vyskakující reklamy

[tazky1]

RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Peter [Práva správce]
Mód : Kontrola -- Datum : 11/06/2013 10:53:07
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Peter][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk : C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk @C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE /tsr [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-08HXZT3 +++++
--- User ---
[MBR] a0575552fcfe2947027df946a962c664
[BSP] 4c7c53e4ed1dc059e575932925b95457 : Lenovo MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 695902 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1428281344 | Size: 18000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11062013_105307.txt >>



ComboFix 13-11-04.01 - Peter 06.11.2013 10:57:56.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.7783.5411 [GMT 1:00]
Spuštěný z: c:\users\Peter\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Roaming
Q:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-06 do 2013-11-06 )))))))))))))))))))))))))))))))
.
.
2013-11-06 10:08 . 2013-11-06 10:08 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-06 10:08 . 2013-11-06 10:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-05 15:40 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3909BC30-E407-4134-A019-0442C3A55E37}\mpengine.dll
2013-11-04 10:41 . 2013-11-04 10:41 -------- d-----w- c:\users\Peter\dwhelper
2013-11-01 12:48 . 2013-11-06 09:46 -------- d-----w- c:\users\Peter\AppData\Local\CrashDumps
2013-10-30 16:12 . 2013-10-30 16:12 -------- d-----w- c:\program files (x86)\T-Mobile
2013-10-25 06:16 . 2013-10-25 06:16 -------- d-----w- c:\users\Peter\AppData\Local\AuthenTec
2013-10-21 07:14 . 2013-10-21 07:14 -------- d-----w- c:\programdata\Oracle
2013-10-21 07:13 . 2013-10-21 07:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-21 07:13 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-18 17:51 . 2013-10-18 17:51 -------- d-----w- c:\users\Peter\AppData\Local\Apple
2013-10-16 10:28 . 2013-10-16 10:28 -------- d-----w- c:\windows\ERUNT
2013-10-13 11:42 . 2013-10-18 08:04 -------- d-----w- c:\users\Peter\AppData\Local\Adobe
2013-10-13 10:56 . 2013-10-16 10:12 -------- d-----w- C:\AdwCleaner
2013-10-13 10:49 . 2013-10-13 10:49 -------- d-----w- c:\users\Peter\AppData\Roaming\Malwarebytes
2013-10-13 10:48 . 2013-10-13 10:48 -------- d-----w- c:\users\Peter\AppData\Local\Apps
2013-10-13 10:48 . 2013-10-13 10:48 -------- d-----w- c:\programdata\Malwarebytes
2013-10-13 10:48 . 2013-10-13 10:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-13 10:48 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-11 14:33 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-11 14:33 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-11 14:33 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-11 14:33 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-11 14:33 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-11 14:33 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-11 14:33 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-10 17:33 . 2013-10-10 17:34 -------- d-----w- C:\PhSp_CS2_UE_Ret
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-11 06:07 . 2012-12-31 13:02 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-09 12:18 . 2012-08-19 07:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 12:18 . 2012-08-19 07:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-03 12:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-10 07:39 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"T-Mobile Communication Centre"="c:\program files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" [2011-06-30 1363984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2011-11-25 548864]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-06-01 506712]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-03-29 5939776]
"Fastboot"="c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" [2012-01-17 1091376]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-14 4351712]
"IntelSBA"="c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe" [2012-04-23 55520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-08-17 336992]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 Fastboot;Fastboot;c:\windows\system32\DRIVERS\Fastboot.sys;c:\windows\SYSNATIVE\DRIVERS\Fastboot.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [x]
S2 FastbootService;FastbootService;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys;c:\windows\SYSNATIVE\DRIVERS\Tvti2c.sys [x]
S3 tvtvcamd;ThinkVantage Virtual Camera;c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-17 07:42 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 12:18]
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-07 14:25]
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-07 14:25]
.
2013-11-06 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2013-11-05 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-02-17 177936]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-22 11406608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-08 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-08 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-08 440600]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-22 12452456]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"TpShocks"="TpShocks.exe" [2012-02-25 382528]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-03-21 282960]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=LENP
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 194.228.41.65 194.228.41.113
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-11-04 11:40; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: !HIDDEN! 2012-10-04 15:11; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-06 11:12:09
ComboFix-quarantined-files.txt 2013-11-06 10:12
.
Před spuštěním: Volných bajtů: 382 007 304 192
Po spuštění: Volných bajtů: 381 840 363 520
.
- - End Of File - - 14784B827DBD989978D6D38445C9F2CC

[Reklama]

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=-

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[tazky1]

ComboFix 13-11-07.01 - Peter 08.11.2013 9:22.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.7783.5424 [GMT 1:00]
Spuštěný z: c:\users\Peter\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Peter\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.165\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.165\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.165\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.165\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.101\30.0.1599.101_30.0.1599.69_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4601.54\GoogleToolbarInstaller_updater_signed.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-08 do 2013-11-08 )))))))))))))))))))))))))))))))
.
.
2013-11-08 08:33 . 2013-11-08 08:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-08 08:33 . 2013-11-08 08:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-08 07:01 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{362B1215-5D12-4B04-8AEB-95C81766CA22}\mpengine.dll
2013-11-04 10:41 . 2013-11-04 10:41 -------- d-----w- c:\users\Peter\dwhelper
2013-11-01 12:48 . 2013-11-06 13:41 -------- d-----w- c:\users\Peter\AppData\Local\CrashDumps
2013-10-30 16:12 . 2013-10-30 16:12 -------- d-----w- c:\program files (x86)\T-Mobile
2013-10-25 06:16 . 2013-10-25 06:16 -------- d-----w- c:\users\Peter\AppData\Local\AuthenTec
2013-10-21 07:14 . 2013-10-21 07:14 -------- d-----w- c:\programdata\Oracle
2013-10-21 07:13 . 2013-10-21 07:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-21 07:13 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-18 17:51 . 2013-10-18 17:51 -------- d-----w- c:\users\Peter\AppData\Local\Apple
2013-10-16 10:28 . 2013-10-16 10:28 -------- d-----w- c:\windows\ERUNT
2013-10-13 11:42 . 2013-10-18 08:04 -------- d-----w- c:\users\Peter\AppData\Local\Adobe
2013-10-13 10:56 . 2013-10-16 10:12 -------- d-----w- C:\AdwCleaner
2013-10-13 10:49 . 2013-10-13 10:49 -------- d-----w- c:\users\Peter\AppData\Roaming\Malwarebytes
2013-10-13 10:48 . 2013-10-13 10:48 -------- d-----w- c:\users\Peter\AppData\Local\Apps
2013-10-13 10:48 . 2013-10-13 10:48 -------- d-----w- c:\programdata\Malwarebytes
2013-10-13 10:48 . 2013-10-13 10:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-13 10:48 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-11 14:33 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-11 14:33 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-11 14:33 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-11 14:33 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-11 14:33 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-11 14:33 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-11 14:33 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-10 17:33 . 2013-10-10 17:34 -------- d-----w- C:\PhSp_CS2_UE_Ret
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-11 06:07 . 2012-12-31 13:02 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-09 12:18 . 2012-08-19 07:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 12:18 . 2012-08-19 07:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-03 12:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-10 07:39 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"T-Mobile Communication Centre"="c:\program files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" [2011-06-30 1363984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2011-11-25 548864]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-06-01 506712]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-03-29 5939776]
"Fastboot"="c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" [2012-01-17 1091376]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-14 4351712]
"IntelSBA"="c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe" [2012-04-23 55520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-08-17 336992]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 246472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
2;2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 Fastboot;Fastboot;c:\windows\system32\DRIVERS\Fastboot.sys;c:\windows\SYSNATIVE\DRIVERS\Fastboot.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [x]
S2 FastbootService;FastbootService;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys;c:\windows\SYSNATIVE\DRIVERS\Tvti2c.sys [x]
S3 tvtvcamd;ThinkVantage Virtual Camera;c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-17 07:42 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 12:18]
.
2013-11-08 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2013-11-06 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-02-17 177936]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-22 11406608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-08 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-08 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-08 440600]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-22 12452456]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"TpShocks"="TpShocks.exe" [2012-02-25 382528]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-03-21 282960]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=LENP
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-11-04 11:40; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: !HIDDEN! 2012-10-04 15:11; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Lenovo\message center plus\mcplaunch.exe
.
**************************************************************************
.
Celkový čas: 2013-11-08 09:43:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-08 08:43
ComboFix2.txt 2013-11-06 10:12
.
Před spuštěním: Volných bajtů: 381 674 323 968
Po spuštění: Volných bajtů: 381 373 222 912
.
- - End Of File - - 89D8373C2C43444F61247EDE74261FC8

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.



Vlož nový log z HJT.

[tazky1]

RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Peter [Práva správce]
Mód : Odebrat -- Datum : 11/10/2013 10:58:29
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Peter][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk : C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk @C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE /tsr [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-08HXZT3 +++++
--- User ---
[MBR] a0575552fcfe2947027df946a962c664
[BSP] 4c7c53e4ed1dc059e575932925b95457 : Lenovo MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 695902 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1428281344 | Size: 18000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_11102013_105829.txt >>
RKreport[0]_S_11102013_105638.txt



aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-10 08:33:13
-----------------------------
08:33:13.390 OS Version: Windows x64 6.1.7601 Service Pack 1
08:33:13.390 Number of processors: 4 586 0x3A09
08:33:13.390 ComputerName: PETER-THINK UserName: Peter
08:33:15.527 Initialize success
08:33:18.101 AVAST engine defs: 13011501
08:33:22.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
08:33:22.781 Disk 0 Vendor: WDC_WD75 03.0 Size: 715404MB BusType: 3
08:33:22.906 Disk 0 MBR read successfully
08:33:22.906 Disk 0 MBR scan
08:33:23.390 Disk 0 unknown MBR code
08:33:23.405 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048
08:33:23.982 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 695902 MB offset 3074048
08:33:24.045 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 18000 MB offset 1428281344
08:33:24.653 Disk 0 scanning C:\Windows\system32\drivers
08:33:47.632 Service scanning
08:34:58.362 Modules scanning
08:34:58.362 Disk 0 trace - called modules:
08:34:58.378 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
08:34:58.893 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009d2e790]
08:34:58.893 3 CLASSPNP.SYS[fffff88001cb043f] -> nt!IofCallDriver -> [0xfffffa8007988950]
08:34:58.893 5 ACPI.sys[fffff88000fb27a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8008c83050]
08:35:00.297 AVAST engine scan C:\Windows
08:35:05.133 AVAST engine scan C:\Windows\system32
08:38:19.088 AVAST engine scan C:\Windows\system32\drivers
08:38:44.017 AVAST engine scan C:\Users\Peter
08:55:51.343 AVAST engine scan C:\ProgramData
08:57:56.377 Scan finished successfully
09:01:30.566 Disk 0 MBR has been saved successfully to "C:\Users\Peter\Desktop\MBR.dat"
09:01:30.581 The log file has been saved successfully to "C:\Users\Peter\Desktop\aswMBR.txt"


a furt to vyskakuje:(

[tazky1]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:00:34, on 10.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AuthenTec TrueSuite\x86\BioMonitor.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Users\Peter\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: TrueSuite Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BCL EasyConverter SDK 3 Loader (becldr3Service) - Unknown owner - C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Small Business Advantage - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 17560 bytes

[Orcus]

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[tazky1]

OTL logfile created on: 10.11.2013 20:03:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peter\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,60 Gb Total Physical Memory | 4,38 Gb Available Physical Memory | 57,66% Memory free
15,20 Gb Paging File | 11,63 Gb Available in Paging File | 76,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,59 Gb Total Space | 353,32 Gb Free Space | 51,99% Space Free | Partition Type: NTFS
Drive Q: | 17,58 Gb Total Space | 5,22 Gb Free Space | 29,68% Space Free | Partition Type: NTFS

Computer Name: PETER-THINK | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Peter\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe (Lenovo)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
PRC - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Lenovo)
PRC - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
PRC - C:\Program Files\AuthenTec TrueSuite\x86\BioMonitor.exe (AuthenTec Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
PRC - C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
PRC - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe (Gemfor s.r.o.)
PRC - C:\Program Files (x86)\S64Games\Mini Golf Pro\Mini Golf Pro.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\497680f6f6bfdab624652150c8a48a73\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ea3406b1357f932b76236c4ea85b0747\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\de80a435acee93c4cb9462ce8f1cc0ea\System.Management.Instrumentation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\65fa27da96ef57affcac61ac16c111e0\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\99bbd3424207d205e9e680fa712dba04\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6a71efa7248119b0875d6cd2dd1e204c\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\55c245966c0b23a47587c18681457e48\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b1ff5e4a64c0bb0a9b039aaefcde5ea7\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\85a501f8b0cb271f1bfab6532523ac3c\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d8f4106eee38420ac5eda7d630dc53fc\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\3bcb445cac3c184e836364cd265ccf53\System.Configuration.Install.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\033da6b735d41afaa20309b5e87e2ae0\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f4a3d09bd38a742ccfe4a20a126fff5\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2154273cb2d7a8b1a47d672b6d0808bf\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b7285e9f3d19a05d5cc2c049e451685d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\08c630893416f3379c9455870908ad6c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll ()
MOD - C:\Windows\SysWOW64\vmprp331.ax ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\S64Games\Mini Golf Pro\Mini Golf Pro.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo.)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (LENOVO.TVTVCAM) -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited)
SRV:64bit: - (LENOVO.TPKNRSVC) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)
SRV:64bit: - (LENOVO.CAMMUTE) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (HyperW7Svc) -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe (Lenovo Group Limited)
SRV:64bit: - (TPHKSVC) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
SRV:64bit: - (TPHDEXLGSVC) -- C:\Windows\SysNative\TPHDEXLG64.exe (Lenovo.)
SRV:64bit: - (FPLService) -- C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe (AuthenTec, Inc)
SRV:64bit: - (DisplayLinkService) -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.)
SRV:64bit: - (Lenovo.VIRTSCRLSVC) -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited)
SRV:64bit: - (TPHKLOAD) -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
SRV:64bit: - (LENOVO.MICMUTE) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (APNMCP) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SUService) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe (Intel Corporation)
SRV - (VIPAppService) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Symantec Corporation)
SRV - (Power Manager DBC Service) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Lenovo)
SRV - (PwmEWSvc) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe (Lenovo Group Limited)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (SamsungAllShareV2.0) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
SRV - (SimpleSlideShowServer) -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe (Samsung Electronics Co., Ltd.)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (FastbootService) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Lenovo)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (ameisvc) -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe (Gemfor s.r.o.)
SRV - (becldr3Service) -- C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (TPPWRIF) -- C:\Windows\SysNative\drivers\TPPWR64V.SYS (Lenovo Group Limited)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (vm331avs) -- C:\Windows\SysNative\drivers\vm331avs.sys (Vimicro Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (PHCORE) -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys (Lenovo Group Limited)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (Shockprf) -- C:\Windows\SysNative\drivers\ApsX64.sys (Lenovo.)
DRV:64bit: - (TPDIGIMN) -- C:\Windows\SysNative\drivers\ApsHM64.sys (Lenovo.)
DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo Information Product(ShenZhen China) Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (tvtvcamd) -- C:\Windows\SysNative\drivers\tvtvcamd.sys (ThinkVantage Communications Utility)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TVTI2C) -- C:\Windows\SysNative\drivers\tvti2c.sys (Lenovo Information Product(ShenZhen China) Inc.)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (huawei_cdcacm) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://my.myplaycity.com/results.php?category=web&s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..Keyword.Enabled: "true"
FF - prefs.js..browser.search.defaultengine: "Ask Search"
FF - prefs.js..browser.search.defaultenginename: "Ask Search"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask Search"
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "Ask Search"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.search.ask.com/?tpid=CME-V7&o=APN11293&pf=&trgb=FF&p2=%5EB7N%5EYYYYYY%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EB7N&apn_dtid=%5EYYYYYY%5EYY%5ECZ&apn_dbr=ff_20.0&apn_uid=13E02550-BB23-48DA-864D-EB774507C439&itbv=12.7.0.2278&doi=2013-11-10&psv=barid%253D156477629026421874755872332811381593253%2526cargo%253DCME%252DV7%2526spr%253Da%2526did%253D10715%2526ppd%253D"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP1X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.06.07 15:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.10.04 14:11:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.01.15 12:47:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP2X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.06.07 15:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.25 19:31:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.10.04 14:11:26 | 000,000,000 | ---D | M]

[2012.08.18 22:22:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Extensions
[2013.11.10 19:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions
[2013.11.04 11:40:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.11.10 17:42:51 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\WebSiteRecommendation@weliketheweb.com
[2013.11.10 17:42:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profilespn827v07.default-1354228200579\extensions

[tazky1]

[2013.11.10 17:42:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profilespn827v07.default-1354228200579\extensions\staged
[2012.12.23 01:16:14 | 000,005,460 | ---- | M] () (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\50d65192f0f65@50d65192f0f9f.com.xpi
[2013.06.30 09:44:04 | 000,233,016 | ---- | M] () (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\hdvc3@hdvidcodec.com.xpi
[2013.11.10 19:59:51 | 000,534,941 | ---- | M] () (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\toolbar_CME-V7@apn.ask.com.xpi
[2013.11.10 19:59:50 | 000,002,661 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\searchplugins\ask-search.xml
[2013.11.10 19:29:08 | 000,001,997 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\searchplugins\myplaycity.xml
[2013.04.25 19:31:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.04.25 19:31:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.01.15 12:47:19 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.04.25 19:31:27 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 19:59:09 | 000,002,669 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2013.03.07 19:59:09 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.03.07 19:59:09 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.03.07 19:59:09 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.03.07 19:59:09 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.03.07 19:59:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: No name found = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj\2.2_0\
CHR - Extension: No name found = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombkllfdikmoepjdpmdaiinfbjpnkboa\2.0_0\

O1 HOSTS File: ([2013.11.08 09:35:46 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (HDvid Codec V1) - {11111111-1111-1111-1111-110311431162} - C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho64.dll (installdaddy)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\IEBHO.dll (AuthenTec Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HDvid Codec V1) - {11111111-1111-1111-1111-110311431162} - C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho.dll (installdaddy)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (TrueSuite Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\AuthenTec TrueSuite\IEBHO.dll (AuthenTec Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (TrueSuite Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe (Intel Corporation)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [T-Mobile Communication Centre] C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{701C965A-845D-42EA-A097-236FC20C221D}: DhcpNameServer = 192.168.1.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D181BF30-F1FC-4985-B8C4-5C3D1FBDCD32}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF335CFA-7F85-41EA-AF0F-3EEC8913919B}: DhcpNameServer = 192.168.1.139
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\Windows\SysWOW64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.11.10 19:58:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2013.11.10 19:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013.11.10 19:54:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013.11.10 19:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013.11.10 19:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HDvid Codec V1
[2013.11.10 19:53:37 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2013.11.10 19:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com
[2013.11.10 17:45:13 | 000,000,000 | ---D | C] -- C:\Users\Peter\Documents\Mobogenie
[2013.11.10 17:45:13 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Mobogenie
[2013.11.10 17:45:13 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\cache
[2013.11.10 17:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\S64Games
[2013.11.10 17:42:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SimilarSites
[2013.11.10 17:42:11 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\SimilarSites
[2013.11.10 15:54:27 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\Hitch (2005)
[2013.11.10 08:26:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.11.09 19:51:04 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\dancelife
[2013.11.06 10:54:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.11.04 11:41:25 | 000,000,000 | ---D | C] -- C:\Users\Peter\dwhelper
[2013.11.01 13:48:34 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\CrashDumps
[2013.10.30 17:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile
[2013.10.30 17:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T-Mobile
[2013.10.30 17:10:23 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
[2013.10.30 17:10:23 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01007.dll
[2013.10.30 17:10:23 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys
[2013.10.30 17:10:23 | 000,415,744 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbwwan.sys
[2013.10.30 17:10:23 | 000,222,464 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2013.10.30 17:10:23 | 000,212,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2013.10.30 17:10:23 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2013.10.30 17:10:23 | 000,098,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2013.10.30 17:10:23 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2013.10.30 17:10:23 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys
[2013.10.30 17:10:23 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2013.10.30 17:10:23 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2013.10.30 17:10:23 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys
[2013.10.30 17:10:23 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2013.10.30 17:10:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Huawei
[2013.10.28 09:15:32 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\The Simpsons Movie (2007)
[2013.10.25 14:37:17 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\hypo lasík
[2013.10.25 08:32:32 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\screen
[2013.10.25 07:16:15 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\AuthenTec
[2013.10.21 08:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.21 08:13:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.10.21 08:13:19 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.10.21 08:13:15 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.10.21 08:13:15 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.10.21 08:13:15 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.10.21 08:13:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.10.18 18:51:00 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Apple
[2013.10.16 11:28:41 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.10.16 11:27:23 | 001,033,335 | ---- | C] (Thisisu) -- C:\Users\Peter\Desktop\JRT.exe
[2013.10.13 12:42:51 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Adobe
[2013.10.13 11:56:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.10.13 11:49:14 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Malwarebytes
[2013.10.13 11:48:51 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Apps
[2013.10.13 11:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.10.13 11:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.10.13 11:48:49 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.10.13 11:48:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.10.13 11:38:03 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Peter\Desktop\ATF-Cleaner.exe
[2013.10.13 09:27:05 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Peter\Desktop\hijackthis.exe

========== Files - Modified Within 30 Days ==========

[2013.11.10 20:01:59 | 000,001,285 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2013.11.10 19:58:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2013.11.10 19:54:11 | 000,001,314 | ---- | M] () -- C:\Windows\tasks\HDvid Codec V1-updater.job
[2013.11.10 19:54:08 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\HDvid Codec V1-enabler.job
[2013.11.10 19:54:02 | 000,001,206 | ---- | M] () -- C:\Windows\tasks\HDvid Codec V1-codedownloader.job
[2013.11.10 19:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.10 18:38:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.11.10 08:37:49 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.10 08:37:49 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.10 08:35:43 | 001,586,006 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.11.10 08:35:43 | 000,669,926 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.11.10 08:35:43 | 000,655,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.11.10 08:35:43 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.11.10 08:35:43 | 000,122,152 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.11.10 08:29:20 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.11.10 08:27:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.10 08:27:44 | 1825,906,687 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.08 09:35:46 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.11.06 10:49:28 | 004,012,032 | ---- | M] () -- C:\Users\Peter\Desktop\RogueKillerX64.exe
[2013.11.05 08:00:55 | 000,007,224 | ---- | M] () -- C:\Users\Peter\Desktop\Servisní schůzka Martin Bolardt2.odt
[2013.11.04 23:40:24 | 000,033,970 | ---- | M] () -- C:\Users\Peter\Desktop\Zadost o zmenu parametru smlouvy.pdf
[2013.11.04 23:39:47 | 000,060,610 | ---- | M] () -- C:\Users\Peter\Desktop\Komplexni_formular_modifikace_HI_100930.pdf
[2013.11.04 11:41:49 | 031,898,685 | ---- | M] () -- C:\Users\Peter\Desktop\42301-av13_T_SVET_DEN_SPORENI_ZPR.mp4
[2013.11.02 07:56:46 | 000,188,408 | ---- | M] () -- C:\Users\Peter\Desktop\letakA4_World Basket_12.pdf
[2013.10.30 17:10:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2013.10.30 17:10:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
[2013.10.30 17:10:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013.10.28 09:29:33 | 705,967,542 | ---- | M] () -- C:\Users\Peter\Desktop\Vybijena bez do toho na plny koule DVDrip.avi
[2013.10.24 08:29:00 | 000,351,887 | ---- | M] () -- C:\Users\Peter\Documents\nabytek.pdf
[2013.10.21 13:01:00 | 000,957,019 | ---- | M] () -- C:\Users\Peter\Documents\šimonovský.pdf
[2013.10.21 13:01:00 | 000,957,019 | ---- | M] () -- C:\Users\Peter\Desktop\šimonovský.pdf
[2013.10.16 13:32:09 | 000,707,337 | ---- | M] () -- C:\Users\Peter\Desktop\9-u-19.jpg
[2013.10.16 13:14:57 | 000,035,236 | ---- | M] () -- C:\Users\Peter\Desktop\hanus.pdf
[2013.10.16 11:27:30 | 001,033,335 | ---- | M] (Thisisu) -- C:\Users\Peter\Desktop\JRT.exe
[2013.10.14 10:14:28 | 000,059,606 | ---- | M] () -- C:\Users\Peter\Desktop\1382133_10202208635680350_2139817602_n.jpg
[2013.10.13 11:48:50 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.10.13 11:38:32 | 001,048,960 | ---- | M] () -- C:\Users\Peter\Desktop\adwcleaner.exe
[2013.10.13 11:38:03 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Peter\Desktop\ATF-Cleaner.exe
[2013.10.13 09:27:06 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Peter\Desktop\hijackthis.exe

========== Files Created - No Company Name ==========

[2013.11.10 19:54:11 | 000,001,314 | ---- | C] () -- C:\Windows\tasks\HDvid Codec V1-updater.job
[2013.11.10 19:54:08 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\HDvid Codec V1-enabler.job
[2013.11.10 19:54:01 | 000,001,206 | ---- | C] () -- C:\Windows\tasks\HDvid Codec V1-codedownloader.job
[2013.11.10 17:19:09 | 000,001,285 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2013.11.06 10:49:20 | 004,012,032 | ---- | C] () -- C:\Users\Peter\Desktop\RogueKillerX64.exe
[2013.11.04 23:40:24 | 000,033,970 | ---- | C] () -- C:\Users\Peter\Desktop\Zadost o zmenu parametru smlouvy.pdf
[2013.11.04 23:39:47 | 000,060,610 | ---- | C] () -- C:\Users\Peter\Desktop\Komplexni_formular_modifikace_HI_100930.pdf
[2013.11.04 23:33:31 | 000,007,224 | ---- | C] () -- C:\Users\Peter\Desktop\Servisní schůzka Martin Bolardt2.odt
[2013.11.04 11:41:30 | 031,898,685 | ---- | C] () -- C:\Users\Peter\Desktop\42301-av13_T_SVET_DEN_SPORENI_ZPR.mp4
[2013.11.02 07:56:46 | 000,188,408 | ---- | C] () -- C:\Users\Peter\Desktop\letakA4_World Basket_12.pdf
[2013.10.30 17:10:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2013.10.30 17:10:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
[2013.10.30 17:10:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013.10.28 09:19:40 | 705,967,542 | ---- | C] () -- C:\Users\Peter\Desktop\Vybijena bez do toho na plny koule DVDrip.avi
[2013.10.24 08:29:00 | 000,351,887 | ---- | C] () -- C:\Users\Peter\Documents\nabytek.pdf
[2013.10.21 13:01:00 | 000,957,019 | ---- | C] () -- C:\Users\Peter\Documents\šimonovský.pdf
[2013.10.21 13:01:00 | 000,957,019 | ---- | C] () -- C:\Users\Peter\Desktop\šimonovský.pdf
[2013.10.16 13:32:08 | 000,707,337 | ---- | C] () -- C:\Users\Peter\Desktop\9-u-19.jpg
[2013.10.16 13:14:57 | 000,035,236 | ---- | C] () -- C:\Users\Peter\Desktop\hanus.pdf
[2013.10.14 10:14:26 | 000,059,606 | ---- | C] () -- C:\Users\Peter\Desktop\1382133_10202208635680350_2139817602_n.jpg
[2013.10.13 11:48:50 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.10.13 11:38:28 | 001,048,960 | ---- | C] () -- C:\Users\Peter\Desktop\adwcleaner.exe
[2013.10.03 14:13:49 | 001,565,228 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.17 23:48:15 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.11.28 18:09:28 | 000,001,298 | ---- | C] () -- C:\Users\Peter\.recently-used.xbel
[2012.10.26 10:41:11 | 000,043,008 | ---- | C] () -- C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.04 14:08:37 | 000,223,709 | ---- | C] () -- C:\Windows\hpoins18.dat
[2012.10.04 14:08:37 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2012.09.25 18:01:14 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2012.08.21 22:17:11 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.16 23:42:31 | 000,003,708 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\AbsoluteReminder.xml
[2012.08.16 23:41:18 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
[2012.06.07 15:21:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2012.06.07 15:21:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2012.06.07 15:21:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2012.06.07 15:14:19 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.06.07 15:14:19 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.06.07 15:14:18 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.06.07 15:14:17 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.06.07 15:13:49 | 000,001,531 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2012.06.07 15:13:49 | 000,001,531 | ---- | C] () -- C:\Windows\SysWow64\vm331Rmv.ini
[2012.02.03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.08.24 16:13:44 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\AXA
[2012.09.16 15:09:37 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Blackberry Desktop
[2013.02.17 02:27:40 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\BSplayer
[2013.02.17 02:21:59 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\BSplayer Pro
[2012.09.25 18:01:18 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\CAD-KAS
[2013.01.06 17:46:20 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\DAEMON Tools Lite
[2013.10.10 18:18:58 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\inkscape
[2012.08.16 23:46:14 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Leadertech
[2013.09.10 20:20:10 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\LSC
[2012.08.27 12:59:32 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\PDF Writer
[2012.08.24 16:18:28 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Pdf2Word
[2013.10.01 23:12:05 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\PhotoFiltre 7
[2012.08.16 23:48:10 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\PwrMgr
[2012.09.16 15:06:31 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Research In Motion
[2012.10.06 12:56:12 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Samsung
[2013.11.10 17:42:11 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\SimilarSites
[2012.08.28 22:14:50 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\StepMania 5
[2013.09.05 22:44:23 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\TuneUp Software
[2013.03.19 07:38:42 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Ulozto File Manager
[2013.11.10 19:29:50 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\uTorrent
[2013.01.03 01:19:18 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\VitySoft

========== Purity Check ==========



< End of report >

[tazky1]

OTL Extras logfile created on: 10.11.2013 20:03:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peter\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,60 Gb Total Physical Memory | 4,38 Gb Available Physical Memory | 57,66% Memory free
15,20 Gb Paging File | 11,63 Gb Available in Paging File | 76,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,59 Gb Total Space | 353,32 Gb Free Space | 51,99% Space Free | Partition Type: NTFS
Drive Q: | 17,58 Gb Total Space | 5,22 Gb Free Space | 29,68% Space Free | Partition Type: NTFS

Computer Name: PETER-THINK | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BE1792B-66F2-4391-B086-47ED58D18E24}" = lport=139 | protocol=6 | dir=in | app=system |
"{0DE2D627-970E-44B7-9470-6C602F3F9706}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{166BE295-DBAB-45BF-A03E-1C64A9FF9983}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{296A8DC7-53ED-4A3B-AAA7-D4E1E37A89F9}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{2AFC543C-2E1F-43DB-A2F2-05316AB9C8E0}" = lport=137 | protocol=17 | dir=in | app=system |
"{32CBA973-7331-43EF-B4D4-CC38405F2CA8}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{36A53603-123D-4937-83E4-994D0ABCDF48}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3FB01F9C-4F40-421E-BFE2-01FD9D089B84}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{55D38E8E-C843-4C72-8919-A45C748865CD}" = lport=445 | protocol=6 | dir=in | app=system |
"{588944B2-CC63-46A4-82E4-A78FE2FE5367}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{856D1200-04AA-44AA-9684-E4CAA895DBE9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FB8C08D-4509-48CF-8BA8-A59CF3D820BF}" = lport=138 | protocol=17 | dir=in | app=system |
"{ADB47A0C-9087-44F1-9E9A-88EEFEC35261}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF3360AB-4344-4797-8B33-1C73E608DBB7}" = rport=139 | protocol=6 | dir=out | app=system |
"{B4425C8F-3D8C-4F50-B64B-9DECA6DD4A37}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6FDEAA8-77E4-4961-976A-C451F793CC48}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B9D5B65D-34E1-4146-841C-87E1BE4BD1ED}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{BF6CE0B2-7551-4C91-9053-64D1D0AD7B66}" = rport=137 | protocol=17 | dir=out | app=system |
"{C00CA0D6-DE86-4242-AFF9-35B739FBC8C4}" = rport=138 | protocol=17 | dir=out | app=system |
"{CE16E1CE-2EDB-4FB5-A217-6B1D418E0C75}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{E9E71274-1D2A-4A2D-8A33-CDD4BE32D78F}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015D1D85-CDB3-4DC1-90B4-3241D97096B9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0920F973-62E9-493B-80E6-EB80BEC8D2D2}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0A4C0525-E8F8-4B6E-9D53-E82BEAF73CE2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{0B2C3839-2B8E-4233-BB64-B5775D98F8FA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{1C597CC9-2993-44C0-8EC1-4392746C8DE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{20ADFADE-FE25-4971-B4A2-91814022E8E4}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{230BAE9F-F9FD-4CA3-A8E7-744235029C41}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{2397AC6C-32CC-4E7C-BFE0-2AD7B1D0ADE7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{257F69C0-D2AF-458B-A1CD-C80121922B52}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{290D8395-1244-4548-B7B9-C060E7388433}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{2D2F5731-8CEC-4DC2-BCBB-19FF6B6633DC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{322D3DFB-996F-41E5-B7EC-61579932799F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{36AE6794-E8D5-4ADF-A349-49B95C9E3499}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{36B9940D-FDE6-49B0-8D7E-C688AEBAC1A9}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{451EF24B-8F09-4A24-B407-326035905A35}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{4A592DB3-8080-4619-94BB-9A84BF65B364}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4D8B798E-B232-4F74-ADC3-5B6909A23E04}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{575F3D26-B090-454F-AD71-225250B28E47}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{5F291170-7EE5-439B-9B97-AC17C99FF515}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{60B40C7F-5AD1-4A35-8148-6B934BEF91E8}" = protocol=6 | dir=in | app=c:\users\peter\appdata\local\temp\nsye84a.tmp\bundlesweetimsetup.exe |
"{62315805-EE83-4107-B10C-4C0834456568}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{66415015-A5CB-4AEF-88AA-BDD82D9AD685}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{66AA01BE-127A-4E0C-B1B3-0800C632792C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{66D5DC1B-3373-4F53-8EF1-503B3540EE12}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{6EB01983-FC26-4B8F-98CD-A786C9F2740A}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{79D72A22-FD72-4258-A309-49E0968A4F7E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{7C58E114-3891-47D7-9C87-A2F5694282DA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{8763BE58-6218-4465-8A3B-626780A97C9C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{8989F4FE-4991-4AB0-82A6-C40BFB220A98}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8A449574-5AE9-4047-AB61-F0B0897DEA5E}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{9329B96C-268E-4F93-9B43-E8D1E0619C71}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{9A2998FF-9011-47FB-8198-225C2BDE0A7E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A2DD42BD-A665-450C-8845-F2771B424404}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{A8C157FA-E1EA-4EEA-9344-3D7CE9976DCC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A93E98C0-87A5-4972-A744-F1726AEA562A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{ABDC70C4-779C-44C2-95D8-AE5E20BF0F5F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{ACE288BA-97D4-4B3F-8572-889639300EFD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C0D0918D-4AD7-4E22-B27B-31C4DE102E82}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C1A950F3-3DB2-4CC5-926B-6761C9FE8942}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{C1CDB531-853F-4B6D-AB93-4B95343642CE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{C476A090-3A46-432A-844D-F340B97521C2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C49C16AA-0559-4DDD-A53C-53FBB6A9A57D}" = protocol=17 | dir=in | app=c:\users\peter\appdata\local\temp\nsye84a.tmp\bundlesweetimsetup.exe |
"{C5EFD6EE-5E3F-439B-A23E-5D4447F65645}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{CD5A474A-BE9E-44E0-B867-DC62F82D181D}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{CE774849-6993-437E-B00F-632583BAC4DF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{D1D0B3CE-3E87-4173-8E01-0B88AD2319C5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D245EC6D-1EE7-42AB-BFA4-C3A6A68F8F57}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{D771F146-7DD3-4C80-97FC-494509241CA7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{DD3AB7CF-4B87-4DA4-B54A-EDCB63595F0E}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{DF2DA992-8B79-43BE-A0C6-992E35461F19}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E280A812-2158-4F19-8D99-A68636EAB292}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E2F5D577-1695-45C5-86B4-DBE0A6AA3EE1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E3AABBC0-97BC-4EBC-A06C-BA8A05A2F26C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{ECA9598B-57DB-4F94-B861-FCA61D516C2A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{F0F45792-D1FA-44F4-87BC-07F5ECC17CC3}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{F3BF76CD-6DE6-45FB-9C16-9BD4CB82A2DC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FACA269F-C917-4859-B4E1-4EB8F5E5E342}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{FF5A380D-730B-45C3-969E-0C4C88181F85}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"TCP Query User{6B6E3A1D-AFC6-4B81-9F01-0ACFB8BA3D5F}C:\program files\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\jre\bin\javaw.exe |
"TCP Query User{B9B12505-7F2C-467F-B4A9-EFCD24DB5865}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{6099B714-3968-48E0-8FE8-284B41FA2E8F}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{A4A5C672-DFBF-4333-A38A-7AF1AE2F8620}C:\program files\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\jre\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C83CB66-D345-4D6C-95A2-63A03269ADA0}" = Lenovo Patch Utility 64 bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{520C4DD4-2BC7-409B-BA48-E1A4F832662D}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{792920BD-8D8D-4868-AE2F-16F4B05D3AE9}" = Lenovo Solution Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC7CE075-0A45-4DC0-A973-67626CF41144}" = Lenovo Graphics Software
"{C3BC4C2C-39C1-44E1-B4B7-6AAA22D469EE}" = DisplayLink Core Software
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DF8F4026-E6DC-474C-90D2-BCE9888786F8}" = AuthenTec TrueSuite
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Software Intel® PROSet/Wireless WiFi
"{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}" = Lenovo SimpleTap
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"53CE7B1BC59606C63D695E5A6C0B9259B800912C" = Windows Driver Package - Synaptics (SynTP) Mouse (12/23/2011 15.3.39.1)
"64A62163FE43328D13305746CB8BCC93F2DF6545" = Windows Driver Package - Intel (iaStor) hdc (11/29/2011 11.0.0.1032)
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 8.2.0.1406
"CCleaner" = CCleaner
"E3535F123E7F666D573665142F90D3E5004DC326" = Windows Driver Package - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"KONICA MINOLTA Universal PCL" = KONICA MINOLTA Universal PCL
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OnScreenDisplay" = On Screen Display
"Power Management Driver" = Lenovo Power Management Driver
"ProInst" = Intel PROSet Wireless
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{111225F7-13A9-4AD6-A759-C7923C8981E6}" = BCL easyConverter 3.0 RTF SDK Module
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{40F4FF7A-B214-4453-B973-080B09CED019}" = Absolute Reminder
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D452D-5637-006A-76A7-A758B70C0700}" = Ask Toolbar
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{5598FBEB-CEB5-41CE-BAA4-70128DF02FFB}" = BCL easyConverter 3.0 Licensing Module (BCL License)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B5DEF99-85E9-423D-A1A3-B83202697B09}" = Lenovo Solutions for Small Business Customizations
"{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}" = Intel(R) Update Manager
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{662B363D-BFC0-45F3-A062-8FC27C8BB7A3}" = Expert
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A6D86CD-B004-46b7-8951-7BB75A776F8C}" = Lenovo Solutions for Small Business
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}" = Message Center Plus
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel(R) WiDi
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83E61899-81B2-4F35-A3EB-42CF51B94BBD}" = BCL easyConverter 3.0 Loader SDK Module
"{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}" = BlackBerry Desktop Software 6.0.1
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A7BB9BBD-DFE4-4276-820A-7CD141FC09E6}" = Lenovo Patch Utility
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Integrated Camera
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C82D8932-EB28-4da6-9582-33D515D46F04}" = Huawei Drivers
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Power Manager
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1BDAC32-B358-442C-A337-D91BA0386824}" = BCL easyConverter 3.0 SDK Module
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8D605A4-979D-43FF-9FD5-6BDDF1E3E288}" = BCL easyConverter 3.0 Module (Loader, BCL License)
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBE9E2A1-E7F0-42AA-875A-E230EB9AFA19}" = BCL easyConverter 3.0 Module (RTF, BCL License)
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownload" = HDVidCodec
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.1
"BSPlayerf" = BS.Player FREE
"DAEMON Tools Lite" = DAEMON Tools Lite
"EasyCapture_is1" = EasyCapture 1.2.0.0
"Fastboot" = RapidBoot HDD Accelerator
"Google Chrome" = Google Chrome
"HDvid Codec V1" = HDvid Codec V1
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"Kalkulátory_is1" = ČSOBP Kalkulátory 1.10.1.0 (Neživotní pojištění)
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDF Editor 3" = PDF Editor 3
"PDF2Word Converter (bioPDF)_is1" = PDF2Word Converter Version 1.0.8 (Build 164, bioPDF)
"PowerISO" = PowerISO
"StepMania" = StepMania 3.9 (remove only)
"StepMania 5" = StepMania v5.0 alpha 3 (remove only)
"The KMPlayer" = The KMPlayer (remove only)
"T-Mobile Communication Centre" = Web'n'walk Manager
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"be3a3e1a435c5997" = AXA Studio
"ff26c4119fa8a9b0" = Partners ANAKIN
"PhotoFiltre 7" = PhotoFiltre 7

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8.11.2013 18:44:29 | Computer Name = Peter-THINK | Source = WinMgmt | ID = 10
Description =

Error - 9.11.2013 14:29:51 | Computer Name = Peter-THINK | Source = WinMgmt | ID = 10
Description =

Error - 9.11.2013 18:10:00 | Computer Name = Peter-THINK | Source = System Restore | ID = 8193
Description =

Error - 9.11.2013 19:00:00 | Computer Name = Peter-THINK | Source = System Restore | ID = 8193
Description =

Error - 9.11.2013 19:30:07 | Computer Name = Peter-THINK | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Lenovo\Lenovo Solution
Center\App\diag\flex_comm_sample.exe se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 9.11.2013 19:31:34 | Computer Name = Peter-THINK | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Lenovo\lenovo solution
center\App\diag\flex_comm_sample.exe se nezdařilo. Závislé sestavení Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 10.11.2013 3:17:37 | Computer Name = Peter-THINK | Source = WinMgmt | ID = 10
Description =

Error - 10.11.2013 3:28:04 | Computer Name = Peter-THINK | Source = WinMgmt | ID = 10
Description =

Error - 10.11.2013 12:45:18 | Computer Name = Peter-THINK | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Mini Golf Pro.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: Mini Golf Pro.exe, verze: 0.0.0.0,
časové razítko: 0x2a425e19 Kód výjimky: 0xc0000005 Posun chyby: 0x00004062 ID chybujícího
procesu: 0x2640 Čas spuštění chybující aplikace: 0x01cede343c7b4583 Cesta k chybující
aplikaci: C:\Program Files (x86)\S64Games\Mini Golf Pro\Mini Golf Pro.exe Cesta
k chybujícímu modulu: C:\Program Files (x86)\S64Games\Mini Golf Pro\Mini Golf Pro.exe
ID
zprávy: 7ab750e6-4a27-11e3-b24d-685d437d54a5

Error - 10.11.2013 12:53:20 | Computer Name = Peter-THINK | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Mini Golf Pro.exe, verze: 0.0.0.0, časové
razítko: 0x2a425e19 Název chybujícího modulu: Mini Golf Pro.exe, verze: 0.0.0.0,
časové razítko: 0x2a425e19 Kód výjimky: 0xc0000005 Posun chyby: 0x00004062 ID chybujícího
procesu: 0x8cc0 Čas spuštění chybující aplikace: 0x01cede355add100c Cesta k chybující
aplikaci: C:\Program Files (x86)\S64Games\Mini Golf Pro\Mini Golf Pro.exe Cesta
k chybujícímu modulu: C:\Program Files (x86)\S64Games\Mini Golf Pro\Mini Golf Pro.exe
ID
zprávy: 9a07bf2f-4a28-11e3-b24d-685d437d54a5

[ Intel(R) SBA Events ]
Error - 8.7.2013 18:05:31 | Computer Name = Peter-THINK | Source = Intel(R) Small Business Advantage Service | ID = 28672
Description = A critical error occurred. If restarting the computer does not solve
the problem, please reinstall Intel(R) Small Business Advantage. System.Runtime.InteropServices.COMException
(0x800706BA): Server RPC není k dispozici. (Výjimka na základě hodnoty HRESULT:
0x800706BA) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.Instrumentation.EventSource.IndicateEvents(Int32
length, IntPtr[] objects) v System.Management.Instrumentation.InstrumentedAssembly.TypeInfo.Fire(Object
o) v System.Management.Instrumentation.InstrumentedAssembly.Fire(Type t, Object
o) v System.Management.Instrumentation.InstrumentedAssembly.Fire(Object o)
v System.Management.Instrumentation.Instrumentation.Fire(Object eventData) v Intel.SBA.ServiceManager.MessageEvent.SBA_MessageEvent.Fire(SbaMessage
alert) v Intel.SBA.ServiceManager.Service.Messages.AddMessage(SbaMessage message)

v Intel.SBA.ServiceManager.Service.Messages.AddMessage(Guid applicationId, String
applicationName, MessagesId eventId, SeverityLevel eventSeverityLevel, SeverityLevel
applicationSeverityLevel, Object[] args) v Intel.SBA.ServiceManager.Service.Messages.AddMessage(Guid
applicationId, MessagesId applicationName, MessagesId eventId, SeverityLevel eventSeverityLevel,
SeverityLevel applicationSeverityLevel, Object[] args) v Intel.SBA.EnergySaver.Service.EnergySaver.OnPowerEvent(PowerBroadcastStatus
powerStatus) v Intel.SBA.EnergySaver.Service.EnergySaverServicePiece.OnPowerEvent(PowerBroadcastStatus
powerStatus) v Intel.SBA.WindowsService.ServiceHost.<>c__DisplayClass8.<OnPowerEvent>b__5()

v System.Threading.ThreadHelper.ThreadStart_Context(Object state) v System.Threading.ExecutionContext.Run(ExecutionContext
executionContext, ContextCallback callback, Object state) v System.Threading.ThreadHelper.ThreadStart()

Error - 6.8.2013 7:48:28 | Computer Name = Peter-THINK | Source = Intel(R) Small Business Advantage Service | ID = 28672
Description = A critical error occurred. If restarting the computer does not solve
the problem, please reinstall Intel(R) Small Business Advantage. System.Runtime.InteropServices.COMException
(0x800706BA): Server RPC není k dispozici. (Výjimka na základě hodnoty HRESULT:
0x800706BA) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.Instrumentation.EventSource.IndicateEvents(Int32
length, IntPtr[] objects) v System.Management.Instrumentation.InstrumentedAssembly.TypeInfo.Fire(Object
o) v System.Management.Instrumentation.InstrumentedAssembly.Fire(Type t, Object
o) v System.Management.Instrumentation.InstrumentedAssembly.Fire(Object o)
v System.Management.Instrumentation.Instrumentation.Fire(Object eventData) v Intel.SBA.ServiceManager.MessageEvent.SBA_MessageEvent.Fire(SbaMessage
alert) v Intel.SBA.ServiceManager.Service.Messages.AddMessage(SbaMessage message)

v Intel.SBA.ServiceManager.Service.Messages.AddMessage(Guid applicationId, String
applicationName, MessagesId eventId, SeverityLevel eventSeverityLevel, SeverityLevel
applicationSeverityLevel, Object[] args) v Intel.SBA.ServiceManager.Service.Messages.AddMessage(Guid
applicationId, MessagesId applicationName, MessagesId eventId, SeverityLevel eventSeverityLevel,
SeverityLevel applicationSeverityLevel, Object[] args) v Intel.SBA.EnergySaver.Service.EnergySaver.OnPowerEvent(PowerBroadcastStatus
powerStatus) v Intel.SBA.EnergySaver.Service.EnergySaverServicePiece.OnPowerEvent(PowerBroadcastStatus
powerStatus) v Intel.SBA.WindowsService.ServiceHost.<>c__DisplayClass8.<OnPowerEvent>b__5()

v System.Threading.ThreadHelper.ThreadStart_Context(Object state) v System.Threading.ExecutionContext.Run(ExecutionContext
executionContext, ContextCallback callback, Object state) v System.Threading.ThreadHelper.ThreadStart()

Error - 26.10.2013 8:41:45 | Computer Name = Peter-THINK | Source = Intel(R) Small Business Advantage Service | ID = 28672
Description = A critical error occurred. If restarting the computer does not solve
the problem, please reinstall Intel(R) Small Business Advantage. System.Runtime.InteropServices.COMException
(0x800706BA): Server RPC není k dispozici. (Výjimka na základě hodnoty HRESULT:
0x800706BA) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.Instrumentation.EventSource.IndicateEvents(Int32
length, IntPtr[] objects) v System.Management.Instrumentation.InstrumentedAssembly.TypeInfo.Fire(Object
o) v System.Management.Instrumentation.InstrumentedAssembly.Fire(Type t, Object
o) v System.Management.Instrumentation.InstrumentedAssembly.Fire(Object o)
v System.Management.Instrumentation.Instrumentation.Fire(Object eventData) v Intel.SBA.ServiceManager.MessageEvent.SBA_MessageEvent.Fire(SbaMessage
alert) v Intel.SBA.ServiceManager.Service.Messages.AddMessage(SbaMessage message)

v Intel.SBA.ServiceManager.Service.Messages.AddMessage(Guid applicationId, String
applicationName, MessagesId eventId, SeverityLevel eventSeverityLevel, SeverityLevel
applicationSeverityLevel, Object[] args) v Intel.SBA.ServiceManager.Service.Messages.AddMessage(Guid
applicationId, MessagesId applicationName, MessagesId eventId, SeverityLevel eventSeverityLevel,
SeverityLevel applicationSeverityLevel, Object[] args) v Intel.SBA.EnergySaver.Service.EnergySaver.OnPowerEvent(PowerBroadcastStatus
powerStatus) v Intel.SBA.EnergySaver.Service.EnergySaverServicePiece.OnPowerEvent(PowerBroadcastStatus
powerStatus) v Intel.SBA.WindowsService.ServiceHost.<>c__DisplayClass8.<OnPowerEvent>b__5()

v System.Threading.ThreadHelper.ThreadStart_Context(Object state) v System.Threading.ExecutionContext.Run(ExecutionContext
executionContext, ContextCallback callback, Object state) v System.Threading.ThreadHelper.ThreadStart()

[ Lenovo-Lenovo Patch Utility/Admin Events ]
Error - 12.10.2012 3:33:12 | Computer Name = Peter-THINK | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "http://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 12.10.2012 3:33:12 | Computer Name = Peter-THINK | Source = Lenovo Patch Utility | ID = 2
Description = manifest file was not found on server

Error - 28.12.2012 10:26:02 | Computer Name = Peter-THINK | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "http://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 28.12.2012 10:26:02 | Computer Name = Peter-THINK | Source = Lenovo Patch Utility | ID = 2
Description = manifest file was not found on server

Error - 28.12.2012 10:26:02 | Computer Name = Peter-THINK | Source = Lenovo Patch Utility | ID = 2
Description = Failed to get available patch. Return 2.

Error - 27.2.2013 4:18:11 | Computer Name = Peter-THINK | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "http://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches/x64//PM.manifest.xml".
Error message: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 27.2.2013 4:18:11 | Computer Name = Peter-THINK | Source = Lenovo Patch Utility | ID = 2
Description = manifest file was not found on server

[ Lenovo-Message Center Plus/Admin Events ]
Error - 6.10.2013 1:14:51 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 6.10.2013 9:18:21 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 6.10.2013 9:18:35 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 6.10.2013 9:18:49 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 9.10.2013 16:37:14 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 9.10.2013 16:37:14 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 9.10.2013 16:37:14 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 25.10.2013 2:16:56 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 25.10.2013 2:17:11 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 25.10.2013 2:17:25 | Computer Name = Peter-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

[ System Events ]
Error - 10.11.2013 3:17:20 | Computer Name = Peter-THINK | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (2:50:25, ?10.?11.?2013) bylo neočekávané.

Error - 10.11.2013 3:17:27 | Computer Name = Peter-THINK | Source = Service Control Manager | ID = 7023
Description = Služba avast! Antivirus byla ukončena s následující chybou: %%127

Error - 10.11.2013 3:19:54 | Computer Name = Peter-THINK | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 10.11.2013 3:19:54 | Computer Name = Peter-THINK | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 10.11.2013 3:24:08 | Computer Name = Peter-THINK | Source = Service Control Manager | ID = 7034
Description = Služba hpqcxs08 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 10.11.2013 3:24:08 | Computer Name = Peter-THINK | Source = Service Control Manager | ID = 7034
Description = Služba Služba HP CUE DeviceDiscovery byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 10.11.2013 3:27:59 | Computer Name = Peter-THINK | Source = Service Control Manager | ID = 7023
Description = Služba avast! Antivirus byla ukončena s následující chybou: %%127

Error - 10.11.2013 3:28:31 | Computer Name = Peter-THINK | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 9 ID procesoru: 0 Další informace jsou obsaženy v podrobném zobrazení
tohoto záznamu.

Error - 10.11.2013 3:30:38 | Computer Name = Peter-THINK | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 10.11.2013 3:30:38 | Computer Name = Peter-THINK | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >

[jaro3]

Odinstaluj:
HDvid Codec V1

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://my.myplaycity.com/results.php?category=web&s={searchTerms}
FF - prefs.js..browser.search.defaultengine: "Ask Search"
FF - prefs.js..browser.search.defaultenginename: "Ask Search"
FF - prefs.js..browser.search.order.1: "Ask Search"
FF - prefs.js..browser.search.selectedEngine: "Ask Search"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.startup.homepage: "http://www.search.ask.com/?tpid=CME-V7&o=APN11293&pf=&trgb=FF&p2=%5EB7N%5EYYYYYY%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EB7N&apn_dtid=%5EYYYYYY%5EYY%5ECZ&apn_dbr=ff_20.0&apn_uid=13E02550-BB23-48DA-864D-EB774507C439&itbv=12.7.0.2278&doi=2013-11-10&psv=barid%253D156477629026421874755872332811381593253%2526cargo%253DCME%252DV7%2526spr%253Da%2526did%253D10715%2526ppd%253D"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@ei.VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll File not found
[2012.08.18 22:22:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Extensions
[2013.11.10 19:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions
[2013.11.10 17:42:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profilespn827v07.default-1354228200579\extensions
[2012.12.23 01:16:14 | 000,005,460 | ---- | M] () (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\50d65192f0f65@50d65192f0f9f.com.xpi
[2013.11.10 19:59:51 | 000,534,941 | ---- | M] () (No name found) -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\toolbar_CME-V7@apn.ask.com.xpi
[2013.11.10 19:59:50 | 000,002,661 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\searchplugins\ask-search.xml
[2013.04.25 19:31:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
O2:64bit: - BHO: (HDvid Codec V1) - {11111111-1111-1111-1111-110311431162} - C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho64.dll (installdaddy)
O2 - BHO: (HDvid Codec V1) - {11111111-1111-1111-1111-110311431162} - C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho.dll (installdaddy)
O3:64bit: - HKLM\..\Toolbar: (TrueSuite Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\AuthenTec TrueSuite\IEBHO.dll (AuthenTec Inc.)
O3 - HKLM\..\Toolbar: (TrueSuite Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\ProgramData\AskPartnerNetwork
C:\Program Files (x86)\AskPartnerNetwork
C:\ProgramData\APN

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{434D452D-5637-006A-76A7-A758B70C0700}" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[tazky1]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
No active process named Program Files was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Prefs.js: "Ask Search" removed from browser.search.defaultengine
Prefs.js: "Ask Search" removed from browser.search.defaultenginename
Prefs.js: "Ask Search" removed from browser.search.order.1
Prefs.js: "Ask Search" removed from browser.search.selectedEngine
Prefs.js: S", "" removed from browser.search.selectedEngine,S
Prefs.js: "http://www.search.ask.com/?tpid=CME-V7&o=APN11293&pf=&trgb=FF&p2=%5EB7N%5EYYYYYY%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EB7N&apn_dtid=%5EYYYYYY%5EYY%5ECZ&apn_dbr=ff_20.0&apn_uid=13E02550-BB23-48DA-864D-EB774507C439&itbv=12.7.0.2278&doi=2013-11-10&psv=barid%253D156477629026421874755872332811381593253%2526cargo%253DCME%252DV7%2526spr%253Da%2526did%253D10715%2526ppd%253D" removed from browser.startup.homepage
Prefs.js: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ei.VideoDownloadConverter_4z.com/Plugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local\modules folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults\preferences folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\components folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\chrome folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\WebSiteRecommendation@weliketheweb.com\chrome\skin\classic folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\WebSiteRecommendation@weliketheweb.com\chrome\skin folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\WebSiteRecommendation@weliketheweb.com\chrome\locale\en-US folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\WebSiteRecommendation@weliketheweb.com\chrome\locale folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\WebSiteRecommendation@weliketheweb.com\chrome\content folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\WebSiteRecommendation@weliketheweb.com\chrome folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\WebSiteRecommendation@weliketheweb.com folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profilespn827v07.default-1354228200579\extensions\staged\WebSiteRecommendation@weliketheweb.com folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profilespn827v07.default-1354228200579\extensions\staged folder moved successfully.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profilespn827v07.default-1354228200579\extensions folder moved successfully.
File C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\50d65192f0f65@50d65192f0f9f.com.xpi not found.
File C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\extensions\toolbar_CME-V7@apn.ask.com.xpi not found.
C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\pn827v07.default-1354228200579\searchplugins\ask-search.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311431162}\ deleted successfully.
C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho64.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311431162}\ deleted successfully.
C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C98EE38D-21E4-4A50-907D-2B56FEC7013E} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C98EE38D-21E4-4A50-907D-2B56FEC7013E}\ deleted successfully.
C:\Program Files\AuthenTec TrueSuite\IEBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C98EE38D-21E4-4A50-907D-2B56FEC7013E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C98EE38D-21E4-4A50-907D-2B56FEC7013E}\ deleted successfully.
C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] not found.
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 11152013_235040

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...