VIRY.CZ

Dobry vecer,
priatelka ma problem s ntb. Nespusti sa jej ani Opera ani Internet Explorer. Nespusti sa dokonca ani Opera Portable. Internet funguje - napr Skype, Teamviewer, atd.
Pred 2 dnami jej uplne spadol windows, pomohol bod obnovy vo windows. Teraz si uz ale neviem rady. Mozno je to HW problem. Pre istotu sa ale obraciam na Viry.cz a dakujem za kazdu radu.

Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlady at 2012-01-19 23:03:20
Microsoft Windows 7 Home Premium
System drive C: has 192 GB (81%) free of 238 GB
Total RAM: 3895 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:31, on 19. 1. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\trend micro\Vlady.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3a/ ... 7A315F13D1}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Vlady\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\FaceSmooch Toolbar\tbcore3.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: @c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll
O3 - Toolbar: FaceSmooch Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\FaceSmooch Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Vlady\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14932 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 35607808
\??\C:\Windows\system32\conhost.exe "-735469267-127984735819556936271058876696-381911867-630592629165912044346416742
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\system32\igfxext.exe -Embedding
WLIDSvcM.exe 2568
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006b4
\??\C:\Windows\system32\conhost.exe "565276736-208189045020068458171996511798-21313636621616054162-191090842-130890211
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {F48EE496-633E-46CB-A8A7-40BECAF8E749}
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
TeamViewer.exe --HostService --sessionID 1
C:\Windows\system32\DllHost.exe /Processid:{A4C31131-FF70-4984-AFD6-0609CED53AD6}
"taskhost.exe"
"C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Vlady\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3067635089-2586654935-1631073940-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3067635089-2586654935-1631073940-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Vlady\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll [2010-11-12 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\FaceSmooch Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files (x86)\Softonic-Eng7\tbSoft.dll [2010-11-13 3913000]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100 - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll [2010-11-12 612616]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - FaceSmooch Toolbar - C:\Program Files (x86)\FaceSmooch Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-02-26 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-02-26 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-02-26 410648]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2010-03-03 4581280]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Google Update"=C:\Users\Vlady\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-07 136176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-09-23 258512]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Vlady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
TRDCReminder.lnk - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-19 23:03:24 ----D---- C:\Program Files\trend micro
2012-01-19 23:03:20 ----D---- C:\rsit
2012-01-19 22:27:12 ----D---- C:\Program Files (x86)\Trend Micro
2012-01-11 17:18:57 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-11 17:18:57 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-11 17:18:57 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 17:18:57 ----A---- C:\Windows\system32\qdvd.dll
2012-01-11 17:18:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-01-11 17:18:52 ----A---- C:\Windows\system32\jscript.dll
2012-01-11 17:18:50 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-11 17:18:50 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 17:18:21 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-11 17:18:21 ----A---- C:\Windows\system32\packager.dll
2011-12-30 21:51:22 ----HD---- C:\Users\Vlady\AppData\Roaming\skypePM
2011-12-30 21:51:22 ----AH---- C:\ProgramData\ezsidmv.dat
2011-12-30 21:38:26 ----HD---- C:\Users\Vlady\AppData\Roaming\Avira
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-12-30 21:38:01 ----D---- C:\ProgramData\Avira
2011-12-30 21:38:01 ----D---- C:\Program Files (x86)\Avira
2011-12-30 20:27:57 ----D---- C:\Program Files (x86)\IrfanView
2011-12-30 19:14:50 ----D---- C:\Users\Vlady\AppData\Roaming\vlc
2011-12-30 19:14:10 ----D---- C:\Program Files (x86)\VideoLAN
2011-12-30 19:02:05 ----D---- C:\Program Files (x86)\Winamp Detect
2011-12-30 18:54:55 ----D---- C:\Users\Vlady\AppData\Roaming\Winamp
2011-12-30 18:54:55 ----D---- C:\Program Files (x86)\Winamp
2011-12-30 18:32:32 ----HD---- C:\Users\Vlady\AppData\Roaming\TeamViewer
2011-12-30 18:31:46 ----D---- C:\Program Files (x86)\TeamViewer
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-12-30 16:54:27 ----A---- C:\Windows\system32\shell32.dll
2011-12-30 16:54:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-12-30 16:47:53 ----D---- C:\Program Files (x86)\QIP
2011-12-30 16:36:38 ----HD---- C:\Users\Vlady\AppData\Roaming\QIP
2011-12-30 16:05:19 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-12-30 16:05:19 ----A---- C:\Windows\system32\xmllite.dll
2011-12-30 15:58:56 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbctrac.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccu32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccr32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccp32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-12-30 15:58:52 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-12-30 15:58:46 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-12-30 15:58:46 ----A---- C:\Windows\system32\poqexec.exe
2011-12-30 15:58:44 ----A---- C:\Windows\system32\mssrch.dll
2011-12-30 15:58:42 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-12-30 15:58:42 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-12-30 15:58:42 ----A---- C:\Windows\system32\tquery.dll
2011-12-30 15:58:41 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-12-30 15:58:41 ----A---- C:\Windows\system32\mssph.dll
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-12-30 15:58:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\system32\mssvp.dll
2011-12-30 15:58:40 ----A---- C:\Windows\system32\msscntrs.dll
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-12-30 15:58:39 ----A---- C:\Windows\system32\mssphtb.dll
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-12-30 15:58:12 ----A---- C:\Windows\system32\drivers\afd.sys
2011-12-30 15:56:31 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-30 15:55:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-12-30 15:46:38 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srv.sys
2011-12-30 15:44:51 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-12-30 15:44:51 ----A---- C:\Windows\system32\psisdecd.dll
2011-12-30 15:35:35 ----A---- C:\Windows\system32\mshtml.dll
2011-12-30 15:35:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-12-30 15:35:20 ----A---- C:\Windows\system32\iertutil.dll
2011-12-30 15:35:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-12-30 15:35:19 ----A---- C:\Windows\system32\urlmon.dll
2011-12-30 15:35:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-12-30 15:35:18 ----A---- C:\Windows\system32\wininet.dll
2011-12-30 15:35:18 ----A---- C:\Windows\system32\ieframe.dll
2011-12-30 15:35:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-12-30 15:35:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-12-30 15:35:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-12-30 15:35:09 ----A---- C:\Windows\system32\mstime.dll
2011-12-30 15:35:09 ----A---- C:\Windows\system32\msfeeds.dll
2011-12-30 15:35:08 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-12-30 15:35:07 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-12-30 15:35:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-12-30 15:35:07 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-12-30 15:35:07 ----A---- C:\Windows\system32\licmgr10.dll
2011-12-30 15:35:07 ----A---- C:\Windows\system32\iepeers.dll
2011-12-30 15:35:07 ----A---- C:\Windows\system32\iedkcs32.dll
2011-12-30 15:35:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-12-30 15:35:06 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-12-30 15:35:06 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-12-30 15:35:06 ----A---- C:\Windows\system32\url.dll
2011-12-30 15:35:06 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-30 15:35:05 ----A---- C:\Windows\SYSWOW64\url.dll
2011-12-30 15:35:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-12-30 15:35:05 ----A---- C:\Windows\system32\ieui.dll
2011-12-30 15:35:04 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-12-30 15:35:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-12-30 15:35:04 ----A---- C:\Windows\system32\msfeedssync.exe
2011-12-30 15:35:04 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-30 15:32:30 ----A---- C:\Windows\system32\KernelBase.dll
2011-12-30 15:32:30 ----A---- C:\Windows\system32\kernel32.dll
2011-12-30 15:32:29 ----A---- C:\Windows\system32\wow64win.dll
2011-12-30 15:32:28 ----A---- C:\Windows\system32\winsrv.dll
2011-12-30 15:32:28 ----A---- C:\Windows\system32\conhost.exe
2011-12-30 15:32:27 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-12-30 15:32:27 ----A---- C:\Windows\system32\wow64.dll
2011-12-30 15:32:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-12-30 15:32:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-12-30 15:32:26 ----A---- C:\Windows\system32\ntvdm64.dll
2011-12-30 15:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-30 15:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-30 15:32:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-12-30 15:32:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-12-30 15:32:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-12-30 15:32:24 ----A---- C:\Windows\system32\wow64cpu.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-12-30 15:32:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-12-30 15:32:15 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-12-30 15:32:15 ----A---- C:\Windows\SYSWOW64\user.exe
2011-12-30 15:32:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-30 15:31:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-12-30 15:31:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-12-27 14:05:41 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-12-27 14:05:41 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-12-27 14:05:41 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-12-27 14:05:40 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-12-27 14:05:40 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-12-27 14:05:33 ----A---- C:\Windows\system32\inetcomm.dll
2011-12-27 14:05:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-12-27 14:05:26 ----A---- C:\Windows\system32\win32k.sys
2011-12-27 14:05:22 ----A---- C:\Windows\system32\oleaut32.dll
2011-12-27 14:05:22 ----A---- C:\Windows\system32\oleacc.dll
2011-12-27 14:05:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-12-27 14:05:21 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-12-27 14:05:19 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-12-27 14:05:19 ----A---- C:\Windows\system32\EncDec.dll
2011-12-27 14:05:12 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-12-27 14:05:12 ----A---- C:\Windows\system32\tzres.dll
2011-12-26 20:04:56 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-12-26 20:04:56 ----A---- C:\Windows\system32\d3d10_1.dll
2011-12-26 19:19:47 ----D---- C:\Users\Vlady\AppData\Roaming\Opera
2011-12-26 19:19:40 ----D---- C:\Program Files (x86)\Opera

======List of files/folders modified in the last 1 month======

2012-01-19 23:03:26 ----D---- C:\Windows\Temp
2012-01-19 23:03:24 ----RD---- C:\Program Files
2012-01-19 22:50:41 ----D---- C:\Users\Vlady\AppData\Roaming\Skype
2012-01-19 22:27:19 ----SHD---- C:\Windows\Installer
2012-01-19 22:27:12 ----RD---- C:\Program Files (x86)
2012-01-19 22:26:21 ----SHD---- C:\System Volume Information
2012-01-19 21:05:07 ----A---- C:\Windows\SYSWOW64\log.txt
2012-01-19 18:43:41 ----D---- C:\Program Files\ESET
2012-01-19 18:36:25 ----D---- C:\Windows\System32
2012-01-19 18:36:25 ----D---- C:\Windows\inf
2012-01-19 18:36:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-19 18:33:04 ----D---- C:\Windows\Prefetch
2012-01-19 18:10:51 ----D---- C:\Windows\system32\wbem
2012-01-19 18:10:51 ----D---- C:\Windows
2012-01-19 18:10:16 ----D---- C:\Windows\Tasks
2012-01-19 18:10:16 ----D---- C:\Windows\SysWOW64
2012-01-19 18:10:16 ----D---- C:\Windows\system32\DriverStore
2012-01-19 18:10:16 ----D---- C:\Windows\system32\catroot2
2012-01-19 18:10:16 ----D---- C:\Windows\registration
2012-01-19 17:49:22 ----D---- C:\Windows\system32\config
2012-01-14 17:18:08 ----D---- C:\Windows\Microsoft.NET
2012-01-14 17:17:41 ----RSD---- C:\Windows\assembly
2012-01-14 13:59:57 ----D---- C:\Windows\system32\wfp
2012-01-14 13:59:08 ----D---- C:\Windows\system32\drivers
2012-01-14 13:59:05 ----D---- C:\Users\Vlady\AppData\Roaming\uTorrent
2012-01-14 13:59:01 ----SD---- C:\Users\Vlady\AppData\Roaming\Microsoft
2012-01-14 13:59:01 ----D---- C:\Users\Vlady\AppData\Roaming\Hamachi
2012-01-14 13:58:54 ----SD---- C:\ProgramData\Microsoft
2012-01-14 13:58:52 ----D---- C:\Program Files\Starcraft
2012-01-14 13:58:52 ----D---- C:\Program Files (x86)\Mobile Partner
2012-01-14 13:58:50 ----D---- C:\Intel
2012-01-14 13:58:18 ----D---- C:\Works
2012-01-14 13:58:11 ----D---- C:\Users\Vlady\AppData\Roaming\Nero
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\Macromedia
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\ESTsoft
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\Adobe
2012-01-14 13:57:35 ----HD---- C:\ProgramData
2012-01-14 13:57:35 ----D---- C:\Toshiba
2012-01-14 13:57:35 ----D---- C:\ProgramData\Toshiba
2012-01-14 13:57:35 ----D---- C:\ProgramData\Skype
2012-01-14 13:57:29 ----D---- C:\ProgramData\McAfee
2012-01-14 13:57:29 ----D---- C:\ProgramData\ESTsoft
2012-01-14 13:57:27 ----D---- C:\ProgramData\Apple
2012-01-14 13:57:26 ----D---- C:\ProgramData\Adobe
2012-01-14 13:57:19 ----D---- C:\extensions
2012-01-13 17:02:33 ----D---- C:\Windows\ehome
2012-01-13 17:02:32 ----D---- C:\Windows\winsxs
2012-01-13 17:00:38 ----A---- C:\Windows\system32\MRT.exe
2012-01-11 23:55:39 ----D---- C:\ProgramData\Microsoft Help
2012-01-11 17:17:26 ----D---- C:\Windows\system32\catroot
2012-01-04 18:49:57 ----D---- C:\Windows\LiveKernelReports
2012-01-02 16:04:29 ----D---- C:\Windows\system32\wdi
2011-12-31 18:18:21 ----D---- C:\Windows\rescache
2011-12-30 19:01:58 ----D---- C:\Program Files (x86)\Common Files
2011-12-30 18:46:02 ----D---- C:\Program Files (x86)\Google
2011-12-30 17:37:59 ----D---- C:\Program Files\Common Files\System
2011-12-30 17:37:57 ----RSD---- C:\Windows\Fonts
2011-12-30 17:37:57 ----D---- C:\Windows\SYSWOW64\migration
2011-12-30 17:37:57 ----D---- C:\Windows\system32\migration
2011-12-30 17:37:57 ----D---- C:\Program Files\Internet Explorer
2011-12-30 17:37:57 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-30 17:37:56 ----D---- C:\Windows\AppPatch
2011-12-30 17:18:58 ----D---- C:\Windows\Logs
2011-12-30 15:48:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-12-30 15:40:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-12-30 15:37:07 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-12-30 15:37:07 ----D---- C:\Windows\system32\sk-SK
2011-12-27 13:10:57 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-12-31 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-09-15 97312]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-05 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-03-31 724536]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-07-24 114560]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2010-09-28 51712]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-09-23 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-01 136176]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-01 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-16 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Zdravím!
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\ConduitEngine
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\FaceSmooch Toolbar
C:\Users\Vlady\AppData\Local\Google\Update
C:\Program Files (x86)\Google\Update
C:\Program Files (x86)\Google\Common\Google Updater
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3067635089-2586654935-1631073940-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3067635089-2586654935-1631073940-1000UA.job
C:\Program Files (x86)\Softonic-Eng7
C:\Users\Vlady\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll


:services
gupdate
gupdatem
gusvc

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na MoveIt! PC bude restartován.

Co se týká prohlížečů, ty se nepřipojí, nebo se vůbec neotevře okno?

Dakujem za rady.
vobec sa nechcelo otvorit okno. len preblikol dialog, ci chcem Operu/IE nastavit ako predvoleny prehliadac a hned sa zatvori.
po pouziti OTM problem s prehliadacmi prestal - daju sa zapnut, internet funguje.
Objavili sa nejake vystrazne okna pri zapnuti opery a FB ->
http://www.ulozisko.sk/obrazky/480077/1_4.jpg
http://www.ulozisko.sk/obrazky/480089/2.jpg
Pripajam este log z OTM a znovu log z RSIT.


All processes killed
========== FILES ==========
C:\Program Files (x86)\ConduitEngine folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Shared folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
C:\Program Files (x86)\FaceSmooch Toolbar folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\Install folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\Download\{D8189884-714F-4F16-AACE-60A6828C7924} folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\16.0.912.75 folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D} folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.79 folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D} folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\Download folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\1.3.21.79 folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update\1.3.21.53 folder moved successfully.
C:\Users\Vlady\AppData\Local\Google\Update folder moved successfully.
C:\Program Files (x86)\Google\Update\Install folder moved successfully.
C:\Program Files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\0.0.0.0 folder moved successfully.
C:\Program Files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88} folder moved successfully.
C:\Program Files (x86)\Google\Update\Download\{1ED6F383-0E22-424A-9B7D-CA430682E092} folder moved successfully.
C:\Program Files (x86)\Google\Update\Download folder moved successfully.
C:\Program Files (x86)\Google\Update\1.3.21.79 folder moved successfully.
C:\Program Files (x86)\Google\Update folder moved successfully.
C:\Program Files (x86)\Google\Common\Google Updater folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3067635089-2586654935-1631073940-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3067635089-2586654935-1631073940-1000UA.job moved successfully.
C:\Program Files (x86)\Softonic-Eng7 folder moved successfully.
File/Folder C:\Users\Vlady\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll not found.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Vlady
->Temp folder emptied: 1244745798 bytes
->Temporary Internet Files folder emptied: 39750016 bytes
->Java cache emptied: 6753712 bytes
->Opera cache emptied: 4545168 bytes
->Flash cache emptied: 82862 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3707098135 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50453 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4 771,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Vlady
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 01202012_174925

Files moved on Reboot...
C:\Users\Vlady\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlady at 2012-01-20 18:51:20
Microsoft Windows 7 Home Premium
System drive C: has 196 GB (82%) free of 238 GB
Total RAM: 3895 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:26, on 20. 1. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\IrfanView\i_view32.exe
C:\Program Files\trend micro\Vlady.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3a/ ... 7A315F13D1}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14068 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 38366128
\??\C:\Windows\system32\conhost.exe "362156993121201298218359006341583558379080462112083573703-77519727430177670
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2160
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000694
\??\C:\Windows\system32\conhost.exe "-1286036335-332827285-9581291844927944412486715151492272291-1375662730-1269687610
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
taskeng.exe {14771350-1EB7-453F-8DAE-101C5568F9AB}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
TeamViewer.exe --HostService --sessionID 1
"C:\Program Files (x86)\IrfanView\i_view32.exe" "C:\Users\Vlady\Desktop\comp\CIMG7200.JPG"
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {FAC393A0-953D-40C3-94BF-2188DF421E6A}
"C:\Users\Vlady\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll [2010-11-12 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-02-26 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-02-26 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-02-26 410648]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-09-18 3993416]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 1125504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2010-03-03 4581280]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-09-23 258512]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2011-12-18 73360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Vlady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
TRDCReminder.lnk - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-20 18:02:28 ----D---- C:\Users\Vlady\AppData\Roaming\CheckPoint
2012-01-20 18:01:52 ----D---- C:\Program Files\CheckPoint
2012-01-20 18:01:34 ----D---- C:\ProgramData\CheckPoint
2012-01-20 18:01:12 ----A---- C:\Windows\system32\drivers\netio.sys
2012-01-20 17:59:04 ----D---- C:\Program Files (x86)\CheckPoint
2012-01-20 17:49:25 ----D---- C:\_OTM
2012-01-20 00:10:40 ----D---- C:\Windows\system32\oodag
2012-01-20 00:08:25 ----D---- C:\Program Files\OO Software
2012-01-19 23:03:24 ----D---- C:\Program Files\trend micro
2012-01-19 23:03:20 ----D---- C:\rsit
2012-01-19 22:27:12 ----D---- C:\Program Files (x86)\Trend Micro
2012-01-11 17:18:57 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-11 17:18:57 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-11 17:18:57 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 17:18:57 ----A---- C:\Windows\system32\qdvd.dll
2012-01-11 17:18:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-01-11 17:18:52 ----A---- C:\Windows\system32\jscript.dll
2012-01-11 17:18:50 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-11 17:18:50 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 17:18:21 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-11 17:18:21 ----A---- C:\Windows\system32\packager.dll
2011-12-30 21:51:22 ----HD---- C:\Users\Vlady\AppData\Roaming\skypePM
2011-12-30 21:51:22 ----AH---- C:\ProgramData\ezsidmv.dat
2011-12-30 21:38:26 ----HD---- C:\Users\Vlady\AppData\Roaming\Avira
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-12-30 21:38:01 ----D---- C:\ProgramData\Avira
2011-12-30 21:38:01 ----D---- C:\Program Files (x86)\Avira
2011-12-30 20:27:57 ----D---- C:\Program Files (x86)\IrfanView
2011-12-30 19:14:50 ----D---- C:\Users\Vlady\AppData\Roaming\vlc
2011-12-30 19:14:10 ----D---- C:\Program Files (x86)\VideoLAN
2011-12-30 19:02:05 ----D---- C:\Program Files (x86)\Winamp Detect
2011-12-30 18:54:55 ----D---- C:\Users\Vlady\AppData\Roaming\Winamp
2011-12-30 18:54:55 ----D---- C:\Program Files (x86)\Winamp
2011-12-30 18:32:32 ----HD---- C:\Users\Vlady\AppData\Roaming\TeamViewer
2011-12-30 18:31:46 ----D---- C:\Program Files (x86)\TeamViewer
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-12-30 16:54:27 ----A---- C:\Windows\system32\shell32.dll
2011-12-30 16:54:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-12-30 16:47:53 ----D---- C:\Program Files (x86)\QIP
2011-12-30 16:36:38 ----HD---- C:\Users\Vlady\AppData\Roaming\QIP
2011-12-30 16:05:19 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-12-30 16:05:19 ----A---- C:\Windows\system32\xmllite.dll
2011-12-30 15:58:56 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbctrac.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccu32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccr32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccp32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-12-30 15:58:52 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-12-30 15:58:46 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-12-30 15:58:46 ----A---- C:\Windows\system32\poqexec.exe
2011-12-30 15:58:44 ----A---- C:\Windows\system32\mssrch.dll
2011-12-30 15:58:42 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-12-30 15:58:42 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-12-30 15:58:42 ----A---- C:\Windows\system32\tquery.dll
2011-12-30 15:58:41 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-12-30 15:58:41 ----A---- C:\Windows\system32\mssph.dll
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-12-30 15:58:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\system32\mssvp.dll
2011-12-30 15:58:40 ----A---- C:\Windows\system32\msscntrs.dll
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-12-30 15:58:39 ----A---- C:\Windows\system32\mssphtb.dll
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-12-30 15:58:12 ----A---- C:\Windows\system32\drivers\afd.sys
2011-12-30 15:56:31 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-30 15:55:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-12-30 15:46:38 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srv.sys
2011-12-30 15:44:51 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-12-30 15:44:51 ----A---- C:\Windows\system32\psisdecd.dll
2011-12-30 15:35:35 ----A---- C:\Windows\system32\mshtml.dll
2011-12-30 15:35:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-12-30 15:35:20 ----A---- C:\Windows\system32\iertutil.dll
2011-12-30 15:35:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-12-30 15:35:19 ----A---- C:\Windows\system32\urlmon.dll
2011-12-30 15:35:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-12-30 15:35:18 ----A---- C:\Windows\system32\wininet.dll
2011-12-30 15:35:18 ----A---- C:\Windows\system32\ieframe.dll
2011-12-30 15:35:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-12-30 15:35:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-12-30 15:35:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-12-30 15:35:09 ----A---- C:\Windows\system32\mstime.dll
2011-12-30 15:35:09 ----A---- C:\Windows\system32\msfeeds.dll
2011-12-30 15:35:08 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-12-30 15:35:07 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-12-30 15:35:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-12-30 15:35:07 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-12-30 15:35:07 ----A---- C:\Windows\system32\licmgr10.dll
2011-12-30 15:35:07 ----A---- C:\Windows\system32\iepeers.dll
2011-12-30 15:35:07 ----A---- C:\Windows\system32\iedkcs32.dll
2011-12-30 15:35:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-12-30 15:35:06 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-12-30 15:35:06 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-12-30 15:35:06 ----A---- C:\Windows\system32\url.dll
2011-12-30 15:35:06 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-30 15:35:05 ----A---- C:\Windows\SYSWOW64\url.dll
2011-12-30 15:35:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-12-30 15:35:05 ----A---- C:\Windows\system32\ieui.dll
2011-12-30 15:35:04 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-12-30 15:35:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-12-30 15:35:04 ----A---- C:\Windows\system32\msfeedssync.exe
2011-12-30 15:35:04 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-30 15:32:30 ----A---- C:\Windows\system32\KernelBase.dll
2011-12-30 15:32:30 ----A---- C:\Windows\system32\kernel32.dll
2011-12-30 15:32:29 ----A---- C:\Windows\system32\wow64win.dll
2011-12-30 15:32:28 ----A---- C:\Windows\system32\winsrv.dll
2011-12-30 15:32:28 ----A---- C:\Windows\system32\conhost.exe
2011-12-30 15:32:27 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-12-30 15:32:27 ----A---- C:\Windows\system32\wow64.dll
2011-12-30 15:32:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-12-30 15:32:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-12-30 15:32:26 ----A---- C:\Windows\system32\ntvdm64.dll
2011-12-30 15:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-30 15:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-30 15:32:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-12-30 15:32:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-12-30 15:32:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-12-30 15:32:24 ----A---- C:\Windows\system32\wow64cpu.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-12-30 15:32:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-12-30 15:32:15 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-12-30 15:32:15 ----A---- C:\Windows\SYSWOW64\user.exe
2011-12-30 15:32:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-30 15:31:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-12-30 15:31:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-12-27 14:05:41 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-12-27 14:05:41 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-12-27 14:05:41 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-12-27 14:05:40 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-12-27 14:05:40 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-12-27 14:05:33 ----A---- C:\Windows\system32\inetcomm.dll
2011-12-27 14:05:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-12-27 14:05:26 ----A---- C:\Windows\system32\win32k.sys
2011-12-27 14:05:22 ----A---- C:\Windows\system32\oleaut32.dll
2011-12-27 14:05:22 ----A---- C:\Windows\system32\oleacc.dll
2011-12-27 14:05:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-12-27 14:05:21 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-12-27 14:05:19 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-12-27 14:05:19 ----A---- C:\Windows\system32\EncDec.dll
2011-12-27 14:05:12 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-12-27 14:05:12 ----A---- C:\Windows\system32\tzres.dll
2011-12-26 20:04:56 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-12-26 20:04:56 ----A---- C:\Windows\system32\d3d10_1.dll
2011-12-26 19:19:47 ----D---- C:\Users\Vlady\AppData\Roaming\Opera
2011-12-26 19:19:40 ----D---- C:\Program Files (x86)\Opera

======List of files/folders modified in the last 1 month======

2012-01-20 18:51:25 ----D---- C:\Windows\Temp
2012-01-20 18:51:22 ----D---- C:\Windows\Prefetch
2012-01-20 18:26:51 ----D---- C:\Windows\system32\config
2012-01-20 18:20:21 ----D---- C:\Windows\System32
2012-01-20 18:20:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-20 18:20:20 ----D---- C:\Windows\inf
2012-01-20 18:13:00 ----D---- C:\Windows\winsxs
2012-01-20 18:12:41 ----A---- C:\Windows\SYSWOW64\log.txt
2012-01-20 18:11:42 ----D---- C:\Windows\system32\drivers
2012-01-20 18:02:43 ----D---- C:\Windows\system32\catroot
2012-01-20 18:02:42 ----D---- C:\Windows\system32\DriverStore
2012-01-20 18:02:36 ----SHD---- C:\Windows\Installer
2012-01-20 18:01:52 ----RD---- C:\Program Files
2012-01-20 18:01:34 ----HD---- C:\ProgramData
2012-01-20 18:01:29 ----D---- C:\Windows
2012-01-20 18:01:05 ----SHD---- C:\System Volume Information
2012-01-20 17:59:04 ----RD---- C:\Program Files (x86)
2012-01-20 17:51:55 ----D---- C:\Windows\system32\catroot2
2012-01-20 17:49:26 ----D---- C:\Windows\Tasks
2012-01-20 17:49:26 ----D---- C:\Program Files (x86)\Google
2012-01-20 17:49:25 ----RD---- C:\Program Files (x86)\Skype
2012-01-20 06:58:01 ----D---- C:\Users\Vlady\AppData\Roaming\Skype
2012-01-19 18:43:41 ----D---- C:\Program Files\ESET
2012-01-19 18:10:51 ----D---- C:\Windows\system32\wbem
2012-01-19 18:10:16 ----D---- C:\Windows\SysWOW64
2012-01-19 18:10:16 ----D---- C:\Windows\registration
2012-01-14 17:18:08 ----D---- C:\Windows\Microsoft.NET
2012-01-14 17:17:41 ----RSD---- C:\Windows\assembly
2012-01-14 13:59:57 ----D---- C:\Windows\system32\wfp
2012-01-14 13:59:05 ----D---- C:\Users\Vlady\AppData\Roaming\uTorrent
2012-01-14 13:59:01 ----SD---- C:\Users\Vlady\AppData\Roaming\Microsoft
2012-01-14 13:59:01 ----D---- C:\Users\Vlady\AppData\Roaming\Hamachi
2012-01-14 13:58:54 ----SD---- C:\ProgramData\Microsoft
2012-01-14 13:58:52 ----D---- C:\Program Files\Starcraft
2012-01-14 13:58:52 ----D---- C:\Program Files (x86)\Mobile Partner
2012-01-14 13:58:50 ----D---- C:\Intel
2012-01-14 13:58:18 ----D---- C:\Works
2012-01-14 13:58:11 ----D---- C:\Users\Vlady\AppData\Roaming\Nero
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\Macromedia
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\ESTsoft
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\Adobe
2012-01-14 13:57:35 ----D---- C:\Toshiba
2012-01-14 13:57:35 ----D---- C:\ProgramData\Toshiba
2012-01-14 13:57:35 ----D---- C:\ProgramData\Skype
2012-01-14 13:57:29 ----D---- C:\ProgramData\McAfee
2012-01-14 13:57:29 ----D---- C:\ProgramData\ESTsoft
2012-01-14 13:57:27 ----D---- C:\ProgramData\Apple
2012-01-14 13:57:26 ----D---- C:\ProgramData\Adobe
2012-01-14 13:57:19 ----D---- C:\extensions
2012-01-13 17:02:33 ----D---- C:\Windows\ehome
2012-01-13 17:00:38 ----A---- C:\Windows\system32\MRT.exe
2012-01-11 23:55:39 ----D---- C:\ProgramData\Microsoft Help
2012-01-04 18:49:57 ----D---- C:\Windows\LiveKernelReports
2012-01-02 16:04:29 ----D---- C:\Windows\system32\wdi
2011-12-31 18:18:21 ----D---- C:\Windows\rescache
2011-12-30 19:01:58 ----D---- C:\Program Files (x86)\Common Files
2011-12-30 17:37:59 ----D---- C:\Program Files\Common Files\System
2011-12-30 17:37:57 ----RSD---- C:\Windows\Fonts
2011-12-30 17:37:57 ----D---- C:\Windows\SYSWOW64\migration
2011-12-30 17:37:57 ----D---- C:\Windows\system32\migration
2011-12-30 17:37:57 ----D---- C:\Program Files\Internet Explorer
2011-12-30 17:37:57 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-30 17:37:56 ----D---- C:\Windows\AppPatch
2011-12-30 17:18:58 ----D---- C:\Windows\Logs
2011-12-30 15:48:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-12-30 15:40:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-12-30 15:37:07 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-12-30 15:37:07 ----D---- C:\Windows\system32\sk-SK
2011-12-27 13:10:57 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-12-31 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-09-15 97312]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-05 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-03-31 724536]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-07-24 114560]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2010-09-28 51712]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-09-23 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-09-18 3271496]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2011-12-18 2420616]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-16 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Smazáno. Zkuste reinstalovat .NETFramework.

Zdravim, tie chybove hlasky prestali po preinstalovani .NET Frameworku. Dakujem
Opat sa objavil problem s nefunkcnou Operou a Internet Explorerom. Pomohol scandisk v programe O&O Defrag.
Pre istotu pridavam este jeden log z RSIT,ci tam zase nie je nejaka haved.
Dakujem pekne za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlady at 2012-01-22 14:49:57
Microsoft Windows 7 Home Premium
System drive C: has 195 GB (82%) free of 238 GB
Total RAM: 3895 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:00, on 22. 1. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Vlady.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3a/ ... 7A315F13D1}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13230 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 35121056
\??\C:\Windows\system32\conhost.exe "-1339114044584574363503180396-43507801659161128415752952-1708713513546964835
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2064
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006c4
\??\C:\Windows\system32\conhost.exe "1369574915-1667558746238348223-21406321451497001851-1107534995-1094871304-409085240
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
taskeng.exe {D02AE494-51E2-4669-A65F-F8BB62EB48E6}
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
TeamViewer.exe --HostService --sessionID 1
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Vlady\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {D80062D4-81B7-4967-A688-FE74BB68BAB0}
"C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WININET.dll",DispatchAPICall 1

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-02-26 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-02-26 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-02-26 410648]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-09-18 3993416]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 1125504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2010-03-03 4581280]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-09-23 258512]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2011-12-18 73360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Vlady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
TRDCReminder.lnk - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\url.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\wininet.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\urlmon.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\pngfilt.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\occache.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\msrating.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\msls31.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\mshtmler.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\mshtml.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\mshta.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\msfeedssync.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\jsproxy.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\jscript9.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\jscript.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\imgutil.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\ieUnatt.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\iesysprep.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\iertutil.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\iepeers.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\ieakui.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\ieaksie.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\ieakeng.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\admparse.dll
2012-01-22 11:29:58 ----A---- C:\Windows\system32\ieui.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\wextract.exe
2012-01-22 11:29:57 ----A---- C:\Windows\system32\webcheck.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\vbscript.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\url.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\mshtmled.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\msfeeds.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\licmgr10.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\inseng.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\iexpress.exe
2012-01-22 11:29:57 ----A---- C:\Windows\system32\iesetup.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\iernonce.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\ieframe.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\iedkcs32.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\ieapfltr.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\ieapfltr.dat
2012-01-22 11:29:57 ----A---- C:\Windows\system32\ie4uinit.exe
2012-01-22 11:29:57 ----A---- C:\Windows\system32\icardie.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\dxtrans.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\dxtmsft.dll
2012-01-22 11:26:23 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-01-22 11:26:10 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-01-22 11:26:10 ----A---- C:\Windows\system32\schannel.dll
2012-01-22 11:26:10 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-22 11:26:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-22 11:26:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-22 11:26:10 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-22 11:26:09 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-01-22 11:26:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-01-22 11:26:09 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\webio.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\sspicli.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\secur32.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\lsass.exe
2012-01-20 18:58:40 ----D---- C:\Program Files\CCleaner
2012-01-20 18:02:28 ----D---- C:\Users\Vlady\AppData\Roaming\CheckPoint
2012-01-20 18:01:52 ----D---- C:\Program Files\CheckPoint
2012-01-20 18:01:34 ----D---- C:\ProgramData\CheckPoint
2012-01-20 18:01:12 ----A---- C:\Windows\system32\drivers\netio.sys
2012-01-20 17:59:04 ----D---- C:\Program Files (x86)\CheckPoint
2012-01-20 17:49:25 ----D---- C:\_OTM
2012-01-20 00:10:40 ----D---- C:\Windows\system32\oodag
2012-01-20 00:08:25 ----D---- C:\Program Files\OO Software
2012-01-19 23:03:24 ----D---- C:\Program Files\trend micro
2012-01-19 23:03:20 ----D---- C:\rsit
2012-01-19 22:27:12 ----D---- C:\Program Files (x86)\Trend Micro
2012-01-11 17:18:57 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-11 17:18:57 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-11 17:18:57 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 17:18:57 ----A---- C:\Windows\system32\qdvd.dll
2012-01-11 17:18:50 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-11 17:18:50 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 17:18:21 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-11 17:18:21 ----A---- C:\Windows\system32\packager.dll
2011-12-30 21:51:22 ----HD---- C:\Users\Vlady\AppData\Roaming\skypePM
2011-12-30 21:51:22 ----AH---- C:\ProgramData\ezsidmv.dat
2011-12-30 21:38:26 ----HD---- C:\Users\Vlady\AppData\Roaming\Avira
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-12-30 21:38:01 ----D---- C:\ProgramData\Avira
2011-12-30 21:38:01 ----D---- C:\Program Files (x86)\Avira
2011-12-30 20:27:57 ----D---- C:\Program Files (x86)\IrfanView
2011-12-30 19:14:50 ----D---- C:\Users\Vlady\AppData\Roaming\vlc
2011-12-30 19:14:10 ----D---- C:\Program Files (x86)\VideoLAN
2011-12-30 19:02:05 ----D---- C:\Program Files (x86)\Winamp Detect
2011-12-30 18:54:55 ----D---- C:\Users\Vlady\AppData\Roaming\Winamp
2011-12-30 18:54:55 ----D---- C:\Program Files (x86)\Winamp
2011-12-30 18:32:32 ----HD---- C:\Users\Vlady\AppData\Roaming\TeamViewer
2011-12-30 18:31:46 ----D---- C:\Program Files (x86)\TeamViewer
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-12-30 16:54:27 ----A---- C:\Windows\system32\shell32.dll
2011-12-30 16:54:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-12-30 16:47:53 ----D---- C:\Program Files (x86)\QIP
2011-12-30 16:36:38 ----HD---- C:\Users\Vlady\AppData\Roaming\QIP
2011-12-30 16:05:19 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-12-30 16:05:19 ----A---- C:\Windows\system32\xmllite.dll
2011-12-30 15:58:56 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbctrac.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccu32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccr32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccp32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-12-30 15:58:52 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-12-30 15:58:46 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-12-30 15:58:46 ----A---- C:\Windows\system32\poqexec.exe
2011-12-30 15:58:44 ----A---- C:\Windows\system32\mssrch.dll
2011-12-30 15:58:42 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-12-30 15:58:42 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-12-30 15:58:42 ----A---- C:\Windows\system32\tquery.dll
2011-12-30 15:58:41 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-12-30 15:58:41 ----A---- C:\Windows\system32\mssph.dll
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-12-30 15:58:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\system32\mssvp.dll
2011-12-30 15:58:40 ----A---- C:\Windows\system32\msscntrs.dll
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-12-30 15:58:39 ----A---- C:\Windows\system32\mssphtb.dll
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-12-30 15:58:12 ----A---- C:\Windows\system32\drivers\afd.sys
2011-12-30 15:56:31 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-30 15:55:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-12-30 15:46:38 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srv.sys
2011-12-30 15:44:51 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-12-30 15:44:51 ----A---- C:\Windows\system32\psisdecd.dll
2011-12-30 15:32:30 ----A---- C:\Windows\system32\KernelBase.dll
2011-12-30 15:32:30 ----A---- C:\Windows\system32\kernel32.dll
2011-12-30 15:32:29 ----A---- C:\Windows\system32\wow64win.dll
2011-12-30 15:32:28 ----A---- C:\Windows\system32\winsrv.dll
2011-12-30 15:32:28 ----A---- C:\Windows\system32\conhost.exe
2011-12-30 15:32:27 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-12-30 15:32:27 ----A---- C:\Windows\system32\wow64.dll
2011-12-30 15:32:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-12-30 15:32:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-12-30 15:32:26 ----A---- C:\Windows\system32\ntvdm64.dll
2011-12-30 15:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-30 15:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-30 15:32:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-12-30 15:32:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-12-30 15:32:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-12-30 15:32:24 ----A---- C:\Windows\system32\wow64cpu.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-12-30 15:32:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-12-30 15:32:15 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-12-30 15:32:15 ----A---- C:\Windows\SYSWOW64\user.exe
2011-12-30 15:32:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-30 15:31:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-12-30 15:31:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-12-27 14:05:41 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-12-27 14:05:41 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-12-27 14:05:41 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-12-27 14:05:40 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-12-27 14:05:40 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-12-27 14:05:33 ----A---- C:\Windows\system32\inetcomm.dll
2011-12-27 14:05:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-12-27 14:05:26 ----A---- C:\Windows\system32\win32k.sys
2011-12-27 14:05:22 ----A---- C:\Windows\system32\oleaut32.dll
2011-12-27 14:05:22 ----A---- C:\Windows\system32\oleacc.dll
2011-12-27 14:05:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-12-27 14:05:21 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-12-27 14:05:19 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-12-27 14:05:19 ----A---- C:\Windows\system32\EncDec.dll
2011-12-27 14:05:12 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-12-27 14:05:12 ----A---- C:\Windows\system32\tzres.dll
2011-12-26 20:04:56 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-12-26 20:04:56 ----A---- C:\Windows\system32\d3d10_1.dll
2011-12-26 19:19:47 ----D---- C:\Users\Vlady\AppData\Roaming\Opera
2011-12-26 19:19:40 ----D---- C:\Program Files (x86)\Opera

======List of files/folders modified in the last 1 month======

2012-01-22 14:49:59 ----D---- C:\Windows\Temp
2012-01-22 14:49:59 ----D---- C:\Windows\Prefetch
2012-01-22 14:49:56 ----D---- C:\Users\Vlady\AppData\Roaming\Skype
2012-01-22 12:47:43 ----D---- C:\Windows\system32\config
2012-01-22 12:37:47 ----D---- C:\Windows\rescache
2012-01-22 11:55:29 ----D---- C:\Windows\Microsoft.NET
2012-01-22 11:55:28 ----RSD---- C:\Windows\assembly
2012-01-22 11:35:49 ----D---- C:\Windows\winsxs
2012-01-22 11:35:20 ----D---- C:\Windows\Panther
2012-01-22 11:35:06 ----A---- C:\Windows\SYSWOW64\log.txt
2012-01-22 11:32:59 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-01-22 11:32:59 ----D---- C:\Windows\system32\sk-SK
2012-01-22 11:32:59 ----D---- C:\Program Files\Internet Explorer
2012-01-22 11:32:59 ----D---- C:\Program Files (x86)\Internet Explorer
2012-01-22 11:32:57 ----D---- C:\Windows\SYSWOW64\migration
2012-01-22 11:32:57 ----D---- C:\Windows\SYSWOW64\en-US
2012-01-22 11:32:57 ----D---- C:\Windows\SysWOW64
2012-01-22 11:32:56 ----D---- C:\Windows\system32\migration
2012-01-22 11:32:56 ----D---- C:\Windows\system32\en-US
2012-01-22 11:32:56 ----D---- C:\Windows\System32
2012-01-22 11:32:56 ----D---- C:\Windows\PolicyDefinitions
2012-01-22 11:32:54 ----D---- C:\Windows\system32\drivers
2012-01-22 11:31:22 ----D---- C:\Windows\Logs
2012-01-22 11:31:00 ----D---- C:\Windows\system32\catroot2
2012-01-22 11:31:00 ----D---- C:\Windows\system32\catroot
2012-01-22 11:28:45 ----SHD---- C:\System Volume Information
2012-01-22 11:27:46 ----D---- C:\Windows
2012-01-22 11:27:35 ----SHD---- C:\Windows\Installer
2012-01-22 11:26:23 ----D---- C:\Windows\inf
2012-01-22 11:26:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-22 11:19:44 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-01-21 08:49:10 ----RD---- C:\Program Files (x86)
2012-01-20 19:01:20 ----D---- C:\Program Files (x86)\Microsoft
2012-01-20 18:59:48 ----HD---- C:\Users\Vlady\AppData\Roaming\DAEMON Tools Lite
2012-01-20 18:59:47 ----D---- C:\Windows\ModemLogs
2012-01-20 18:59:47 ----D---- C:\Windows\Minidump
2012-01-20 18:59:47 ----D---- C:\Windows\debug
2012-01-20 18:58:40 ----RD---- C:\Program Files
2012-01-20 18:02:42 ----D---- C:\Windows\system32\DriverStore
2012-01-20 18:01:34 ----HD---- C:\ProgramData
2012-01-20 17:49:26 ----D---- C:\Windows\Tasks
2012-01-20 17:49:26 ----D---- C:\Program Files (x86)\Google
2012-01-20 17:49:25 ----RD---- C:\Program Files (x86)\Skype
2012-01-19 18:43:41 ----D---- C:\Program Files\ESET
2012-01-19 18:10:51 ----D---- C:\Windows\system32\wbem
2012-01-19 18:10:16 ----D---- C:\Windows\registration
2012-01-14 13:59:57 ----D---- C:\Windows\system32\wfp
2012-01-14 13:59:05 ----D---- C:\Users\Vlady\AppData\Roaming\uTorrent
2012-01-14 13:59:01 ----SD---- C:\Users\Vlady\AppData\Roaming\Microsoft
2012-01-14 13:59:01 ----D---- C:\Users\Vlady\AppData\Roaming\Hamachi
2012-01-14 13:58:54 ----SD---- C:\ProgramData\Microsoft
2012-01-14 13:58:52 ----D---- C:\Program Files\Starcraft
2012-01-14 13:58:52 ----D---- C:\Program Files (x86)\Mobile Partner
2012-01-14 13:58:50 ----D---- C:\Intel
2012-01-14 13:58:18 ----D---- C:\Works
2012-01-14 13:58:11 ----D---- C:\Users\Vlady\AppData\Roaming\Nero
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\Macromedia
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\ESTsoft
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\Adobe
2012-01-14 13:57:35 ----D---- C:\Toshiba
2012-01-14 13:57:35 ----D---- C:\ProgramData\Toshiba
2012-01-14 13:57:35 ----D---- C:\ProgramData\Skype
2012-01-14 13:57:29 ----D---- C:\ProgramData\McAfee
2012-01-14 13:57:29 ----D---- C:\ProgramData\ESTsoft
2012-01-14 13:57:27 ----D---- C:\ProgramData\Apple
2012-01-14 13:57:26 ----D---- C:\ProgramData\Adobe
2012-01-14 13:57:19 ----D---- C:\extensions
2012-01-13 17:02:33 ----D---- C:\Windows\ehome
2012-01-13 17:00:38 ----A---- C:\Windows\system32\MRT.exe
2012-01-11 23:55:39 ----D---- C:\ProgramData\Microsoft Help
2012-01-04 18:49:57 ----D---- C:\Windows\LiveKernelReports
2012-01-02 16:04:29 ----D---- C:\Windows\system32\wdi
2011-12-30 19:01:58 ----D---- C:\Program Files (x86)\Common Files
2011-12-30 17:37:59 ----D---- C:\Program Files\Common Files\System
2011-12-30 17:37:57 ----RSD---- C:\Windows\Fonts
2011-12-30 17:37:56 ----D---- C:\Windows\AppPatch
2011-12-30 15:48:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-12-30 15:40:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-12-27 13:10:57 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-12-31 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-09-15 97312]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-05 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-03-31 724536]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-07-24 114560]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2010-09-28 51712]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-09-23 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-09-18 3271496]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2011-12-18 2420616]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Ještě pofixujeme zbytečnosti. Dvouklikem na soubor C:\Program Files\trend micro\Vlady.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3a/ ... 7A315F13D1}
R3 - URLSearchHook: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx

a klikněte na >Fix checked<. Restartujte PC.

To facesmoch3a nie a nie zmazat
Log je z RSITu co mam na ploche.
Fix som robil Hijackthis: C:\Program Files\trend micro\Vlady.exe
Dufam ze nerobim nieco zle.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlady at 2012-01-22 20:27:24
Microsoft Windows 7 Home Premium
System drive C: has 204 GB (86%) free of 238 GB
Total RAM: 3895 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:28, on 22. 1. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Opera10\opera.exe
C:\Program Files\trend micro\Vlady.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3a/ ... 7A315F13D1}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13025 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 32066992
\??\C:\Windows\system32\conhost.exe "-664354245-310707082-482129337-2127999290-1842590895-5349695731552913688-1040341945
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Trillian\trillian.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
taskeng.exe {515C0BCB-8B46-4AEF-BB67-1805C5A62F87}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3944
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000858
\??\C:\Windows\system32\conhost.exe "15547012701457303828-16472019381549155566-10343199861113003821-1803417575-630040333
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Opera10\opera.exe"
TeamViewer.exe --HostService --sessionID 1
"C:\Users\Vlady\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-02-26 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-02-26 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-02-26 410648]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-09-18 3993416]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 1125504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2010-03-03 4581280]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-09-23 258512]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2011-12-18 73360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Vlady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-22 17:58:52 ----D---- C:\Program Files (x86)\Opera10
2012-01-22 16:04:10 ----D---- C:\Users\Vlady\AppData\Roaming\Trillian
2012-01-22 16:03:51 ----D---- C:\Program Files (x86)\Trillian
2012-01-22 15:42:07 ----D---- C:\Windows\system32\SPReview
2012-01-22 15:41:23 ----D---- C:\Windows\system32\EventProviders
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-01-22 11:30:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\url.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-01-22 11:30:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-01-22 11:30:00 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\wininet.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\urlmon.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\pngfilt.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\occache.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\msrating.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\msls31.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\mshtmler.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\mshtml.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\mshta.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\msfeedssync.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\jsproxy.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\jscript9.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\jscript.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\imgutil.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\ieUnatt.exe
2012-01-22 11:29:59 ----A---- C:\Windows\system32\iesysprep.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\iertutil.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\iepeers.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\ieakui.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\ieaksie.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\ieakeng.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-01-22 11:29:59 ----A---- C:\Windows\system32\admparse.dll
2012-01-22 11:29:58 ----A---- C:\Windows\system32\ieui.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\wextract.exe
2012-01-22 11:29:57 ----A---- C:\Windows\system32\webcheck.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\vbscript.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\url.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\mshtml /icon=C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEPersistencelegalnoticecaptioned.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\msfeeds.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\licmgr10.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\inseng.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\iexpress.exe
2012-01-22 11:29:57 ----A---- C:\Windows\system32\iesetup.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\iernonce.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\ieframe.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\iedkcs32.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\ieapfltr.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\ieapfltr.dat
2012-01-22 11:29:57 ----A---- C:\Windows\system32\ie4uinit.exe
2012-01-22 11:29:57 ----A---- C:\Windows\system32\icardie.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\dxtrans.dll
2012-01-22 11:29:57 ----A---- C:\Windows\system32\dxtmsft.dll
2012-01-22 11:26:23 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-01-22 11:26:10 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-01-22 11:26:10 ----A---- C:\Windows\system32\schannel.dll
2012-01-22 11:26:10 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-22 11:26:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-22 11:26:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-22 11:26:10 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-22 11:26:09 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-01-22 11:26:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-01-22 11:26:09 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\webio.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\sspicli.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\secur32.dll
2012-01-22 11:26:09 ----A---- C:\Windows\system32\lsass.exe
2012-01-20 18:58:40 ----D---- C:\Program Files\CCleaner
2012-01-20 18:02:28 ----D---- C:\Users\Vlady\AppData\Roaming\CheckPoint
2012-01-20 18:01:52 ----D---- C:\Program Files\CheckPoint
2012-01-20 18:01:34 ----D---- C:\ProgramData\CheckPoint
2012-01-20 18:01:12 ----A---- C:\Windows\system32\drivers\netio.sys
2012-01-20 17:59:04 ----D---- C:\Program Files (x86)\CheckPoint
2012-01-20 17:49:25 ----D---- C:\_OTM
2012-01-20 00:10:40 ----D---- C:\Windows\system32\oodag
2012-01-20 00:08:25 ----D---- C:\Program Files\OO Software
2012-01-19 23:03:24 ----D---- C:\Program Files\trend micro
2012-01-19 23:03:20 ----D---- C:\rsit
2012-01-19 22:27:12 ----D---- C:\Program Files (x86)\Trend Micro
2012-01-11 17:18:57 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-11 17:18:57 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-11 17:18:57 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 17:18:57 ----A---- C:\Windows\system32\qdvd.dll
2012-01-11 17:18:50 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-11 17:18:50 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 17:18:21 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-11 17:18:21 ----A---- C:\Windows\system32\packager.dll
2011-12-30 21:51:22 ----HD---- C:\Users\Vlady\AppData\Roaming\skypePM
2011-12-30 21:51:22 ----AH---- C:\ProgramData\ezsidmv.dat
2011-12-30 21:38:26 ----HD---- C:\Users\Vlady\AppData\Roaming\Avira
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-12-30 21:38:02 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-12-30 21:38:01 ----D---- C:\ProgramData\Avira
2011-12-30 21:38:01 ----D---- C:\Program Files (x86)\Avira
2011-12-30 20:27:57 ----D---- C:\Program Files (x86)\IrfanView
2011-12-30 19:14:50 ----D---- C:\Users\Vlady\AppData\Roaming\vlc
2011-12-30 19:14:10 ----D---- C:\Program Files (x86)\VideoLAN
2011-12-30 19:02:05 ----D---- C:\Program Files (x86)\Winamp Detect
2011-12-30 18:54:55 ----D---- C:\Users\Vlady\AppData\Roaming\Winamp
2011-12-30 18:54:55 ----D---- C:\Program Files (x86)\Winamp
2011-12-30 18:32:32 ----HD---- C:\Users\Vlady\AppData\Roaming\TeamViewer
2011-12-30 18:31:46 ----D---- C:\Program Files (x86)\TeamViewer
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-12-30 17:45:44 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-12-30 16:54:27 ----A---- C:\Windows\system32\shell32.dll
2011-12-30 16:54:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-12-30 16:47:53 ----D---- C:\Program Files (x86)\QIP
2011-12-30 16:36:38 ----HD---- C:\Users\Vlady\AppData\Roaming\QIP
2011-12-30 16:05:19 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-12-30 16:05:19 ----A---- C:\Windows\system32\xmllite.dll
2011-12-30 15:58:56 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbctrac.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccu32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccr32.dll
2011-12-30 15:58:56 ----A---- C:\Windows\system32\odbccp32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-12-30 15:58:55 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-12-30 15:58:52 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-12-30 15:58:46 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-12-30 15:58:46 ----A---- C:\Windows\system32\poqexec.exe
2011-12-30 15:58:44 ----A---- C:\Windows\system32\mssrch.dll
2011-12-30 15:58:42 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-12-30 15:58:42 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-12-30 15:58:42 ----A---- C:\Windows\system32\tquery.dll
2011-12-30 15:58:41 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-12-30 15:58:41 ----A---- C:\Windows\system32\mssph.dll
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-12-30 15:58:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-12-30 15:58:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-12-30 15:58:40 ----A---- C:\Windows\system32\mssvp.dll
2011-12-30 15:58:40 ----A---- C:\Windows\system32\msscntrs.dll
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-12-30 15:58:39 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-12-30 15:58:39 ----A---- C:\Windows\system32\mssphtb.dll
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-12-30 15:58:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-12-30 15:58:12 ----A---- C:\Windows\system32\drivers\afd.sys
2011-12-30 15:56:31 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-30 15:55:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-12-30 15:46:38 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-12-30 15:44:56 ----A---- C:\Windows\system32\drivers\srv.sys
2011-12-30 15:44:51 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-12-30 15:44:51 ----A---- C:\Windows\system32\psisdecd.dll
2011-12-30 15:32:30 ----A---- C:\Windows\system32\KernelBase.dll
2011-12-30 15:32:30 ----A---- C:\Windows\system32\kernel32.dll
2011-12-30 15:32:29 ----A---- C:\Windows\system32\wow64win.dll
2011-12-30 15:32:28 ----A---- C:\Windows\system32\winsrv.dll
2011-12-30 15:32:28 ----A---- C:\Windows\system32\conhost.exe
2011-12-30 15:32:27 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-12-30 15:32:27 ----A---- C:\Windows\system32\wow64.dll
2011-12-30 15:32:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-12-30 15:32:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-12-30 15:32:26 ----A---- C:\Windows\system32\ntvdm64.dll
2011-12-30 15:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-30 15:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-30 15:32:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-12-30 15:32:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-12-30 15:32:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-12-30 15:32:24 ----A---- C:\Windows\system32\wow64cpu.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-12-30 15:32:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-30 15:32:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-12-30 15:32:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-12-30 15:32:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-12-30 15:32:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-12-30 15:32:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-12-30 15:32:15 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-12-30 15:32:15 ----A---- C:\Windows\SYSWOW64\user.exe
2011-12-30 15:32:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-30 15:31:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-12-30 15:31:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-12-27 14:05:41 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-12-27 14:05:41 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-12-27 14:05:41 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-12-27 14:05:40 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-12-27 14:05:40 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-12-27 14:05:33 ----A---- C:\Windows\system32\inetcomm.dll
2011-12-27 14:05:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-12-27 14:05:26 ----A---- C:\Windows\system32\win32k.sys
2011-12-27 14:05:22 ----A---- C:\Windows\system32\oleaut32.dll
2011-12-27 14:05:22 ----A---- C:\Windows\system32\oleacc.dll
2011-12-27 14:05:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-12-27 14:05:21 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-12-27 14:05:19 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-12-27 14:05:19 ----A---- C:\Windows\system32\EncDec.dll
2011-12-27 14:05:12 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-12-27 14:05:12 ----A---- C:\Windows\system32\tzres.dll
2011-12-26 20:04:56 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-12-26 20:04:56 ----A---- C:\Windows\system32\d3d10_1.dll
2011-12-26 19:19:47 ----D---- C:\Users\Vlady\AppData\Roaming\Opera
2011-12-26 19:19:40 ----D---- C:\Program Files (x86)\Opera

======List of files/folders modified in the last 1 month======

2012-01-22 20:27:26 ----D---- C:\Windows\Temp
2012-01-22 19:53:27 ----D---- C:\Users\Vlady\AppData\Roaming\Skype
2012-01-22 18:46:25 ----D---- C:\Windows\System32
2012-01-22 18:46:25 ----D---- C:\Windows\inf
2012-01-22 18:46:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-22 18:39:05 ----A---- C:\Windows\SYSWOW64\log.txt
2012-01-22 18:38:18 ----D---- C:\Windows
2012-01-22 18:37:46 ----D---- C:\Windows\system32\config
2012-01-22 17:58:52 ----RD---- C:\Program Files (x86)
2012-01-22 17:56:44 ----D---- C:\Windows\Panther
2012-01-22 17:56:44 ----D---- C:\Windows\Logs
2012-01-22 17:51:29 ----SHD---- C:\Windows\Installer
2012-01-22 17:51:01 ----SHD---- C:\System Volume Information
2012-01-22 17:31:26 ----D---- C:\Windows\Microsoft.NET
2012-01-22 17:31:25 ----RSD---- C:\Windows\assembly
2012-01-22 17:25:45 ----D---- C:\Windows\winsxs
2012-01-22 17:09:13 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-01-22 17:09:13 ----D---- C:\Program Files (x86)\Windows Mail
2012-01-22 17:09:12 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-01-22 17:09:12 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-01-22 17:09:12 ----D---- C:\Program Files (x86)\Windows Media Player
2012-01-22 17:09:07 ----D---- C:\Program Files\Windows Sidebar
2012-01-22 17:09:07 ----D---- C:\Program Files\Windows Mail
2012-01-22 17:09:07 ----D---- C:\Program Files\DVD Maker
2012-01-22 17:09:06 ----D---- C:\Program Files\Windows Portable Devices
2012-01-22 17:09:06 ----D---- C:\Program Files\Windows Media Player
2012-01-22 17:09:05 ----D---- C:\Program Files\Windows Photo Viewer
2012-01-22 17:09:05 ----D---- C:\Program Files\Windows Journal
2012-01-22 17:09:03 ----D---- C:\Program Files\Common Files\System
2012-01-22 17:08:59 ----D---- C:\Windows\servicing
2012-01-22 17:08:59 ----D---- C:\Program Files\Windows Defender
2012-01-22 17:08:58 ----D---- C:\Windows\ehome
2012-01-22 17:08:40 ----D---- C:\Windows\SYSWOW64\da-DK
2012-01-22 17:08:37 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-01-22 17:08:37 ----D---- C:\Windows\SYSWOW64\oobe
2012-01-22 17:08:37 ----D---- C:\Windows\SYSWOW64\migration
2012-01-22 17:08:37 ----D---- C:\Windows\SYSWOW64\en-US
2012-01-22 17:08:34 ----D---- C:\Windows\SYSWOW64\sppui
2012-01-22 17:08:34 ----D---- C:\Windows\SYSWOW64\Setup
2012-01-22 17:08:34 ----D---- C:\Windows\SYSWOW64\manifeststore
2012-01-22 17:08:34 ----D---- C:\Windows\SYSWOW64\es-ES
2012-01-22 17:08:34 ----D---- C:\Windows\SYSWOW64\en
2012-01-22 17:08:34 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-01-22 17:08:34 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2012-01-22 17:08:33 ----D---- C:\Windows\SYSWOW64\wbem
2012-01-22 17:08:33 ----D---- C:\Windows\SYSWOW64\migwiz
2012-01-22 17:08:32 ----D---- C:\Windows\SYSWOW64\Dism
2012-01-22 17:08:31 ----D---- C:\Windows\SysWOW64
2012-01-22 17:08:26 ----D---- C:\Windows\system32\da-DK
2012-01-22 17:08:23 ----D---- C:\Windows\system32\sk-SK
2012-01-22 17:08:22 ----D---- C:\Windows\system32\oobe
2012-01-22 17:08:22 ----D---- C:\Windows\system32\migration
2012-01-22 17:08:22 ----D---- C:\Windows\system32\en-US
2012-01-22 17:08:21 ----D---- C:\Windows\system32\sppui
2012-01-22 17:08:21 ----D---- C:\Windows\system32\Setup
2012-01-22 17:08:21 ----D---- C:\Windows\system32\manifeststore
2012-01-22 17:08:21 ----D---- C:\Windows\system32\es-ES
2012-01-22 17:08:21 ----D---- C:\Windows\system32\cs-CZ
2012-01-22 17:08:21 ----D---- C:\Windows\system32\AdvancedInstallers
2012-01-22 17:08:20 ----D---- C:\Windows\system32\wbem
2012-01-22 17:08:20 ----D---- C:\Windows\system32\drivers\en-US
2012-01-22 17:08:20 ----D---- C:\Windows\system32\drivers
2012-01-22 17:08:19 ----D---- C:\Windows\system32\migwiz
2012-01-22 17:08:18 ----D---- C:\Windows\system32\Dism
2012-01-22 17:07:45 ----RSD---- C:\Windows\Fonts
2012-01-22 17:07:44 ----D---- C:\Windows\AppPatch
2012-01-22 17:07:32 ----D---- C:\Windows\system32\Boot
2012-01-22 17:07:29 ----D---- C:\Windows\system32\DriverStore
2012-01-22 17:02:47 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2012-01-22 17:02:47 ----A---- C:\Windows\system32\msclmd.dll
2012-01-22 16:55:59 ----D---- C:\Windows\Prefetch
2012-01-22 16:44:45 ----RD---- C:\Program Files
2012-01-22 16:42:29 ----A---- C:\Windows\iun6002.exe
2012-01-22 12:37:47 ----D---- C:\Windows\rescache
2012-01-22 11:32:59 ----D---- C:\Program Files\Internet Explorer
2012-01-22 11:32:59 ----D---- C:\Program Files (x86)\Internet Explorer
2012-01-22 11:32:56 ----D---- C:\Windows\PolicyDefinitions
2012-01-22 11:31:00 ----D---- C:\Windows\system32\catroot2
2012-01-22 11:31:00 ----D---- C:\Windows\system32\catroot
2012-01-22 11:19:44 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-01-20 19:01:20 ----D---- C:\Program Files (x86)\Microsoft
2012-01-20 18:59:48 ----HD---- C:\Users\Vlady\AppData\Roaming\DAEMON Tools Lite
2012-01-20 18:59:47 ----D---- C:\Windows\ModemLogs
2012-01-20 18:59:47 ----D---- C:\Windows\Minidump
2012-01-20 18:59:47 ----D---- C:\Windows\debug
2012-01-20 18:01:34 ----HD---- C:\ProgramData
2012-01-20 17:49:26 ----D---- C:\Windows\Tasks
2012-01-20 17:49:26 ----D---- C:\Program Files (x86)\Google
2012-01-20 17:49:25 ----RD---- C:\Program Files (x86)\Skype
2012-01-19 18:43:41 ----D---- C:\Program Files\ESET
2012-01-19 18:10:16 ----D---- C:\Windows\registration
2012-01-14 13:59:57 ----D---- C:\Windows\system32\wfp
2012-01-14 13:59:05 ----D---- C:\Users\Vlady\AppData\Roaming\uTorrent
2012-01-14 13:59:01 ----SD---- C:\Users\Vlady\AppData\Roaming\Microsoft
2012-01-14 13:59:01 ----D---- C:\Users\Vlady\AppData\Roaming\Hamachi
2012-01-14 13:58:54 ----SD---- C:\ProgramData\Microsoft
2012-01-14 13:58:52 ----D---- C:\Program Files\Starcraft
2012-01-14 13:58:52 ----D---- C:\Program Files (x86)\Mobile Partner
2012-01-14 13:58:50 ----D---- C:\Intel
2012-01-14 13:58:18 ----D---- C:\Works
2012-01-14 13:58:11 ----D---- C:\Users\Vlady\AppData\Roaming\Nero
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\Macromedia
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\ESTsoft
2012-01-14 13:58:06 ----D---- C:\Users\Vlady\AppData\Roaming\Adobe
2012-01-14 13:57:35 ----D---- C:\Toshiba
2012-01-14 13:57:35 ----D---- C:\ProgramData\Toshiba
2012-01-14 13:57:35 ----D---- C:\ProgramData\Skype
2012-01-14 13:57:29 ----D---- C:\ProgramData\McAfee
2012-01-14 13:57:29 ----D---- C:\ProgramData\ESTsoft
2012-01-14 13:57:27 ----D---- C:\ProgramData\Apple
2012-01-14 13:57:26 ----D---- C:\ProgramData\Adobe
2012-01-14 13:57:19 ----D---- C:\extensions
2012-01-13 17:00:38 ----A---- C:\Windows\system32\MRT.exe
2012-01-11 23:55:39 ----D---- C:\ProgramData\Microsoft Help
2012-01-04 18:49:57 ----D---- C:\Windows\LiveKernelReports
2012-01-02 16:04:29 ----D---- C:\Windows\system32\wdi
2011-12-30 19:01:58 ----D---- C:\Program Files (x86)\Common Files
2011-12-30 15:48:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-12-30 15:40:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-12-27 13:10:57 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-12-31 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-09-15 97312]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-05 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-03-31 724536]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-07-24 114560]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2010-09-28 51712]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-09-23 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-09-18 3271496]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2011-12-18 2420616]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Nejaka app od Toshiby vypisala, ze bol neopravneny pokus mazat v registroch.
Fungujem na tom notebooku na dialku cez teamviewer, tak len taketo info mam od priatelky.
Pripajam log z Combofix - sken trval asi hodinu.

ComboFix 12-01-21.02 - Vlady . 01. 2012 20:51:42.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3895.2411 [GMT 1:00]
Running from: c:\users\Vlady\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\~OPrBqkKcoysLi2
c:\programdata\~OPrBqkKcoysLi2r
c:\programdata\OPrBqkKcoysLi2
c:\users\Vlady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
c:\windows\iun6002.exe
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))))
.
.
2012-01-22 20:23 . 2012-01-22 20:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-22 15:04 . 2012-01-22 15:17 -------- d-----w- c:\users\Vlady\AppData\Roaming\Trillian
2012-01-22 15:03 . 2012-01-22 15:04 -------- d-----w- c:\program files (x86)\Trillian
2012-01-22 14:42 . 2012-01-22 14:42 -------- d-----w- c:\windows\system32\SPReview
2012-01-22 14:41 . 2012-01-22 14:41 -------- d-----w- c:\windows\system32\EventProviders
2012-01-22 10:29 . 2012-01-22 10:29 995328 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2012-01-22 10:27 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{40BABAA6-375C-463C-99C5-29B6B3DC077F}\mpengine.dll
2012-01-20 17:58 . 2012-01-20 17:58 -------- d-----w- c:\program files\CCleaner
2012-01-20 17:02 . 2012-01-20 17:02 -------- d-----w- c:\users\Vlady\AppData\Roaming\CheckPoint
2012-01-20 17:01 . 2012-01-20 17:01 -------- d-----w- c:\program files\CheckPoint
2012-01-20 17:01 . 2012-01-20 17:01 -------- d-----w- c:\programdata\CheckPoint
2012-01-20 17:01 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2012-01-20 16:59 . 2012-01-20 17:01 -------- d-----w- c:\program files (x86)\CheckPoint
2012-01-20 16:49 . 2012-01-20 16:49 -------- d-----w- C:\_OTM
2012-01-19 23:10 . 2012-01-19 23:10 -------- d-----w- c:\windows\system32\oodag
2012-01-19 23:08 . 2012-01-19 23:08 -------- d-----w- c:\users\Vlady\AppData\Local\O&O
2012-01-19 23:08 . 2012-01-19 23:08 -------- d-----w- c:\program files\OO Software
2012-01-19 22:03 . 2012-01-22 19:27 -------- d-----w- c:\program files\trend micro
2012-01-19 22:03 . 2012-01-19 22:04 -------- d-----w- C:\rsit
2012-01-19 21:27 . 2012-01-19 21:27 388096 ----a-r- c:\users\Vlady\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-19 21:27 . 2012-01-19 21:27 -------- d-----w- c:\program files (x86)\Trend Micro
2012-01-11 16:18 . 2011-10-26 05:33 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 16:18 . 2011-10-26 05:22 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 16:18 . 2011-10-26 04:33 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 16:18 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 16:18 . 2011-11-17 07:14 1739160 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 16:18 . 2011-11-17 05:41 1292592 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 16:18 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 16:18 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2011-12-30 20:51 . 2012-01-22 16:34 -------- d--h--w- c:\users\Vlady\AppData\Roaming\skypePM
2011-12-30 20:38 . 2011-12-30 20:38 -------- d--h--w- c:\users\Vlady\AppData\Roaming\Avira
2011-12-30 20:38 . 2011-12-31 20:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-12-30 20:38 . 2011-09-15 22:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-12-30 20:38 . 2011-09-15 22:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-12-30 20:38 . 2012-01-14 12:57 -------- d-----w- c:\programdata\Avira
2011-12-30 20:38 . 2011-12-30 20:38 -------- d-----w- c:\program files (x86)\Avira
2011-12-30 19:27 . 2011-12-30 19:27 -------- d-----w- c:\program files (x86)\IrfanView
2011-12-30 18:14 . 2012-01-14 12:59 -------- d-----w- c:\users\Vlady\AppData\Roaming\vlc
2011-12-30 18:14 . 2011-12-30 18:14 -------- d-----w- c:\program files (x86)\VideoLAN
2011-12-30 18:02 . 2011-12-30 18:02 -------- d-----w- c:\program files (x86)\Winamp Detect
2011-12-30 18:01 . 2011-12-30 18:01 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-12-30 17:54 . 2012-01-20 17:59 -------- d-----w- c:\users\Vlady\AppData\Roaming\Winamp
2011-12-30 17:54 . 2011-12-30 18:02 -------- d-----w- c:\program files (x86)\Winamp
2011-12-30 17:32 . 2011-12-30 17:32 -------- d--h--w- c:\users\Vlady\AppData\Roaming\TeamViewer
2011-12-30 17:31 . 2012-01-14 12:58 -------- d-----w- c:\program files (x86)\TeamViewer
2011-12-30 16:45 . 2011-03-29 03:32 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-12-30 16:45 . 2011-03-29 03:32 99328 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-12-30 16:45 . 2011-03-29 03:32 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-12-30 16:45 . 2011-03-29 03:32 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-12-30 16:45 . 2011-03-29 03:32 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-12-30 16:45 . 2011-03-29 03:32 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-12-30 16:45 . 2011-03-29 03:32 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-12-30 15:47 . 2011-12-30 15:47 -------- d-----w- c:\program files (x86)\QIP
2011-12-30 15:36 . 2011-12-30 15:36 -------- d--h--w- c:\users\Vlady\AppData\Roaming\QIP
2011-12-30 14:56 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-30 14:55 . 2011-09-29 16:24 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-12-30 14:46 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-12-30 14:32 . 2011-07-16 05:21 422400 ----a-w- c:\windows\system32\KernelBase.dll
2011-12-30 14:31 . 2011-06-23 04:38 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-12-30 14:31 . 2011-06-23 04:38 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-12-26 19:04 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-12-26 19:04 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-12-26 19:00 . 2011-12-26 19:00 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-26 18:19 . 2012-01-22 16:58 -------- d-----w- c:\users\Vlady\AppData\Local\Opera
2011-12-26 18:19 . 2012-01-22 16:51 -------- d-----w- c:\program files (x86)\Opera
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-22 16:02 . 2009-07-14 02:36 175104 ----a-w- c:\windows\system32\msclmd.dll
2012-01-22 16:02 . 2009-07-14 02:36 152064 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-12-27 12:12 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-14 00:19 . 2011-12-14 00:19 4448256 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-11-17 07:10 . 2012-01-22 10:26 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:39 . 2012-01-22 10:26 224768 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-15 13:29 . 2011-02-09 09:55 270720 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-09-23 258512]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2011-12-18 73360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Vlady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
Trillian.lnk - c:\program files (x86)\Trillian\trillian.exe [2011-12-19 2362720]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-2-24 2721120]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-09-18 3271496]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-26 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-26 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-26 410648]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-09-18 3993416]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-11-03 1125504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://toshiba.msn.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.bigseekpro.com/facesmooch3a/{B71A11 ... 7A315F13D1}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3067635089-2586654935-1631073940-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3067635089-2586654935-1631073940-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="7880A209BA5A6FDC39FC0F497ED0F0B379D94B88828C1712561B452C94CAC10D6D4C11376B9BAAC0966A5190E3A593BAA205B094D4BC8C3339C2F0EEE6C2C492BCA97F530AE06ECB3EBA25786E872D8588FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808A9C6AECB7A5D14079DB7CE019D40AA5C459D791CA6980C12DF1BF68937CAA2EF9DD140D1D11AF4620655FEA6C0008F67CB94EBE85C208D17E3FB499F8C3CC626F5B6BA8B1F2FC58017F3DC48EB8C91F059C5BCF14AB5C553A085966CD41678DA5A56E12CFA60776EEE293C98ECE24D8916DA0DF9496B9B356EDB8F72A335420E6DECA095D97058DA1BEADAFEB553F4321CA30F076839493191C67F7B465A0344435C7171608A0D7B1D528B24690F146FFB920B63677ADB3D4832420F3929EC84E5A8E52A6C3C8D086B1EB37460AB844D373EDB9C3C70B4D2412EC67F2F2C885ACFFBA5710C75A5BEF0AFCDA12825F75745636F07103B8A7122EE125E104CAED5F4A1673A848C74DF0A0D689F01D97421925E4BB542E3679C80CBBC82755D0F0AB90B79BD4C3BEDAE8ADF26A95E0B51BE7C33050462D62859EBC07388AD11AC0F75CD3D778E9D5B7437F63DBA69DF3D49D50AC89136E27F34E0EE75CEBB81DD017623A8A7AA36D5FD4A44771600E3B661672C543EB839F13A55181777562B4C7EFE65C3D3B56A4F1D715C33BE310393266A88FDB115F4DA7EB025C06BE66C782C4198ABC1F5828AA4507A627F42907B3D0FB22A56300F6697CE2370D40E0C353068DF14FEE62E1FEEFAFA0CE52A43EDD1F761D4D89B67972101BFB2231B31283810043F5BB87CF8D77CE14A419736B88F3C6F8E2C2440C3B88951AF0998E84DF14BF2876BCE64D93ED2D2CA286A66822B66DA790645C31481A14E1EFD3D23F2929D3DD986BFBDD20AEF1A5172B5B743D6F548CDE1327B08A1F3D1493EF934BA507F97B9C9D8C7CBA139A332BEC3EEC84EDDFDD47C4F586F44A29D9247F0D49C68DEDA3915982203F20982D86D91B7B2CE856770D8362BF01741946EDC7821E21A1D04830CB1D3856DAEEAC3A3CCA0F59A489112BC342D864E56BE64069999AD288E35D5968D45B9076AB8054BDC1A5BF5F3B04032CBF8FCA0DE48118E95A3ED5B7DB001E246445537F369C190D8FC00AACB1B1908310F78C6CA80A584DD06EA7E2461EADDAB01647BF39E35E40E82D487074D4ACFCED1EB017EDBE43C976DBF61B6D28B3FC113C653091F2E7D7C499EDD51E396DEC288A211D0F1A7CC9EEBDB57D83871FCBE72B14544D20ED358D3F4824923D5D15DDF3ABE0F7EDA1082F40139A3E33DD290FCAAD82DC84C248A08455001727383A466A4D279E27DA503DE4661A2D0A44254740F9A3DB27270303051"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Completion time: 2012-01-22 21:48:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-22 20:48
.
Pre-Run: 213 973 774 336 bytes free
Post-Run: 213 109 288 960 bytes free
.
- - End Of File - - 1F94CE32C957D23D34DC1D9AEE2D6B1F

Několik položek CF smazal, zbytek logu vypadá čistý. Nastala nějaká změna?

Opat toto http://www.ulozisko.sk/obrazky/480089/2.jpg
budem musiet asi znovu preinstalovat .NET Framework
Opera aj IE funguju bez problemov.

Zkuste. Pokud nemáte, nainstalujte vyšší verzi .NETFramework.

OK. Zajtra to nainstalujem a dam vediet ako to dopadlo. Zatial velmi pekne dakujem za pomoc

Zatím není zač!

Zdravim, aj po preinstalovani .NET Framework sa stale po zapnuti pocitaca objavuje okno
http://www.ulozisko.sk/obrazky/480089/2.jpg
Ak je to frameworkom, tak o 2 tyzdne ten pocitac aj tak preformatujem.
Ak je tam nejaka zakerna haved, tak neviem