved successfully.
C:\WINDOWS\temp\NOD8039.tmp moved successfully.
C:\WINDOWS\temp\NOD803A.tmp moved successfully.
C:\WINDOWS\temp\NOD803B.tmp moved successfully.
C:\WINDOWS\temp\NOD803C.tmp moved successfully.
C:\WINDOWS\temp\NOD803D.tmp moved successfully.
C:\WINDOWS\temp\NOD803E.tmp moved successfully.
C:\WINDOWS\temp\NOD803F.tmp moved successfully.
C:\WINDOWS\temp\NOD8040.tmp moved successfully.
C:\WINDOWS\temp\NOD8041.tmp moved successfully.
C:\WINDOWS\temp\NOD8042.tmp moved successfully.
C:\WINDOWS\temp\NOD8043.tmp moved successfully.
C:\WINDOWS\temp\NOD8044.tmp moved successfully.
C:\WINDOWS\temp\NOD8045.tmp moved successfully.
C:\WINDOWS\temp\NOD8046.tmp moved successfully.
C:\WINDOWS\temp\NOD8047.tmp moved successfully.
C:\WINDOWS\temp\NOD8048.tmp moved successfully.
C:\WINDOWS\temp\NOD8059.tmp moved successfully.
C:\WINDOWS\temp\NOD805A.tmp moved successfully.
C:\WINDOWS\temp\NOD805B.tmp moved successfully.
C:\WINDOWS\temp\NOD805C.tmp moved successfully.
C:\WINDOWS\temp\NODC6B6.tmp moved successfully.
C:\WINDOWS\temp\NODC81E.tmp moved successfully.
C:\WINDOWS\temp\NODDC7E.tmp moved successfully.
C:\WINDOWS\temp\NODDD98.tmp moved successfully.
C:\WINDOWS\temp\Tar12E5.tmp moved successfully.
C:\WINDOWS\temp\Tar33BD.tmp moved successfully.
C:\WINDOWS\temp\Tar3784.tmp moved successfully.
C:\WINDOWS\temp\Tar3A61.tmp moved successfully.
C:\WINDOWS\temp\Tar3D1F.tmp moved successfully.
C:\WINDOWS\temp\Tar452B.tmp moved successfully.
C:\WINDOWS\temp\Tar559F.tmp moved successfully.
C:\WINDOWS\temp\Tar55BE.tmp moved successfully.
C:\WINDOWS\temp\Tar6316.tmp moved successfully.
C:\WINDOWS\temp\Tar6557.tmp moved successfully.
C:\WINDOWS\temp\Tar6D15.tmp moved successfully.
C:\WINDOWS\temp\Tar6F75.tmp moved successfully.
C:\WINDOWS\temp\Tar6F85.tmp moved successfully.
C:\WINDOWS\temp\Tar70EC.tmp moved successfully.
C:\WINDOWS\temp\Tar7AAC.tmp moved successfully.
C:\WINDOWS\temp\Tar7CFC.tmp moved successfully.
C:\WINDOWS\temp\Tar7EA2.tmp moved successfully.
C:\WINDOWS\temp\Tar85A4.tmp moved successfully.
C:\WINDOWS\temp\Tar85B3.tmp moved successfully.
C:\WINDOWS\temp\Tar85F2.tmp moved successfully.
C:\WINDOWS\temp\Tar897A.tmp moved successfully.
C:\WINDOWS\temp\Tar8AC2.tmp moved successfully.
C:\WINDOWS\temp\Tar9646.tmp moved successfully.
C:\WINDOWS\temp\Tar9C30.tmp moved successfully.
C:\WINDOWS\temp\TarAA82.tmp moved successfully.
C:\WINDOWS\temp\TarBBC0.tmp moved successfully.
C:\WINDOWS\temp\TarBC1E.tmp moved successfully.
C:\WINDOWS\temp\TarDB32.tmp moved successfully.
C:\WINDOWS\temp\TarF344.tmp moved successfully.
C:\WINDOWS\temp\TarF7E6.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41044 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: user
->Temp folder emptied: 2582548 bytes
->Temporary Internet Files folder emptied: 1083032 bytes
->Java cache emptied: 544916 bytes
->FireFox cache emptied: 108179186 bytes
->Google Chrome cache emptied: 202826293 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 47140 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18370 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50453 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 301,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: user
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 01302011_151706

Files\Folders moved on Reboot...
C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

[motji]

Fajn, co náš pacient?

[SyncMaster]

Prežil to.

Už je čistý?

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[SyncMaster]

ComboFix je preč.

T-Cleaner je chybná stránka. Skusím to stiahnuť z inej stránky.

CCleaner mám. Používam ho často.

Pri OTC som dal CleanUp. Tento program mám používať častejšie?

Tady je log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-01-30 15:49:24
Microsoft Windows 7 Home Premium
System drive C: has 186 GB (78%) free of 238 GB
Total RAM: 3958 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:49:31, on 30. 1. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7A2C8E4-3DCC-4768-A63C-A764C5C4C354}: NameServer = 172.29.2.254,88.212.8.8
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11887 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2268
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
WLIDSvcM.exe 2364
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
taskeng.exe {952841D5-B41D-479B-9811-C70D3BDC55DC}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4828.7ed9e80.471121412 "C:\Windows\system32\Macromed\Flash\NPSWF32.dll" 4828 plugin \\.\pipe\gecko-crash-server-pipe.4828
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Programy\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2225901858-1895840232-2621920809-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2225901858-1895840232-2621920809-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-11-05 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-10-15 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-11-30 595816]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-12-01 34648]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-21 8306208]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-11-10 910136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-10-15 1870120]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-28 1482592]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-11-10 707416]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-08-25 134032]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-06-24 2903688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-08-12 6203296]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-12-03 14944136]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-08 98304]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-30 15:49:24 ----D---- C:\rsit
2011-01-28 21:15:31 ----SHD---- C:\$RECYCLE.BIN
2011-01-28 21:14:02 ----D---- C:\Windows\temp
2011-01-28 21:02:51 ----D---- C:\32788R22FWJFW
2011-01-28 20:55:38 ----A---- C:\Windows\ntbtlog.txt
2011-01-22 18:58:06 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2011-01-19 19:37:42 ----D---- C:\ProgramData\Norton
2011-01-19 19:37:32 ----D---- C:\ProgramData\NortonInstaller
2011-01-18 20:12:51 ----D---- C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers
2011-01-18 20:11:35 ----D---- C:\Users\user\AppData\Roaming\DVDVideoSoft
2011-01-17 20:29:20 ----D---- C:\Windows\Freecorder
2011-01-15 20:23:11 ----D---- C:\Windows\ERDNT
2011-01-15 20:13:51 ----D---- C:\Program Files\trend micro
2011-01-15 15:56:18 ----D---- C:\Program Files (x86)\HiJackThis
2011-01-14 19:59:13 ----D---- C:\Users\user\AppData\Roaming\Imagine
2011-01-12 15:17:34 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-01-12 15:17:34 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 15:17:33 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-01-12 15:17:33 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 15:17:32 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-01-12 15:17:32 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 15:17:32 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 15:17:32 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 15:17:31 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-01-12 15:17:31 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 15:17:30 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-01-12 15:17:30 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-01-12 15:17:30 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 15:17:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 15:17:30 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 15:17:29 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-01-12 15:17:29 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 15:17:29 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 15:17:28 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-01-12 15:17:28 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-01-12 15:17:28 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-12 15:17:28 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 15:17:24 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-12 15:17:24 ----A---- C:\Windows\system32\odbc32.dll
2011-01-11 10:06:28 ----D---- C:\Program Files (x86)\CounterPath

======List of files/folders modified in the last 1 months======

2011-01-30 15:47:36 ----D---- C:\Users\user\AppData\Roaming\Skype
2011-01-30 15:46:17 ----A---- C:\Windows\SYSWOW64\log.txt
2011-01-30 15:45:23 ----D---- C:\Users\user\AppData\Roaming\uTorrent
2011-01-30 15:22:51 ----D---- C:\Windows\system32\config
2011-01-30 15:18:08 ----D---- C:\Windows\system32\drivers\etc
2011-01-30 15:17:23 ----SHD---- C:\Windows\Installer
2011-01-30 15:17:17 ----D---- C:\Windows
2011-01-30 15:02:07 ----D---- C:\Program Files (x86)\Share Rapid Uploader
2011-01-30 14:39:42 ----RD---- C:\Program Files (x86)
2011-01-30 14:39:40 ----SHD---- C:\System Volume Information
2011-01-30 14:38:50 ----D---- C:\Windows\system32\drivers
2011-01-30 14:38:41 ----RD---- C:\Program Files
2011-01-30 14:38:41 ----D---- C:\Program Files\Common Files
2011-01-30 14:38:39 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-30 14:38:39 ----D---- C:\Windows\SysWOW64
2011-01-30 14:38:39 ----D---- C:\Windows\System32
2011-01-28 21:34:49 ----D---- C:\Windows\system32\catroot2
2011-01-28 21:28:38 ----D---- C:\Program Files (x86)\CCleaner
2011-01-28 21:12:17 ----A---- C:\Windows\system.ini
2011-01-28 21:08:01 ----D---- C:\Windows\SYSWOW64\drivers
2011-01-28 21:08:01 ----D---- C:\Windows\AppPatch
2011-01-28 21:08:01 ----D---- C:\Program Files (x86)\Common Files
2011-01-28 15:11:23 ----D---- C:\Windows\inf
2011-01-28 15:11:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-28 15:02:39 ----D---- C:\Windows\system32\NDF
2011-01-28 12:56:13 ----D---- C:\ProgramData
2011-01-28 12:54:33 ----RSD---- C:\Windows\assembly
2011-01-28 12:52:01 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-01-28 12:51:51 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-01-28 12:51:47 ----A---- C:\Windows\SYSWOW64\pbsvc.exe
2011-01-28 12:42:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-01-23 19:14:03 ----D---- C:\Users\user\AppData\Roaming\ICQ
2011-01-23 17:51:46 ----D---- C:\Program Files (x86)\Ubisoft
2011-01-23 16:18:52 ----D---- C:\Users\user\AppData\Roaming\TuneUp Software
2011-01-22 09:17:37 ----D---- C:\Windows\system32\Tasks
2011-01-19 19:38:54 ----D---- C:\Windows\system32\catroot
2011-01-19 19:27:57 ----D---- C:\ProgramData\Microsoft Help
2011-01-17 20:25:30 ----A---- C:\Windows\win.ini
2011-01-14 22:24:39 ----D---- C:\Windows\debug
2011-01-12 17:26:20 ----D---- C:\Windows\winsxs
2011-01-12 16:09:53 ----A---- C:\Windows\system32\MRT.exe
2011-01-09 20:33:17 ----D---- C:\Program Files (x86)\ICQ7.2
2011-01-03 01:15:06 ----D---- C:\Users\user\AppData\Roaming\Media Player Classic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-19 834544]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 139704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 166984]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-28 124760]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-07-14 145920]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-09-08 6204928]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-21 2013856]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-05-20 202016]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-10-15 307760]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 amumf01g;amumf01g; C:\Windows\system32\drivers\amumf01g.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-09-08 202752]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-06-24 810144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-28 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-01-28 107832]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-10-15 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-28 251760]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-10-27 1974080]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-11-10 824688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2003-04-18 8192]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-06-24 42360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-05-25 613888]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-05 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[motji]

Můžu Vám pomazat složky od Nortonu? Ještě tam něco málo zůszalo, samé zbytečnosti, vzala bych to pod jedním .
OTL je skenovací a mazací utilita, ten bez rádce nepoužívejte

[SyncMaster]

Ano môžte. Len sa chcem opýtať, či si mám stiahnuť firewall, pretože mám ESET NOD32 Antivirus 4 a ten ho neobsahuje.

[motji]

Win7 má lepší firewall než xp, takže záleží na Vás
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\32788R22FWJFW
C:\Windows\SYSWOW64\log.txt
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

[SyncMaster]

Files\Folders moved on Reboot...
File move failed. C:\Windows\SYSWOW64\log.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[motji]

Máte ten log nějaký krátký . Poprosím o nový log ze Rsitu. Jak je na tom počítač?

[SyncMaster]

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-01-31 17:41:24
Microsoft Windows 7 Home Premium
System drive C: has 185 GB (78%) free of 238 GB
Total RAM: 3958 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:41:26, on 31. 1. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7A2C8E4-3DCC-4768-A63C-A764C5C4C354}: NameServer = 172.29.2.254,88.212.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11929 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
WLIDSvcM.exe 2744
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2588
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
taskeng.exe {3AA40A5C-551A-470C-91FB-96CA78EA902F}
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2524.915ab00.1391102846 "C:\Windows\system32\Macromed\Flash\NPSWF32.dll" 2524 plugin \\.\pipe\gecko-crash-server-pipe.2524
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Programy\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2225901858-1895840232-2621920809-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2225901858-1895840232-2621920809-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-11-05 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-10-15 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-11-30 595816]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-12-01 34648]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-21 8306208]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-11-10 910136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-10-15 1870120]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-28 1482592]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-11-10 707416]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-08-25 134032]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-06-24 2903688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-08-12 6203296]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-01-03 15028104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-08 98304]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-31 12:40:29 ----D---- C:\Windows\system32\%LOCALAPPDATA%
2011-01-31 11:38:36 ----D---- C:\_OTL
2011-01-30 15:49:24 ----D---- C:\rsit
2011-01-28 21:15:31 ----SHD---- C:\$RECYCLE.BIN
2011-01-28 21:14:02 ----D---- C:\Windows\temp
2011-01-28 20:55:38 ----A---- C:\Windows\ntbtlog.txt
2011-01-22 18:58:06 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2011-01-18 20:12:51 ----D---- C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers
2011-01-18 20:11:35 ----D---- C:\Users\user\AppData\Roaming\DVDVideoSoft
2011-01-17 20:29:20 ----D---- C:\Windows\Freecorder
2011-01-15 20:23:11 ----D---- C:\Windows\ERDNT
2011-01-15 20:13:51 ----D---- C:\Program Files\trend micro
2011-01-15 15:56:18 ----D---- C:\Program Files (x86)\HiJackThis
2011-01-14 19:59:13 ----D---- C:\Users\user\AppData\Roaming\Imagine
2011-01-12 15:17:34 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-01-12 15:17:34 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 15:17:33 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-01-12 15:17:33 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 15:17:32 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-01-12 15:17:32 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 15:17:32 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 15:17:32 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 15:17:31 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-01-12 15:17:31 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 15:17:30 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-01-12 15:17:30 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-01-12 15:17:30 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 15:17:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 15:17:30 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 15:17:29 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-01-12 15:17:29 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 15:17:29 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 15:17:28 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-01-12 15:17:28 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-01-12 15:17:28 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-12 15:17:28 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 15:17:24 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-12 15:17:24 ----A---- C:\Windows\system32\odbc32.dll
2011-01-11 10:06:28 ----D---- C:\Program Files (x86)\CounterPath

======List of files/folders modified in the last 1 months======

2011-01-31 17:40:45 ----D---- C:\Users\user\AppData\Roaming\uTorrent
2011-01-31 15:37:45 ----D---- C:\Users\user\AppData\Roaming\Skype
2011-01-31 14:17:26 ----D---- C:\Windows\system32\config
2011-01-31 14:05:57 ----D---- C:\Windows\SysWOW64
2011-01-31 14:05:57 ----A---- C:\Windows\SYSWOW64\log.txt
2011-01-31 12:41:29 ----D---- C:\Windows\system32\drivers\etc
2011-01-31 12:41:29 ----D---- C:\ProgramData
2011-01-31 12:40:29 ----D---- C:\Windows\System32
2011-01-31 10:47:00 ----SHD---- C:\Windows\Installer
2011-01-31 10:46:59 ----D---- C:\Windows\system32\Tasks
2011-01-31 10:46:57 ----RD---- C:\Program Files (x86)\Skype
2011-01-31 08:26:20 ----D---- C:\Windows\inf
2011-01-31 08:26:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-31 08:26:14 ----SHD---- C:\System Volume Information
2011-01-30 15:17:17 ----D---- C:\Windows
2011-01-30 15:02:07 ----D---- C:\Program Files (x86)\Share Rapid Uploader
2011-01-30 14:39:42 ----RD---- C:\Program Files (x86)
2011-01-30 14:38:50 ----D---- C:\Windows\system32\drivers
2011-01-30 14:38:41 ----RD---- C:\Program Files
2011-01-30 14:38:41 ----D---- C:\Program Files\Common Files
2011-01-30 14:38:39 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-28 21:34:49 ----D---- C:\Windows\system32\catroot2
2011-01-28 21:28:38 ----D---- C:\Program Files (x86)\CCleaner
2011-01-28 21:12:17 ----A---- C:\Windows\system.ini
2011-01-28 21:08:01 ----D---- C:\Windows\SYSWOW64\drivers
2011-01-28 21:08:01 ----D---- C:\Windows\AppPatch
2011-01-28 21:08:01 ----D---- C:\Program Files (x86)\Common Files
2011-01-28 15:02:39 ----D---- C:\Windows\system32\NDF
2011-01-28 12:54:33 ----RSD---- C:\Windows\assembly
2011-01-28 12:52:01 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-01-28 12:51:51 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-01-28 12:51:47 ----A---- C:\Windows\SYSWOW64\pbsvc.exe
2011-01-28 12:42:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-01-23 19:14:03 ----D---- C:\Users\user\AppData\Roaming\ICQ
2011-01-23 17:51:46 ----D---- C:\Program Files (x86)\Ubisoft
2011-01-23 16:18:52 ----D---- C:\Users\user\AppData\Roaming\TuneUp Software
2011-01-19 19:38:54 ----D---- C:\Windows\system32\catroot
2011-01-19 19:27:57 ----D---- C:\ProgramData\Microsoft Help
2011-01-17 20:25:30 ----A---- C:\Windows\win.ini
2011-01-14 22:24:39 ----D---- C:\Windows\debug
2011-01-12 17:26:20 ----D---- C:\Windows\winsxs
2011-01-12 16:09:53 ----A---- C:\Windows\system32\MRT.exe
2011-01-09 20:33:17 ----D---- C:\Program Files (x86)\ICQ7.2
2011-01-03 01:15:06 ----D---- C:\Users\user\AppData\Roaming\Media Player Classic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-19 834544]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 139704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 166984]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-28 124760]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-07-14 145920]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-09-08 6204928]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-21 2013856]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-05-20 202016]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-10-15 307760]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ahy1yoed;ahy1yoed; C:\Windows\system32\drivers\ahy1yoed.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-09-08 202752]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-10-27 252784]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-06-24 810144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-28 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-01-28 107832]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-10-15 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-28 251760]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-10-27 1974080]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-11-10 824688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2003-04-18 8192]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-06-24 42360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-05-25 613888]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-05 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[SyncMaster]

Počítač beží skvele. Zatiaľ som nezistil nijaké problémy, časom uvidím.

[motji]

Ted ještě v OTL potvrdte clean up, uklidí se


Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-


 

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.


Pokud nejsou problémy, je to vše

[SyncMaster]

Ano ďakujem, ten "CurrentVersion\Explorer" mi robil problémy v registroch.

Počítač vyzerá čisto. Ak sa vyskytnú problémy ozvem sa.

Veľmi príjemne sa mi s Vami pracovalo, dúfam, že mi nabudúce budete pomáhať práve Vy.

Ďakujem za pomoc a prajem Vám pekný zvyšok dňa.