VIRY.CZ

tak otm jsem udelala, takze to by melo byt vse?

Ano, pokud nastala nějaká změna k lepšímu.

zatim super. dekuji moc

Rádo se stalo!

Zdravim jeste jednou.
Mohl by jste kouknout i na tento log z jineho PC?

Logfile of random's system information tool 1.09 (written by random/random)
Run by mediamarkcruqius at 2013-09-20 18:01:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (11%) free of 152 GB
Total RAM: 3959 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:42, on 20-9-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Program Files\trend micro\mediamarkcruqius.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ÿþ1
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\mediamarkcruqius\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14455 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2856
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
taskeng.exe {03030241-16E6-452C-AFE7-354E286E721C}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\ProgramData\FLEXnet\Connect\11\agent.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:9.0 /MODE:2
"C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4720.d3f1100.1260993001 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4720 "\\.\pipe\gecko-crash-server-pipe.4720" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe" --proxy-stub-channel=Flash5796.6A64A550.27922 --host-broker-channel=Flash5796.6A64A550.224 --host-pid=5796 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe" --channel=6520.0039F120.1808193716 --proxy-stub-channel=Flash5796.6A64A550.27922 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\mediamarkcruqius\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\mediamarkcruqius\AppData\Roaming\Mozilla\Firefox\Profiles\3jrfjxl7.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1423, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF& ... =071213&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg_igeared.xml
mall-cz.xml
McSiteAdvisor.xml

C:\Users\mediamarkcruqius\AppData\Roaming\Mozilla\Firefox\Profiles\3jrfjxl7.default\searchplugins\
bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-21 2327952]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Google Update"=C:\Users\mediamarkcruqius\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-01-16 717696]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-02-12 136136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-11-11 288088]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2011-10-07 2629632]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-20 18:01:32 ----D---- C:\rsit
2013-09-20 18:01:32 ----D---- C:\Program Files\trend micro
2013-09-17 18:51:05 ----SHD---- C:\Config.Msi
2013-08-23 20:44:37 ----D---- C:\Papa Fini - Briliant (2011)_by karlosss666

======List of files/folders modified in the last 1 month======

2013-09-20 18:01:42 ----D---- C:\Windows\Prefetch
2013-09-20 18:01:32 ----RD---- C:\Program Files
2013-09-20 18:01:22 ----D---- C:\Windows\Temp
2013-09-20 17:38:18 ----D---- C:\Users\mediamarkcruqius\AppData\Roaming\Skype
2013-09-20 10:37:28 ----D---- C:\Windows\SysWOW64
2013-09-20 10:37:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-19 08:53:13 ----D---- C:\Windows\system32\config
2013-09-19 08:39:18 ----SHD---- C:\System Volume Information
2013-09-19 08:12:54 ----RD---- C:\Program Files (x86)
2013-09-19 08:02:38 ----A---- C:\Windows\SYSWOW64\log.txt
2013-09-17 19:42:43 ----D---- C:\Windows\Tasks
2013-09-17 19:42:43 ----D---- C:\Windows\system32\wfp
2013-09-17 19:42:43 ----D---- C:\Windows\system32\DriverStore
2013-09-17 19:42:43 ----D---- C:\Windows\system32\catroot2
2013-09-17 19:42:43 ----D---- C:\Windows
2013-09-17 19:42:42 ----D---- C:\Windows\system32\Tasks
2013-09-17 19:42:41 ----D---- C:\Windows\system32\drivers\etc
2013-09-17 19:42:41 ----D---- C:\Windows\system32\CodeIntegrity
2013-09-17 19:42:41 ----D---- C:\Windows\System32
2013-09-17 19:42:40 ----D---- C:\Windows\AppCompat
2013-09-17 19:42:40 ----D---- C:\Users\mediamarkcruqius\AppData\Roaming\vlc
2013-09-17 19:42:40 ----D---- C:\Users\mediamarkcruqius\AppData\Roaming\dvdcss
2013-09-17 19:42:40 ----D---- C:\ProgramData\McAfee Security Scan
2013-09-17 19:42:35 ----D---- C:\Windows\system32\wbem
2013-09-17 19:42:35 ----D---- C:\Windows\registration
2013-09-17 19:39:15 ----D---- C:\Windows\system32\LogFiles
2013-09-17 19:19:44 ----SHD---- C:\Windows\Installer
2013-09-17 18:51:46 ----D---- C:\Program Files (x86)\ATI Technologies
2013-09-17 18:51:14 ----D---- C:\ProgramData
2013-09-17 18:51:13 ----RSD---- C:\Windows\assembly
2013-09-08 22:39:54 ----SD---- C:\Users\mediamarkcruqius\AppData\Roaming\Microsoft
2013-09-02 16:50:16 ----D---- C:\Users\mediamarkcruqius\AppData\Roaming\uTorrent
2013-09-02 16:50:10 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-12 834544]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 adtxiwe8;adtxiwe8; C:\Windows\system32\drivers\adtxiwe8.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 cpuz132;cpuz132; \??\C:\Users\MEDIAM~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-07 51600]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-07-25 74752]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 257416]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-18 117656]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-18 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\McAfee Security Scan
C:\Program Files (x86)\Skype\Toolbars
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000UA.job
C:\Users\mediamarkcruqius\AppData\Roaming\Mozilla\Firefox\Profiles\3jrfjxl7.default\searchplugins\bingp.xml
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

tady to je

All processes killed
========== FILES ==========
C:\Program Files (x86)\McAfee Security Scan\3.0.318\sacoredata folder moved successfully.
C:\Program Files (x86)\McAfee Security Scan\3.0.318 folder moved successfully.
C:\Program Files (x86)\McAfee Security Scan folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Shared folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-354615371-2128914143-2807093971-1000UA.job moved successfully.
C:\Users\mediamarkcruqius\AppData\Roaming\Mozilla\Firefox\Profiles\3jrfjxl7.default\searchplugins\bingp.xml moved successfully.
DllUnregisterServer procedure not found in C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: mediamarkcruqius
->Temp folder emptied: 11565529 bytes
->Temporary Internet Files folder emptied: 17231308 bytes
->Java cache emptied: 4424 bytes
->FireFox cache emptied: 446574685 bytes
->Google Chrome cache emptied: 26766539 bytes
->Flash cache emptied: 48760 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 207213477 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 4981267 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 116373788 bytes

Total Files Cleaned = 792,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: mediamarkcruqius
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09202013_190624

Files moved on Reboot...
C:\Users\mediamarkcruqius\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\Windows\temp\{E1FB74A1-B5B8-45E7-BC66-E3C0664E47A7}\fpi.tmp not found!
File C:\Windows\temp\{C4D331FA-A4C5-4C96-A9A3-6391DAF908A8}\fpi.tmp not found!
C:\Windows\temp\Nuance\OmniPageCSDK16\008072\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\008072\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\008072\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006112\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006112\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006112\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006104\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006104\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006104\temp11111113.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006104\temp11111114.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006104\temp11111115.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\006104\temp11111118.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005448\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005440\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005440\temp11111112.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005352\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005352\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005348\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005348\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005348\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005344\temp11111115.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005344\temp11111116.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\005344\temp11111117.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004796\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004796\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004784\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004784\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004728\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004728\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004552\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004552\temp11111117.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004552\temp11111118.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004552\temp11111119.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004552\temp11111120.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004552\temp11111121.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004280\temp11111160.ct2 moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004188\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004188\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004188\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004180\temp11111114.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004180\temp11111115.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004180\temp11111116.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004180\temp11111117.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004180\temp11111117.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\004180\temp11111118.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\003996\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\003996\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\003996\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\003352\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\003352\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\003352\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\002448\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\002448\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\002448\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\002296\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\002296\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\002296\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001956\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001956\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001516\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001516\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001516\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001432\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001432\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001432\temp11111112.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001108\temp11111111.pfb moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\001108\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\000672\temp11111111.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\000672\temp11111112.ttf moved successfully.
C:\Windows\temp\Nuance\OmniPageCSDK16\000672\temp11111113.ttf moved successfully.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\atmosphere.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\atmosphere.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\atmosphere.glsllib scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\color.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\hammer_aitoff.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\hammer_aitoff.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\lighting.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\precipitation_double_cone.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\precipitation_double_cone.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\speedtree_configuration_glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\speedtree_utils_glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stars.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stars.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbillboard.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stbranch.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stcommonobjects.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stfrond.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafcard.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\stleafmesh.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\viewshed.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\water.glsllib scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\watersurface.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\shaders\watersurface.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\planet\earth.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\keyboard\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\keyboard\sr22.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\hud\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\hud\sr22.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\genius_maxfighter_f16u.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_attack3.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_extreme_3d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_force_3d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_freedom.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\saitek_cyborg_evo.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\saitek_x52.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_black_hawk.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_black_widow.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_cougar_flightstick.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_dark_tornado.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\controller\xbox_360.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\aircraft\f16.acf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\aircraft\sr22.acf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\flightsim\flightsim.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\application.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\balloons.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\builtin_webdata.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\cursor_crosshair_inverse.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\cursor_crosshair_thick.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\doppler.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\effects.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\filmstrip.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\leftpanel-common.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\leftpanel-layer.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\localshapes.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\mouse3dgui.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\navcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\notifications.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\print.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\progress.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\renderui.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\search.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\spin_icon.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\statusbar.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\terrainmgr.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\tmcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\toolbar.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\tourcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\unknown_plugin.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\userpalette.kml scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\res\webbrowser.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ar.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\bg.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ca.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\cs.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\da.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\de.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\el.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\en.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\es-419.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\es.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\fa.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\fi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\fil.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\fr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\he.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\hi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\hr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\hu.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\id.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\it.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ja.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ko.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\lt.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\lv.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\nl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\no.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\pl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\pt-PT.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\pt.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ro.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\ru.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\sk.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\sl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\sr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\sv.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\th.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\tr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\uk.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\vi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\zh-Hans.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\zh-Hant-HK.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\lang\zh-Hant.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\imageformats\qgif4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\imageformats\qjpeg4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\optimizations\IGOptExtension.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\D3DCompiler_43.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\d3dx9_43.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGAttrs.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGGfx.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGSg.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\libEGL.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\libGLESv2.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGAttrs.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGGfx.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGSg.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\alchemyext.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\drivers.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\earthps.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\ge_expat.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\googleearth.exe.local scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\googleearth_free.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\google_earth.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\gpl.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\icudt.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\IGAttrs.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\IGCore.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\IGExportCommon.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\IGGfx.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\IGMath.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\IGOpt.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\IGSg.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\IGUtils.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\ImporterGlobalSettings.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\ImporterUISettings.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\kh20 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\Leap.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\msvcp100.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\msvcr100.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\npgeplugin.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\PCOptimizations.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\plugin_ax.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\QtCore4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\QtGui4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\QtNetwork4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\QtWebKit4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\plugin\uninstall.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\atmosphere.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\atmosphere.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\atmosphere.glsllib scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\color.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\hammer_aitoff.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\hammer_aitoff.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\lighting.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\precipitation_double_cone.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\precipitation_double_cone.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\speedtree_configuration_glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\speedtree_utils_glsles.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stars.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stars.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbillboard.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stbranch.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stcommonobjects.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stfrond.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafcard.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.arbfp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.arbvp1 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.asd scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.cfg scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.ps_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\stleafmesh.vs_2_0 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\viewshed.h scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\water.glsllib scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\watersurface.glslesf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\shaders\watersurface.glslesv scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\planet\earth.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\keyboard\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\keyboard\sr22.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\hud\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\hud\sr22.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\generic.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\genius_maxfighter_f16u.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\logitech_attack3.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\logitech_extreme_3d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\logitech_force_3d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\logitech_freedom.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\saitek_cyborg_evo.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\saitek_x52.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\speed_link_black_hawk.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\speed_link_black_widow.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\speed_link_cougar_flightstick.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\speed_link_dark_tornado.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\controller\xbox_360.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\aircraft\f16.acf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\aircraft\sr22.acf scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\flightsim\flightsim.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\application.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\balloons.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\builtin_webdata.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\cursor_crosshair_inverse.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\cursor_crosshair_thick.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\default_myplaces.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\doppler.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\effects.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\filmstrip.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\leftpanel-common.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\leftpanel-layer.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\localshapes.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\mouse3dgui.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\navcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\notifications.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\print.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\progress.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\renderui.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\search.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\spin_icon.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\startinglocations-nonmac.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\startinglocations.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\statusbar.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\terrainmgr.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\tmcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\toolbar.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\tourcontrols.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\unknown_plugin.png scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\userpalette.kml scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\res\webbrowser.rcc scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\Plugins\npgeinprocessplugin.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ar.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\bg.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ca.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\cs.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\da.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\de.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\el.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\en.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\es-419.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\es.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\fa.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\fi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\fil.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\fr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\he.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\hi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\hr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\hu.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\id.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\it.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ja.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ko.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\lt.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\lv.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\nl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\no.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\pl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\pt-PT.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\pt.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ro.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\ru.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\sk.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\sl.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\sr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\sv.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\th.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\tr.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\uk.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\vi.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\zh-Hans.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\zh-Hant-HK.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\lang\zh-Hant.qm scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\imageformats\qgif4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\imageformats\qjpeg4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\optimizations\IGOptExtension.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\D3DCompiler_43.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\d3dx9_43.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGAttrs.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGGfx.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGSg.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\libEGL.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\libGLESv2.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGAttrs.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGGfx.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGSg.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\alchemyext.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\drivers.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\earthps.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\ge_expat.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\googleearth.exe scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\googleearth.exe.local scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\googleearth_free.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\google_earth.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\gpl.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\icudt.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\IGAttrs.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\IGCore.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\IGExportCommon.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\IGGfx.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\IGMath.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\IGOpt.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\IGSg.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\IGUtils.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\ImporterGlobalSettings.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\ImporterUISettings.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\kh20 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\kml_file.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\kmz_file.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\Leap.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\msvcp100.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\msvcr100.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\PCOptimizations.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\QtCore4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\QtGui4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\QtNetwork4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\QtWebKit4.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\uninstall.ico scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\program files\Google\Google Earth\client\wavdest.ax scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\LocalAppData\Google\Custom Buttons\toolbar.google.com_MXE8GT6B9RBHXCGLZ06L.xml scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0402.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0403.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0404.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0405.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0406.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0407.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0408.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0409.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040b.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040c.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x040e.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0410.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0411.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0412.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0413.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0414.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0415.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0416.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0418.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0419.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041b.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041d.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041e.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x041f.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0421.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0422.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0424.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0426.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0427.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x042a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0804.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0809.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x080a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0816.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0c01.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0c0a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x0c1a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x100a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x140a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x180a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x1c0a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x200a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x240a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x280a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x2c0a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x300a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x340a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x380a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\0x3c0a.ini scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\10250.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1026.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1027.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1028.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1029.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1030.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1031.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1032.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1033.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1034.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1035.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1036.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1037.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1038.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1040.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1041.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1042.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1043.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1044.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1045.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1046.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1048.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1049.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1050.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1051.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1053.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1054.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1055.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1057.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1058.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1060.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1062.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1063.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\1066.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\11274.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\12298.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\13322.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\14346.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\15370.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\2052.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\2057.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\2058.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\2070.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\3073.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\3082.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\3098.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\4106.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\5130.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\6154.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\7178.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\8202.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\9226.mst scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\Google Earth.msi scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\GoogleEarth.exe scheduled to be moved on reboot.
File move failed. C:\Windows\temp\._msige61\Setup.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Dejte nový log RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by mediamarkcruqius at 2013-09-20 19:38:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 9 GB (6%) free of 152 GB
Total RAM: 3959 MB (60% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {20F4F445-D260-49AC-B2F5-DF3D21E86428}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\PrintIsolationHost.exe -Embedding
WLIDSvcM.exe 2380
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
taskeng.exe {791B174C-33E3-4C2E-96F9-6A8CF575BD2A}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\mediamarkcruqius\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
C:\ProgramData\FLEXnet\Connect\11\agent.exe -Embedding
"C:\Users\mediamarkcruqius\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\mediamarkcruqius\AppData\Roaming\Mozilla\Firefox\Profiles\3jrfjxl7.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1423, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF& ... =071213&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg_igeared.xml
mall-cz.xml
McSiteAdvisor.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-21 2327952]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Google Update"=C:\Users\mediamarkcruqius\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-01-16 717696]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-02-12 136136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-11-11 288088]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2011-10-07 2629632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-20 19:06:24 ----D---- C:\_OTM
2013-09-20 18:01:32 ----D---- C:\rsit
2013-09-20 18:01:32 ----D---- C:\Program Files\trend micro
2013-09-17 18:51:05 ----SHD---- C:\Config.Msi
2013-08-23 20:44:37 ----D---- C:\Papa Fini - Briliant (2011)_by karlosss666

======List of files/folders modified in the last 1 month======

2013-09-20 19:40:27 ----D---- C:\Users\mediamarkcruqius\AppData\Roaming\uTorrent
2013-09-20 19:36:30 ----D---- C:\Windows\Temp
2013-09-20 19:22:07 ----D---- C:\Windows\system32\config
2013-09-20 19:19:32 ----RD---- C:\Program Files (x86)
2013-09-20 19:10:40 ----D---- C:\Windows\Prefetch
2013-09-20 19:08:14 ----A---- C:\Windows\SYSWOW64\log.txt
2013-09-20 19:06:25 ----D---- C:\Windows\Tasks
2013-09-20 19:06:24 ----RD---- C:\Program Files (x86)\Skype
2013-09-20 18:01:32 ----RD---- C:\Program Files
2013-09-20 17:38:18 ----D---- C:\Users\mediamarkcruqius\AppData\Roaming\Skype
2013-09-20 10:37:28 ----D---- C:\Windows\SysWOW64
2013-09-20 10:37:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-19 08:39:18 ----SHD---- C:\System Volume Information
2013-09-17 19:42:43 ----D---- C:\Windows\system32\wfp
2013-09-17 19:42:43 ----D---- C:\Windows\system32\DriverStore
2013-09-17 19:42:43 ----D---- C:\Windows\system32\catroot2
2013-09-17 19:42:43 ----D---- C:\Windows
2013-09-17 19:42:42 ----D---- C:\Windows\system32\Tasks
2013-09-17 19:42:41 ----D---- C:\Windows\system32\drivers\etc
2013-09-17 19:42:41 ----D---- C:\Windows\system32\CodeIntegrity
2013-09-17 19:42:41 ----D---- C:\Windows\System32
2013-09-17 19:42:40 ----D---- C:\Windows\AppCompat
2013-09-17 19:42:40 ----D---- C:\Users\mediamarkcruqius\AppData\Roaming\vlc
2013-09-17 19:42:40 ----D---- C:\Users\mediamarkcruqius\AppData\Roaming\dvdcss
2013-09-17 19:42:40 ----D---- C:\ProgramData\McAfee Security Scan
2013-09-17 19:42:35 ----D---- C:\Windows\system32\wbem
2013-09-17 19:42:35 ----D---- C:\Windows\registration
2013-09-17 19:39:15 ----D---- C:\Windows\system32\LogFiles
2013-09-17 19:19:44 ----SHD---- C:\Windows\Installer
2013-09-17 18:51:46 ----D---- C:\Program Files (x86)\ATI Technologies
2013-09-17 18:51:14 ----D---- C:\ProgramData
2013-09-17 18:51:13 ----RSD---- C:\Windows\assembly
2013-09-08 22:39:54 ----SD---- C:\Users\mediamarkcruqius\AppData\Roaming\Microsoft
2013-09-02 16:50:10 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-12 834544]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 a153oelk;a153oelk; C:\Windows\system32\drivers\a153oelk.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 cpuz132;cpuz132; \??\C:\Users\MEDIAM~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-07 51600]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-07-25 74752]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 257416]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-18 117656]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-18 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Některé věci nabyly smazány. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

ComboFix 13-09-19.01 - mediamarkcruqius 20-09-2013 20:41:58.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1033.18.3959.2445 [GMT 2:00]
Gestart vanuit: c:\users\mediamarkcruqius\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\mediamarkcruqius\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\mediamarkcruqius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\system
c:\windows\TEMP\._msige61\GoogleEarth.exe
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGAttrs.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGGfx.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGSg.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\D3DCompiler_43.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\d3dx9_43.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGAttrs.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGGfx.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGSg.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\libEGL.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\libGLESv2.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemy\optimizations\IGOptExtension.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\alchemyext.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\earthps.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\ge_expat.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\googleearth.exe
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\googleearth_free.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\icudt.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\IGAttrs.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\IGCore.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\IGExportCommon.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\IGGfx.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\IGMath.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\IGOpt.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\IGSg.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\IGUtils.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\imageformats\qgif4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\imageformats\qjpeg4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\Leap.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\msvcp100.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\msvcr100.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\Plugins\npgeinprocessplugin.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\QtCore4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\QtGui4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\QtNetwork4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\QtWebKit4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\client\wavdest.ax
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGAttrs.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGGfx.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGSg.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\D3DCompiler_43.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\d3dx9_43.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGAttrs.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGGfx.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGSg.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\libEGL.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\libGLESv2.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemy\optimizations\IGOptExtension.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\alchemyext.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\earthps.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\ge_expat.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\googleearth_free.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\icudt.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\IGAttrs.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\IGCore.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\IGExportCommon.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\IGGfx.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\IGMath.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\IGOpt.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\IGSg.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\IGUtils.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\imageformats\qgif4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\imageformats\qjpeg4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\Leap.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\msvcp100.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\msvcr100.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\npgeplugin.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\plugin_ax.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\QtCore4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\QtGui4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\QtNetwork4.dll
c:\windows\TEMP\._msige61\program files\Google\Google Earth\plugin\QtWebKit4.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-08-20 to 2013-09-20 ))))))))))))))))))))))))))))))
.
.
2013-09-20 18:48 . 2013-09-20 18:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-20 17:06 . 2013-09-20 17:06 -------- d-----w- C:\_OTM
2013-09-20 16:01 . 2013-09-20 17:40 -------- d-----w- c:\program files\trend micro
2013-09-20 16:01 . 2013-09-20 16:01 -------- d-----w- C:\rsit
2013-09-17 16:47 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CAE4296-DE97-471A-8E3B-844AEB2A98E9}\mpengine.dll
2013-09-17 16:43 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-10 17:19 . 2013-09-04 19:58 965008 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6AB5F8E9-16FB-463E-870B-1B21FEDD6C3F}\gapaengine.dll
2013-08-23 18:44 . 2011-07-01 10:24 -------- d-----w- C:\Papa Fini - Briliant (2011)_by karlosss666
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-20 08:37 . 2012-09-15 10:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-20 08:37 . 2011-11-21 12:33 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-20 03:06 . 2012-12-02 11:52 941720 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-01-16 717696]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2011-10-07 2629632]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe"
"PDF5 Registry Controller"=c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
"PDFHook"=c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
"RIMBBLaunchAgent.exe"=c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbx64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys;c:\windows\SYSNATIVE\drivers\CHDMI64.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Inhoud van de 'Gedeelde Taken' map
.
2013-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-15 08:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://toshiba.msn.com
mStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\mediamarkcruqius\AppData\Roaming\Mozilla\Firefox\Profiles\3jrfjxl7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071213&q=
FF - prefs.js: network.proxy.ftp - 178.21.112.27
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - 178.21.112.27
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 178.21.112.27
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 178.21.112.27
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
AddRemove-AVS Update Manager_is1 - c:\program files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe
AddRemove-AVS4YOU Software Navigator_is1 - c:\program files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe
AddRemove-AVS4YOU Video Converter 7_is1 - c:\program files (x86)\AVS4YOU\AVSVideoConverter\unins000.exe
AddRemove-McAfee Security Scan - c:\program files (x86)\McAfee Security Scan\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-354615371-2128914143-2807093971-1000\Software\SecuROM\License information*]
"datasecu"=hex:ba,c4,1e,62,77,a2,6f,63,b9,41,ef,f5,54,c8,89,b2,5d,cd,06,c9,3f,
3c,c9,da,2a,40,5d,7a,f6,7b,69,6e,6e,1d,c1,ae,c1,84,d6,ec,34,d2,ff,03,83,a9,\
"rkeysecu"=hex:b3,d7,d0,67,0d,0c,a9,b3,e3,9a,11,89,7e,b7,35,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-09-20 20:52:19
ComboFix-quarantined-files.txt 2013-09-20 18:52
.
Pre-Run: 9.604.259.840 bytes free
Post-Run: 9.429.803.008 bytes free
.
- - End Of File - - 7012F546E6D705E84100EABBEDB78193

Nevypnul jste před skenem antivir. Ta hláška tam není pro legraci. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Firefox::
FF - ProfilePath - c:\users\mediamarkcruqius\AppData\Roaming\Mozilla\Firefox\Profiles\3jrfjxl7.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF& ... =071213&q=
FF - prefs.js: network.proxy.ftp - 178.21.112.27
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - 178.21.112.27
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 178.21.112.27
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 178.21.112.27
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0

Regnull::
[HKEY_USERS\S-1-5-21-354615371-2128914143-2807093971-1000\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\McAfee]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Omlouvam se nemohla jsem najit kde tu vec vypnout ted se mi to podarilo

ComboFix 13-09-19.01 - mediamarkcruqius 21-09-2013 12:12:10.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1033.18.3959.2450 [GMT 2:00]
Gestart vanuit: c:\users\mediamarkcruqius\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\mediamarkcruqius\Desktop\CFScript.txt..txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-08-21 to 2013-09-21 ))))))))))))))))))))))))))))))
.
.
2013-09-20 17:06 . 2013-09-20 17:06 -------- d-----w- C:\_OTM
2013-09-20 16:01 . 2013-09-20 17:40 -------- d-----w- c:\program files\trend micro
2013-09-20 16:01 . 2013-09-20 16:01 -------- d-----w- C:\rsit
2013-09-17 16:47 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CAE4296-DE97-471A-8E3B-844AEB2A98E9}\mpengine.dll
2013-09-17 16:43 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-10 17:19 . 2013-09-04 19:58 965008 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6AB5F8E9-16FB-463E-870B-1B21FEDD6C3F}\gapaengine.dll
2013-08-23 18:44 . 2011-07-01 10:24 -------- d-----w- C:\Papa Fini - Briliant (2011)_by karlosss666
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-20 08:37 . 2012-09-15 10:08 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-20 08:37 . 2011-11-21 12:33 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-20 03:06 . 2012-12-02 11:52 941720 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2010-01-16 717696]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2011-10-07 2629632]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe"
"PDF5 Registry Controller"=c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
"PDFHook"=c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
"RIMBBLaunchAgent.exe"=c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbx64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys;c:\windows\SYSNATIVE\drivers\CHDMI64.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Inhoud van de 'Gedeelde Taken' map
.
2013-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-15 08:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://toshiba.msn.com
mStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\mediamarkcruqius\AppData\Roaming\Mozilla\Firefox\Profiles\3jrfjxl7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - ORPHANS VERWIJDERD - - - -
.
AddRemove-AVS Update Manager_is1 - c:\program files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe
AddRemove-AVS4YOU Software Navigator_is1 - c:\program files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe
AddRemove-AVS4YOU Video Converter 7_is1 - c:\program files (x86)\AVS4YOU\AVSVideoConverter\unins000.exe
AddRemove-McAfee Security Scan - c:\program files (x86)\McAfee Security Scan\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Voltooingstijd: 2013-09-21 12:27:03 - machine werd herstart
ComboFix-quarantined-files.txt 2013-09-21 10:27
ComboFix2.txt 2013-09-20 18:52
.
Pre-Run: 9.496.571.904 bytes free
Post-Run: 10.241.548.288 bytes free
.
- - End Of File - - 1F601F8982F5995230D0FFD75BBFA729

Log je již OK. Nastala nějaká změna? CF odinstalujte pomocí T-Cleaneru: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe a spusťte znovu OTM a klikněte na >CleanUp!<. OTM po sobě uklidí.

Zatim to vypada dobre, moc dekuji