seznam.cz - blokace ip adresy

[stefanjozef]

zdravím ,som tu nový tak vopred sory zamožno blbé otázky.
Mám problém z ntb. seznam.cz mi oznámil blokaci ip nakolko z môjho pc sa posiela spam.
moje ip je. 217.113.51.236 - usr-217-113-51-236.starjan.hu

[stefanjozef]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:52:10, on 19. 9. 2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Uložto File Manager\ufm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Users\User\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... 1737710688
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10864 bytes

[vyosek]

Zdravim a vitam Vas u nas na foru

team jsem presunul do spravne seke (Obsah fóra » Havěť - viry, spyware, rootkity » Řešení problémů, logy)

Dejte prosim log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895 - je podrobnejsi nez HJT

[stefanjozef]

Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2012-09-19 12:16:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 82 GB (54%) free of 153 GB
Total RAM: 2934 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:03, on 19. 9. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Uložto File Manager\ufm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... 1737710688
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10839 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1812
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {A16AB693-62CF-470C-867A-BA66019BA5A8}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\system32\wuauclt.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Uložto File Manager\ufm.exe"
"C:\Windows\System32\osk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3608.b952300.140824712 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3608 "\\.\pipe\gecko-crash-server-pipe.3608" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe" --proxy-stub-channel=Flash3252.6D22F168.41 --host-broker-channel=Flash3252.6D22F168.18467 --host-pid=3252 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe" --channel=2632.003CF510.1470389459 --proxy-stub-channel=Flash3252.6D22F168.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe48_ Global\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\User\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cian0e60.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "keyword.URL" - "http://dts.search-results.com/sr?src=ff ... 06&sr=0&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
ask.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
Search_Results.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cian0e60.default\extensions\
ffxtlbr@funmoods.com
ffxtlbr@searchya.com
{c95a4e8e-816d-4655-8c79-d736da1adb6d}

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cian0e60.default\searchplugins\
funmoods.xml
Search.xml
Search_Results.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-07-03 1387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-08-12 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-08-12 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-02 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-08-12 253584]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-07-03 1387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-08-12 192144]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Toshiba Registration"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain]
C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-01-24 3478336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2010-08-10 386584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2010-08-10 161304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-08-10 415256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2011-12-12 103896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosSENotify]
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator]
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"aswAhAScr.dll"=C:\Program Files\AVAST Software\Avast\aswRegSvr.exe [2012-08-21 76648]
"aswasOutExt.dll"=C:\Program Files\AVAST Software\Avast\aswRegSvr.exe [2012-08-21 76648]
"aswasOutExt64.dll"=C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe [2012-08-21 90568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-29 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-09-19 12:16:53 ----D---- C:\Program Files\trend micro
2012-09-19 12:16:52 ----D---- C:\rsit
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\TjIpSys.dll
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\EMTJNetHandset.dll
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\EMSSip.dll
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\EMRSip.dll
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\EMPlugInManager.dll
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\EMLSip.dll
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\EMIpp.dll
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\EMHidHandset.dll
2012-09-18 11:09:11 ----A---- C:\Windows\SYSWOW64\EMHandsetManager.dll
2012-09-18 11:09:09 ----D---- C:\Program Files (x86)\viphone communicator
2012-09-18 09:08:02 ----D---- C:\Windows\system32\SPReview
2012-09-18 09:07:06 ----D---- C:\Windows\system32\EventProviders
2012-09-18 09:04:55 ----A---- C:\Windows\system32\MRT.exe
2012-09-17 23:28:04 ----RD---- C:\Program Files (x86)\Skype
2012-09-17 16:43:16 ----D---- C:\Users\User\AppData\Roaming\Ulozto File Manager
2012-09-17 16:43:13 ----D---- C:\Program Files (x86)\Uložto File Manager
2012-09-17 11:57:03 ----D---- C:\Users\User\AppData\Roaming\Systweak
2012-09-17 11:56:59 ----D---- C:\Program Files (x86)\Advanced Disk Recovery
2012-09-17 11:28:02 ----D---- C:\Users\User\AppData\Roaming\Malwarebytes
2012-09-17 11:27:50 ----D---- C:\ProgramData\Malwarebytes
2012-09-17 11:27:49 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-17 11:27:49 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-09-17 08:46:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-17 08:46:06 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-17 08:46:03 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-17 08:46:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-17 08:46:02 ----A---- C:\Windows\system32\url.dll
2012-09-17 08:46:02 ----A---- C:\Windows\system32\iertutil.dll
2012-09-17 08:46:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-17 08:46:01 ----A---- C:\Windows\system32\urlmon.dll
2012-09-17 08:46:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-17 08:46:00 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-17 08:46:00 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-17 08:46:00 ----A---- C:\Windows\system32\ieui.dll
2012-09-17 08:45:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-17 08:45:56 ----A---- C:\Windows\system32\jscript9.dll
2012-09-17 08:45:55 ----A---- C:\Windows\system32\wininet.dll
2012-09-17 08:45:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-17 08:45:54 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-17 08:45:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-17 08:45:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-17 08:45:52 ----A---- C:\Windows\system32\jscript.dll
2012-09-17 08:45:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-17 08:45:45 ----A---- C:\Windows\system32\mshtml.dll
2012-09-17 08:45:43 ----A---- C:\Windows\system32\ieframe.dll
2012-09-17 08:45:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-09-16 23:25:16 ----A---- C:\Windows\system32\shell32.dll
2012-09-16 23:25:07 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-09-16 23:17:50 ----A---- C:\Windows\system32\DWrite.dll
2012-09-16 23:17:49 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-09-16 23:17:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-09-16 23:17:16 ----A---- C:\Windows\system32\srcore.dll
2012-09-16 23:17:16 ----A---- C:\Windows\system32\rstrui.exe
2012-09-16 22:52:16 ----A---- C:\Windows\system32\msxml6.dll
2012-09-16 22:52:16 ----A---- C:\Windows\system32\msxml3.dll
2012-09-16 22:52:15 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-09-16 22:52:15 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-09-16 22:52:14 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-09-16 22:52:14 ----A---- C:\Windows\system32\msxml3r.dll
2012-09-16 22:51:33 ----A---- C:\Windows\system32\win32spl.dll
2012-09-16 22:51:33 ----A---- C:\Windows\splwow64.exe
2012-09-16 22:51:32 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-09-16 22:51:32 ----A---- C:\Windows\system32\spoolsv.exe
2012-09-16 22:47:56 ----A---- C:\Windows\system32\drivers\cng.sys
2012-09-16 22:47:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-09-16 22:47:55 ----A---- C:\Windows\system32\schannel.dll
2012-09-16 22:47:55 ----A---- C:\Windows\system32\ncrypt.dll
2012-09-16 22:47:55 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-09-16 22:47:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-09-16 22:47:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-09-16 22:47:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-09-16 22:47:53 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-09-16 20:10:18 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-16 20:10:16 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-09-16 19:44:30 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-09-16 19:44:29 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-09-16 19:44:29 ----A---- C:\Windows\system32\rdpwsx.dll
2012-09-16 18:00:54 ----A---- C:\Windows\system32\profsvc.dll
2012-09-16 18:00:54 ----A---- C:\Windows\system32\profprov.dll
2012-09-16 17:28:36 ----A---- C:\Windows\system32\win32k.sys
2012-09-16 17:28:19 ----A---- C:\Windows\system32\localspl.dll
2012-09-16 17:28:12 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-16 17:22:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-09-16 17:22:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-09-16 17:22:22 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-09-16 17:22:08 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-09-16 17:22:07 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-09-16 17:22:05 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-09-16 17:22:05 ----A---- C:\Windows\system32\msi.dll
2012-09-16 17:12:14 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-09-16 17:12:14 ----A---- C:\Windows\system32\cryptsvc.dll
2012-09-16 17:12:14 ----A---- C:\Windows\system32\cryptnet.dll
2012-09-16 17:12:14 ----A---- C:\Windows\system32\crypt32.dll
2012-09-16 17:12:13 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-09-16 17:12:13 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-09-16 17:11:15 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-09-16 17:11:14 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-09-16 17:11:14 ----A---- C:\Windows\system32\netapi32.dll
2012-09-16 17:11:14 ----A---- C:\Windows\system32\browser.dll
2012-09-16 17:11:14 ----A---- C:\Windows\system32\browcli.dll
2012-09-16 16:09:37 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-09-16 16:09:35 ----A---- C:\Windows\system32\cdosys.dll
2012-09-16 15:54:57 ----A---- C:\user.js
2012-09-16 15:54:55 ----D---- C:\Program Files (x86)\Funmoods
2012-09-16 15:54:20 ----D---- C:\Program Files (x86)\JDownloader
2012-09-16 12:21:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-16 10:33:58 ----D---- C:\Users\User\AppData\Roaming\Registry Mechanic
2012-09-16 06:34:11 ----A---- C:\Windows\system32\wups2.dll
2012-09-16 06:34:11 ----A---- C:\Windows\system32\wucltux.dll
2012-09-16 06:34:11 ----A---- C:\Windows\system32\wuaueng.dll
2012-09-16 06:34:11 ----A---- C:\Windows\system32\wuauclt.exe
2012-09-16 06:33:50 ----A---- C:\Windows\system32\wups.dll
2012-09-16 06:33:50 ----A---- C:\Windows\system32\wudriver.dll
2012-09-16 06:33:50 ----A---- C:\Windows\system32\wuapi.dll
2012-09-16 06:33:38 ----A---- C:\Windows\system32\wuwebv.dll
2012-09-16 06:33:38 ----A---- C:\Windows\system32\wuapp.exe
2012-09-04 10:21:30 ----D---- C:\Windows\SYSWOW64\Hotspot Shield
2012-08-29 17:38:22 ----D---- C:\Program Files (x86)\iLivid
2012-08-29 17:36:08 ----D---- C:\ProgramData\boost_interprocess
2012-08-29 15:50:31 ----D---- C:\Users\User\AppData\Roaming\Kodak
2012-08-29 15:50:25 ----D---- C:\Program Files\DIFX
2012-08-29 15:46:22 ----D---- C:\ProgramData\{C3B35EBF-B1F6-4DE1-9682-ED71913E187B}
2012-08-26 10:40:37 ----D---- C:\ProgramData\Symantec
2012-08-26 10:40:26 ----D---- C:\ProgramData\Norton
2012-08-26 10:40:24 ----D---- C:\ProgramData\NortonInstaller
2012-08-21 08:47:37 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2012-09-19 12:17:03 ----D---- C:\Windows\Temp
2012-09-19 12:17:03 ----D---- C:\Windows\Prefetch
2012-09-19 12:16:53 ----RD---- C:\Program Files
2012-09-19 11:17:30 ----D---- C:\Users\User\AppData\Roaming\Skype
2012-09-19 11:11:43 ----D---- C:\Program Files (x86)\The KMPlayer
2012-09-19 10:40:16 ----D---- C:\Windows\inf
2012-09-19 10:00:34 ----D---- C:\Windows\system32\Tasks
2012-09-19 10:00:32 ----D---- C:\Windows\SysWOW64
2012-09-19 10:00:32 ----D---- C:\Windows
2012-09-19 09:53:07 ----D---- C:\Users\User\AppData\Roaming\vlc
2012-09-19 09:23:09 ----AD---- C:\ProgramData\TEMP
2012-09-19 03:27:03 ----SHD---- C:\Windows\Installer
2012-09-19 03:27:03 ----SHD---- C:\Config.Msi
2012-09-19 03:22:36 ----RD---- C:\Program Files (x86)
2012-09-19 01:49:06 ----SHD---- C:\System Volume Information
2012-09-18 16:55:43 ----D---- C:\Windows\system32\config
2012-09-18 15:34:49 ----D---- C:\Windows\rescache
2012-09-18 14:33:52 ----D---- C:\Windows\Microsoft.NET
2012-09-18 14:33:15 ----RSD---- C:\Windows\assembly
2012-09-18 13:55:43 ----D---- C:\Windows\System32
2012-09-18 13:55:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-18 13:51:19 ----SD---- C:\Users\User\AppData\Roaming\Microsoft
2012-09-18 13:49:47 ----D---- C:\Windows\system32\DriverStore
2012-09-18 13:47:16 ----D---- C:\Windows\system32\catroot2
2012-09-18 13:47:04 ----D---- C:\Windows\winsxs
2012-09-18 13:36:58 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-09-18 13:36:58 ----D---- C:\Program Files (x86)\Windows Portable Devices
2012-09-18 13:36:58 ----D---- C:\Program Files (x86)\Windows Media Player
2012-09-18 13:36:58 ----D---- C:\Program Files (x86)\Windows Mail
2012-09-18 13:36:57 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-09-18 13:36:54 ----D---- C:\Program Files\Windows Sidebar
2012-09-18 13:36:54 ----D---- C:\Program Files\Windows Portable Devices
2012-09-18 13:36:54 ----D---- C:\Program Files\Windows Media Player
2012-09-18 13:36:54 ----D---- C:\Program Files\Windows Mail
2012-09-18 13:36:54 ----D---- C:\Program Files\Windows Journal
2012-09-18 13:36:54 ----D---- C:\Program Files\DVD Maker
2012-09-18 13:36:53 ----D---- C:\Program Files\Windows Photo Viewer
2012-09-18 13:36:52 ----D---- C:\Program Files\Common Files\System
2012-09-18 13:36:50 ----D---- C:\Windows\servicing
2012-09-18 13:36:50 ----D---- C:\Program Files\Windows Defender
2012-09-18 13:36:49 ----D---- C:\Windows\ehome
2012-09-18 13:36:41 ----D---- C:\Windows\SYSWOW64\da-DK
2012-09-18 13:36:40 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-09-18 13:36:39 ----D---- C:\Windows\SYSWOW64\en-US
2012-09-18 13:36:38 ----D---- C:\Windows\SYSWOW64\Setup
2012-09-18 13:36:38 ----D---- C:\Windows\SYSWOW64\oobe
2012-09-18 13:36:38 ----D---- C:\Windows\SYSWOW64\migration
2012-09-18 13:36:38 ----D---- C:\Windows\SYSWOW64\en
2012-09-18 13:36:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-09-18 13:36:38 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2012-09-18 13:36:37 ----D---- C:\Windows\SYSWOW64\wbem
2012-09-18 13:36:37 ----D---- C:\Windows\SYSWOW64\sppui
2012-09-18 13:36:37 ----D---- C:\Windows\SYSWOW64\manifeststore
2012-09-18 13:36:37 ----D---- C:\Windows\SYSWOW64\es-ES
2012-09-18 13:36:36 ----D---- C:\Windows\SYSWOW64\migwiz
2012-09-18 13:36:36 ----D---- C:\Windows\SYSWOW64\Dism
2012-09-18 13:36:06 ----D---- C:\Windows\system32\da-DK
2012-09-18 13:36:06 ----D---- C:\Windows\PolicyDefinitions
2012-09-18 13:36:05 ----D---- C:\Windows\system32\sk-SK
2012-09-18 13:36:04 ----D---- C:\Windows\system32\en-US
2012-09-18 13:36:03 ----D---- C:\Windows\system32\oobe
2012-09-18 13:36:02 ----D---- C:\Windows\system32\Setup
2012-09-18 13:36:02 ----D---- C:\Windows\system32\migration
2012-09-18 13:36:02 ----D---- C:\Windows\system32\AdvancedInstallers
2012-09-18 13:36:01 ----D---- C:\Windows\system32\sppui
2012-09-18 13:36:01 ----D---- C:\Windows\system32\manifeststore
2012-09-18 13:36:01 ----D---- C:\Windows\system32\es-ES
2012-09-18 13:36:01 ----D---- C:\Windows\system32\cs-CZ
2012-09-18 13:35:59 ----D---- C:\Windows\system32\drivers\en-US
2012-09-18 13:35:59 ----D---- C:\Windows\system32\drivers
2012-09-18 13:35:58 ----D---- C:\Windows\system32\wbem
2012-09-18 13:35:56 ----D---- C:\Windows\system32\migwiz
2012-09-18 13:35:56 ----D---- C:\Windows\system32\Dism
2012-09-18 13:35:19 ----RSD---- C:\Windows\Fonts
2012-09-18 13:35:18 ----D---- C:\Windows\AppPatch
2012-09-18 13:34:56 ----D---- C:\Windows\system32\Boot
2012-09-18 11:09:11 ----D---- C:\Windows\Downloaded Program Files
2012-09-18 10:14:49 ----D---- C:\Windows\system32\catroot
2012-09-18 09:18:20 ----D---- C:\Program Files (x86)\Microsoft Office
2012-09-18 09:16:34 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2012-09-18 09:16:34 ----A---- C:\Windows\system32\msclmd.dll
2012-09-18 09:04:59 ----D---- C:\Windows\debug
2012-09-17 23:28:11 ----D---- C:\ProgramData\Skype
2012-09-17 23:28:04 ----D---- C:\Program Files (x86)\Common Files
2012-09-17 11:27:50 ----HD---- C:\ProgramData
2012-09-17 09:02:44 ----D---- C:\Windows\system32\NDF
2012-09-17 08:55:04 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-17 08:55:03 ----D---- C:\Program Files\Internet Explorer
2012-09-16 20:11:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-09-16 12:30:48 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-09-16 10:33:13 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic
2012-09-16 10:28:15 ----D---- C:\Program Files (x86)\SearchYa!
2012-09-16 10:26:42 ----D---- C:\Windows\Tasks
2012-08-25 20:28:16 ----D---- C:\Windows\SYSWOW64\Macromed
2012-08-24 16:31:28 ----D---- C:\ProgramData\Adobe
2012-08-24 16:28:37 ----D---- C:\ProgramData\McAfee
2012-08-24 16:28:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-23 14:39:52 ----D---- C:\Windows\SYSWOW64\Adobe
2012-08-21 11:12:23 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-08-21 11:12:02 ----A---- C:\Windows\system32\aswBoot.exe
2012-08-21 08:51:06 ----D---- C:\Windows\Minidump
2012-08-21 08:51:06 ----D---- C:\Windows\Logs
2012-08-20 16:28:05 ----D---- C:\Windows\system32\drivers\etc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-04 283200]
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2012-07-10 41704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-29 10610400]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-03-04 75816]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-07-10 38632]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-19 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-24 250568]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-19 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-16 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-19 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[vyosek]

Vidim tam nainstalovany MBAM, spustte jej, udelejte aktualizaci databaze a pak provedte uplnou kontrolu - dejte ale log pred mazanim - obcas ma MBAM falesne detekce. Pripadne navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

[vyosek]

Predpokladam, ze enmate Madarskeho poskytovatele internetu

[stefanjozef]

madarského poskytovatela nemám,ale bývam na pohraničí,čiže kamen dokážem hodit do druhého štátu

[vyosek]

Ale dulezite je, od koho mate internet - predpokladam tedy slovensky poskytovatel A udaje by mely byt ve smlouve o pripojeni

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
• Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

[stefanjozef]

čo sa týka netu tak ten je cez wifi poskytuje ho obec bezplatne.

[stefanjozef]

RogueKiller V8.0.4 [09/19/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : User [Práva Správcu]
Režim : Kontrola -- Dátum : 09/19/2012 12:40:26

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 5 ¤¤¤
[HJ] HKLM\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NÁJDENÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3276GSXN +++++
--- User ---
[MBR] 7487f63569557d3279cebb3cc94ac43c
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 153000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 314165248 | Size: 151843 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1].txt >>
RKreport[1].txt

[stefanjozef]

čakám na dokončenie Mbam a hnet vložím log.

[stefanjozef]

tak už to mám

Malwarebytes Anti-Malware (Skúšobná verzia) 1.65.0.1400
www.malwarebytes.org

Verzia databázy: v2012.09.19.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
User :: C650PRO [administrátor]

Ochrana: Zapnuté

19. 9. 2012 12:45:23
mbam-log-2012-09-19 (12-45-23).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 362762
Uplynutý čas: 45 min, 6 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

[vyosek]

Spustte MiniTool dle kolegy

daj spustit tento program
http://www.bleepingcomputer.com/downloa ... box/dl/65/

Spustit>.zafajknut.
1:Report IEPROXY
2:Report FFPROXY
3:List comtent OFF HOSTS
4:List IP CONFIGURATION
5:LIST WINSOCK...
6:List Last 10 EvENTS..
7:Only problems
8:Klik GO a log nech ti da do fora.

[stefanjozef]

MiniToolBox by Farbar Version: 23-07-2012
Ran by User (administrator) on 19-09-2012 at 14:21:14
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Pripojenie bezdrôtovej siete (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) = Lokálne pripojenie (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Pripojenie bezdrôtovej siete 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Pripojenie bezdr“tovej siete 2" address=192.168.137.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : C650Pro
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Pripojenie bezdr“tovej siete 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : EE-39-DF-5B-B0-D9
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Pripojenie bezdr“tovej siete:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : E8-39-DF-5B-B0-D9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b088fa8f:2af2%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.110(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 18. septembra 2012 16:43:08
Lease Expires . . . . . . . . . . : 19. septembra 2012 16:13:44
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 434649567
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-95-CA-A4-00-26-6C-76-BB-47
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Lok lne pripojenie:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-76-BB-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2605C175-4DB6-4A73-9E29-E1E9D4D312B3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A6DD3B92-3A32-4C00-B881-144F446D2426}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Lok lne pripojenie* 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953cf33dcc13(Preferred)
Link-local IPv6 Address . . . . . : fe80:f33dcc13%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 2a00400d:804::1000
173.194.39.130
173.194.39.129
173.194.39.137
173.194.39.131
173.194.39.132
173.194.39.136
173.194.39.133
173.194.39.135
173.194.39.134
173.194.39.128
173.194.39.142


Pinging google.com [173.194.39.142] with 32 bytes of data:
Reply from 173.194.39.142: bytes=32 time=91ms TTL=51
Reply from 173.194.39.142: bytes=32 time=80ms TTL=51

Ping statistics for 173.194.39.142:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 80ms, Maximum = 91ms, Average = 85ms
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=321ms TTL=41
Reply from 98.138.253.109: bytes=32 time=276ms TTL=41

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 276ms, Maximum = 321ms, Average = 298ms
Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 7ms, Average = 5ms
===========================================================================
Interface List
13...ee 39 df 5b b0 d9 ......Microsoft Virtual WiFi Miniport Adapter
12...e8 39 df 5b b0 d9 ......Atheros AR9285 Wireless Network Adapter
11...00 26 6c 76 bb 47 ......Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.110 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.110 286
192.168.1.110 255.255.255.255 On-link 192.168.1.110 286
192.168.1.255 255.255.255.255 On-link 192.168.1.110 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.110 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.110 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:9d38:953cf33dcc13/128
On-link
12 286 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80:f33dcc13/128
On-link
12 286 fe80::b088fa8f:2af2/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
12 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/19/2012 01:56:28 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 15.0.1.4631 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e18

Start Time: 01cd964893709650

Termination Time: 15

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 094058b4-0251-11e2-ab26-00266c76bb47

Error: (09/19/2012 11:24:21 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 15.0.1.4631 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a40

Start Time: 01cd96479cf29632

Termination Time: 15

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: c99e8c14-023b-11e2-ab26-00266c76bb47

Error: (09/19/2012 00:32:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/19/2012 00:31:31 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (09/18/2012 05:07:31 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 15.0.1.4631 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b20

Start Time: 01cd95ac19e8bf5c

Termination Time: 11

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 8c42b014-01a2-11e2-ab26-00266c76bb47

Error: (09/18/2012 01:55:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/18/2012 01:55:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/18/2012 01:50:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/18/2012 01:50:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/18/2012 01:49:45 PM) (Source: ESENT) (User: )
Description: WinMail (4020) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.


System errors:
=============
Error: (09/19/2012 01:49:06 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (09/18/2012 07:13:42 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/18/2012 04:43:09 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/18/2012 04:34:41 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (09/18/2012 04:34:25 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (09/18/2012 04:34:09 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (09/18/2012 04:33:49 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (09/18/2012 02:40:53 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (09/18/2012 02:40:46 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (09/18/2012 02:40:36 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.


Microsoft Office Sessions:
=========================

**** End of log ****

[stefanjozef]

môžete mi povedat čo mám s pc? dúfam,že tento log z minitoolbox neobsahuje udáje ktoré by mohli byt zneužité