
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
Dobrý den, už jednou jsem řešil problém, že se při spuštění PC automaticky spustí okno IE s nějakou reklamou. Podle předchozího logu a vašeho dporučení jsem odstranil z PC závadu v podobě klíče, který se uložil do registru. Problém se objevil po týdnu znovu a to i na druhém PC. Ještě k tomu jsem zjistil, že na flash disku (který jsme mimochodem používali mezi oběma PC) i po zformátování zůstávají dva soubory - highspeed driver.exe a autorun. Když je ručně smažu, po dvou vteřinách se oba soubory objeví znovu. Na PC ale ani jeden z těch souborů nebyl nalezen.
Přikládám log a prosím o pomoc. Děkuji
Logfile of random's system information tool 1.06 (written by random/random)
Run by Sisi at 2010-02-04 19:52:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 86 GB (56%) free of 153 GB
Total RAM: 4060 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:44, on 4.2.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Avast Professional 4\ashDisp.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Sisi\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Sisi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] //~c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [NDSTray.exe] "C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
O4 - HKLM\..\Run: [cfFncEnabler.exe] "C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\AVASTP~1\ashDisp.exe
O4 - HKLM\..\Run: [Ulead Photo Express Calendar Checker] //~c:\program files (x86)\ulead photo express 5\calcheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-71511-9400-1/4 (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast Professional 4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast Professional 4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast Professional 4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast Professional 4\ashWebSv.exe
O23 - Service: TOSHIBA Web Camera Service (camsvc) - TOSHIBA - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: Služba Výstraha HDD SSD TOSHIBA (TOSHIBA HDD SSD Alert Service) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9873 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2007-04-16 422400]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2008-11-21 438272]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"Adobe Reader Speed Launcher"=//~c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-21 61440]
"ITSecMng"=C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2008-12-19 83336]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-04-01 1283384]
"NDSTray.exe"=C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-05-12 299008]
"cfFncEnabler.exe"=C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe [2009-03-24 16384]
"avast!"=C:\PROGRA~1\AVASTP~1\ashDisp.exe [2009-11-25 81000]
"Ulead Photo Express Calendar Checker"=//~c:\program files (x86)\ulead photo express 5\calcheck.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=
"NoActiveDesktopChanges"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{660b2871-bb59-11de-b029-00225fc8743e}]
shell\AutoRun\command - G:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90194eb0-db9c-11de-a888-00235afc705d}]
shell\AutoRun\command - D:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d7b15a37-bc05-11de-b398-00235afc705d}]
shell\AutoRun\command - .\Highspeed drivers.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dbafd345-bb23-11de-b18d-00225fc8743e}]
shell\AutoRun\command - D:\WD_Windows_Tools\Setup.exe
======File associations======
.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-01-25 15:15:04 ----D---- C:\Users\Sisi\AppData\Roaming\Malwarebytes
2010-01-25 15:14:59 ----D---- C:\ProgramData\Malwarebytes
2010-01-25 15:14:58 ----D---- C:\Program Files (x86)\Anti-Malware
2010-01-24 21:55:26 ----D---- C:\Program Files (x86)\trend micro
2010-01-24 21:53:29 ----D---- C:\rsit
2010-01-21 19:40:34 ----A---- C:\Windows\system32\mshtml.dll
2010-01-21 19:40:31 ----A---- C:\Windows\system32\ieframe.dll
2010-01-21 19:40:29 ----A---- C:\Windows\system32\iertutil.dll
2010-01-21 19:40:28 ----A---- C:\Windows\system32\urlmon.dll
2010-01-21 19:40:27 ----A---- C:\Windows\system32\wininet.dll
2010-01-21 19:40:26 ----A---- C:\Windows\system32\occache.dll
2010-01-21 19:40:25 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-21 19:40:25 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-21 19:40:24 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-21 19:40:24 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-21 19:40:24 ----A---- C:\Windows\system32\ieui.dll
2010-01-21 19:40:24 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-21 19:40:24 ----A---- C:\Windows\system32\iepeers.dll
2010-01-21 19:40:23 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-21 19:40:23 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-21 19:40:23 ----A---- C:\Windows\system32\iesetup.dll
2010-01-21 19:40:23 ----A---- C:\Windows\system32\iernonce.dll
2010-01-21 19:40:23 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-13 18:28:43 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 18:28:43 ----A---- C:\Windows\system32\fontsub.dll
2010-01-10 18:30:29 ----A---- C:\Windows\NeroDigital.ini
2010-01-10 12:17:50 ----D---- C:\Users\Sisi\AppData\Roaming\Nero
2010-01-10 12:17:38 ----A---- C:\Windows\Irremote.ini
2010-01-10 12:17:27 ----A---- C:\Windows\system32\MsiExec.exe.log
2010-01-10 12:15:59 ----D---- C:\ProgramData\Nero
2010-01-10 12:15:59 ----D---- C:\Program Files (x86)\Nero
2010-01-10 12:15:59 ----D---- C:\Program Files (x86)\Common Files\Nero
======List of files/folders modified in the last 1 months======
2010-02-04 19:52:16 ----D---- C:\Windows\Temp
2010-02-04 19:51:37 ----D---- C:\Windows\System32
2010-02-04 19:51:37 ----D---- C:\Windows\inf
2010-02-04 19:49:57 ----A---- C:\Windows\ntbtlog.txt
2010-02-04 17:07:08 ----D---- C:\Windows\Prefetch
2010-02-04 17:07:00 ----SHD---- C:\System Volume Information
2010-01-28 06:00:58 ----D---- C:\Windows\winsxs
2010-01-28 06:00:58 ----D---- C:\Program Files (x86)\Internet Explorer
2010-01-25 15:15:00 ----D---- C:\Windows\system32\drivers
2010-01-25 15:14:59 ----HD---- C:\ProgramData
2010-01-25 15:14:58 ----RD---- C:\Program Files (x86)
2010-01-22 06:24:27 ----D---- C:\Windows\SysWOW64
2010-01-22 06:24:27 ----D---- C:\Windows\system32\migration
2010-01-21 19:49:03 ----D---- C:\Users\Sisi\AppData\Roaming\ICQ
2010-01-14 15:02:48 ----SHD---- C:\Windows\Installer
2010-01-14 15:02:46 ----D---- C:\ProgramData\Microsoft Help
2010-01-14 15:01:58 ----D---- C:\Program Files (x86)\Windows Mail
2010-01-10 18:30:29 ----D---- C:\Windows
2010-01-10 12:16:59 ----RSD---- C:\Windows\assembly
2010-01-10 12:15:59 ----D---- C:\Program Files (x86)\Common Files
2010-01-10 12:15:57 ----D---- C:\Windows\Cursors
2010-01-10 12:11:00 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-01-07 16:13:20 ----D---- C:\Program Files (x86)\ICQ6.5
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 RTL8187B;Síťový adaptér Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0; C:\Windows\system32\DRIVERS\RTL8187B.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys []
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys []
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S3 ab06s9lv;ab06s9lv; C:\Windows\system32\drivers\ab06s9lv.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR64.SYS []
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys []
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys []
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast Professional 4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast Professional 4\ashServ.exe [2009-11-25 138680]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-03-06 36864]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-04-01 62776]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2009-03-30 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe []
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-03-06 488288]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-03-17 189808]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-04-24 242176]
R2 TOSHIBA HDD SSD Alert Service;Služba Výstraha HDD SSD TOSHIBA ; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-03-17 84480]
R2 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-04-15 803696]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast Professional 4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast Professional 4\ashWebSv.exe [2009-11-25 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S3 camsvc;TOSHIBA Web Camera Service; C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [2009-04-16 20544]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
-----------------EOF-----------------
Přikládám log a prosím o pomoc. Děkuji
Logfile of random's system information tool 1.06 (written by random/random)
Run by Sisi at 2010-02-04 19:52:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 86 GB (56%) free of 153 GB
Total RAM: 4060 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:44, on 4.2.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Avast Professional 4\ashDisp.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Sisi\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Sisi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] //~c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [NDSTray.exe] "C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
O4 - HKLM\..\Run: [cfFncEnabler.exe] "C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\AVASTP~1\ashDisp.exe
O4 - HKLM\..\Run: [Ulead Photo Express Calendar Checker] //~c:\program files (x86)\ulead photo express 5\calcheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-71511-9400-1/4 (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast Professional 4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast Professional 4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast Professional 4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast Professional 4\ashWebSv.exe
O23 - Service: TOSHIBA Web Camera Service (camsvc) - TOSHIBA - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: Služba Výstraha HDD SSD TOSHIBA (TOSHIBA HDD SSD Alert Service) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9873 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2007-04-16 422400]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2008-11-21 438272]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"Adobe Reader Speed Launcher"=//~c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-21 61440]
"ITSecMng"=C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2008-12-19 83336]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-04-01 1283384]
"NDSTray.exe"=C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-05-12 299008]
"cfFncEnabler.exe"=C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe [2009-03-24 16384]
"avast!"=C:\PROGRA~1\AVASTP~1\ashDisp.exe [2009-11-25 81000]
"Ulead Photo Express Calendar Checker"=//~c:\program files (x86)\ulead photo express 5\calcheck.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=
"NoActiveDesktopChanges"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{660b2871-bb59-11de-b029-00225fc8743e}]
shell\AutoRun\command - G:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90194eb0-db9c-11de-a888-00235afc705d}]
shell\AutoRun\command - D:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d7b15a37-bc05-11de-b398-00235afc705d}]
shell\AutoRun\command - .\Highspeed drivers.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dbafd345-bb23-11de-b18d-00225fc8743e}]
shell\AutoRun\command - D:\WD_Windows_Tools\Setup.exe
======File associations======
.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-01-25 15:15:04 ----D---- C:\Users\Sisi\AppData\Roaming\Malwarebytes
2010-01-25 15:14:59 ----D---- C:\ProgramData\Malwarebytes
2010-01-25 15:14:58 ----D---- C:\Program Files (x86)\Anti-Malware
2010-01-24 21:55:26 ----D---- C:\Program Files (x86)\trend micro
2010-01-24 21:53:29 ----D---- C:\rsit
2010-01-21 19:40:34 ----A---- C:\Windows\system32\mshtml.dll
2010-01-21 19:40:31 ----A---- C:\Windows\system32\ieframe.dll
2010-01-21 19:40:29 ----A---- C:\Windows\system32\iertutil.dll
2010-01-21 19:40:28 ----A---- C:\Windows\system32\urlmon.dll
2010-01-21 19:40:27 ----A---- C:\Windows\system32\wininet.dll
2010-01-21 19:40:26 ----A---- C:\Windows\system32\occache.dll
2010-01-21 19:40:25 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-21 19:40:25 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-21 19:40:24 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-21 19:40:24 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-21 19:40:24 ----A---- C:\Windows\system32\ieui.dll
2010-01-21 19:40:24 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-21 19:40:24 ----A---- C:\Windows\system32\iepeers.dll
2010-01-21 19:40:23 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-21 19:40:23 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-21 19:40:23 ----A---- C:\Windows\system32\iesetup.dll
2010-01-21 19:40:23 ----A---- C:\Windows\system32\iernonce.dll
2010-01-21 19:40:23 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-13 18:28:43 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 18:28:43 ----A---- C:\Windows\system32\fontsub.dll
2010-01-10 18:30:29 ----A---- C:\Windows\NeroDigital.ini
2010-01-10 12:17:50 ----D---- C:\Users\Sisi\AppData\Roaming\Nero
2010-01-10 12:17:38 ----A---- C:\Windows\Irremote.ini
2010-01-10 12:17:27 ----A---- C:\Windows\system32\MsiExec.exe.log
2010-01-10 12:15:59 ----D---- C:\ProgramData\Nero
2010-01-10 12:15:59 ----D---- C:\Program Files (x86)\Nero
2010-01-10 12:15:59 ----D---- C:\Program Files (x86)\Common Files\Nero
======List of files/folders modified in the last 1 months======
2010-02-04 19:52:16 ----D---- C:\Windows\Temp
2010-02-04 19:51:37 ----D---- C:\Windows\System32
2010-02-04 19:51:37 ----D---- C:\Windows\inf
2010-02-04 19:49:57 ----A---- C:\Windows\ntbtlog.txt
2010-02-04 17:07:08 ----D---- C:\Windows\Prefetch
2010-02-04 17:07:00 ----SHD---- C:\System Volume Information
2010-01-28 06:00:58 ----D---- C:\Windows\winsxs
2010-01-28 06:00:58 ----D---- C:\Program Files (x86)\Internet Explorer
2010-01-25 15:15:00 ----D---- C:\Windows\system32\drivers
2010-01-25 15:14:59 ----HD---- C:\ProgramData
2010-01-25 15:14:58 ----RD---- C:\Program Files (x86)
2010-01-22 06:24:27 ----D---- C:\Windows\SysWOW64
2010-01-22 06:24:27 ----D---- C:\Windows\system32\migration
2010-01-21 19:49:03 ----D---- C:\Users\Sisi\AppData\Roaming\ICQ
2010-01-14 15:02:48 ----SHD---- C:\Windows\Installer
2010-01-14 15:02:46 ----D---- C:\ProgramData\Microsoft Help
2010-01-14 15:01:58 ----D---- C:\Program Files (x86)\Windows Mail
2010-01-10 18:30:29 ----D---- C:\Windows
2010-01-10 12:16:59 ----RSD---- C:\Windows\assembly
2010-01-10 12:15:59 ----D---- C:\Program Files (x86)\Common Files
2010-01-10 12:15:57 ----D---- C:\Windows\Cursors
2010-01-10 12:11:00 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-01-07 16:13:20 ----D---- C:\Program Files (x86)\ICQ6.5
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 RTL8187B;Síťový adaptér Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0; C:\Windows\system32\DRIVERS\RTL8187B.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys []
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys []
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S3 ab06s9lv;ab06s9lv; C:\Windows\system32\drivers\ab06s9lv.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR64.SYS []
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys []
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys []
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast Professional 4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast Professional 4\ashServ.exe [2009-11-25 138680]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-03-06 36864]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-04-01 62776]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2009-03-30 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe []
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-03-06 488288]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-03-17 189808]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-04-24 242176]
R2 TOSHIBA HDD SSD Alert Service;Služba Výstraha HDD SSD TOSHIBA ; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-03-17 84480]
R2 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-04-15 803696]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast Professional 4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast Professional 4\ashWebSv.exe [2009-11-25 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S3 camsvc;TOSHIBA Web Camera Service; C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [2009-04-16 20544]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
-----------------EOF-----------------
-
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
Ahoj.
Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users", "Lop" aj "Purity Check" a "File Scan" zmen na 7 dni miesto 30. Do policka pod nazvom "Custom Scans/Fixes" skopiruj:
Potom klikni na "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.
Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users", "Lop" aj "Purity Check" a "File Scan" zmen na 7 dni miesto 30. Do policka pod nazvom "Custom Scans/Fixes" skopiruj:
Kód: Vybrat vše
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:

- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
Re: Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
OBSAH OTL.TXT
OTL logfile created on: 5.2.2010 16:37:21 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Sisi\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 83,44 Gb Free Space | 55,98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 147,58 Gb Total Space | 99,37 Gb Free Space | 67,34% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SISI
Current User Name: Sisi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.02.05 16:35:29 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Sisi\Desktop\OTL.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\aswUpdSv.exe
PRC - [2009.10.11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009.05.12 21:26:42 | 000,299,008 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.04.23 14:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2009.03.30 15:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.03.10 17:50:36 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.03.06 16:27:10 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009.01.13 20:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2007.12.13 19:10:56 | 001,688,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.12.13 19:10:56 | 000,447,784 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2007.12.03 14:21:24 | 000,869,672 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
========== Modules (SafeList) ==========
MOD - [2010.02.05 16:35:29 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Sisi\Desktop\OTL.exe
MOD - [2009.04.11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast Professional 4\ashServ.exe -- (avast! Antivirus)
SRV:64bit: - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast Professional 4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV:64bit: - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast Professional 4\ashWebSv.exe -- (avast! Web Scanner)
SRV:64bit: - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast Professional 4\aswUpdSv.exe -- (aswUpdSv)
SRV:64bit: - [2009.09.25 02:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009.04.24 10:40:26 | 000,242,176 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009.04.21 21:07:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.04.15 16:08:20 | 000,803,696 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009.03.17 10:48:54 | 000,084,480 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.03.06 17:30:32 | 000,488,288 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2008.01.21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.11.21 16:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2009.04.16 17:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009.04.01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.03.30 15:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009.03.30 05:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.03.17 13:37:10 | 000,189,808 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009.03.06 16:27:10 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2007.12.13 19:10:56 | 000,447,784 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.12.03 14:21:24 | 000,869,672 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3)
SRV - [2006.11.02 14:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006.11.02 07:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006.11.02 07:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2009.11.25 00:50:25 | 000,089,680 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2009.11.25 00:50:05 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009.11.25 00:49:56 | 000,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009.11.25 00:49:10 | 000,053,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2009.11.25 00:49:00 | 000,027,216 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2009.10.17 21:11:40 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.04.24 13:29:40 | 000,206,336 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.04.21 22:30:46 | 005,356,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.04.08 10:53:06 | 000,071,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009.03.23 15:48:20 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.03.20 15:37:40 | 000,266,288 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.03.19 13:07:46 | 000,052,736 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2009.03.18 10:46:44 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\pgeffect.sys -- (PGEffect)
DRV:64bit: - [2009.03.05 10:03:34 | 000,088,576 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.02.11 16:26:18 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.01.27 18:12:14 | 000,504,912 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.01.13 16:56:30 | 000,415,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2008.11.11 17:30:12 | 000,189,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008.10.06 16:56:58 | 000,173,696 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2008.01.21 03:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) Zobrazovací zařízení USB (WDM)
DRV:64bit: - [2008.01.21 03:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2007.12.11 13:03:36 | 000,027,272 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2007.11.09 13:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2007.04.23 12:15:48 | 000,031,016 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt)
DRV:64bit: - [2006.11.02 06:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006.10.23 15:33:08 | 000,018,944 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tosrfec.sys -- (tosrfec)
DRV - [2008.05.07 10:30:14 | 000,032,040 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2006.09.18 22:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006.09.18 22:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEG;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEG;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1586963-3298563919-3864551572-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEG;
IE - HKU\S-1-5-21-1586963-3298563919-3864551572-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
IE - HKU\S-1-5-21-1586963-3298563919-3864551572-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1586963-3298563919-3864551572-1000\S-1-5-21-1586963-3298563919-3864551572-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET NOD32 Antivirus\Mozilla Thunderbird
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (Společnost TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPCHWMsg] C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (Společnost TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [winlogon] C:\Program Files\Windows User\winlogon.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Avast Professional 4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Ulead Photo Express Calendar Checker] File not found
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1586963-3298563919-3864551572-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1586963-3298563919-3864551572-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img10.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img10.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{660b2871-bb59-11de-b029-00225fc8743e}\Shell - "" = AutoRun
O33 - MountPoints2\{660b2871-bb59-11de-b029-00225fc8743e}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{90194eb0-db9c-11de-a888-00235afc705d}\Shell - "" = AutoRun
O33 - MountPoints2\{90194eb0-db9c-11de-a888-00235afc705d}\Shell\AutoRun\command - "" = D:\Autorun.exe -- File not found
O33 - MountPoints2\{dbafd345-bb23-11de-b18d-00225fc8743e}\Shell\AutoRun\command - "" = D:\WD_Windows_Tools\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2008.01.21 04:06:38 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008.01.21 04:08:35 | 000,000,000 | ---D | M]
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
OTL cannot create restorepoints on Vista OSs!
========== Files/Folders - Created Within 7 Days ==========
[2010.02.05 16:35:24 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\Sisi\Desktop\OTL.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.02.05 16:41:37 | 001,835,008 | -HS- | M] () -- C:\Users\Sisi\ntuser.dat
[2010.02.05 16:41:09 | 001,402,426 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.02.05 16:41:09 | 000,602,086 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.02.05 16:41:09 | 000,590,082 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.02.05 16:41:09 | 000,116,182 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.02.05 16:41:09 | 000,102,094 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.02.05 16:35:29 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Sisi\Desktop\OTL.exe
[2010.02.05 16:33:20 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.05 16:33:20 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.05 16:33:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.05 16:33:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.05 16:33:10 | 4258,136,064 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.04 22:05:32 | 000,524,288 | -HS- | M] () -- C:\Users\Sisi\ntuser.dat{0f8d2361-c7c2-11de-9b73-00225fc8743e}.TMContainer00000000000000000001.regtrans-ms
[2010.02.04 22:05:32 | 000,065,536 | -HS- | M] () -- C:\Users\Sisi\ntuser.dat{0f8d2361-c7c2-11de-9b73-00225fc8743e}.TM.blf
[2010.02.04 22:05:30 | 001,956,044 | -H-- | M] () -- C:\Users\Sisi\AppData\Local\IconCache.db
[2010.02.04 19:52:02 | 000,781,909 | ---- | M] () -- C:\Users\Sisi\Desktop\RSIT.exe
[2010.01.29 16:55:08 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.02.04 19:51:56 | 000,781,909 | ---- | C] () -- C:\Users\Sisi\Desktop\RSIT.exe
[2010.01.10 18:30:29 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.01.10 12:17:38 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.12.29 20:40:21 | 000,438,528 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_vcredistMSI3019.txt
[2009.12.29 20:40:20 | 000,011,440 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_vcredistUI3019.txt
[2009.12.03 13:28:29 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.12.03 13:27:09 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.11.14 17:35:31 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2009.11.09 14:22:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\w32apiw.dll
[2009.11.09 12:30:53 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.11.09 12:30:52 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.11.09 12:30:51 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.11.09 12:30:51 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.11.09 12:30:50 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009.11.09 12:30:48 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.09 12:30:48 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009.11.09 01:06:01 | 000,000,293 | ---- | C] () -- C:\Windows\ulead32.ini
[2009.11.03 12:39:42 | 000,021,854 | ---- | C] () -- C:\Users\Sisi\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
[2009.10.28 20:03:12 | 000,394,240 | ---- | C] () -- C:\Windows\SysWow64\Smab.dll
[2009.10.28 20:03:10 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2009.10.19 19:17:09 | 001,421,836 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.10.19 15:38:32 | 000,793,528 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_NET_Framework35_LangPack_MSI1DAA.txt
[2009.10.19 15:38:28 | 000,033,135 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2009.10.19 15:38:26 | 000,075,826 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_dotnetfx35install_lp.txt
[2009.10.19 15:38:26 | 000,001,602 | ---- | C] () -- C:\Users\Sisi\AppData\Local\uxeventlog.txt
[2009.10.19 15:38:26 | 000,000,002 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_dotnetfx35error_lp.txt
[2009.10.18 17:40:55 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.10.17 17:55:05 | 000,192,512 | ---- | C] () -- C:\Users\Sisi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.11 13:07:20 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.10.11 13:02:45 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\EnumDevLib.dll
[2008.09.02 01:32:38 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
========== LOP Check ==========
[2009.10.17 21:24:11 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\DAEMON Tools Lite
[2010.01.21 19:49:03 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\ICQ
[2009.11.09 14:22:20 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\nCleaner
[2009.10.28 19:44:40 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\Stardock
[2009.11.08 21:53:50 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\TOSHIBA
[2010.02.04 22:05:34 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2009.10.20 19:36:28 | 000,188,416 | ---- | M] (Flo) -- C:\Vista-ShutdownTimer.exe
< MD5 for: AGP440.SYS >
[2008.03.26 04:53:12 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=18369BF8FD59C22E4C12ABD2A3A5AB2D -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_14d4e8ca930556b0\AGP440.sys
[2008.03.25 04:56:03 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=82EB67122D92A53BBBC33FC731682E10 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_1691e66e904a8cec\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2008.06.03 06:44:43 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=35137384FFB6FB4B4C3063CEB5DB34BE -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_37d5e5fef5f86cf7\atapi.sys
[2008.06.03 05:12:37 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=B388797CAAB36D523840347CC6A39B96 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_398211faf34b271a\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2009.02.11 16:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.02.11 16:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2008.01.21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
OTL logfile created on: 5.2.2010 16:37:21 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Sisi\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 83,44 Gb Free Space | 55,98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 147,58 Gb Total Space | 99,37 Gb Free Space | 67,34% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SISI
Current User Name: Sisi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.02.05 16:35:29 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Sisi\Desktop\OTL.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Avast Professional 4\aswUpdSv.exe
PRC - [2009.10.11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009.05.12 21:26:42 | 000,299,008 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.04.23 14:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2009.03.30 15:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.03.10 17:50:36 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.03.06 16:27:10 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009.01.13 20:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2007.12.13 19:10:56 | 001,688,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.12.13 19:10:56 | 000,447,784 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2007.12.03 14:21:24 | 000,869,672 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
========== Modules (SafeList) ==========
MOD - [2010.02.05 16:35:29 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Sisi\Desktop\OTL.exe
MOD - [2009.04.11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast Professional 4\ashServ.exe -- (avast! Antivirus)
SRV:64bit: - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast Professional 4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV:64bit: - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Avast Professional 4\ashWebSv.exe -- (avast! Web Scanner)
SRV:64bit: - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Avast Professional 4\aswUpdSv.exe -- (aswUpdSv)
SRV:64bit: - [2009.09.25 02:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009.04.24 10:40:26 | 000,242,176 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009.04.21 21:07:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.04.15 16:08:20 | 000,803,696 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009.03.17 10:48:54 | 000,084,480 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.03.06 17:30:32 | 000,488,288 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2008.01.21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.11.21 16:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2009.04.16 17:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009.04.01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.03.30 15:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009.03.30 05:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.03.17 13:37:10 | 000,189,808 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009.03.06 16:27:10 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2007.12.13 19:10:56 | 000,447,784 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.12.03 14:21:24 | 000,869,672 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3)
SRV - [2006.11.02 14:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006.11.02 07:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006.11.02 07:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2009.11.25 00:50:25 | 000,089,680 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2009.11.25 00:50:05 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009.11.25 00:49:56 | 000,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009.11.25 00:49:10 | 000,053,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2009.11.25 00:49:00 | 000,027,216 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2009.10.17 21:11:40 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.04.24 13:29:40 | 000,206,336 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.04.21 22:30:46 | 005,356,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.04.08 10:53:06 | 000,071,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009.03.23 15:48:20 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.03.20 15:37:40 | 000,266,288 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.03.19 13:07:46 | 000,052,736 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2009.03.18 10:46:44 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\pgeffect.sys -- (PGEffect)
DRV:64bit: - [2009.03.05 10:03:34 | 000,088,576 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.02.11 16:26:18 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.01.27 18:12:14 | 000,504,912 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.01.13 16:56:30 | 000,415,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2008.11.11 17:30:12 | 000,189,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008.10.06 16:56:58 | 000,173,696 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2008.01.21 03:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) Zobrazovací zařízení USB (WDM)
DRV:64bit: - [2008.01.21 03:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2007.12.11 13:03:36 | 000,027,272 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2007.11.09 13:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2007.04.23 12:15:48 | 000,031,016 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt)
DRV:64bit: - [2006.11.02 06:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006.10.23 15:33:08 | 000,018,944 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tosrfec.sys -- (tosrfec)
DRV - [2008.05.07 10:30:14 | 000,032,040 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2006.09.18 22:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006.09.18 22:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEG;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEG;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1586963-3298563919-3864551572-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEG;
IE - HKU\S-1-5-21-1586963-3298563919-3864551572-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
IE - HKU\S-1-5-21-1586963-3298563919-3864551572-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1586963-3298563919-3864551572-1000\S-1-5-21-1586963-3298563919-3864551572-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET NOD32 Antivirus\Mozilla Thunderbird
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (Společnost TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPCHWMsg] C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (Společnost TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [winlogon] C:\Program Files\Windows User\winlogon.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Avast Professional 4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Ulead Photo Express Calendar Checker] File not found
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1586963-3298563919-3864551572-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1586963-3298563919-3864551572-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img10.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img10.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{660b2871-bb59-11de-b029-00225fc8743e}\Shell - "" = AutoRun
O33 - MountPoints2\{660b2871-bb59-11de-b029-00225fc8743e}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{90194eb0-db9c-11de-a888-00235afc705d}\Shell - "" = AutoRun
O33 - MountPoints2\{90194eb0-db9c-11de-a888-00235afc705d}\Shell\AutoRun\command - "" = D:\Autorun.exe -- File not found
O33 - MountPoints2\{dbafd345-bb23-11de-b18d-00225fc8743e}\Shell\AutoRun\command - "" = D:\WD_Windows_Tools\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2008.01.21 04:06:38 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008.01.21 04:08:35 | 000,000,000 | ---D | M]
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
OTL cannot create restorepoints on Vista OSs!
========== Files/Folders - Created Within 7 Days ==========
[2010.02.05 16:35:24 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\Sisi\Desktop\OTL.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.02.05 16:41:37 | 001,835,008 | -HS- | M] () -- C:\Users\Sisi\ntuser.dat
[2010.02.05 16:41:09 | 001,402,426 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.02.05 16:41:09 | 000,602,086 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.02.05 16:41:09 | 000,590,082 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.02.05 16:41:09 | 000,116,182 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.02.05 16:41:09 | 000,102,094 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.02.05 16:35:29 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Sisi\Desktop\OTL.exe
[2010.02.05 16:33:20 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.05 16:33:20 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.05 16:33:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.05 16:33:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.05 16:33:10 | 4258,136,064 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.04 22:05:32 | 000,524,288 | -HS- | M] () -- C:\Users\Sisi\ntuser.dat{0f8d2361-c7c2-11de-9b73-00225fc8743e}.TMContainer00000000000000000001.regtrans-ms
[2010.02.04 22:05:32 | 000,065,536 | -HS- | M] () -- C:\Users\Sisi\ntuser.dat{0f8d2361-c7c2-11de-9b73-00225fc8743e}.TM.blf
[2010.02.04 22:05:30 | 001,956,044 | -H-- | M] () -- C:\Users\Sisi\AppData\Local\IconCache.db
[2010.02.04 19:52:02 | 000,781,909 | ---- | M] () -- C:\Users\Sisi\Desktop\RSIT.exe
[2010.01.29 16:55:08 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.02.04 19:51:56 | 000,781,909 | ---- | C] () -- C:\Users\Sisi\Desktop\RSIT.exe
[2010.01.10 18:30:29 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.01.10 12:17:38 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.12.29 20:40:21 | 000,438,528 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_vcredistMSI3019.txt
[2009.12.29 20:40:20 | 000,011,440 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_vcredistUI3019.txt
[2009.12.03 13:28:29 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.12.03 13:27:09 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.11.14 17:35:31 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2009.11.09 14:22:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\w32apiw.dll
[2009.11.09 12:30:53 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.11.09 12:30:52 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.11.09 12:30:51 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.11.09 12:30:51 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.11.09 12:30:50 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009.11.09 12:30:48 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.09 12:30:48 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009.11.09 01:06:01 | 000,000,293 | ---- | C] () -- C:\Windows\ulead32.ini
[2009.11.03 12:39:42 | 000,021,854 | ---- | C] () -- C:\Users\Sisi\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
[2009.10.28 20:03:12 | 000,394,240 | ---- | C] () -- C:\Windows\SysWow64\Smab.dll
[2009.10.28 20:03:10 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2009.10.19 19:17:09 | 001,421,836 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.10.19 15:38:32 | 000,793,528 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_NET_Framework35_LangPack_MSI1DAA.txt
[2009.10.19 15:38:28 | 000,033,135 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2009.10.19 15:38:26 | 000,075,826 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_dotnetfx35install_lp.txt
[2009.10.19 15:38:26 | 000,001,602 | ---- | C] () -- C:\Users\Sisi\AppData\Local\uxeventlog.txt
[2009.10.19 15:38:26 | 000,000,002 | ---- | C] () -- C:\Users\Sisi\AppData\Local\dd_dotnetfx35error_lp.txt
[2009.10.18 17:40:55 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.10.17 17:55:05 | 000,192,512 | ---- | C] () -- C:\Users\Sisi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.11 13:07:20 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.10.11 13:02:45 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\EnumDevLib.dll
[2008.09.02 01:32:38 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
========== LOP Check ==========
[2009.10.17 21:24:11 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\DAEMON Tools Lite
[2010.01.21 19:49:03 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\ICQ
[2009.11.09 14:22:20 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\nCleaner
[2009.10.28 19:44:40 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\Stardock
[2009.11.08 21:53:50 | 000,000,000 | ---D | M] -- C:\Users\Sisi\AppData\Roaming\TOSHIBA
[2010.02.04 22:05:34 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2009.10.20 19:36:28 | 000,188,416 | ---- | M] (Flo) -- C:\Vista-ShutdownTimer.exe
< MD5 for: AGP440.SYS >
[2008.03.26 04:53:12 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=18369BF8FD59C22E4C12ABD2A3A5AB2D -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_14d4e8ca930556b0\AGP440.sys
[2008.03.25 04:56:03 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=82EB67122D92A53BBBC33FC731682E10 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_1691e66e904a8cec\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2008.06.03 06:44:43 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=35137384FFB6FB4B4C3063CEB5DB34BE -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_37d5e5fef5f86cf7\atapi.sys
[2008.06.03 05:12:37 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=B388797CAAB36D523840347CC6A39B96 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_398211faf34b271a\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2009.02.11 16:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.02.11 16:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2008.01.21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
Re: Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
OBSAH EXTRAS.TXT
OTL Extras logfile created on: 5.2.2010 16:37:21 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Sisi\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 83,44 Gb Free Space | 55,98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 147,58 Gb Total Space | 99,37 Gb Free Space | 67,34% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SISI
Current User Name: Sisi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = EC B2 A1 02 9D 85 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1586963-3298563919-3864551572-1000]
"EnableNotificationsRef" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{82D0E11A-1DF2-4154-9F25-DCD9A789FDAA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00796D6A-072B-4842-A55C-A38F6D7CA037}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{20B07D73-7604-4449-AA91-603B964144E9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{74B20E16-08F9-4790-B8F6-42FED1EA37A9}" = protocol=17 | dir=in | app=e:\hry\f.e.a.r\fear.exe |
"{847F9C7E-E220-475E-A113-6A12E8A4827F}" = protocol=6 | dir=in | app=e:\hry\f.e.a.r\fear.exe |
"TCP Query User{058DB4A4-F668-4CDC-B70B-C86081C6EA55}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{71D8DE6B-9A2B-46A3-8C03-F8091D0B530C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{7A3E3C6A-A133-4891-8818-A89BC8928EDE}E:\hry\half-life\hl.exe" = protocol=6 | dir=in | app=e:\hry\half-life\hl.exe |
"TCP Query User{92247323-4BFE-4F29-8C42-07E728B48BD9}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{CA9E7D39-0A76-4C57-8D89-E44E98AFC97A}E:\hry\left4dead\hl2.exe" = protocol=6 | dir=in | app=e:\hry\left4dead\hl2.exe |
"UDP Query User{00B1153A-4A67-467D-82FC-C3EC2068CAF1}E:\hry\half-life\hl.exe" = protocol=17 | dir=in | app=e:\hry\half-life\hl.exe |
"UDP Query User{0910F8A7-6411-4134-BAD0-2987CA24AD3D}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{1966557A-8874-45F1-8166-614C09D35B35}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{5E6EE5F4-71D5-4004-8C6D-474DFB68DFA1}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{A4DEE3B3-D207-442B-99A4-DDC1672CBD9C}E:\hry\left4dead\hl2.exe" = protocol=17 | dir=in | app=e:\hry\left4dead\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{190A60F1-2FEE-0A11-7D37-D8607809CC39}" = ATI Catalyst Install Manager
"{5B7A62FB-E8EA-974A-DB49-4000AA3AE422}" = ccc-utility64
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}" = PlayReady PC runtime
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02CA24DD-C8B0-4280-BE53-7862869C2EB1}" = Realtek WiFi Protected Setup Library
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Sídla a zahrady Kolekce
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{31383A1D-FAE6-435A-9DBD-FDB61C7C8EC9}" = Ulead Photo Express 5 SE
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Pro Teenagery Kolekce
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Pro rodinnou zábavu - Kolekce
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Domov Kolekce
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Ve světě podnikání
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Móda Kolekce
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{8789AED5-8F11-4922-8AF8-F1BCB824F681}_is1" = City Life Deluxe
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Pro luxusní život - Kolekce
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = The Sims 2 HomeCrafter Plus
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Život v bytě
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{CF91A5A9-F10D-433D-A677-9505B84EAF1B}" = Stardock Impulse
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E2C00C8C-3D0C-40DF-BC67-44321C9E1029}" = Nero 8
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Pojďme slavit! Kolekce
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Šťastnou cestu
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast!" = avast! Antivirus
"BootSkin Vista (Free)" = BootSkin Vista (Free)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Half-Life_is1" = Half-Life
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Igneous_is1" = Igneous
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Heslo správce
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = Nastaveni hadrware TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.5 (Full)
"Left 4 Dead_is1" = Left 4 Dead v1.0.0.5
"LogonStudio Vista" = LogonStudio Vista
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"nCleaner" = nCleaner second 2.3.2.0
"SimPE_is1" = SimPE 0.72 (alpha)
"Stardock Impulse" = Stardock Impulse
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 1.2.2010 16:22:10 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9E68FEEE-0F3F-11DF-991C-00235AFC705D}.dat
failed, 00000005.
Error - 1.2.2010 16:22:12 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
failed, 00000005.
Error - 2.2.2010 1:12:07 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat failed,
00000005.
Error - 2.2.2010 1:12:10 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
failed, 00000005.
Error - 2.2.2010 15:43:42 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
failed, 00000005.
Error - 3.2.2010 16:39:32 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat failed,
00000005.
Error - 3.2.2010 16:39:34 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\Cookies\index.dat failed, 00000005.
Error - 4.2.2010 17:05:29 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E471DEEB-11A3-11DF-82D8-00235AFC705D}.dat
failed, 00000005.
Error - 4.2.2010 17:05:29 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat failed,
00000005.
Error - 4.2.2010 17:05:31 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\Cookies\index.dat failed, 00000005.
[ Application Events ]
Error - 14.1.2010 9:56:41 | Computer Name = Sisi | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 14.1.2010 9:57:15 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 15.1.2010 14:05:04 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 17.1.2010 5:47:35 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 18.1.2010 12:24:41 | Computer Name = Sisi | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 18.1.2010 12:25:54 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 19.1.2010 5:00:28 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 19.1.2010 12:56:52 | Computer Name = Sisi | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 19.1.2010 12:57:51 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 19.1.2010 14:50:19 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 13.12.2009 15:28:30 | Computer Name = Sisi | Source = Service Control Manager | ID = 7000
Description =
Error - 13.12.2009 15:31:45 | Computer Name = Sisi | Source = Service Control Manager | ID = 7009
Description =
Error - 13.12.2009 15:31:45 | Computer Name = Sisi | Source = Service Control Manager | ID = 7000
Description =
Error - 14.12.2009 11:19:04 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 17.12.2009 1:19:55 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 17.12.2009 13:44:02 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 18.12.2009 1:14:20 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 18.12.2009 10:23:38 | Computer Name = Sisi | Source = ACPI | ID = 327693
Description = : Integrovaný řadič neodpověděl během zadaného časového limitu. Může
to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS
přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače
nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit,
že počítač nebude pracovat správně.
Error - 18.12.2009 10:23:55 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 19.12.2009 14:14:35 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
< End of report >
OTL Extras logfile created on: 5.2.2010 16:37:21 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Sisi\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 83,44 Gb Free Space | 55,98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 147,58 Gb Total Space | 99,37 Gb Free Space | 67,34% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SISI
Current User Name: Sisi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = EC B2 A1 02 9D 85 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1586963-3298563919-3864551572-1000]
"EnableNotificationsRef" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{82D0E11A-1DF2-4154-9F25-DCD9A789FDAA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00796D6A-072B-4842-A55C-A38F6D7CA037}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{20B07D73-7604-4449-AA91-603B964144E9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{74B20E16-08F9-4790-B8F6-42FED1EA37A9}" = protocol=17 | dir=in | app=e:\hry\f.e.a.r\fear.exe |
"{847F9C7E-E220-475E-A113-6A12E8A4827F}" = protocol=6 | dir=in | app=e:\hry\f.e.a.r\fear.exe |
"TCP Query User{058DB4A4-F668-4CDC-B70B-C86081C6EA55}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{71D8DE6B-9A2B-46A3-8C03-F8091D0B530C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{7A3E3C6A-A133-4891-8818-A89BC8928EDE}E:\hry\half-life\hl.exe" = protocol=6 | dir=in | app=e:\hry\half-life\hl.exe |
"TCP Query User{92247323-4BFE-4F29-8C42-07E728B48BD9}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{CA9E7D39-0A76-4C57-8D89-E44E98AFC97A}E:\hry\left4dead\hl2.exe" = protocol=6 | dir=in | app=e:\hry\left4dead\hl2.exe |
"UDP Query User{00B1153A-4A67-467D-82FC-C3EC2068CAF1}E:\hry\half-life\hl.exe" = protocol=17 | dir=in | app=e:\hry\half-life\hl.exe |
"UDP Query User{0910F8A7-6411-4134-BAD0-2987CA24AD3D}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{1966557A-8874-45F1-8166-614C09D35B35}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{5E6EE5F4-71D5-4004-8C6D-474DFB68DFA1}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{A4DEE3B3-D207-442B-99A4-DDC1672CBD9C}E:\hry\left4dead\hl2.exe" = protocol=17 | dir=in | app=e:\hry\left4dead\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{190A60F1-2FEE-0A11-7D37-D8607809CC39}" = ATI Catalyst Install Manager
"{5B7A62FB-E8EA-974A-DB49-4000AA3AE422}" = ccc-utility64
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}" = PlayReady PC runtime
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02CA24DD-C8B0-4280-BE53-7862869C2EB1}" = Realtek WiFi Protected Setup Library
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Sídla a zahrady Kolekce
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{31383A1D-FAE6-435A-9DBD-FDB61C7C8EC9}" = Ulead Photo Express 5 SE
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Pro Teenagery Kolekce
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Pro rodinnou zábavu - Kolekce
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Domov Kolekce
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Ve světě podnikání
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Móda Kolekce
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{8789AED5-8F11-4922-8AF8-F1BCB824F681}_is1" = City Life Deluxe
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Pro luxusní život - Kolekce
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = The Sims 2 HomeCrafter Plus
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Život v bytě
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{CF91A5A9-F10D-433D-A677-9505B84EAF1B}" = Stardock Impulse
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E2C00C8C-3D0C-40DF-BC67-44321C9E1029}" = Nero 8
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Pojďme slavit! Kolekce
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Šťastnou cestu
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast!" = avast! Antivirus
"BootSkin Vista (Free)" = BootSkin Vista (Free)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Half-Life_is1" = Half-Life
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Igneous_is1" = Igneous
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Heslo správce
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = Nastaveni hadrware TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.5 (Full)
"Left 4 Dead_is1" = Left 4 Dead v1.0.0.5
"LogonStudio Vista" = LogonStudio Vista
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"nCleaner" = nCleaner second 2.3.2.0
"SimPE_is1" = SimPE 0.72 (alpha)
"Stardock Impulse" = Stardock Impulse
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 1.2.2010 16:22:10 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9E68FEEE-0F3F-11DF-991C-00235AFC705D}.dat
failed, 00000005.
Error - 1.2.2010 16:22:12 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
failed, 00000005.
Error - 2.2.2010 1:12:07 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat failed,
00000005.
Error - 2.2.2010 1:12:10 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
failed, 00000005.
Error - 2.2.2010 15:43:42 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
failed, 00000005.
Error - 3.2.2010 16:39:32 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat failed,
00000005.
Error - 3.2.2010 16:39:34 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\Cookies\index.dat failed, 00000005.
Error - 4.2.2010 17:05:29 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E471DEEB-11A3-11DF-82D8-00235AFC705D}.dat
failed, 00000005.
Error - 4.2.2010 17:05:29 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat failed,
00000005.
Error - 4.2.2010 17:05:31 | Computer Name = Sisi | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Sisi\AppData\Roaming\Microsoft\Windows\Cookies\index.dat failed, 00000005.
[ Application Events ]
Error - 14.1.2010 9:56:41 | Computer Name = Sisi | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 14.1.2010 9:57:15 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 15.1.2010 14:05:04 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 17.1.2010 5:47:35 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 18.1.2010 12:24:41 | Computer Name = Sisi | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 18.1.2010 12:25:54 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 19.1.2010 5:00:28 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 19.1.2010 12:56:52 | Computer Name = Sisi | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti
požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní
součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 19.1.2010 12:57:51 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
Error - 19.1.2010 14:50:19 | Computer Name = Sisi | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 13.12.2009 15:28:30 | Computer Name = Sisi | Source = Service Control Manager | ID = 7000
Description =
Error - 13.12.2009 15:31:45 | Computer Name = Sisi | Source = Service Control Manager | ID = 7009
Description =
Error - 13.12.2009 15:31:45 | Computer Name = Sisi | Source = Service Control Manager | ID = 7000
Description =
Error - 14.12.2009 11:19:04 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 17.12.2009 1:19:55 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 17.12.2009 13:44:02 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 18.12.2009 1:14:20 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 18.12.2009 10:23:38 | Computer Name = Sisi | Source = ACPI | ID = 327693
Description = : Integrovaný řadič neodpověděl během zadaného časového limitu. Může
to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS
přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače
nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit,
že počítač nebude pracovat správně.
Error - 18.12.2009 10:23:55 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
Error - 19.12.2009 14:14:35 | Computer Name = Sisi | Source = HTTP | ID = 15016
Description =
< End of report >
-
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
Toto smrdi...pre istotu:
Otestuj subor(y) na >>VIRUSTOTALe<<:
Ak vypise, ze subor uz bol testovany, daj ho otestovat znovu. Vysledok posli ako LINK.
Otestuj subor(y) na >>VIRUSTOTALe<<:
Kód: Vybrat vše
C:\Program Files\Windows User\winlogon.exe
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:

- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
-
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Při spuštění vyskakuje reklama v IE, nesmazatelné soubory

Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:

- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
Re: Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3694
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
5.2.2010 23:11:15
mbam-log-2010-02-05 (23-11-15).txt
Typ kontroly: Kompletní kontrola (C:\|E:\|)
Zkontrolované objekty: 382508
Uplynulý čas: 1 hour(s), 7 minute(s), 41 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Verze databáze: 3694
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
5.2.2010 23:11:15
mbam-log-2010-02-05 (23-11-15).txt
Typ kontroly: Kompletní kontrola (C:\|E:\|)
Zkontrolované objekty: 382508
Uplynulý čas: 1 hour(s), 7 minute(s), 41 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Re: Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
Reklama pořád vyskakuje, soubory Highspeed driver.exe a autorun se po připojení překopírovaly i na přenosný disk. Ani jednoho se nejde zbavit.
-
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Při spuštění vyskakuje reklama v IE, nesmazatelné soubory
Stiahni na plochu CureIt. Zatial ho nespustat. Restart do nudoveho rezimu (>>klik<<) a v nom spravis nasledovne:
Ale ten subor sa mi aj tak nepaci...
- Spust program dvojklikom, zrus pripadne vyzvy na stiahnutie novsej verzie a klikni na "Start".
- Potvrd okna a automaticky zacne expresny scan. Ak sa pri tomto kratkom scane najdu infikovane subory, klikni na "Vyber vsetky" -> "Liecit" -> "Odstran neliecitelne".
- Vo vrchnom menu klikni na "Volby" -> "Zmenit Nastavenia" a vyfajkni Heuristicka analyza a Vyzva na akciu -> "OK". Vrat sa naspat do hlavneho menu, v nom zvol komplet scan a klikni na zelenu sipku naprvo pod logom Dr. Web.
- Ked bude scan hotovy, vo vrchnom menu klik na "File" a zvol "Uloz...". Uloz log na plochu, otvor v poznamkovom bloku a vloz ho sem. Nezabudni restartovat PC.
Ale ten subor sa mi aj tak nepaci...

Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:

- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).