Trojan:JS/FrameRef Vyřešeno

[jaro3]

Musím tam dát myší :
Zobrazovat skryté sopubory a složky , to tam ve sreenu nemáš..

Nemáš zač , od toho jsme tu ..
v raru je to na nic ,rar smaž. musíš mít rozbalený a vyjmutý soubor remover.exe na ploše. Proto se nic neprovedlo. Nic zatím nevypaluj , vyber soubor na plochu a zkus znovu ty příkazy..

[Reklama]

[jaruska]

Teda já jsem trdlo, povolím chráněné soubory OS a nepovolím skryté...
1. složka C:\System Volume Information - hláška "Přístup odepřen", vlastnosti viz screen 1
2. rar removeru je smazaný, remover.exe na ploše, zkusila jsem remover znova a udělal se log (když jsem ho spustila z raru tak se log neudělal)
3. nechala jsem znova nabootovat PC z cédéčka a výsledek je stejný jako při minulé odpovědi

[jaruska]

tady je ten log z removeru
1. část

.\debug.cpp(238) : Debug log started at 31.01.2013 - 19:30:58
.\boot_cleaner.cpp(527) : Bootkit Remover
.\boot_cleaner.cpp(528) : (c) 2009 Esage Lab
.\boot_cleaner.cpp(529) : www.esagelab.com
.\boot_cleaner.cpp(533) : Program version: 1.2.0.1
.\boot_cleaner.cpp(540) : OS Version: Microsoft Windows 7 Service Pack 1 (build 7601), 64-bit
.\debug.cpp(248) : **********************************************
.\debug.cpp(249) : *** [ LOADED MODULES INFORMATION ] ***********
.\debug.cpp(250) : **********************************************
.\debug.cpp(256) : 0x03008000 0x005e8000 "\SystemRoot\system32\ntoskrnl.exe"
.\debug.cpp(256) : 0x035f0000 0x00049000 "\SystemRoot\system32\hal.dll"
.\debug.cpp(256) : 0x00ba3000 0x0000a000 "\SystemRoot\system32\kdcom.dll"
.\debug.cpp(256) : 0x00cbf000 0x0004f000 "\SystemRoot\system32\mcupdate_GenuineIntel.dll"
.\debug.cpp(256) : 0x00d0e000 0x00014000 "\SystemRoot\system32\PSHED.dll"
.\debug.cpp(256) : 0x00d22000 0x0005e000 "\SystemRoot\system32\CLFS.SYS"
.\debug.cpp(256) : 0x00e9c000 0x000c0000 "\SystemRoot\system32\CI.dll"
.\debug.cpp(256) : 0x01073000 0x000c2000 "\SystemRoot\system32\drivers\Wdf01000.sys"
.\debug.cpp(256) : 0x01135000 0x00010000 "\SystemRoot\system32\drivers\WDFLDR.SYS"
.\debug.cpp(256) : 0x01145000 0x00057000 "\SystemRoot\system32\drivers\ACPI.sys"
.\debug.cpp(256) : 0x0119c000 0x00009000 "\SystemRoot\system32\drivers\WMILIB.SYS"
.\debug.cpp(256) : 0x011a5000 0x0000a000 "\SystemRoot\system32\drivers\msisadrv.sys"
.\debug.cpp(256) : 0x011af000 0x00033000 "\SystemRoot\system32\drivers\pci.sys"
.\debug.cpp(256) : 0x011e2000 0x0000d000 "\SystemRoot\system32\drivers\vdrvroot.sys"
.\debug.cpp(256) : 0x01000000 0x00015000 "\SystemRoot\System32\drivers\partmgr.sys"
.\debug.cpp(256) : 0x01015000 0x00009000 "\SystemRoot\system32\drivers\compbatt.sys"
.\debug.cpp(256) : 0x0101e000 0x0000c000 "\SystemRoot\system32\drivers\BATTC.SYS"
.\debug.cpp(256) : 0x0102a000 0x00015000 "\SystemRoot\system32\drivers\volmgr.sys"
.\debug.cpp(256) : 0x00f5c000 0x0005c000 "\SystemRoot\System32\drivers\volmgrx.sys"
.\debug.cpp(256) : 0x0103f000 0x0001a000 "\SystemRoot\System32\drivers\mountmgr.sys"
.\debug.cpp(256) : 0x0121a000 0x00154000 "\SystemRoot\system32\DRIVERS\iaStor.sys"
.\debug.cpp(256) : 0x0136e000 0x00009000 "\SystemRoot\system32\drivers\atapi.sys"
.\debug.cpp(256) : 0x01377000 0x0002a000 "\SystemRoot\system32\drivers\ataport.SYS"
.\debug.cpp(256) : 0x013a1000 0x0000b000 "\SystemRoot\system32\drivers\msahci.sys"
.\debug.cpp(256) : 0x013ac000 0x00010000 "\SystemRoot\system32\drivers\PCIIDEX.SYS"
.\debug.cpp(256) : 0x013bc000 0x0000b000 "\SystemRoot\system32\drivers\amdxata.sys"
.\debug.cpp(256) : 0x00e00000 0x0004c000 "\SystemRoot\system32\drivers\fltmgr.sys"
.\debug.cpp(256) : 0x013c7000 0x00014000 "\SystemRoot\system32\drivers\fileinfo.sys"
.\debug.cpp(256) : 0x00e4c000 0x00038000 "\SystemRoot\system32\DRIVERS\MpFilter.sys"
.\debug.cpp(256) : 0x0145d000 0x001a3000 "\SystemRoot\System32\Drivers\Ntfs.sys"
.\debug.cpp(256) : 0x00d80000 0x0005e000 "\SystemRoot\System32\Drivers\msrpc.sys"
.\debug.cpp(256) : 0x01400000 0x0001b000 "\SystemRoot\System32\Drivers\ksecdd.sys"
.\debug.cpp(256) : 0x00c00000 0x00072000 "\SystemRoot\System32\Drivers\cng.sys"
.\debug.cpp(256) : 0x0141b000 0x00011000 "\SystemRoot\System32\drivers\pcw.sys"
.\debug.cpp(256) : 0x0142c000 0x0000a000 "\SystemRoot\System32\Drivers\Fs_Rec.sys"
.\debug.cpp(256) : 0x0168f000 0x000f2000 "\SystemRoot\system32\drivers\ndis.sys"
.\debug.cpp(256) : 0x01781000 0x00060000 "\SystemRoot\system32\drivers\NETIO.SYS"
.\debug.cpp(256) : 0x01600000 0x0002a000 "\SystemRoot\System32\Drivers\ksecpkg.sys"
.\debug.cpp(256) : 0x01815000 0x00201000 "\SystemRoot\System32\drivers\tcpip.sys"
.\debug.cpp(256) : 0x01a16000 0x0004a000 "\SystemRoot\System32\drivers\fwpkclnt.sys"
.\debug.cpp(256) : 0x01a60000 0x00010000 "\SystemRoot\system32\drivers\vmstorfl.sys"
.\debug.cpp(256) : 0x01a70000 0x0004c000 "\SystemRoot\system32\drivers\volsnap.sys"
.\debug.cpp(256) : 0x01abc000 0x0000a000 "\SystemRoot\System32\DRIVERS\ApsHM64.sys"
.\debug.cpp(256) : 0x01ac6000 0x00008000 "\SystemRoot\System32\Drivers\spldr.sys"
.\debug.cpp(256) : 0x01ace000 0x0003a000 "\SystemRoot\System32\drivers\rdyboost.sys"
.\debug.cpp(256) : 0x01b08000 0x00026000 "\SystemRoot\System32\DRIVERS\Apsx64.sys"
.\debug.cpp(256) : 0x01b2e000 0x00012000 "\SystemRoot\System32\Drivers\mup.sys"
.\debug.cpp(256) : 0x01b40000 0x00009000 "\SystemRoot\System32\drivers\hwpolicy.sys"
.\debug.cpp(256) : 0x01b49000 0x0003a000 "\SystemRoot\System32\DRIVERS\fvevol.sys"
.\debug.cpp(256) : 0x01b83000 0x00016000 "\SystemRoot\system32\drivers\disk.sys"
.\debug.cpp(256) : 0x01b99000 0x00030000 "\SystemRoot\system32\drivers\CLASSPNP.SYS"
.\debug.cpp(256) : 0x02e00000 0x0002a000 "\SystemRoot\system32\DRIVERS\cdrom.sys"
.\debug.cpp(256) : 0x02e2a000 0x00009000 "\SystemRoot\System32\Drivers\Null.SYS"
.\debug.cpp(256) : 0x02e33000 0x00007000 "\SystemRoot\System32\Drivers\Beep.SYS"
.\debug.cpp(256) : 0x0f253000 0x011a5000 "\??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS"
.\debug.cpp(256) : 0x0f200000 0x0000e000 "\SystemRoot\System32\drivers\vga.sys"
.\debug.cpp(256) : 0x0f20e000 0x00025000 "\SystemRoot\System32\drivers\VIDEOPRT.SYS"
.\debug.cpp(256) : 0x0f233000 0x00010000 "\SystemRoot\System32\drivers\watchdog.sys"
.\debug.cpp(256) : 0x0f243000 0x00009000 "\SystemRoot\System32\DRIVERS\RDPCDD.sys"
.\debug.cpp(256) : 0x02e3a000 0x00009000 "\SystemRoot\system32\drivers\rdpencdd.sys"
.\debug.cpp(256) : 0x02e43000 0x00009000 "\SystemRoot\system32\drivers\rdprefmp.sys"
.\debug.cpp(256) : 0x02e4c000 0x0000b000 "\SystemRoot\System32\Drivers\Msfs.SYS"
.\debug.cpp(256) : 0x02e57000 0x00011000 "\SystemRoot\System32\Drivers\Npfs.SYS"
.\debug.cpp(256) : 0x02e68000 0x00022000 "\SystemRoot\system32\DRIVERS\tdx.sys"
.\debug.cpp(256) : 0x02e8a000 0x0000d000 "\SystemRoot\system32\DRIVERS\TDI.SYS"
.\debug.cpp(256) : 0x04280000 0x00089000 "\SystemRoot\system32\drivers\afd.sys"
.\debug.cpp(256) : 0x04309000 0x00045000 "\SystemRoot\System32\DRIVERS\netbt.sys"
.\debug.cpp(256) : 0x0434e000 0x0000b000 "\SystemRoot\system32\drivers\ws2ifsl.sys"
.\debug.cpp(256) : 0x04359000 0x00009000 "\SystemRoot\system32\DRIVERS\wfplwf.sys"
.\debug.cpp(256) : 0x04362000 0x00026000 "\SystemRoot\system32\DRIVERS\pacer.sys"
.\debug.cpp(256) : 0x04388000 0x00016000 "\SystemRoot\system32\DRIVERS\vwififlt.sys"
.\debug.cpp(256) : 0x0439e000 0x0000f000 "\SystemRoot\system32\DRIVERS\netbios.sys"
.\debug.cpp(256) : 0x043ad000 0x0001b000 "\SystemRoot\system32\DRIVERS\wanarp.sys"
.\debug.cpp(256) : 0x04200000 0x00041000 "\SystemRoot\System32\drivers\truecrypt.sys"
.\debug.cpp(256) : 0x04241000 0x00007000 "\SystemRoot\System32\drivers\Tppwr64v.sys"
.\debug.cpp(256) : 0x04248000 0x00014000 "\SystemRoot\system32\DRIVERS\termdd.sys"
.\debug.cpp(256) : 0x0162a000 0x00051000 "\SystemRoot\system32\DRIVERS\rdbss.sys"
.\debug.cpp(256) : 0x0425c000 0x0000c000 "\SystemRoot\system32\drivers\nsiproxy.sys"
.\debug.cpp(256) : 0x04268000 0x0000b000 "\SystemRoot\system32\DRIVERS\mssmbios.sys"
.\debug.cpp(256) : 0x04273000 0x00007000 "\SystemRoot\system32\DRIVERS\smiifx64.sys"
.\debug.cpp(256) : 0x043c8000 0x0000a000 "\??\C:\Windows\system32\drivers\HWiNFO64A.SYS"
.\debug.cpp(256) : 0x043d2000 0x0000c000 "\SystemRoot\System32\Drivers\ElbyCDIO.sys"
.\debug.cpp(256) : 0x043de000 0x0000f000 "\SystemRoot\System32\drivers\discache.sys"
.\debug.cpp(256) : 0x044c7000 0x00083000 "\SystemRoot\system32\drivers\csc.sys"
.\debug.cpp(256) : 0x0454a000 0x0001e000 "\SystemRoot\System32\Drivers\dfsc.sys"
.\debug.cpp(256) : 0x04568000 0x00011000 "\SystemRoot\system32\DRIVERS\blbdrive.sys"
.\debug.cpp(256) : 0x04579000 0x00026000 "\SystemRoot\system32\DRIVERS\tunnel.sys"
.\debug.cpp(256) : 0x04a23000 0x00bbd000 "\SystemRoot\system32\DRIVERS\igdkmd64.sys"
.\debug.cpp(256) : 0x0b011000 0x000f4000 "\SystemRoot\System32\drivers\dxgkrnl.sys"
.\debug.cpp(256) : 0x0b105000 0x00046000 "\SystemRoot\System32\drivers\dxgmms1.sys"
.\debug.cpp(256) : 0x0b14b000 0x00011000 "\SystemRoot\system32\DRIVERS\HECIx64.sys"
.\debug.cpp(256) : 0x0b15c000 0x00011000 "\SystemRoot\system32\DRIVERS\usbehci.sys"
.\debug.cpp(256) : 0x0b16d000 0x00056000 "\SystemRoot\system32\DRIVERS\USBPORT.SYS"
.\debug.cpp(256) : 0x0b1c3000 0x00024000 "\SystemRoot\system32\DRIVERS\HDAudBus.sys"
.\debug.cpp(256) : 0x04400000 0x00067000 "\SystemRoot\system32\DRIVERS\Rt64win7.sys"
.\debug.cpp(256) : 0x055e0000 0x0001e000 "\SystemRoot\system32\DRIVERS\risdxc64.sys"
.\debug.cpp(256) : 0x0bab8000 0x00888000 "\SystemRoot\system32\DRIVERS\NETwNs64.sys"
.\debug.cpp(256) : 0x0c340000 0x0000d000 "\SystemRoot\system32\DRIVERS\vwifibus.sys"
.\debug.cpp(256) : 0x0c34d000 0x00005000 "\SystemRoot\system32\DRIVERS\CmBatt.sys"
.\debug.cpp(256) : 0x0c352000 0x0000d000 "\SystemRoot\system32\DRIVERS\ibmpmdrv.sys"
.\debug.cpp(256) : 0x0c35f000 0x0001e000 "\SystemRoot\system32\DRIVERS\i8042prt.sys"
.\debug.cpp(256) : 0x0c37d000 0x0000f000 "\SystemRoot\system32\DRIVERS\kbdclass.sys"
.\debug.cpp(256) : 0x0c38c000 0x0006b000 "\SystemRoot\system32\DRIVERS\SynTP.sys"
.\debug.cpp(256) : 0x0c3f7000 0x00002000 "\SystemRoot\system32\DRIVERS\USBD.SYS"
.\debug.cpp(256) : 0x0ba00000 0x0000f000 "\SystemRoot\system32\DRIVERS\mouclass.sys"
.\debug.cpp(256) : 0x0ba0f000 0x00016000 "\SystemRoot\system32\DRIVERS\intelppm.sys"
.\debug.cpp(256) : 0x0ba25000 0x00010000 "\SystemRoot\system32\DRIVERS\CompositeBus.sys"
.\debug.cpp(256) : 0x0ba35000 0x00016000 "\SystemRoot\system32\DRIVERS\AgileVpn.sys"
.\debug.cpp(256) : 0x0ba4b000 0x00024000 "\SystemRoot\system32\DRIVERS\rasl2tp.sys"
.\debug.cpp(256) : 0x0ba6f000 0x0000c000 "\SystemRoot\system32\DRIVERS\ndistapi.sys"
.\debug.cpp(256) : 0x0ba7b000 0x0002f000 "\SystemRoot\system32\DRIVERS\ndiswan.sys"
.\debug.cpp(256) : 0x04a00000 0x0001b000 "\SystemRoot\system32\DRIVERS\raspppoe.sys"
.\debug.cpp(256) : 0x04467000 0x00021000 "\SystemRoot\system32\DRIVERS\raspptp.sys"
.\debug.cpp(256) : 0x04488000 0x0001a000 "\SystemRoot\system32\DRIVERS\rassstp.sys"
.\debug.cpp(256) : 0x0baaa000 0x0000b000 "\SystemRoot\system32\DRIVERS\rdpbus.sys"
.\debug.cpp(256) : 0x0b1e7000 0x0000f000 "\SystemRoot\system32\DRIVERS\VClone.sys"
.\debug.cpp(256) : 0x0459f000 0x0002f000 "\SystemRoot\system32\DRIVERS\SCSIPORT.SYS"
.\debug.cpp(256) : 0x0b000000 0x0000e000 "\SystemRoot\system32\DRIVERS\psadd.sys"
.\debug.cpp(256) : 0x0bab5000 0x00002000 "\SystemRoot\system32\DRIVERS\swenum.sys"
.\debug.cpp(256) : 0x00fb8000 0x00043000 "\SystemRoot\system32\DRIVERS\ks.sys"
.\debug.cpp(256) : 0x045ce000 0x0000c000 "\SystemRoot\system32\DRIVERS\iwdbus.sys"
.\debug.cpp(256) : 0x045da000 0x00012000 "\SystemRoot\system32\DRIVERS\umbus.sys"
.\debug.cpp(256) : 0x05856000 0x0005a000 "\SystemRoot\system32\DRIVERS\usbhub.sys"
.\debug.cpp(256) : 0x058b0000 0x00015000 "\SystemRoot\System32\Drivers\NDProxy.SYS"
.\debug.cpp(256) : 0x07422000 0x0018e000 "\SystemRoot\system32\drivers\CHDRT64.sys"
.\debug.cpp(256) : 0x075b0000 0x0003d000 "\SystemRoot\system32\drivers\portcls.sys"
.\debug.cpp(256) : 0x07400000 0x00022000 "\SystemRoot\system32\drivers\drmk.sys"
.\debug.cpp(256) : 0x075ed000 0x00006000 "\SystemRoot\system32\drivers\ksthunk.sys"
.\debug.cpp(256) : 0x058c5000 0x00053000 "\SystemRoot\system32\DRIVERS\IntcDAud.sys"
.\debug.cpp(256) : 0x05918000 0x0001d000 "\SystemRoot\system32\DRIVERS\usbccgp.sys"
.\debug.cpp(256) : 0x05935000 0x00029000 "\SystemRoot\system32\DRIVERS\5U877.sys"
.\debug.cpp(256) : 0x0595e000 0x00011000 "\SystemRoot\system32\DRIVERS\STREAM.SYS"
.\debug.cpp(256) : 0x00020000 0x00316000 "\SystemRoot\System32\win32k.sys"
.\debug.cpp(256) : 0x075f3000 0x0000c000 "\SystemRoot\System32\drivers\Dxapi.sys"
.\debug.cpp(256) : 0x0596f000 0x0000e000 "\SystemRoot\System32\Drivers\crashdmp.sys"
.\debug.cpp(256) : 0x02e97000 0x00154000 "\SystemRoot\System32\Drivers\dump_iaStor.sys"
.\debug.cpp(256) : 0x0597d000 0x00013000 "\SystemRoot\System32\Drivers\dump_dumpfve.sys"
.\debug.cpp(256) : 0x05990000 0x0000e000 "\SystemRoot\system32\DRIVERS\hidusb.sys"
.\debug.cpp(256) : 0x0599e000 0x00019000 "\SystemRoot\system32\DRIVERS\HIDCLASS.SYS"
.\debug.cpp(256) : 0x059b7000 0x00009000 "\SystemRoot\system32\DRIVERS\HIDPARSE.SYS"
.\debug.cpp(256) : 0x059c0000 0x0000d000 "\SystemRoot\system32\DRIVERS\mouhid.sys"
.\debug.cpp(256) : 0x02605000 0x002f0000 "\SystemRoot\system32\DRIVERS\btwampfl.sys"
.\debug.cpp(256) : 0x028f5000 0x00018000 "\SystemRoot\System32\Drivers\BTHUSB.sys"
.\debug.cpp(256) : 0x0290d000 0x0008c000 "\SystemRoot\System32\Drivers\bthport.sys"
.\debug.cpp(256) : 0x02999000 0x0000e000 "\SystemRoot\system32\DRIVERS\monitor.sys"
.\debug.cpp(256) : 0x00410000 0x0000a000 "\SystemRoot\System32\TSDDD.dll"
.\debug.cpp(256) : 0x006b0000 0x00027000 "\SystemRoot\System32\cdd.dll"
.\debug.cpp(256) : 0x029a7000 0x0002c000 "\SystemRoot\system32\DRIVERS\rfcomm.sys"
.\debug.cpp(256) : 0x029d3000 0x00010000 "\SystemRoot\system32\drivers\BthEnum.sys"
.\debug.cpp(256) : 0x05836000 0x00020000 "\SystemRoot\system32\DRIVERS\bthpan.sys"
.\debug.cpp(256) : 0x029e3000 0x00017000 "\SystemRoot\system32\DRIVERS\bthmodem.sys"
.\debug.cpp(256) : 0x059cd000 0x0000f000 "\SystemRoot\system32\drivers\modem.sys"
.\debug.cpp(256) : 0x02a9f000 0x00084000 "\SystemRoot\system32\drivers\btwavdt.sys"
.\debug.cpp(256) : 0x02b23000 0x00094000 "\SystemRoot\system32\drivers\btwaudio.sys"
.\debug.cpp(256) : 0x02bb7000 0x0000e000 "\SystemRoot\system32\DRIVERS\btwl2cap.sys"
.\debug.cpp(256) : 0x02bc5000 0x00004000 "\SystemRoot\system32\DRIVERS\btwrchid.sys"
.\debug.cpp(256) : 0x02bc9000 0x00023000 "\SystemRoot\system32\drivers\luafv.sys"
.\debug.cpp(256) : 0x02bec000 0x0000a000 "\??\C:\Windows\system32\drivers\mbam.sys"
.\debug.cpp(256) : 0x02bf6000 0x00007000 "\??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys"
.\debug.cpp(256) : 0x02a00000 0x00019000 "\SystemRoot\system32\drivers\WudfPf.sys"
.\debug.cpp(256) : 0x02a19000 0x00011000 "\SystemRoot\system32\DRIVERS\WinUSB.sys"
.\debug.cpp(256) : 0x02a2a000 0x00036000 "\SystemRoot\system32\DRIVERS\WUDFRd.sys"
.\debug.cpp(256) : 0x02a60000 0x00015000 "\SystemRoot\system32\DRIVERS\lltdio.sys"
.\debug.cpp(256) : 0x076dc000 0x00053000 "\SystemRoot\system32\DRIVERS\nwifi.sys"
.\debug.cpp(256) : 0x0772f000 0x00013000 "\SystemRoot\system32\DRIVERS\ndisuio.sys"
.\debug.cpp(256) : 0x07742000 0x00018000 "\SystemRoot\system32\DRIVERS\rspndr.sys"
.\debug.cpp(256) : 0x07600000 0x000c9000 "\SystemRoot\system32\drivers\HTTP.sys"
.\debug.cpp(256) : 0x0775a000 0x0001e000 "\SystemRoot\system32\DRIVERS\bowser.sys"
.\debug.cpp(256) : 0x07778000 0x00018000 "\SystemRoot\System32\drivers\mpsdrv.sys"
.\debug.cpp(256) : 0x07790000 0x0002d000 "\SystemRoot\system32\DRIVERS\mrxsmb.sys"
.\debug.cpp(256) : 0x07af4000 0x0004e000 "\SystemRoot\system32\DRIVERS\mrxsmb10.sys"
.\debug.cpp(256) : 0x07b42000 0x00024000 "\SystemRoot\system32\DRIVERS\mrxsmb20.sys"
.\debug.cpp(256) : 0x07b66000 0x0000a000 "\SystemRoot\system32\DRIVERS\vwifimp.sys"
.\debug.cpp(256) : 0x07b70000 0x00021000 "\SystemRoot\system32\DRIVERS\NisDrvWFP.sys"
.\debug.cpp(256) : 0x07a00000 0x000a6000 "\SystemRoot\system32\drivers\peauth.sys"
.\debug.cpp(256) : 0x07aa6000 0x0000b000 "\SystemRoot\System32\Drivers\secdrv.SYS"
.\debug.cpp(256) : 0x07ab1000 0x00031000 "\SystemRoot\System32\DRIVERS\srvnet.sys"
.\debug.cpp(256) : 0x07ae2000 0x00012000 "\SystemRoot\System32\drivers\tcpipreg.sys"
.\debug.cpp(256) : 0x07b91000 0x00069000 "\SystemRoot\System32\DRIVERS\srv2.sys"
.\debug.cpp(256) : 0x086e7000 0x00098000 "\SystemRoot\System32\DRIVERS\srv.sys"
.\debug.cpp(256) : 0x0877f000 0x00071000 "\SystemRoot\system32\drivers\spsys.sys"
.\debug.cpp(256) : 0x76cd0000 0x001a9000 "\Windows\System32\ntdll.dll"
.\debug.cpp(256) : 0x479c0000 0x00020000 "\Windows\System32\smss.exe"
.\debug.cpp(256) : 0xfeff0000 0x00050000 "\Windows\System32\apisetschema.dll"
.\debug.cpp(256) : 0xffb60000 0x000c1000 "\Windows\System32\autochk.exe"
.\debug.cpp(256) : 0xfe250000 0x00d88000 "\Windows\System32\shell32.dll"
.\debug.cpp(256) : 0xfe240000 0x00008000 "\Windows\System32\nsi.dll"
.\debug.cpp(256) : 0xfe030000 0x00203000 "\Windows\System32\ole32.dll"
.\debug.cpp(256) : 0xfdfc0000 0x00067000 "\Windows\System32\gdi32.dll"
.\debug.cpp(256) : 0xfdf60000 0x00052000 "\Windows\System32\Wldap32.dll"
.\debug.cpp(256) : 0xfdf50000 0x0000e000 "\Windows\System32\lpk.dll"
.\debug.cpp(256) : 0xfdeb0000 0x00099000 "\Windows\System32\clbcatq.dll"
.\debug.cpp(256) : 0xfde10000 0x00097000 "\Windows\System32\comdlg32.dll"
.\debug.cpp(256) : 0xfdde0000 0x0002e000 "\Windows\System32\imm32.dll"
.\debug.cpp(256) : 0x76bd0000 0x000fa000 "\Windows\System32\user32.dll"
.\debug.cpp(256) : 0x76ea0000 0x00003000 "\Windows\System32\normaliz.dll"
.\debug.cpp(256) : 0xfdcb0000 0x0012d000 "\Windows\System32\rpcrt4.dll"
.\debug.cpp(256) : 0x76ab0000 0x0011f000 "\Windows\System32\kernel32.dll"
.\debug.cpp(256) : 0xfdbe0000 0x000c9000 "\Windows\System32\usp10.dll"
.\debug.cpp(256) : 0xfdb90000 0x0004d000 "\Windows\System32\ws2_32.dll"
.\debug.cpp(256) : 0x76960000 0x0014d000 "\Windows\System32\urlmon.dll"
.\debug.cpp(256) : 0x76800000 0x0015b000 "\Windows\System32\wininet.dll"
.\debug.cpp(256) : 0xfda80000 0x00109000 "\Windows\System32\msctf.dll"
.\debug.cpp(256) : 0xfd9a0000 0x000db000 "\Windows\System32\advapi32.dll"
.\debug.cpp(256) : 0x765f0000 0x0020f000 "\Windows\System32\iertutil.dll"
.\debug.cpp(256) : 0xfd920000 0x00071000 "\Windows\System32\shlwapi.dll"
.\debug.cpp(256) : 0xfd900000 0x0001f000 "\Windows\System32\sechost.dll"
.\debug.cpp(256) : 0xfd8e0000 0x00019000 "\Windows\System32\imagehlp.dll"
.\debug.cpp(256) : 0xfd700000 0x001d7000 "\Windows\System32\setupapi.dll"
.\debug.cpp(256) : 0xfd680000 0x00080000 "\Windows\System32\difxapi.dll"
.\debug.cpp(256) : 0xfd5e0000 0x0009f000 "\Windows\System32\msvcrt.dll"
.\debug.cpp(256) : 0x76e90000 0x00007000 "\Windows\System32\psapi.dll"
.\debug.cpp(256) : 0xfd500000 0x000d7000 "\Windows\System32\oleaut32.dll"
.\debug.cpp(256) : 0xfd4e0000 0x0001a000 "\Windows\System32\devobj.dll"
.\debug.cpp(256) : 0xfd440000 0x000a0000 "\Windows\System32\comctl32.dll"
.\debug.cpp(256) : 0xfd3d0000 0x0006b000 "\Windows\System32\KernelBase.dll"
.\debug.cpp(256) : 0xfd390000 0x00039000 "\Windows\System32\wintrust.dll"
.\debug.cpp(256) : 0xfd350000 0x00036000 "\Windows\System32\cfgmgr32.dll"
.\debug.cpp(256) : 0xfd1e0000 0x0016a000 "\Windows\System32\crypt32.dll"
.\debug.cpp(256) : 0xfd1d0000 0x0000f000 "\Windows\System32\msasn1.dll"
.\debug.cpp(256) : 0x74790000 0x00003000 "\Windows\SysWOW64\normaliz.dll"
.\debug.cpp(263) : **********************************************
.\debug.cpp(307) : *** [ DEVICE OBJECTS INFORMATION ] ***********
.\debug.cpp(308) : **********************************************
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\D:"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive0"
.\debug.cpp(400) : Destination "\Device\Harddisk0\DR0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MBAMProtector"
.\debug.cpp(400) : Destination "\Device\MBAMProtector"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0A#0#{72631e54-78a4-11d0-bcf7-00aa00b7b32a}"
.\debug.cpp(400) : Destination "\Device\0000006e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VDRVROOT"
.\debug.cpp(400) : Destination "\Device\00000052"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Shockpf0"
.\debug.cpp(400) : Destination "\Device\Shockpf0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PsaDev"
.\debug.cpp(400) : Destination "\Device\PsaDD0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000043"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY5"
.\debug.cpp(400) : Destination "\Device\Video4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\TPPWRIF"
.\debug.cpp(400) : Destination "\Device\TPPWRIF"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY1"
.\debug.cpp(400) : Destination "\Device\Video0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{97ebaacb-95bd-11d0-a3ea-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000004f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_0458&PID_003A#6&2dd73fe0&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#*TEREDO#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000005"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_SSTPMINIPORT#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000049"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_Intel64_Family_6_Model_42_-________Intel(R)_Core(TM)_i5-2450M_CPU_@_2.50GHz#_4#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\0000005b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WUDFLpcDevice"
.\debug.cpp(400) : Destination "\Device\WUDFLpcDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\E:"
.\debug.cpp(400) : Destination "\Device\CdRom2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Psched"
.\debug.cpp(400) : Destination "\Device\Psched"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY#SEC3052#4&10bf4e25&0&UID67568640#{e6f07b5f-ee97-4a90-b076-33f57bf4eaa7}"
.\debug.cpp(400) : Destination "\Device\00000082"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\0000004c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#FixedButton#2&daba3ff&4#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\00000060"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10EC&DEV_8168&SUBSYS_21E217AA&REV_06#4&2fa67935&0&00E1#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0014"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIPV6#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000046"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{cf1dda2c-9743-11d0-a3ee-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000004f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_Intel64_Family_6_Model_42_-________Intel(R)_Core(TM)_i5-2450M_CPU_@_2.50GHz#_3#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\0000005a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ndisuio"
.\debug.cpp(400) : Destination "\Device\Ndisuio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AscKmd"
.\debug.cpp(400) : Destination "\Device\AscKmd"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_5986&PID_03B3&MI_00#7&1ae4e42&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000007e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom0"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTHENUM#{24df01a9-3e4f-4c9f-9f66-5aa8ab14f8f4}_LOCALMFG&0000#8&26296fa9&0&000000000000_00000000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000096"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0A#0#{e849804e-c719-43d8-ac88-96b894c191e2}"
.\debug.cpp(400) : Destination "\Device\0000006e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SYNTP"
.\debug.cpp(400) : Destination "\Device\SynTP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UMB#UMB#1&841921d&0&PrinterBusEnumerator#{65a9a6cf-64cd-480b-843e-32c86e1ba19f}"
.\debug.cpp(400) : Destination "\Device\0000009f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{E43D242B-9EAB-4626-A952-46649FBB939A}"
.\debug.cpp(400) : Destination "\Device\NDMP9"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom1"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&1524c08e&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{d038b01c-a9a3-49cb-9ec6-e35f47536a63}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#VID_0458&PID_003A#7&d1287b8&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000081"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\F:"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#ThermalZone#TZS0#{4afa3d51-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10EC&DEV_8168&SUBSYS_21E217AA&REV_06#4&2fa67935&0&00E1#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0014"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000045"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom2"
.\debug.cpp(400) : Destination "\Device\CdRom2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{61800A4B-9D14-4456-926D-AECA1EF14FAD}"
.\debug.cpp(400) : Destination "\Device\NDMP17"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AgileVPN"
.\debug.cpp(400) : Destination "\Device\AgileVPN"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIDataDevice"
.\debug.cpp(400) : Destination "\Device\WMIDataDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NisDrv"
.\debug.cpp(400) : Destination "\Device\NisDrv"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi0:"
.\debug.cpp(400) : Destination "\Device\Ide\iaStor0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD1"
.\debug.cpp(400) : Destination "\Device\USBFDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_Intel64_Family_6_Model_42_-________Intel(R)_Core(TM)_i5-2450M_CPU_@_2.50GHz#_1#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000058"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPSECDOSPDevice"
.\debug.cpp(400) : Destination "\Device\IPSECDOSP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PEAuth"
.\debug.cpp(400) : Destination "\Device\PEAuth"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#VID_0458&PID_003A#7&d1287b8&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\00000081"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY6"
.\debug.cpp(400) : Destination "\Device\Video5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#LEN0023#4&37e667ec&0#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\0000006d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ElbyCDIO"
.\debug.cpp(400) : Destination "\Device\ElbyCDIO"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY2"
.\debug.cpp(400) : Destination "\Device\Video1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HWiNFO32"
.\debug.cpp(400) : Destination "\Device\HWiNFO32"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UNC"
.\debug.cpp(400) : Destination "\Device\Mup"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIP"
.\debug.cpp(400) : Destination "\Device\NDMP11"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_Intel64_Family_6_Model_42_-________Intel(R)_Core(TM)_i5-2450M_CPU_@_2.50GHz#_2#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000059"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\vwififlt"
.\debug.cpp(400) : Destination "\Device\vwififlt"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SPDevice"
.\debug.cpp(400) : Destination "\Device\SPDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#{21c6da40-6dd4-11e1-ba16-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTWAVDT"
.\debug.cpp(400) : Destination "\Device\BTWAVDT"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Harddisk0Partition1"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tcp"
.\debug.cpp(400) : Destination "\Device\Tcp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HostProcess-1be98d33-b4e9-4d03-90fa-56f471391bb8"
.\debug.cpp(400) : Destination "\Device\HostProcess-1be98d33-b4e9-4d03-90fa-56f471391bb8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{5d624f94-8850-40c3-a3fa-a4fd2080baf3}#vwifimp#5&1e32634&0&02#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\0000009e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_ELBY&Prod_CLONEDRIVE&Rev_1.4#1&2afd7d61&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\VClone1Port1Path0Target0Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTWAMPFL"
.\debug.cpp(400) : Destination "\Device\BTWAMPFL"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#ThermalZone#TZS1#{4afa3d51-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000005d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Harddisk0Partition2"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi1:"
.\debug.cpp(400) : Destination "\Device\Scsi\VClone1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{0a4252a0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\0000004f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??

[jaruska]

Tady je log z removeru
2. část

\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{ca89b949-d7bf-48dd-bb06-f40ebc29c5f6}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UMDFCtrlDev-5a35f958-6bdc-11e2-aed4-7ce9d3b401b2"
.\debug.cpp(400) : Destination "\Device\UMDFCtrlDev-5a35f958-6bdc-11e2-aed4-7ce9d3b401b2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LCD"
.\debug.cpp(400) : Destination "\Device\00000082"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ShockMgr"
.\debug.cpp(400) : Destination "\Device\ShockMgr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Harddisk0Partition3"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArp"
.\debug.cpp(400) : Destination "\Device\WANARP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PRN"
.\debug.cpp(400) : Destination "\DosDevices\LPT1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_AGILEVPNMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000042"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000048"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CompositeBattery"
.\debug.cpp(400) : Destination "\Device\CompositeBattery"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{829CAC69-ED20-490A-A79A-C9E6654E330B}"
.\debug.cpp(400) : Destination "\Device\NDMP4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ffbb6e3f-ccfe-4d84-90d9-421418b03a8e}"
.\debug.cpp(400) : Destination "\Device\0000004f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{8b648350-27dd-47af-82da-203c6a3e6f8c}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_8087&PID_0024#5&3174c002&0&1#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{D4EC32FF-7C6F-4A44-8594-7564C63F7970}"
.\debug.cpp(400) : Destination "\Device\NDMP16"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{afce2557-1b5c-11e2-a296-7ce9d3b401b2}"
.\debug.cpp(400) : Destination "\Device\CdRom1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3c0d501a-140b-11d1-b40f-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000004f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_KBD#0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\0000004b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{5d624f94-8850-40c3-a3fa-a4fd2080baf3}#vwifimp#5&1e32634&0&02#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000009e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MountPointManager"
.\debug.cpp(400) : Destination "\Device\MountPointManager"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_0A5C&PID_217F#7CE9D3B401B2#{0850302a-b344-4fda-9be9-90576b8d46f0}"
.\debug.cpp(400) : Destination "\Device\USBPDO-7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IWDBusDriver"
.\debug.cpp(400) : Destination "\Device\00000050"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{8E301A52-AFFA-4F49-B9CA-C79096A1A056}"
.\debug.cpp(400) : Destination "\Device\NDMP13"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PHCORE"
.\debug.cpp(400) : Destination "\Device\PHCORE"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UMDFCtrlDev-5a35f957-6bdc-11e2-aed4-7ce9d3b401b2"
.\debug.cpp(400) : Destination "\Device\UMDFCtrlDev-5a35f957-6bdc-11e2-aed4-7ce9d3b401b2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomOptiarc_DVD_RW_AD-7740H_________________A841____#4&38c96480&0&0.1.0#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IAAStorageDevice-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIAdminDevice"
.\debug.cpp(400) : Destination "\Device\WMIAdminDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_1C2D&SUBSYS_21E217AA&REV_04#3&11583659&0&D0#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0003"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_1C26&SUBSYS_21E217AA&REV_04#3&11583659&0&E8#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0010"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000043"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000047"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY#SEC3052#4&10bf4e25&0&UID67568640#{866519b5-3f07-4c97-b7df-24c5d8a8ccb8}"
.\debug.cpp(400) : Destination "\Device\00000082"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{5d624f94-8850-40c3-a3fa-a4fd2080baf3}#vwifimp#5&1e32634&0&01#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\0000009d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_1C03&SUBSYS_21E217AA&REV_04#3&11583659&0&FA#{2accfe60-c130-11d2-b082-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0012"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#*TEREDO#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000005"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANBH#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000044"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000045"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTHENUM#{24df01a9-3e4f-4c9f-9f66-5aa8ab14f8f4}_LOCALMFG&0000#8&26296fa9&0&000000000000_00000000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000096"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HostProcess-cd4d7d4c-3dee-4dab-bd27-04fb66e6d1c9"
.\debug.cpp(400) : Destination "\Device\HostProcess-cd4d7d4c-3dee-4dab-bd27-04fb66e6d1c9"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Global"
.\debug.cpp(400) : Destination "\GLOBAL??"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{4A7E5250-3EE5-4109-865F-D7713EF57F30}"
.\debug.cpp(400) : Destination "\Device\NDMP6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LOG:"
.\debug.cpp(400) : Destination "\clfs"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0D#2&daba3ff&4#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\00000057"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY3"
.\debug.cpp(400) : Destination "\Device\Video2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTHENUM#{24df01a9-3e4f-4c9f-9f66-5aa8ab14f8f4}_LOCALMFG&0000#8&26296fa9&0&000000000000_00000000#{f5725d06-daf7-4170-a7d9-bc5117201fac}"
.\debug.cpp(400) : Destination "\Device\00000096"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgrMsg"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgrMsg"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\nativewifip"
.\debug.cpp(400) : Destination "\Device\nativewifip"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{44865dfa-774d-4b2d-a8e4-43c6765a9bdb}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{B6AA6E95-881B-4C55-9D98-120739CE19FE}"
.\debug.cpp(400) : Destination "\Device\NDMP5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTHENUM#{00001103-0000-1000-8000-00805f9b34fb}_VID&00010001_PID&0129#8&2c0e1f54&0&782EEF925C8E_C0000000d#{2c7089aa-2e0e-11d1-b114-00c04fc2aae4}"
.\debug.cpp(400) : Destination "\Device\BthModem0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#vdrvroot#0000#{2e34d650-5819-42ca-84ae-d30803bae505}"
.\debug.cpp(400) : Destination "\Device\00000052"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgr"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HostProcess-b12a8cdd-0241-4194-a9d7-06f8c388d428"
.\debug.cpp(400) : Destination "\Device\HostProcess-b12a8cdd-0241-4194-a9d7-06f8c388d428"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_0126&SUBSYS_21E217AA&REV_09#3&11583659&0&10#{1ca05180-a699-450a-9a0c-de4fbe3ddd89}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0001"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FtControl"
.\debug.cpp(400) : Destination "\Device\VolMgrControl"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HarddiskVolume1"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANBH"
.\debug.cpp(400) : Destination "\Device\NDMP10"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SCSIADAPTER#0000#{2accfe60-c130-11d2-b082-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\0000004d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_0084&SUBSYS_13158086&REV_00#4&2b231192&0&00E3#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0016"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WwanProt"
.\debug.cpp(400) : Destination "\Device\WwanProt"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MAILSLOT"
.\debug.cpp(400) : Destination "\Device\MailSlot"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BthPan"
.\debug.cpp(400) : Destination "\Device\BthPan"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VolMgrControl"
.\debug.cpp(400) : Destination "\Device\VolMgrControl"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#volmgr#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\00000053"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HarddiskVolume2"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArpV6"
.\debug.cpp(400) : Destination "\Device\WANARPV6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000047"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{a265f694-adb4-4205-a43c-19da17ef25e6}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_0126&SUBSYS_21E217AA&REV_09#3&11583659&0&10#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0001"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskHITACHI_HTS727550A9E364_________________JF3ZD0H0#4&38c96480&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IAAStorageDevice-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{D964720B-B01C-4F78-BCB4-8A867DF4298F}"
.\debug.cpp(400) : Destination "\Device\NDMP18"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Nsi"
.\debug.cpp(400) : Destination "\Device\Nsi"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HarddiskVolume3"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fsWrap"
.\debug.cpp(400) : Destination "\Device\FsWrap"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1180&DEV_E823&SUBSYS_21E217AA&REV_04#4&200f18d5&0&00E2#{ba39d8e2-30c9-11d4-b3cd-d916bda91711}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0015"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{9c12192f-815f-4229-9fdf-87019132fc38}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTHENUM#{00001103-0000-1000-8000-00805f9b34fb}_VID&00010001_PID&0129#8&2c0e1f54&0&782EEF925C8E_C0000000d#{86e0d1e0-8089-11d0-9ce4-08003e301f73}"
.\debug.cpp(400) : Destination "\Device\BthModem0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_147E&PID_1002#6&2dd73fe0&0&3#{e2b5183a-99ea-4cc3-ad6b-80ca8d715b80}"
.\debug.cpp(400) : Destination "\Device\USBPDO-6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTHENUM#{6e0c8f4c-d928-4852-b6b2-f0f0e0d126fa}_LOCALMFG&0000#8&26296fa9&0&000000000000_00000000#{560b81a4-6656-4b62-982a-b21e313cfed4}"
.\debug.cpp(400) : Destination "\Device\00000097"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{4747b320-62ce-11cf-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\0000004f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{53172480-4791-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\0000004f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{54c9343c-2a17-42e8-b4fd-9f9da27b94d6}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTHENUM#{24df01a9-3e4f-4c9f-9f66-5aa8ab14f8f4}_LOCALMFG&0000#8&26296fa9&0&000000000000_00000000#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000096"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTHENUM#{24df01a9-3e4f-4c9f-9f66-5aa8ab14f8f4}_LOCALMFG&0000#8&26296fa9&0&000000000000_00000000#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination "\Device\00000096"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#UMBUS#0000#{65a9a6cf-64cd-480b-843e-32c86e1ba19f}"
.\debug.cpp(400) : Destination "\Device\00000051"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{E1635C70-1B55-4B19-BE17-3EB517F11D4E}"
.\debug.cpp(400) : Destination "\Device\NDMP1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{86841137-ed8e-4d97-9975-f2ed56b4430e}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&37e667ec&0#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\0000006c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Secdrv"
.\debug.cpp(400) : Destination "\Device\Secdrv"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&37e667ec&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000006c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NXTIPSECDevice"
.\debug.cpp(400) : Destination "\Device\NXTIPSEC"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SmiHlp"
.\debug.cpp(400) : Destination "\Device\SmiHlp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_1C3A&SUBSYS_21E217AA&REV_04#3&11583659&0&B0#{e2d1ff34-3458-49a9-88da-8e6915ce9be5}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#{21c6da40-6dd4-11e1-ba16-806e6f6e6963}#000000005DD00000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\TeredoTun"
.\debug.cpp(400) : Destination "\Device\TeredoTun"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{29898C9D-B0A4-4FEF-BDB6-57A562022CEE}"
.\debug.cpp(400) : Destination "\Device\NDMP8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{DF4A9D2C-8742-4EB1-8703-D395C4183F33}"
.\debug.cpp(400) : Destination "\Device\NDMP14"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY4"
.\debug.cpp(400) : Destination "\Device\Video3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\COM14"
.\debug.cpp(400) : Destination "\Device\BthModem0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTH#MS_BTHPAN#7&3b5cb1d9&1&2#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000085"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SstpDrv"
.\debug.cpp(400) : Destination "\Device\SstpDrv"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_ELBY&Prod_CLONEDRIVE&Rev_1.4#1&2afd7d61&0&000100#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\VClone1Port1Path0Target1Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_ELBY&Prod_CLONEDRIVE&Rev_1.4#1&2afd7d61&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\VClone1Port1Path0Target0Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#*ISATAP#0003#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000004"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{71F897D7-EB7C-4D8D-89DB-AC80D9DD2270}"
.\debug.cpp(400) : Destination "\Device\NDMP15"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_0084&SUBSYS_13158086&REV_00#4&2b231192&0&00E3#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0016"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WFPDev"
.\debug.cpp(400) : Destination "\Device\WFP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{fe6a0553-1d9c-11e2-a562-7ce9d3b401b2}"
.\debug.cpp(400) : Destination "\Device\CdRom2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IBMPmDrv"
.\debug.cpp(400) : Destination "\Device\PMDRV"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDIS"
.\debug.cpp(400) : Destination "\Device\Ndis"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIPV6#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000046"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000048"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{c8467637-56cf-4993-b5fd-6308e610b278}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ProcessManagement"
.\debug.cpp(400) : Destination "\Device\ProcessManagement"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WfpAle"
.\debug.cpp(400) : Destination "\Device\WfpAle"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MpsDevice"
.\debug.cpp(400) : Destination "\Device\MPS"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PartmgrControl"
.\debug.cpp(400) : Destination "\Device\PartmgrControl"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#*6TO4MP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000001"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANBH#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000044"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{fde32631-415b-44d8-a6ee-e3742dee16a0}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{a8bdfc47-9b46-4bc3-97ea-7d092a5c1b72}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_0084&SUBSYS_13158086&REV_00#4&2b231192&0&00E3#{435b6226-1dcc-43b3-887e-217dbaa27ba3}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0016"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PIPE"
.\debug.cpp(400) : Destination "\Device\NamedPipe"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\GLOBALROOT"
.\debug.cpp(400) : Destination ""
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_AGILEVPNMINIPORT#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000042"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&1a313dd4&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Nokia C7-00 Bluetooth Modem #7"
.\debug.cpp(400) : Destination "\Device\BthModem0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTH#MS_BTHPAN#7&3b5cb1d9&1&2#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000085"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HostProcess-b9a21fec-da1b-4f80-99dc-89767e438501"
.\debug.cpp(400) : Destination "\Device\HostProcess-b9a21fec-da1b-4f80-99dc-89767e438501"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_147E&PID_1002#6&2dd73fe0&0&3#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\C:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{614F1BC4-5026-4228-BAA2-028217FD085E}"
.\debug.cpp(400) : Destination "\Device\NDMP7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AUX"
.\debug.cpp(400) : Destination "\DosDevices\COM1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIPV6"
.\debug.cpp(400) : Destination "\Device\NDMP12"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000004f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{2ccc3b44-6dd1-11e1-8bb3-806e6f6e6963}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomOptiarc_DVD_RW_AD-7740H_________________A841____#4&38c96480&0&0.1.0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IAAStorageDevice-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\TrueCrypt"
.\debug.cpp(400) : Destination "\Device\TrueCrypt"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NUL"
.\debug.cpp(400) : Destination "\Device\Null"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#*6TO4MP#0000#{cac88484-7515-4c03-82e6-71a87abac361}"
.\debug.cpp(400) : Destination "\Device\00000001"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#*ISATAP#0003#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000004"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_14F1&DEV_506E&SUBSYS_17AA21E2&REV_1000#4&d806a8a&0&0001#{a06a9406-4e0b-4972-a3f2-b7d0031701b1}"
.\debug.cpp(400) : Destination "\Device\00000074"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_0A5C&PID_217F#7CE9D3B401B2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{5d624f94-8850-40c3-a3fa-a4fd2080baf3}#vwifimp#5&1e32634&0&01#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000009d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{2ccc3b45-6dd1-11e1-8bb3-806e6f6e6963}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{2ccc3b46-6dd1-11e1-8bb3-806e6f6e6963}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{21c6da4e-6dd4-11e1-ba16-806e6f6e6963}"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_5986&PID_03B3&MI_00#7&1ae4e42&0&0000#{6994ad05-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000007e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#{21c6da40-6dd4-11e1-ba16-806e6f6e6963}#0000007088B00000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\lenovo.smi"
.\debug.cpp(400) : Destination "\Device\lenovo.smi"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SCSI#CdRom&Ven_ELBY&Prod_CLONEDRIVE&Rev_1.4#1&2afd7d61&0&000100#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Scsi\VClone1Port1Path0Target1Lun0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD0"
.\debug.cpp(400) : Destination "\Device\USBFDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_SSTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000049"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8086&DEV_2805&SUBSYS_80860101&REV_1000#4&d806a8a&0&0301#{86841137-ed8e-4d97-9975-f2ed56b4430e}"
.\debug.cpp(400) : Destination "\Device\00000075"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_8087&PID_0024#5&2ada7dce&0&1#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#VID_5986&PID_03B3#6&323dd30&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NdisWan"
.\debug.cpp(400) : Destination "\Device\NdisWan"
.\debug.cpp(409) : --
.\debug.cpp(453) : **********************************************
.\boot_cleaner.cpp(565) : System volume is \\.\C:
.\boot_cleaner.cpp(600) : \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000
.\boot_cleaner.cpp(1061) :
.\boot_cleaner.cpp(1062) : Size Device Name MBR Status
.\boot_cleaner.cpp(1063) : --------------------------------------------
.\boot_cleaner.cpp(1107) : 465 GB \\.\PhysicalDrive0 Controlled by rootkit!
.\boot_cleaner.cpp(1113) :
.\boot_cleaner.cpp(1136) : Boot code on some of your physical disks is hidden by a rootkit.
.\boot_cleaner.cpp(1138) : To disinfect the master boot sector, use the following command:
.\boot_cleaner.cpp(1139) : remover.exe fix <device_name>
.\boot_cleaner.cpp(1143) : To inspect the boot code manually, dump the master boot sector:
.\boot_cleaner.cpp(1144) : remover.exe dump <device_name> [output_file]
.\boot_cleaner.cpp(1147) :
.\boot_cleaner.cpp(1152) : Done;

[jaro3]

1. složka C:\System Volume Information - hláška "Přístup odepřen", vlastnosti viz screen 1

Převzetí práv ke složkám a souborům

Pravým klik na soubor (složku) , vybrat Vlastnosti.
Záložka Zabezpečení—klik na Pokračovat----klik na svůj účet (jméno účtu) , pokud není , tak na Další skupiny a uživatelé----označit svůj účet a klik na Použít---odkliknout zprávu—OK---OK.
Na záložce Zabezpečení klik na Upřesnit----záložka Oprávnění-----klik na Změnit oprávnění----klik na Přidat----vepsat svůj účet (jméno účtu)----OK----v dalším okně dát zatržítka ve sloupci Povolit , kromě úplného řízení---OK----na záložce Oprávnění , která se hned ukáže klik na Použít a potom na OK—Ok—Ok.

Fajn , nyní udělej ten script z minulé stránky v OTL.

[jaruska]

ještě požadovaný log z aswMBR

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-31 21:13:05
-----------------------------
21:13:05.950 OS Version: Windows x64 6.1.7601 Service Pack 1
21:13:05.950 Number of processors: 4 586 0x2A07
21:13:05.950 ComputerName: ADMIN UserName:
21:13:07.213 Initialize success
21:13:22.142 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:13:22.142 Disk 0 Vendor: HITACHI_ JF3Z Size: 476940MB BusType: 3
21:13:22.174 Disk 0 MBR read successfully
21:13:22.174 Disk 0 MBR scan
21:13:22.189 Disk 0 unknown MBR code
21:13:22.205 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048
21:13:22.220 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459438 MB offset 3074048
21:13:22.252 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16000 MB offset 944003072
21:13:22.283 Disk 0 scanning C:\Windows\system32\drivers
21:13:28.070 Service scanning
21:13:45.469 Modules scanning
21:13:45.485 Disk 0 trace - called modules:
21:13:45.485
21:13:45.501 Scan finished successfully
21:13:55.672 Disk 0 MBR has been saved successfully to "C:\Users\Uzivatel\Desktop\MBR.dat"
21:13:55.672 The log file has been saved successfully to "C:\Users\Uzivatel\Desktop\aswMBR.txt"

[jaro3]

Je OK.

Ještě s tím scriptem OTL.

[jaruska]

Po skenu OTL se vytvořily dva soubory txt.
OTL.txt a Extras.txt. Mám sem vložit oba?

[jaro3]

Ano , oba sem vlož.

[jaruska]

OTL 1. část

OTL logfile created on: 31.1.2013 21:33:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Uzivatel\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 63,06% Memory free
7,82 Gb Paging File | 6,01 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,67 Gb Total Space | 338,60 Gb Free Space | 75,47% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: Uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.01.31 21:31:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Uzivatel\Desktop\OTL.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.08.28 07:41:08 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.05.11 16:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2012.04.18 23:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
PRC - [2012.01.23 02:06:00 | 000,064,576 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2011.12.21 08:25:02 | 000,065,336 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2011.11.04 07:37:18 | 000,330,304 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011.10.20 11:09:32 | 000,363,584 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2011.10.20 11:09:18 | 000,269,376 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
PRC - [2011.10.20 11:09:16 | 000,134,208 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2011.09.01 18:27:08 | 000,446,800 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
PRC - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2011.07.12 08:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011.05.31 18:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2011.05.31 18:48:34 | 000,040,808 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2011.05.31 18:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2011.05.25 22:21:32 | 000,281,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
PRC - [2011.02.24 08:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011.02.22 04:19:12 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.22 04:19:08 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.07 04:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2010.10.27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.03.11 22:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.10.15 10:13:50 | 000,136,192 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe


========== Modules (No Company Name) ==========

MOD - [2010.04.06 17:05:16 | 002,085,888 | ---- | M] () -- C:\Program Files\Lenovo\AutoLock\cv210.dll
MOD - [2010.04.06 17:04:06 | 002,201,088 | ---- | M] () -- C:\Program Files\Lenovo\AutoLock\cxcore210.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.10.03 15:42:10 | 000,117,760 | ---- | M] (Dassault Systèmes) [Auto | Running] -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe -- (DraftSight API Service)
SRV:64bit: - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.11.18 11:10:40 | 000,144,448 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:64bit: - [2011.11.01 12:37:56 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.11.01 12:25:42 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.11.01 12:22:28 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011.10.17 14:48:24 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011.08.11 03:20:42 | 000,045,928 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2011.07.12 08:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2011.07.12 08:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2011.07.12 08:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2011.05.31 18:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2011.05.31 18:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2011.03.30 03:15:36 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2010.12.16 23:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.04.30 02:10:40 | 000,127,800 | R--- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.01.09 11:58:35 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.09 11:36:40 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.03 14:51:04 | 000,725,400 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.08.28 07:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.05.11 16:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2012.04.18 23:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2012.04.07 02:57:45 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.01.23 02:06:00 | 000,175,168 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2012.01.23 02:06:00 | 000,089,152 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2011.10.20 11:09:18 | 000,269,376 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2011.10.20 11:09:16 | 000,134,208 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2011.09.01 18:27:08 | 000,446,800 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe -- (SROSVC)
SRV - [2011.02.24 08:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011.02.22 04:19:12 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.22 04:19:08 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.07 04:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.11 22:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.10.15 10:13:50 | 000,136,192 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.01.01 19:06:54 | 000,029,672 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudobex.sys -- (ssudobex)
DRV:64bit: - [2012.09.20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.09.20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.08.03 19:34:28 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2012.06.27 14:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.06.11 13:17:44 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.06.11 13:17:44 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.06.11 13:17:44 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.06.11 13:17:44 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.03.14 13:25:37 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.03.14 13:25:37 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.23 02:06:00 | 000,014,960 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2011.12.27 02:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2011.12.23 12:30:56 | 000,412,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.10.31 14:57:50 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.10.17 15:24:50 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011.10.17 15:24:44 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.10.17 15:24:44 | 000,146,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.10.17 15:24:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.10.17 15:24:44 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011.09.01 02:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.08.19 06:20:36 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.08.11 03:20:42 | 000,039,024 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2011.07.08 16:53:24 | 000,032,104 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:64bit: - [2011.06.21 23:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.06.21 23:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.05.30 17:21:40 | 000,013,128 | ---- | M] (Authentec Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp2)
DRV:64bit: - [2011.05.26 01:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2011.03.30 03:13:40 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2011.03.30 03:11:48 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2011.03.24 07:36:20 | 001,576,064 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.05 02:18:42 | 000,166,016 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2011.01.15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.28 19:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 15:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.19 08:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.07 06:09:36 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2010.04.29 00:49:50 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2010.04.03 09:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=kno&ir ... 1190233474
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=kno&ir=kno&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0D0A0ByE0DtA0A0B0D0AtN0D0Tzu0CtAzytBtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1190233474
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=kno&ir ... 1190233474
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=kno&ir=kno&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0D0A0ByE0DtA0A0B0D0AtN0D0Tzu0CtAzytBtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1190233474

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=kno&ir ... 1190233474
IE - HKCU\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
IE - HKCU\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=kno&ir=kno&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0D0A0ByE0DtA0A0B0D0AtN0D0Tzu0CtAzytBtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1190233474
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Funmoods"
FF - prefs.js..browser.startup.homepage: "http://searchfunmoods.com/?f=1&a=kno&ir=kno&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0D0A0ByE0DtA0A0B0D0AtN0D0Tzu0CtAzytBtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1190233474"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@funmoods.com:1.5.1


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP1X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.12.05 13:38:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.13 13:48:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.08.01 22:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uzivatel\AppData\Roaming\Mozilla\Extensions
[2012.08.01 22:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uzivatel\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2013.01.30 18:58:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\f02gkc6c.default\extensions
[2012.04.08 13:54:38 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\f02gkc6c.default\extensions\2020Player_IKEA@2020Technologies.com
[2013.01.30 18:58:54 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\f02gkc6c.default\extensions\ffxtlbr@funmoods.com
[2012.04.09 09:23:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uzivatel\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5k7j4tla.default\extensions
[2013.01.30 18:58:59 | 000,002,329 | ---- | M] () -- C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\f02gkc6c.default\searchplugins\Funmoods.xml
[2012.11.13 13:48:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.11.13 13:48:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.11.13 13:48:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.11.13 13:48:39 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.13 09:38:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.03.13 09:38:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.03.13 09:38:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.03.13 09:38:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.03.13 09:38:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://searchfunmoods.com/?f=1&a=kno&ir ... 1190233474
CHR - default_search_provider: Funmoods (Enabled)
CHR - default_search_provider: search_url = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=kno&ir=kno&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0D0A0ByE0DtA0A0B0D0AtN0D0Tzu0CtAzytBtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1190233474
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://searchfunmoods.com/?f=1&a=kno&ir ... 1190233474
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Sv\u00E1tky - Jmeniny = C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\acanokghadamaghkbbiclbleblhndfig\1.0_0\
CHR - Extension: Funmoods = C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\1.0_0\
CHR - Extension: Meteopress - p\u0159edpov\u011B\u010F po\u010Das\u00ED = C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcpnncnkejclcjokemijhkikfeojpgno\1.2_0\
CHR - Extension: New Tab = C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\6.0_0\
CHR - Extension: Virtu\u00E1ln\u00ED kl\u00E1vesnice (od Google) = C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\0.9.8.8_0\

O1 HOSTS File: ([2013.01.19 13:46:25 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PSQLLauncher] C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe (Authentec Inc.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab (CryptSignX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.158.128.2 212.158.128.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A7E5250-3EE5-4109-865F-D7713EF57F30}: DhcpNameServer = 172.168.111.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{614F1BC4-5026-4228-BAA2-028217FD085E}: DhcpNameServer = 212.158.128.2 212.158.128.3
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.ACDV - File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013.01.31 21:31:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Uzivatel\Desktop\OTL.exe
[2013.01.31 21:11:09 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Uzivatel\Desktop\aswMBR.exe
[2013.01.31 20:10:25 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Users\Uzivatel\Desktop\boot_cleaner.exe
[2013.01.31 09:19:57 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{0441D02E-73F3-433E-B79D-05BE5635BCF4}
[2013.01.30 18:05:36 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{0B1E3F40-8397-49DE-9EB9-DB957275561A}
[2013.01.30 00:50:23 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{1DD4C00B-772C-45D5-B7BC-9D802D52ACFD}
[2013.01.30 00:47:19 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2013.01.30 00:37:34 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\Diagnostics
[2013.01.27 11:04:04 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{79B108DC-F664-45B6-A447-B6DEC30669D5}
[2013.01.26 20:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.01.26 20:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.01.26 18:39:00 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Roaming\Funmoods
[2013.01.26 18:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Funmoods
[2013.01.26 18:38:49 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\Documents\FotoMorph Data
[2013.01.26 18:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Photo Software
[2013.01.26 18:38:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digital Photo Software
[2013.01.26 16:24:55 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{EC5B291D-D27A-4BBD-8CE3-56F80BB14F59}
[2013.01.25 20:13:56 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{970E4483-7AB5-4E9D-92DF-7ACE0BD7BD4A}
[2013.01.25 09:07:59 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\Desktop\RK_Quarantine
[2013.01.25 08:13:31 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{ED6D535C-79F4-48C4-B6F5-0B19A405F88F}
[2013.01.23 19:37:54 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{370B13E3-ECDC-4010-A041-E6098DCF3E98}
[2013.01.22 20:42:27 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{824BC989-2E10-459F-B696-CF1E7F56E7E5}
[2013.01.21 19:50:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.21 19:42:35 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{98E32374-214A-44AB-881B-F7667EBB53BD}
[2013.01.20 16:45:59 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\Documents\Readiris
[2013.01.20 16:06:11 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{7793DC8D-425C-4F58-8B8B-66960E207FB6}
[2013.01.19 14:09:17 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.19 07:48:57 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\Adobe
[2013.01.19 07:46:13 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{F75FC207-E5CE-476B-B271-5C59A6843C82}
[2013.01.18 15:41:52 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{3079BEB8-4066-41B7-A8F7-8B53A4A33987}
[2013.01.18 10:01:05 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\Broadcom
[2013.01.18 10:00:55 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\ArcSoft
[2013.01.18 09:53:15 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013.01.18 09:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013.01.17 20:43:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\KOTELNA
[2013.01.17 09:16:59 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{31024CF9-2ABD-4DAA-9723-80A7510FDB2B}
[2013.01.16 21:52:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\recuva
[2013.01.16 20:58:57 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{01D43D32-1F84-4E18-90BC-527489BA9D5D}
[2013.01.16 19:51:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.16 19:51:53 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.01.16 19:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.01.16 19:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2013.01.16 19:10:34 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013.01.15 22:54:52 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{4AC65A99-764E-4BD3-B8DE-24D2C44DD96D}
[2013.01.15 12:25:19 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\Wooky_s.r.o
[2013.01.15 11:48:51 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\Mobilbonus
[2013.01.15 09:51:53 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{AD86FB87-4862-47E3-AEF1-B89A024F8E1A}
[2013.01.14 15:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartMorph
[2013.01.14 15:42:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MeeSoft
[2013.01.14 07:55:51 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{0E5664A2-54B2-4AAC-83ED-A9152F2130A9}
[2013.01.13 11:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2013.01.13 10:50:41 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{1FE34710-163A-4569-97D2-41C2DECE566A}
[2013.01.12 12:38:14 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{ABE3B1FA-8371-44B3-8C3D-6EB8015C4A29}
[2013.01.12 10:37:25 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\Documents\Naskenováno
[2013.01.11 22:23:01 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{04E4CE9A-1B7A-4A0F-B63C-673A4ABFF966}
[2013.01.11 16:56:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Visual Basic
[2013.01.11 16:37:36 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\Documents\Bluetooth Exchange Folder
[2013.01.11 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\Documents\ZPS14
[2013.01.11 13:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom DesktopSuite
[2013.01.10 20:30:00 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{47AFE9FC-543E-47F8-91F9-A64B2C1F2424}
[2013.01.10 17:54:25 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2013.01.10 01:22:44 | 000,000,000 | ---D | C] -- C:\antitwined
[2013.01.09 20:26:59 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\DigitalVolcano
[2013.01.09 15:55:43 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{F555198F-33CB-4251-91D4-18538811EBFC}
[2013.01.09 06:11:27 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 06:11:27 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 06:11:14 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 06:11:14 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 06:11:10 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 06:11:10 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 06:11:10 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 06:11:10 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 06:11:10 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 06:11:10 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 06:11:10 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 06:11:10 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 06:11:10 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 06:11:10 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 06:11:10 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 06:11:10 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 06:11:10 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 06:11:10 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 06:11:10 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 06:11:10 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 06:11:10 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 06:11:10 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 06:11:10 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 06:11:10 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 06:11:10 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 06:11:10 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 06:11:09 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 06:11:09 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 06:11:08 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 06:11:08 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 06:11:08 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 06:11:08 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 06:11:08 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 06:11:08 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 06:11:08 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 06:11:08 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs

[jaruska]

OTL 2. část

[2013.01.09 06:10:43 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 06:10:42 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 06:10:41 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 06:10:41 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 06:10:41 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 06:10:41 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 06:10:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 06:10:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 06:10:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 06:10:40 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 06:10:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 06:10:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 06:10:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 06:10:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 06:10:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 06:10:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 06:10:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 06:10:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 06:10:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 06:10:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 06:10:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 06:10:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 06:10:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 06:10:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 06:10:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 06:10:38 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 06:10:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 06:10:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 06:10:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 06:10:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 06:10:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 06:10:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 06:10:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 06:10:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 06:10:25 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.01.08 12:26:15 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{36C193F8-1C50-4C46-876E-B60EAC5F61B7}
[2013.01.07 11:15:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Cíp
[2013.01.07 10:33:26 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{72F01E0C-7867-4E1F-A611-701760330A1D}
[2013.01.06 16:58:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\dwg
[2013.01.06 16:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dassault Systemes
[2013.01.06 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Roaming\DraftSight
[2013.01.06 16:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Dassault Systemes
[2013.01.06 16:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Dassault Systemes
[2013.01.06 14:14:48 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2013.01.06 14:14:29 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\Paint.NET
[2013.01.06 13:01:42 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{53C0B5C2-CFA7-4ED3-B073-D5D5D4A0309F}
[2013.01.06 01:59:39 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\Microsoft_Corporation
[2013.01.06 01:01:17 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{F81E2C88-FB8B-4B42-931D-A96D7B5C56DB}
[2013.01.05 09:26:33 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{23C1FB3D-9ABD-49C4-A52A-3D9B56C47BCF}
[2013.01.04 19:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2013.01.04 19:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2013.01.04 19:13:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2013.01.04 11:45:36 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{91B501E3-D5A5-4A2F-AA42-851405E99996}
[2013.01.03 20:15:26 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{8FA48A65-CBE8-4271-98E9-FCB5814274A3}
[2013.01.03 08:13:24 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{F1B85CA8-809F-4E55-8622-F3F51727FE0E}
[2013.01.02 09:45:54 | 000,000,000 | ---D | C] -- C:\Users\Uzivatel\AppData\Local\{EF82276E-67CD-42EE-9715-100B710C1B26}
[12 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.01.31 21:31:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Uzivatel\Desktop\OTL.exe
[2013.01.31 21:13:55 | 000,000,512 | ---- | M] () -- C:\Users\Uzivatel\Desktop\MBR.dat
[2013.01.31 21:12:18 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Uzivatel\Desktop\aswMBR.exe
[2013.01.31 21:10:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.31 20:35:59 | 000,031,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 20:35:59 | 000,031,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 20:32:51 | 001,770,760 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.31 20:32:51 | 000,735,908 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.31 20:32:51 | 000,721,262 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.31 20:32:51 | 000,166,006 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.31 20:32:51 | 000,146,632 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.31 20:28:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.31 20:28:16 | 3151,417,344 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.31 15:56:47 | 000,929,207 | ---- | M] () -- C:\Users\Uzivatel\Desktop\2013-01-31-388.jpg
[2013.01.31 15:56:24 | 001,017,257 | ---- | M] () -- C:\Users\Uzivatel\Desktop\2013-01-31-387.jpg
[2013.01.30 21:00:48 | 000,084,085 | ---- | M] () -- C:\Users\Uzivatel\Desktop\Bez názvu3.jpg
[2013.01.30 20:02:46 | 000,085,503 | ---- | M] () -- C:\Users\Uzivatel\Desktop\Bez názvu2.jpg
[2013.01.30 19:08:49 | 000,081,453 | ---- | M] () -- C:\Users\Uzivatel\Desktop\Bez názvu.jpg
[2013.01.30 19:03:47 | 000,000,054 | ---- | M] () -- C:\Users\Uzivatel\Desktop\fix.bat
[2013.01.27 16:58:04 | 000,087,951 | ---- | M] () -- C:\Users\Uzivatel\Desktop\Bootkit Remover.jpg
[2013.01.26 20:09:10 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.01.26 18:38:57 | 000,368,102 | ---- | M] () -- C:\Users\Uzivatel\AppData\Local\funmoods-speeddial_sf.crx
[2013.01.26 18:38:57 | 000,031,465 | ---- | M] () -- C:\Users\Uzivatel\AppData\Local\funmoods.crx
[2013.01.21 19:56:24 | 000,766,464 | ---- | M] () -- C:\Users\Uzivatel\Desktop\RogueKiller.exe
[2013.01.20 17:11:33 | 000,000,199 | ---- | M] () -- C:\Windows\Readiris.ini
[2013.01.20 13:48:36 | 000,001,892 | ---- | M] () -- C:\Users\Uzivatel\Desktop\ImgBurn.lnk
[2013.01.19 22:15:52 | 000,575,712 | ---- | M] () -- C:\Users\Public\Documents\letajici_cirkus.pdf
[2013.01.19 13:46:25 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.01.18 09:53:15 | 000,002,991 | ---- | M] () -- C:\Users\Uzivatel\Desktop\HiJackThis.lnk
[2013.01.17 19:26:13 | 000,000,384 | ---- | M] () -- C:\Windows\ODBC.INI
[2013.01.16 19:10:34 | 000,001,279 | ---- | M] () -- C:\Users\Uzivatel\Desktop\Revo Uninstaller.lnk
[2013.01.14 16:01:30 | 000,001,672 | ---- | M] () -- C:\Users\Uzivatel\Desktop\Photoshop – zástupce.lnk
[2013.01.13 11:53:15 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013.01.12 12:27:35 | 000,001,648 | ---- | M] () -- C:\Users\Uzivatel\Desktop\PCSuite – zástupce.lnk
[2013.01.10 08:50:55 | 000,440,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.10 02:15:19 | 001,749,982 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.09 11:58:34 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 11:58:34 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.06 16:09:34 | 000,002,761 | ---- | M] () -- C:\Users\Public\Desktop\DraftSight x64.lnk
[2013.01.06 14:15:01 | 000,001,187 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2013.01.04 19:13:16 | 000,001,304 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013.01.02 20:53:14 | 000,007,597 | ---- | M] () -- C:\Users\Uzivatel\AppData\Local\Resmon.ResmonCfg
[12 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.31 21:13:55 | 000,000,512 | ---- | C] () -- C:\Users\Uzivatel\Desktop\MBR.dat
[2013.01.31 15:57:09 | 001,017,257 | ---- | C] () -- C:\Users\Uzivatel\Desktop\2013-01-31-387.jpg
[2013.01.31 15:57:09 | 000,929,207 | ---- | C] () -- C:\Users\Uzivatel\Desktop\2013-01-31-388.jpg
[2013.01.30 21:00:48 | 000,084,085 | ---- | C] () -- C:\Users\Uzivatel\Desktop\Bez názvu3.jpg
[2013.01.30 20:02:45 | 000,085,503 | ---- | C] () -- C:\Users\Uzivatel\Desktop\Bez názvu2.jpg
[2013.01.30 19:08:49 | 000,081,453 | ---- | C] () -- C:\Users\Uzivatel\Desktop\Bez názvu.jpg
[2013.01.30 19:03:47 | 000,000,054 | ---- | C] () -- C:\Users\Uzivatel\Desktop\fix.bat
[2013.01.27 16:58:03 | 000,087,951 | ---- | C] () -- C:\Users\Uzivatel\Desktop\Bootkit Remover.jpg
[2013.01.26 18:39:00 | 000,368,102 | ---- | C] () -- C:\Users\Uzivatel\AppData\Local\funmoods-speeddial_sf.crx
[2013.01.26 18:39:00 | 000,031,465 | ---- | C] () -- C:\Users\Uzivatel\AppData\Local\funmoods.crx
[2013.01.21 19:56:24 | 000,766,464 | ---- | C] () -- C:\Users\Uzivatel\Desktop\RogueKiller.exe
[2013.01.20 21:48:38 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.01.20 13:48:36 | 000,001,892 | ---- | C] () -- C:\Users\Uzivatel\Desktop\ImgBurn.lnk
[2013.01.19 22:15:52 | 000,575,712 | ---- | C] () -- C:\Users\Public\Documents\letajici_cirkus.pdf
[2013.01.18 09:53:15 | 000,002,991 | ---- | C] () -- C:\Users\Uzivatel\Desktop\HiJackThis.lnk
[2013.01.16 19:10:34 | 000,001,279 | ---- | C] () -- C:\Users\Uzivatel\Desktop\Revo Uninstaller.lnk
[2013.01.14 16:01:30 | 000,001,672 | ---- | C] () -- C:\Users\Uzivatel\Desktop\Photoshop – zástupce.lnk
[2013.01.13 11:53:15 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013.01.12 12:27:35 | 000,001,648 | ---- | C] () -- C:\Users\Uzivatel\Desktop\PCSuite – zástupce.lnk
[2013.01.06 16:09:34 | 000,002,761 | ---- | C] () -- C:\Users\Public\Desktop\DraftSight x64.lnk
[2013.01.06 14:15:01 | 000,001,199 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2013.01.06 14:15:01 | 000,001,187 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2013.01.04 19:13:16 | 000,001,304 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013.01.02 20:53:14 | 000,007,597 | ---- | C] () -- C:\Users\Uzivatel\AppData\Local\Resmon.ResmonCfg
[2012.12.18 07:37:04 | 000,002,100 | ---- | C] () -- C:\Users\Uzivatel\AppData\Local\recently-used.xbel
[2012.12.12 13:10:41 | 000,024,772 | ---- | C] () -- C:\ProgramData\P1210DEF.css
[2012.12.12 13:10:41 | 000,015,270 | ---- | C] () -- C:\ProgramData\P1210OS.HTM
[2012.12.12 13:10:41 | 000,002,944 | ---- | C] () -- C:\ProgramData\P1210SIG.GIF
[2012.11.24 09:40:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2012.11.24 09:36:55 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2012.10.19 12:13:07 | 000,000,117 | ---- | C] () -- C:\Windows\StwGLX.INI
[2012.10.11 21:12:10 | 000,000,199 | ---- | C] () -- C:\Windows\Readiris.ini
[2012.10.01 12:11:35 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2012.10.01 12:08:50 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Automatic Filter
[2012.10.01 12:08:50 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Authentication
[2012.10.01 12:08:50 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Audio Units
[2012.10.01 12:08:50 | 000,000,268 | RH-- | C] () -- C:\Users\Uzivatel\AppData\Roaming\Audio
[2012.10.01 12:08:50 | 000,000,268 | RH-- | C] () -- C:\Users\Uzivatel\AppData\Roaming\Applications
[2012.10.01 12:08:50 | 000,000,268 | RH-- | C] () -- C:\Users\Uzivatel\AppData\Roaming\Application Support
[2012.10.01 12:08:50 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012.10.01 12:08:50 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012.10.01 12:08:50 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012.09.18 10:09:03 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.07.30 14:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.07.30 14:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.07.30 14:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.07.30 14:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.07.28 16:14:30 | 000,001,077 | ---- | C] () -- C:\Users\Uzivatel\Hudba – zástupce.lnk
[2012.07.01 09:42:35 | 000,201,216 | ---- | C] () -- C:\Windows\SysWow64\mediarcpt.dll
[2012.04.13 22:35:15 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.04.13 22:35:12 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.04.11 22:12:16 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.04.07 03:48:54 | 000,046,080 | ---- | C] () -- C:\Windows\tbuninst2.exe
[2012.04.07 03:37:41 | 000,081,920 | R--- | C] () -- C:\Windows\SysWow64\mvusbews.dll
[2012.03.14 13:48:36 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.14 13:48:35 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.03.14 13:48:34 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.03.14 13:39:47 | 001,749,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012.12.11 17:39:49 | 000,012,980 | ---- | M] () -- C:\AdwCleaner[R1].txt
[2012.12.11 20:45:44 | 000,012,248 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2010.11.21 04:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2011.02.15 10:42:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012.11.24 10:03:41 | 000,000,074 | ---- | M] () -- C:\CMLoader.log
[2012.10.06 12:09:26 | 000,000,045 | ---- | M] () -- C:\error.log
[2012.09.15 08:04:21 | 000,021,115 | ---- | M] () -- C:\fftrlog.txt
[2013.01.31 20:28:16 | 3151,417,344 | -HS- | M] () -- C:\hiberfil.sys
[2005.09.23 08:39:38 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2013.01.31 20:28:21 | 4201,889,792 | -HS- | M] () -- C:\pagefile.sys
[2012.03.14 13:36:24 | 000,000,211 | ---- | M] () -- C:\setup.log
[2013.01.26 09:12:28 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.11.0_26.01.2013_09.12.12_log.txt
[2013.01.26 09:14:01 | 000,153,654 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_26.01.2013_09.13.01_log.txt
[2012.05.11 17:04:42 | 000,003,360 | ---- | M] () -- C:\WirelessDiagLog.csv

< %systemroot%\Fonts\*.com >
[2009.07.14 06:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 06:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 06:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 06:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009.06.10 21:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2012.03.08 17:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009.07.14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012.04.06 20:02:09 | 000,000,221 | -HS- | M] () -- C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2013.01.31 21:12:18 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Uzivatel\Desktop\aswMBR.exe
[2011.09.20 03:02:40 | 000,083,968 | ---- | M] (Esage Lab) -- C:\Users\Uzivatel\Desktop\boot_cleaner.exe
[2013.01.31 21:31:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Uzivatel\Desktop\OTL.exe
[2013.01.21 19:56:24 | 000,766,464 | ---- | M] () -- C:\Users\Uzivatel\Desktop\RogueKiller.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2013.01.31 21:10:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.31 20:28:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.11.24 07:11:34 | 000,032,554 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009.06.10 22:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2012.10.01 12:34:25 | 000,000,402 | -HS- | M] () -- C:\Users\Uzivatel\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2012.10.01 12:08:50 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Audio Units
[2012.10.01 12:08:50 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Authentication
[2012.10.01 12:08:50 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Automatic Filter
[2012.11.24 13:29:33 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2010.03.30 10:12:34 | 000,024,772 | ---- | M] () -- C:\ProgramData\P1210DEF.css
[2012.12.12 13:10:41 | 000,015,270 | ---- | M] () -- C:\ProgramData\P1210OS.HTM
[2010.03.30 10:12:34 | 000,002,944 | ---- | M] () -- C:\ProgramData\P1210SIG.GIF

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

[jaruska]

Extras

OTL Extras logfile created on: 31.1.2013 21:33:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Uzivatel\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 63,06% Memory free
7,82 Gb Paging File | 6,01 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,67 Gb Total Space | 338,60 Gb Free Space | 75,47% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: Uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049E9A0B-F0E6-451B-8DA2-976A73A10C37}" = rport=139 | protocol=6 | dir=out | app=system |
"{0B1790AB-88A2-4A8E-A219-F44CF9B8AC37}" = rport=138 | protocol=17 | dir=out | app=system |
"{1C5FC884-CC88-4310-B8ED-7ED920E84773}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3B79D61B-C988-4A77-AA79-F05D10CB00CD}" = lport=139 | protocol=6 | dir=in | app=system |
"{4C1ABEF5-C215-4EE6-A7E9-20E0066970A1}" = rport=137 | protocol=17 | dir=out | app=system |
"{69181B8D-B8B2-4AF5-8F32-4F17221AEEA6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A481C1B9-2427-4858-9394-5EAB8F322BB3}" = lport=138 | protocol=17 | dir=in | app=system |
"{A7CF5CC7-7766-44B9-AFE9-5E75CD4951A5}" = lport=445 | protocol=6 | dir=in | app=system |
"{C5C01192-F3DD-4048-A285-5226EE8A1B9E}" = rport=445 | protocol=6 | dir=out | app=system |
"{D6BBDC9F-92EC-4672-9292-BB5F8C88A91A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D90441DE-A2B7-4790-878E-834F81B7D79C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E0F948B0-A91B-4712-A1C2-B195727275D0}" = lport=137 | protocol=17 | dir=in | app=system |
"{E892F93C-1251-45BA-BB34-2465A6D06A62}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{F05808CB-5B74-4080-8C99-84FC326BE23D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F9C047D1-E01C-48EC-8DA2-EED0CEB94E78}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06344602-F365-426A-B860-6C78AD393466}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{14463ADE-E945-4CAA-A588-EFCCF7EDAAA4}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{1964CF7F-DB8E-46DA-95D5-E3B7D8E25507}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1AC04D9B-A4A9-453E-813D-4F0E6B7FCC27}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1E699977-98B5-4A87-971B-7E9DE862B163}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2045A5F5-9C3E-4801-B864-B949751FC8B1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{303DD7CC-81CE-4C9C-8942-217548E43BCD}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{3FEF557A-B7E1-4193-9E15-BA2D7F9465EB}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{41DEACE0-0DB2-4BD4-A4C8-3B482AC21230}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{42B295E8-03DF-4A19-BD0F-493DE3326D34}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{66605904-A9DE-47D1-BE7E-DA7E69D04AA4}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{6D4128DC-5140-4FFD-9EB3-D0D0708CFC34}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{74105A06-4F71-42C3-A9B5-8E76C3EFD12C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7C7A8ABB-1B25-4839-B996-5D120DD2AFD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A64B698-3A29-46D7-B990-47F1B52FC99B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8AFFB09C-45AA-4682-9CDE-0434BC15F05A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{99B4C2D1-23DD-4A91-8893-3A63724ED7D3}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{B2EFCD05-D8C0-4C16-9AB0-1F3588704D58}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BF8F53AE-1136-43F7-B695-E5E8DACF7900}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CDD80EE6-8CA9-4D60-9F68-0302151DE5E4}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{D0F556B6-D275-401A-8A4C-F3FA83CEA868}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D7E4DB48-1D7F-4BFB-8FB2-3752EA3D540A}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{DF74B75C-8630-438F-B401-960FB65B8758}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F10EBF01-3B70-434F-A27B-776C60DA20C8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FA4B8859-C2E4-46D8-B76D-BFEC97179F8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{44AD7ED9-4B66-40FD-B9CA-79A517A59F0A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{EFF4B113-F19A-46BB-B893-6259F711E7D7}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C83CB66-D345-4D6C-95A2-63A03269ADA0}" = Lenovo Patch Utility 64 bit
"{2180B33F-3225-423E-BBC1-7798CFD3CD1F}" = Microsoft SQL Server 2008 R2 Native Client
"{22EE33DC-181C-48E6-B14B-A2865FBA132A}" = DraftSight x64
"{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 Common Files
"{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 Common Files
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{39A04221-294E-4D90-A0F2-CCB1EF15CB56}" = Lenovo Patch Utility 64 bit
"{3FD730D4-755F-439B-8082-B55E00924A44}" = Client Security - Password Manager
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{57505B29-9D1D-45A3-9C15-D73447D7347D}" = Microsoft SQL Server Native Client
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6D10FB2C-82A9-40F2-91D0-7BE64CF0DAF2}" = Microsoft SQL Server 2008 R2 Setup (English)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 Database Engine Shared
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BB57A765-FFFE-498B-8C1E-6C9CE2AB92BA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{C2938C94-239C-4156-B245-C5406A4F3E93}" = ThinkVantage Fingerprint Software
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 Database Engine Shared
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}" = Software Intel(R) PROSet/Wireless WiFi
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{DD00F699-6861-4DCF-A19F-8CF61E5E28ED}" = Lenovo Solution Center
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1" = ThinkVantage AutoLock
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}" = Lenovo SimpleTap
"{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 Database Engine Services
"01E3B64834B04ABAC85D8E1D3EBDC567D83AD29B" = Windows Driver Package - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00)
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12" = Windows Driver Package - Intel (iaStor) hdc (11/06/2010 10.1.0.1008)
"828B05D2B647CDAEA22493F7BFB96847265EE596" = Windows Driver Package - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DDD8A532E361E9A878EBEF69C338B306810DF059" = Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)
"DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"HWiNFO64_is1" = HWiNFO64 Version 4.08
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit)
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit)
"OnScreenDisplay" = On Screen Display
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"Recuva" = Recuva
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"STORMWARE PDF Printer_is1" = STORMWARE PDF Printer 8.2.0.1406
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.11 (64-bit)
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppM1130M1210SeriesLaserJetService
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.5
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 37
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33EBF075-8593-4698-BDAF-CF8DED80BB5B}" = Nokia Suite
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3AC26580-A695-4134-84AE-5121B3AAE545}" = Readiris Pro 12
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5F814E9B-4330-4050-A2EB-F15001F42730}" = StormWare GLX DEMO
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
"{786AD594-D1E7-447E-91F5-92C4A525D693}" = STORMWARE GLX CZ Mini
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}" = Message Center Plus
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{82569A98-7F23-492E-BF61-2B56DE76EF1B}" = STORMWARE POHODA CZ Standard
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{87A9A094-22A8-4F8A-9B7D-03D7CA48CE15}_is1" = FotoMorph version 13.7.1
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PRJPRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0405-0000-0000000FF1CE}" = Microsoft Office Project MUI (Czech) 2007
"{90120000-00B4-0405-0000-0000000FF1CE}_PMUI.cs-cz_{D7A05170-CE64-4434-B5A2-9561DB4BE328}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-00B5-0405-0000-0000000FF1CE}" = Microsoft Office Project MUI (Czech) 2007
"{90120000-00B5-0405-0000-0000000FF1CE}_PMUI.cs-cz_{D7A05170-CE64-4434-B5A2-9561DB4BE328}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}_PMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{90F80405-6000-11D3-8CFE-0150048383C9}" = Nástroj pro odstranění skrytých dat
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91A29166-4E1B-4664-B70B-4C4A3B6B3372}" = Lenovo Screen Reading Optimizer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{99032CFF-DBB0-4C9C-B03D-B922422F4A39}" = edu-learning pro MS Office 2007 CZ
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7BB9BBD-DFE4-4276-820A-7CD141FC09E6}" = Lenovo Patch Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2CA6F37-1602-4823-81B5-0384B6888AA6}" = Integrated Camera Driver Installer Package Ver.1.1.0.1147
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}" = hppusgM1130M1210Series
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Power Manager
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F2672232-FF17-4DC9-8F24-A1E1829FE086}" = BisonCam Twain Pro
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Anti-Twin 2012-08-20 12.48.59" = Anti-Twin (Installation 20.08.2012)
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"AvantBrowser" = Avant Browser (remove only)
"Demo Weld Cost Calc XL" = Demo Weld Cost Calc XL
"funmoods" = Funmoods
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"Jigs@w Puzzle" = Jigs@w Puzzle
"Kalkulace nové komíny_is1" = Kalkulace nové komíny 1.3.2009 (9.4.2009)
"Lenovo Welcome_is1" = Lenovo Welcome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Mozilla Firefox 16.0.2 (x86 cs)" = Mozilla Firefox 16.0.2 (x86 cs)
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"Opera 12.11.1661" = Opera 12.11
"Opera 12.12.1707" = Opera 12.12
"Picasa 3" = Picasa 3
"PMUI.cs-cz" = Microsoft Office Project Language Pack 2007 - Czech/èeština
"Print Envelope_is1" = Print Envelope 3.1.0.2
"PRJPRO" = Microsoft Office Project Professional 2007
"ProInst" = Intel PROSet Wireless
"Psaní všemi deseti_is1" = Psaní všemi deseti 1.5
"Recepty doma_is1" = Recepty doma
"Revo Uninstaller" = Revo Uninstaller 1.94
"R-Studio 6.1NSIS" = R-Studio 6.1
"RTS Stavitel+ 2011_is1" = RTS Stavitel+ 2011
"Rybář - profesionální rybářský záznamník_is1" = Rybář
"TrueCrypt" = TrueCrypt
"VirtualCloneDrive" = VirtualCloneDrive
"Výukový program deskriptivní geometrie_is1" = Výukový program deskriptivní geometrie 2.51
"WinLiveSuite" = Windows Live Essentials
"ZAV_DOMA_is1" = ZAV 4.48
"ZonerCallisto5_CZ_is1" = Zoner Callisto 5 FREE

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31.1.2013 3:59:40 | Computer Name = Admin | Source = Windows Search Service | ID = 7010
Description =

Error - 31.1.2013 7:03:15 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

Error - 31.1.2013 7:28:58 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

Error - 31.1.2013 7:36:30 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

Error - 31.1.2013 7:40:51 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

Error - 31.1.2013 7:43:50 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

Error - 31.1.2013 8:07:36 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

Error - 31.1.2013 10:32:15 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

Error - 31.1.2013 13:34:05 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

Error - 31.1.2013 15:28:48 | Computer Name = Admin | Source = WinMgmt | ID = 10
Description =

[ Lenovo-Message Center Plus/Admin Events ]
Error - 29.9.2012 13:03:44 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 29.9.2012 13:03:45 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 29.9.2012 15:45:01 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 29.9.2012 15:45:01 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 29.9.2012 15:45:01 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 21.11.2012 13:14:05 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Vzdálený server vrátil chybu: (404) Nenalezeno. -> Exception message:
Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 13.1.2013 6:38:46 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 13.1.2013 6:38:46 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 13.1.2013 6:38:46 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 18.1.2013 16:59:03 | Computer Name = Admin | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Zařízení připojené k systému nefunguje -> Exception message:
Zařízení připojené k systému nefunguje

[ Media Center Events ]
Error - 27.9.2012 15:58:23 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 21:58:22 - Chyba při připojování k Internetu 21:58:22 - Nelze kontaktovat
server..

Error - 27.9.2012 16:58:27 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 22:58:27 - Chyba při připojování k Internetu 22:58:27 - Nelze kontaktovat
server..

Error - 27.9.2012 16:58:32 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 22:58:32 - Chyba při připojování k Internetu 22:58:32 - Nelze kontaktovat
server..

Error - 27.9.2012 17:58:37 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 23:58:37 - Chyba při připojování k Internetu 23:58:37 - Nelze kontaktovat
server..

Error - 27.9.2012 17:58:42 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 23:58:42 - Chyba při připojování k Internetu 23:58:42 - Nelze kontaktovat
server..

Error - 27.9.2012 18:58:47 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 0:58:47 - Chyba při připojování k Internetu 0:58:47 - Nelze kontaktovat
server..

Error - 27.9.2012 18:58:52 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 0:58:52 - Chyba při připojování k Internetu 0:58:52 - Nelze kontaktovat
server..

Error - 22.11.2012 11:19:25 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 16:19:25 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při odeslání.)

Error - 22.11.2012 11:19:25 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 16:19:25 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při odeslání.)

Error - 22.11.2012 11:19:31 | Computer Name = Admin | Source = MCUpdate | ID = 0
Description = 16:19:25 - Načtení položky Broadband se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při odeslání.)

[ OSession Events ]
Error - 14.11.2012 9:27:57 | Computer Name = Admin | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 192
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 31.1.2013 8:07:42 | Computer Name = Admin | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: StarOpen

Error - 31.1.2013 10:31:41 | Computer Name = Admin | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\StarOpen.SYS bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 31.1.2013 10:32:00 | Computer Name = Admin | Source = Service Control Manager | ID = 7000
Description = Služba SQL Server Browser neuspěla při spuštění v důsledku následující
chyby: %%5

Error - 31.1.2013 10:32:23 | Computer Name = Admin | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: StarOpen

Error - 31.1.2013 13:33:29 | Computer Name = Admin | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\StarOpen.SYS bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 31.1.2013 13:33:46 | Computer Name = Admin | Source = Service Control Manager | ID = 7000
Description = Služba SQL Server Browser neuspěla při spuštění v důsledku následující
chyby: %%5

Error - 31.1.2013 13:33:50 | Computer Name = Admin | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: StarOpen

Error - 31.1.2013 15:28:15 | Computer Name = Admin | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\StarOpen.SYS bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 31.1.2013 15:28:37 | Computer Name = Admin | Source = Service Control Manager | ID = 7000
Description = Služba SQL Server Browser neuspěla při spuštění v důsledku následující
chyby: %%5

Error - 31.1.2013 15:28:52 | Computer Name = Admin | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: StarOpen


< End of report >