Preventivka pro vyosek

[Max_cz]

Zdravím,

jak jsme se ve čtvrtek dohodli tak posílám log z RSIT, jedná se o 14 dní starý Lenovo Thinkpad e530, odmazání nepotřebných věcí od Lenova, které tam dávají s win... + pomoc při odmazání facebook video calling, který se tam nainstaloval společně se skypem, který tam byl také uložen...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Max_cz at 2012-08-27 17:04:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 307 GB (67%) free of 457 GB
Total RAM: 3685 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:05:23, on 27.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\WhatPulse\WhatPulse.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\SysWOW64\rundll32.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Users\Max_cz\Downloads\RSIT.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\trend micro\Max_cz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1498473-3231918899-2401847616-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1498473-3231918899-2401847616-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4602B8AB-05E9-4E91-BFCA-E3A11E2146A7}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 15272 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-08-27 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2012-06-22 433648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]
Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-10 2109040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-08-27 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C98EE38D-21E4-4A50-907D-2B56FEC7013E}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-31 55808]
"PWMTRV"=rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2012-01-17 1091376]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Photo Downloader"=C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe [2007-06-26 61440]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"WhatPulse"=C:\Program Files (x86)\WhatPulse\WhatPulse.exe [2011-11-15 3990528]
"ATnotes.exe"=C:\Program Files\ATnotes\ATnotes.exe [2005-01-05 1015808]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-03-23 7351760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-27 17:04:46 ----D---- C:\Program Files (x86)\trend micro
2012-08-27 17:04:40 ----D---- C:\rsit
2012-08-27 16:59:50 ----D---- C:\Users\Max_cz\AppData\Roaming\Ulozto File Manager
2012-08-27 16:59:31 ----D---- C:\Program Files (x86)\Uložto File Manager
2012-08-27 16:52:59 ----D---- C:\Program Files (x86)\The KMPlayer
2012-08-27 16:52:32 ----D---- C:\ProgramData\Ask
2012-08-27 16:49:57 ----D---- C:\ProgramData\tmp
2012-08-27 16:49:57 ----D---- C:\ProgramData\hps
2012-08-27 16:37:02 ----D---- C:\databases
2012-08-27 16:09:07 ----D---- C:\Users\Max_cz\AppData\Roaming\ImagingShop 2
2012-08-27 16:08:51 ----D---- C:\Users\Max_cz\AppData\Roaming\Azureus
2012-08-27 16:08:46 ----D---- C:\Program Files (x86)\ImagingShop 2
2012-08-27 16:08:36 ----D---- C:\ProgramData\Sun
2012-08-27 16:08:34 ----D---- C:\Program Files (x86)\Common Files\Java
2012-08-27 16:08:30 ----A---- C:\Windows\SysWOW64\npDeployJava1.dll
2012-08-27 16:08:30 ----A---- C:\Windows\SysWOW64\javaws.exe
2012-08-27 16:08:30 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2012-08-27 16:08:08 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-08-27 16:08:08 ----A---- C:\Windows\SysWOW64\javaw.exe
2012-08-27 16:08:08 ----A---- C:\Windows\SysWOW64\java.exe
2012-08-27 16:07:29 ----D---- C:\Program Files (x86)\Java
2012-08-27 16:05:52 ----D---- C:\Program Files (x86)\Fotolab
2012-08-27 16:03:36 ----D---- C:\Program Files (x86)\Azureus
2012-08-23 17:57:40 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-08-23 17:50:48 ----D---- C:\Program Files (x86)\Microsoft Works
2012-08-23 17:49:27 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2012-08-23 17:49:26 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2012-08-23 17:45:31 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-08-23 17:43:56 ----RHD---- C:\MSOCache
2012-08-23 17:42:01 ----D---- C:\Users\Max_cz\AppData\Roaming\NVIDIA
2012-08-23 17:41:20 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-08-23 17:34:24 ----D---- C:\Program Files (x86)\Adobe Media Player
2012-08-23 17:28:39 ----A---- C:\Windows\SysWOW64\DBCLIENT.DLL
2012-08-23 17:28:30 ----D---- C:\Program Files (x86)\Common Files\Borland Shared
2012-08-23 17:26:29 ----D---- C:\Program Files (x86)\ProFact 3.0
2012-08-23 17:23:11 ----D---- C:\Program Files (x86)\Microsoft Office
2012-08-23 17:23:01 ----D---- C:\ProgramData\Microsoft Help
2012-08-23 16:18:11 ----D---- C:\Users\Max_cz\AppData\Roaming\DAEMON Tools Lite
2012-08-23 16:17:57 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2012-08-23 16:14:37 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-08-22 18:51:07 ----D---- C:\ProgramData\CPA_VA
2012-08-22 18:08:44 ----D---- C:\Program Files (x86)\Common Files\Skype
2012-08-22 16:44:15 ----D---- C:\ProgramData\Comodo
2012-08-22 16:44:11 ----A---- C:\Windows\SysWOW64\gdiplus.dll
2012-08-21 20:15:42 ----D---- C:\Users\Max_cz\AppData\Roaming\Skype
2012-08-21 20:15:33 ----RD---- C:\Program Files (x86)\Skype
2012-08-21 20:15:25 ----D---- C:\ProgramData\Skype
2012-08-21 18:25:03 ----D---- C:\Users\Max_cz\AppData\Roaming\Nokia Suite
2012-08-21 18:25:00 ----D---- C:\Users\Max_cz\AppData\Roaming\Nokia
2012-08-21 18:19:46 ----D---- C:\Users\Max_cz\AppData\Roaming\Thinstall
2012-08-21 18:13:07 ----D---- C:\Users\Max_cz\AppData\Roaming\ACD Systems
2012-08-21 18:11:46 ----D---- C:\ProgramData\ACD Systems
2012-08-21 18:11:42 ----D---- C:\Program Files (x86)\Common Files\ACD Systems
2012-08-21 18:11:42 ----D---- C:\Program Files (x86)\ACD Systems
2012-08-21 18:11:25 ----A---- C:\Windows\SysWOW64\drivers\pfc.sys
2012-08-21 17:31:41 ----D---- C:\Users\Max_cz\AppData\Roaming\QIP
2012-08-21 17:31:18 ----D---- C:\Program Files (x86)\PSPad editor
2012-08-21 16:00:49 ----D---- C:\Program Files (x86)\QIP 2012
2012-08-21 15:54:07 ----D---- C:\Users\Max_cz\AppData\Roaming\FileZilla
2012-08-21 15:52:34 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2012-08-21 15:50:08 ----D---- C:\Users\Max_cz\AppData\Roaming\GHISLER
2012-08-21 15:50:08 ----A---- C:\Windows\UC.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\RAR.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\PKZIP.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\PKUNZIP.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\NOCLOSE.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\LHA.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\ARJ.PIF
2012-08-20 20:07:10 ----D---- C:\Users\Max_cz\AppData\Roaming\Thunderbird
2012-08-20 20:06:42 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-08-19 18:37:35 ----D---- C:\Users\Max_cz\AppData\Roaming\WhatPulse
2012-08-19 18:37:32 ----D---- C:\Program Files (x86)\WhatPulse
2012-08-19 18:31:53 ----D---- C:\Users\Max_cz\AppData\Roaming\Mozilla
2012-08-18 15:42:42 ----D---- C:\ProgramData\McAfee
2012-08-18 15:41:34 ----D---- C:\Program Files (x86)\Common Files\Adobe
2012-08-17 01:23:36 ----D---- C:\DRIVERS
2012-08-17 00:42:15 ----D---- C:\Users\Max_cz\AppData\Roaming\Lenovo
2012-08-16 23:55:53 ----D---- C:\Program Files (x86)\MusicJet
2012-08-16 23:55:48 ----HDC---- C:\ProgramData\{B69EB34A-91EB-4FF3-B741-664179483319}
2012-08-16 22:48:17 ----D---- C:\Program Files (x86)\Common Files\Nokia
2012-08-16 22:46:30 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2012-08-16 21:49:59 ----D---- C:\ProgramData\PC Suite
2012-08-16 21:49:57 ----D---- C:\Users\Max_cz\AppData\Roaming\PC Suite
2012-08-16 21:47:58 ----D---- C:\ProgramData\Nokia
2012-08-16 21:44:35 ----D---- C:\ProgramData\NokiaInstallerCache
2012-08-16 21:44:35 ----D---- C:\Program Files (x86)\Nokia
2012-08-16 20:50:12 ----D---- C:\Windows\SysWOW64\Wat
2012-08-16 20:48:18 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-08-16 17:54:51 ----D---- C:\Windows\Minidump
2012-08-16 17:31:50 ----D---- C:\Program Files (x86)\MSXML 4.0
2012-08-16 17:02:29 ----D---- C:\ProgramData\Conexant
2012-08-16 17:00:35 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-08-16 17:00:33 ----A---- C:\Windows\SysWOW64\url.dll
2012-08-16 17:00:32 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-08-16 17:00:31 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-08-16 17:00:29 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-08-16 17:00:27 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-08-16 17:00:23 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-08-16 17:00:21 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-08-16 17:00:20 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-08-16 17:00:19 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-08-16 17:00:16 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-08-16 17:00:05 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-08-16 16:27:57 ----A---- C:\Windows\SysWOW64\srclient.dll
2012-08-16 16:27:53 ----A---- C:\Windows\SysWOW64\DWrite.dll
2012-08-16 16:26:56 ----A---- C:\Windows\SysWOW64\msxml6.dll
2012-08-16 16:26:55 ----A---- C:\Windows\SysWOW64\msxml3r.dll
2012-08-16 16:26:55 ----A---- C:\Windows\SysWOW64\msxml3.dll
2012-08-16 16:26:49 ----A---- C:\Windows\SysWOW64\poqexec.exe
2012-08-16 16:26:21 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-16 16:26:20 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-16 16:26:09 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2012-08-16 16:26:09 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2012-08-16 16:26:09 ----A---- C:\Windows\SysWOW64\crypt32.dll
2012-08-16 16:25:30 ----A---- C:\Windows\SysWOW64\win32spl.dll
2012-08-16 16:25:29 ----A---- C:\Windows\splwow64.exe
2012-08-16 16:24:50 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2012-08-16 16:24:44 ----A---- C:\Windows\SysWOW64\msi.dll
2012-08-16 16:24:42 ----A---- C:\Windows\SysWOW64\netapi32.dll
2012-08-16 16:24:42 ----A---- C:\Windows\SysWOW64\browcli.dll
2012-08-16 16:24:37 ----A---- C:\Windows\SysWOW64\schannel.dll
2012-08-16 16:24:37 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2012-08-16 16:24:36 ----A---- C:\Windows\SysWOW64\sspicli.dll
2012-08-16 16:24:36 ----A---- C:\Windows\SysWOW64\secur32.dll
2012-08-16 16:24:12 ----A---- C:\Windows\SysWOW64\cdosys.dll
2012-08-16 16:23:47 ----A---- C:\Windows\SysWOW64\shell32.dll
2012-08-16 15:48:07 ----D---- C:\49192962e21f3439e070
2012-08-16 15:43:30 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2012-08-16 15:43:23 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-08-15 22:19:05 ----D---- C:\Users\Max_cz\AppData\Roaming\PwrMgr
2012-08-15 22:12:04 ----D---- C:\Users\Max_cz\AppData\Roaming\Adobe
2012-08-15 22:11:30 ----D---- C:\Users\Max_cz\AppData\Roaming\Leadertech
2012-08-15 22:11:27 ----D---- C:\Users\Max_cz\AppData\Roaming\LSC
2012-08-15 22:10:48 ----D---- C:\Users\Max_cz\AppData\Roaming\Identities
2012-08-15 22:08:31 ----A---- C:\Windows\SysWOW64\mfc71.dll
2012-08-15 22:04:15 ----A---- C:\Windows\firstboot.dat
2012-08-15 22:03:55 ----D---- C:\Users\Max_cz\AppData\Roaming\Intel
2012-08-15 22:03:45 ----SD---- C:\Users\Max_cz\AppData\Roaming\Microsoft
2012-08-15 22:03:45 ----D---- C:\Users\Max_cz\AppData\Roaming\Media Center Programs
2012-08-15 22:03:45 ----D---- C:\Users\Max_cz\AppData\Roaming\Macromedia

======List of files/folders modified in the last 1 month======

2012-08-27 17:05:17 ----D---- C:\Windows\Prefetch
2012-08-27 17:04:46 ----RD---- C:\Program Files (x86)
2012-08-27 16:53:01 ----D---- C:\Windows\Temp
2012-08-27 16:52:38 ----D---- C:\Windows
2012-08-27 16:52:32 ----HD---- C:\ProgramData
2012-08-27 16:47:50 ----SHD---- C:\Windows\Installer
2012-08-27 16:45:52 ----SHD---- C:\System Volume Information
2012-08-27 16:08:34 ----D---- C:\Program Files (x86)\Common Files
2012-08-27 16:08:30 ----D---- C:\Windows\SysWOW64
2012-08-27 15:32:06 ----D---- C:\Windows\winsxs
2012-08-27 15:31:21 ----D---- C:\Program Files (x86)\Adobe
2012-08-27 15:19:28 ----D---- C:\Windows\System32
2012-08-27 15:19:27 ----D---- C:\Windows\inf
2012-08-27 14:59:43 ----A---- C:\Windows\win.ini
2012-08-27 14:59:42 ----D---- C:\Program Files (x86)\Common Files\System
2012-08-27 14:57:22 ----RSD---- C:\Windows\assembly
2012-08-25 14:02:03 ----A---- C:\Windows\SysWOW64\log.txt
2012-08-25 13:45:59 ----RD---- C:\Program Files
2012-08-24 17:38:11 ----D---- C:\Windows\Panther
2012-08-24 17:37:52 ----D---- C:\Windows\Logs
2012-08-24 17:37:52 ----D---- C:\Windows\debug
2012-08-24 15:31:52 ----RSD---- C:\Windows\Fonts
2012-08-24 15:31:04 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2012-08-23 17:58:32 ----D---- C:\ProgramData\Adobe
2012-08-23 17:50:15 ----D---- C:\Program Files (x86)\MSBuild
2012-08-23 17:49:20 ----D---- C:\Windows\ShellNew
2012-08-23 17:48:00 ----SD---- C:\ProgramData\Microsoft
2012-08-23 17:48:00 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-08-22 18:19:54 ----D---- C:\Windows\Tasks
2012-08-21 21:05:06 ----D---- C:\Windows\rescache
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Media Player
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Mail
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Defender
2012-08-21 21:01:58 ----D---- C:\Windows\SysWOW64\winrm
2012-08-21 21:01:58 ----D---- C:\Windows\SysWOW64\slmgr
2012-08-21 21:01:58 ----D---- C:\Windows\SysWOW64\migwiz
2012-08-21 21:01:58 ----D---- C:\Windows\SysWOW64\en-US
2012-08-21 21:01:58 ----D---- C:\Windows\SysWOW64\en
2012-08-21 21:01:58 ----D---- C:\Windows\SysWOW64\drivers\en-US
2012-08-21 21:01:58 ----D---- C:\Windows\servicing
2012-08-21 21:01:48 ----D---- C:\Windows\SysWOW64\WCN
2012-08-21 21:01:48 ----D---- C:\Windows\SysWOW64\Printing_Admin_Scripts
2012-08-21 21:01:48 ----D---- C:\Windows\SysWOW64\DriverStore
2012-08-21 21:01:48 ----D---- C:\Windows\SysWOW64\Dism
2012-08-21 21:01:47 ----D---- C:\Windows\en-US
2012-08-21 21:01:34 ----D---- C:\Windows\Speech
2012-08-21 18:11:25 ----D---- C:\Windows\SysWOW64\drivers
2012-08-21 18:10:21 ----D---- C:\Windows\Downloaded Installations
2012-08-19 21:14:47 ----D---- C:\ProgramData\Lenovo
2012-08-18 15:51:05 ----D---- C:\Program Files (x86)\Lenovo
2012-08-18 15:51:01 ----D---- C:\SWTOOLS
2012-08-17 03:56:08 ----D---- C:\Windows\Microsoft.NET
2012-08-17 01:48:36 ----D---- C:\Program Files (x86)\Common Files\Lenovo
2012-08-16 17:56:29 ----D---- C:\Windows\SysWOW64\migration
2012-08-16 17:56:29 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-16 17:56:25 ----D---- C:\Windows\SysWOW64\cs-CZ
2012-08-16 17:53:52 ----D---- C:\ProgramData\Norton
2012-08-16 17:53:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-08-16 16:57:49 ----D---- C:\Program Files (x86)\Integrated Camera Driver
2012-08-16 16:47:50 ----RSD---- C:\Windows\Media
2012-08-16 16:43:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-16 16:33:24 ----D---- C:\Windows\SoftwareDistribution
2012-08-16 15:40:09 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2012-08-16 13:00:46 ----D---- C:\Windows\SysWOW64\NV
2012-08-15 22:10:46 ----SHD---- C:\$Recycle.Bin
2012-08-15 22:03:45 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys []
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys []
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys []
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys []
R1 PHCORE;PHCORE; \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [2012-01-31 33344]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 5U877;5U877; C:\Windows\system32\DRIVERS\5U877.sys []
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys []
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys []
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys []
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys []
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys []
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys []
R3 tvtvcamd;ThinkVantage Virtual Camera; C:\Windows\system32\DRIVERS\tvtvcamd.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys []
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 Fastboot;Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\NSNDIS5.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2012-08-21 10368]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-22 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-22 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 2815496]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2011-11-09 8447848]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2012-01-17 169776]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe []
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-07 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-07 163608]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2012-06-01 58224]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-06-01 61296]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-07 277784]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2011-12-24 2348864]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]
R2 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2012-05-11 34104]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2011-12-29 144960]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-07 363800]
R2 VIPAppService;VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-04-10 84080]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-22 1304912]
R3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-05-16 1662560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 136176]
S2 HyperW7Svc;HyperW7 Service; C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2012-02-02 145472]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2012-06-01 179568]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-09 276248]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2012-06-22 332272]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-05-16 1665120]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------


díky

[vyosek]

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[Max_cz]

OTL logfile created on: 28.8.2012 16:19:32 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Max_cz\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,60 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 48,19% Memory free
7,20 Gb Paging File | 4,32 Gb Available in Paging File | 60,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,72 Gb Total Space | 299,90 Gb Free Space | 67,13% Space Free | Partition Type: NTFS
Drive F: | 7,41 Gb Total Space | 7,39 Gb Free Space | 99,82% Space Free | Partition Type: FAT32
Drive Q: | 17,58 Gb Total Space | 3,43 Gb Free Space | 19,53% Space Free | Partition Type: NTFS

Computer Name: MAX_CZ-LENOVO | User Name: Max_cz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.08.28 16:17:28 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Max_cz\Downloads\OTL.exe
PRC - [2012.08.18 00:28:57 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.14 01:14:22 | 000,400,352 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.06.01 20:49:00 | 000,290,160 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2012.06.01 20:48:58 | 000,061,296 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2012.06.01 20:48:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2012.05.16 06:32:00 | 001,662,560 | ---- | M] (Lenovo) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2012.05.16 06:32:00 | 000,128,608 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2012.05.11 17:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2012.04.10 14:41:54 | 000,084,080 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
PRC - [2012.03.23 16:55:44 | 007,351,760 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2012.03.07 00:49:18 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.03.07 00:49:16 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.03.07 00:49:08 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.03.07 00:49:04 | 000,163,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.02.22 04:55:24 | 001,104,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.02.22 04:55:22 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2012.02.22 04:55:18 | 001,014,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.02.22 04:55:16 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2012.01.25 09:44:56 | 000,567,360 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2012.01.17 08:29:24 | 000,169,776 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
PRC - [2012.01.04 21:59:50 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.12.29 12:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011.12.24 17:19:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011.11.15 15:13:22 | 003,990,528 | ---- | M] (WhatPulse.org) -- C:\Program Files (x86)\WhatPulse\WhatPulse.exe
PRC - [2011.07.12 09:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2005.01.05 16:45:36 | 001,015,808 | ---- | M] (Thomas Ascher) -- C:\Program Files\ATnotes\ATnotes.exe


========== Modules (No Company Name) ==========

MOD - [2012.08.18 00:28:55 | 000,442,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll
MOD - [2012.08.18 00:28:54 | 012,236,824 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012.08.18 00:28:52 | 003,997,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012.08.18 00:27:36 | 000,526,872 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libglesv2.dll
MOD - [2012.08.18 00:27:35 | 000,104,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libegl.dll
MOD - [2012.08.18 00:27:23 | 000,144,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012.08.18 00:27:22 | 000,266,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012.08.18 00:27:21 | 002,480,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MOD - [2012.07.14 01:13:32 | 000,021,984 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.07.14 01:13:30 | 000,162,784 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.07.14 01:13:21 | 001,936,352 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2012.03.23 16:56:04 | 000,957,392 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2012.03.23 16:56:00 | 001,641,936 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\mra.dll
MOD - [2012.03.23 16:56:00 | 000,049,104 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\pics.dll
MOD - [2012.03.23 16:55:56 | 002,524,112 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\inficq.dll
MOD - [2012.03.23 16:55:46 | 004,660,176 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\voip.dll
MOD - [2012.03.16 16:23:42 | 000,008,192 | ---- | M] () -- C:\Users\Max_cz\AppData\Roaming\Thunderbird\Profiles\l5o3ab4l.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2009.03.07 18:36:02 | 001,478,656 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\FMtune\FMtune.dll
MOD - [2009.01.12 17:10:50 | 001,174,528 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\Weather\Weather.dll
MOD - [2008.08.21 12:56:07 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\Weather\Plugins\wunderground.dll
MOD - [2008.08.21 12:55:55 | 000,472,064 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\Weather\Plugins\wettercom.dll
MOD - [2008.08.21 12:55:46 | 000,476,160 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\Weather\Plugins\accuweather.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.06.01 20:49:06 | 000,179,568 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe -- (LENOVO.TVTVCAM)
SRV:64bit: - [2012.06.01 20:48:58 | 000,061,296 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2012.06.01 20:48:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2012.04.11 16:27:06 | 000,047,440 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012.03.11 21:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2012.02.26 14:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.02.26 14:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.02.26 14:07:32 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.02.26 14:07:26 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.02.03 07:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012.02.02 23:28:32 | 000,145,472 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:64bit: - [2012.01.18 01:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.01.09 21:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011.12.29 12:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2011.12.29 07:48:24 | 000,049,480 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2011.11.09 20:11:05 | 008,447,848 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2011.07.12 09:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2011.07.12 09:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2011.07.12 09:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.08.01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.22 18:48:26 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2012.05.16 06:32:00 | 001,665,120 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2012.05.16 06:32:00 | 001,662,560 | ---- | M] (Lenovo) [On_Demand | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2012.05.11 17:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2012.04.10 14:41:54 | 000,084,080 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2012.03.07 00:49:18 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.03.07 00:49:16 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.03.07 00:49:08 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.03.07 00:49:04 | 000,163,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.02.22 04:55:24 | 001,104,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.02.22 04:55:22 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2012.02.22 04:55:18 | 001,014,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.02.09 09:10:32 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.01.17 08:29:24 | 000,169,776 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe -- (FastbootService)
SRV - [2011.12.24 17:19:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.08.23 16:18:29 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.06.27 15:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.06.22 18:17:41 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.05.16 06:32:00 | 000,019,784 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2012.04.11 16:27:04 | 000,042,280 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2012.04.02 06:40:50 | 000,428,304 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.03.28 13:16:48 | 000,216,704 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.02.20 21:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012.02.14 21:38:56 | 000,060,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012.02.01 22:52:02 | 014,659,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.01.31 05:40:02 | 000,033,344 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:64bit: - [2012.01.09 21:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.01.09 21:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.01.04 21:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.04 21:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.04 21:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011.12.29 07:48:24 | 000,147,784 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2011.12.29 07:48:24 | 000,025,416 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2011.12.26 11:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2011.12.24 17:19:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.12.23 14:37:12 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.12.08 22:24:30 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.12.08 22:24:30 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.12.08 03:59:52 | 000,027,432 | ---- | M] (ThinkVantage Communications Utility) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvtvcamd.sys -- (tvtvcamd)
DRV:64bit: - [2011.12.06 13:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.30 20:19:48 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.11.30 20:19:46 | 000,094,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.11.10 11:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.10.27 04:27:52 | 000,259,688 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011.08.23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.29 12:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.08.21 18:11:25 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-1498473-3231918899-2401847616-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENP
IE - HKU\S-1-5-21-1498473-3231918899-2401847616-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-21-1498473-3231918899-2401847616-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-21-1498473-3231918899-2401847616-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENP
IE - HKU\S-1-5-21-1498473-3231918899-2401847616-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1498473-3231918899-2401847616-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7LENP
IE - HKU\S-1-5-21-1498473-3231918899-2401847616-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {de1b245c-de57-11da-ba2d-0050c2490048}:1.0.8
FF - prefs.js..extensions.enabledItems: te_3.1@nokia.com:1.7.56.205
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Max_cz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP5X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.06.22 18:52:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.08.20 20:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012.08.19 18:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max_cz\AppData\Roaming\Mozilla\Extensions
[2011.11.30 05:07:25 | 000,018,277 | ---- | M] () (No name found) -- C:\USERS\MAX_CZ\APPDATA\ROAMING\THUNDERBIRD\PROFILES\L5O3AB4L.DEFAULT\EXTENSIONS\EXTRA-COLS@JMINTA_GMAIL.COM.XPI
[2012.08.20 20:08:50 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\USERS\MAX_CZ\APPDATA\ROAMING\THUNDERBIRD\PROFILES\L5O3AB4L.DEFAULT\EXTENSIONS\MINTRAYR@TN123.ATH.CX

========== Chrome ==========

CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: SEO Profesional Toolbar = C:\Users\Max_cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\adecfhccdknoobplgempjhbojlbpahhn\1.3.0_0\
CHR - Extension: YouTube = C:\Users\Max_cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED pro webov\u00E9 str\u00E1nky - Webpage Screenshot = C:\Users\Max_cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.5.3_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Max_cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Speed Dial = C:\Users\Max_cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.2_0\
CHR - Extension: Prohl\u00ED\u017Ee\u010D dokument\u016F ve form\u00E1tu PDF/PowerPoint (od Googlu) = C:\Users\Max_cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.9_0\
CHR - Extension: Gmail = C:\Users\Max_cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1498473-3231918899-2401847616-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1498473-3231918899-2401847616-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-1498473-3231918899-2401847616-1001..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe (Thomas Ascher)
O4 - HKU\S-1-5-21-1498473-3231918899-2401847616-1001..\Run: [Infium] C:\Program Files (x86)\QIP 2012\qip.exe (QIP)
O4 - HKU\S-1-5-21-1498473-3231918899-2401847616-1001..\Run: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe (WhatPulse.org)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1498473-3231918899-2401847616-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4602B8AB-05E9-4E91-BFCA-E3A11E2146A7}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4602B8AB-05E9-4E91-BFCA-E3A11E2146A7}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.12.15 05:05:40 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{3bfbf073-eae4-11e1-b578-685d438a27de}\Shell - "" = AutoRun
O33 - MountPoints2\{3bfbf073-eae4-11e1-b578-685d438a27de}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{3d22cd26-bc86-11e1-b811-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3d22cd26-bc86-11e1-b811-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2011.12.15 05:05:40 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.ACDV - File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.ACDV - C:\Windows\SysWow64\ACDV.dll (ACD Systems)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.08.27 17:04:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012.08.27 17:04:40 | 000,000,000 | ---D | C] -- C:\rsit
[2012.08.27 16:59:50 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\Ulozto File Manager
[2012.08.27 16:59:50 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\Documents\Ulozto
[2012.08.27 16:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulož.to File Manager
[2012.08.27 16:59:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uložto File Manager
[2012.08.27 16:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[2012.08.27 16:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.08.27 16:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp
[2012.08.27 16:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\hps
[2012.08.27 16:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotolab Fotosvet
[2012.08.27 16:37:02 | 000,000,000 | ---D | C] -- C:\databases
[2012.08.27 16:09:07 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\ImagingShop 2
[2012.08.27 16:08:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImagingShop 2
[2012.08.27 16:08:51 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\Azureus
[2012.08.27 16:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImagingShop 2
[2012.08.27 16:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.08.27 16:08:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.27 16:08:30 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.27 16:08:30 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.27 16:08:30 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.27 16:08:08 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.27 16:08:08 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.27 16:08:08 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.08.27 16:07:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.08.27 16:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotolab Fotosvet 4
[2012.08.27 16:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fotolab
[2012.08.27 16:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Azureus
[2012.08.27 15:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 1.1
[2012.08.25 13:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\web stránky
[2012.08.25 11:32:24 | 000,000,000 | R--D | C] -- C:\Users\Max_cz\Desktop\Zábava
[2012.08.25 11:31:53 | 000,000,000 | R--D | C] -- C:\Users\Max_cz\Desktop\Grafika
[2012.08.25 11:31:34 | 000,000,000 | R--D | C] -- C:\Users\Max_cz\Desktop\Ochrana
[2012.08.25 11:29:53 | 000,000,000 | R--D | C] -- C:\Users\Max_cz\Desktop\Komunikace
[2012.08.25 11:29:30 | 000,000,000 | R--D | C] -- C:\Users\Max_cz\Desktop\Práce
[2012.08.23 17:57:43 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2012.08.23 17:57:43 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2012.08.23 17:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.08.23 17:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.08.23 17:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012.08.23 17:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2012.08.23 17:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.08.23 17:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.08.23 17:45:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012.08.23 17:43:56 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.08.23 17:42:01 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\NVIDIA
[2012.08.23 17:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012.08.23 17:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012.08.23 17:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.08.23 17:34:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2012.08.23 17:34:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012.08.23 17:29:26 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\Documents\Adobe Scripts
[2012.08.23 17:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2012.08.23 17:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProFact 3.0
[2012.08.23 17:26:30 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Local\eXmind
[2012.08.23 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProFact 3.0
[2012.08.23 17:23:29 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Local\Microsoft Help
[2012.08.23 17:23:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.08.23 17:23:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.08.23 16:18:29 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.08.23 16:18:11 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\DAEMON Tools Lite
[2012.08.23 16:17:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.08.23 16:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.08.23 16:12:48 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Local\ElevatedDiagnostics
[2012.08.22 18:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012.08.22 18:50:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012.08.22 18:19:48 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Local\Facebook
[2012.08.22 18:08:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.08.22 18:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.08.22 16:44:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012.08.22 16:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012.08.22 16:44:11 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.08.22 16:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012.08.21 20:15:42 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\Skype
[2012.08.21 20:15:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.08.21 20:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.08.21 18:25:03 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\Nokia Suite
[2012.08.21 18:25:00 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\Nokia
[2012.08.21 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\Thinstall
[2012.08.21 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Local\Thinstall
[2012.08.21 18:15:13 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Local\Downloaded Installations
[2012.08.21 18:13:07 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\ACD Systems
[2012.08.21 18:13:07 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Local\ACD Systems
[2012.08.21 18:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2012.08.21 18:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ACD Systems
[2012.08.21 18:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ACD Systems
[2012.08.21 18:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACD Systems
[2012.08.21 18:11:25 | 000,010,368 | ---- | C] (Padus, Inc.) -- C:\Windows\SysWow64\drivers\pfc.sys
[2012.08.21 17:31:41 | 000,000,000 | ---D | C] -- C:\Users\Max_cz\AppData\Roaming\QIP
[2012.08.21 17:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PSPad editor
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.08.28 16:22:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.28 15:57:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.28 15:24:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001UA.job
[2012.08.28 15:22:14 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 15:17:23 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001Core.job
[2012.08.28 15:13:14 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012.08.28 15:11:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.27 16:07:43 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.08.27 16:07:37 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.27 16:07:37 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.27 16:07:36 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.27 16:07:34 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.27 16:07:33 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.27 15:19:28 | 001,476,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.27 15:19:28 | 000,633,392 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.08.27 15:19:28 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.27 15:19:28 | 000,122,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.08.27 15:19:28 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.25 14:07:46 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.25 14:07:46 | 000,031,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.25 13:59:29 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.08.25 13:57:58 | 2898,345,984 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.25 11:13:51 | 004,971,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.23 16:18:29 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.08.22 16:44:11 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.08.21 19:30:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.08.21 19:30:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012.08.21 18:24:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.08.21 18:11:25 | 000,010,368 | ---- | M] (Padus, Inc.) -- C:\Windows\SysWow64\drivers\pfc.sys
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.08.28 16:22:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.27 16:39:41 | 000,064,503 | -H-- | C] () -- C:\Users\Max_cz\Documents\402072_2688606379988_1401324338_32119962_1648240976_n.jpg
[2012.08.23 17:57:40 | 000,002,074 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 2.1 64-bit.lnk
[2012.08.23 17:39:19 | 000,001,086 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2012.08.23 17:38:29 | 000,001,214 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2012.08.23 17:35:45 | 000,001,176 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2012.08.23 17:35:14 | 000,001,269 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2012.08.23 17:28:39 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2012.08.23 17:28:39 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\BDEADMIN.CPL
[2012.08.23 17:23:57 | 000,001,360 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2012.08.23 17:23:21 | 000,001,526 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2012.08.23 17:21:56 | 000,001,008 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012.08.22 18:19:54 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001UA.job
[2012.08.22 18:19:54 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001Core.job
[2012.08.21 19:30:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.08.21 19:30:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012.08.21 18:24:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.08.19 18:42:09 | 000,007,635 | ---- | C] () -- C:\Users\Max_cz\AppData\Local\Resmon.ResmonCfg
[2012.08.16 17:15:28 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.08.16 15:43:30 | 001,495,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.15 22:04:58 | 000,006,922 | ---- | C] () -- C:\Users\Max_cz\AppData\Roaming\AbsoluteReminder.xml
[2012.08.15 22:04:15 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
[2012.06.22 18:42:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2012.06.22 18:42:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2012.06.22 18:42:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2012.06.22 18:30:41 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.06.22 18:30:41 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.06.22 18:30:39 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.06.22 18:30:39 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.06.22 18:30:38 | 013,201,920 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.02.03 07:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== LOP Check ==========

[2012.08.21 18:13:07 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\ACD Systems
[2012.08.27 16:25:08 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Azureus
[2012.08.24 17:41:23 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\DAEMON Tools Lite
[2012.08.21 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\FileZilla
[2012.08.21 15:51:17 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\GHISLER
[2012.08.27 16:11:46 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\ImagingShop 2
[2012.08.15 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Leadertech
[2012.08.17 01:48:39 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Lenovo
[2012.08.15 22:11:27 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\LSC
[2012.08.21 18:25:00 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Nokia
[2012.08.21 18:25:03 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Nokia Suite
[2012.08.21 18:24:47 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\PC Suite
[2012.08.16 07:13:34 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\PwrMgr
[2012.08.21 18:10:15 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\QIP
[2012.08.21 18:19:46 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Thinstall
[2012.08.20 20:07:11 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Thunderbird
[2012.08.27 17:01:39 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Ulozto File Manager
[2012.08.19 20:52:43 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\WhatPulse
[2012.08.28 15:17:23 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001Core.job
[2012.08.28 15:24:00 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001UA.job
[2012.08.25 13:59:29 | 000,000,828 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.08.28 15:13:14 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2009.07.14 07:08:49 | 000,008,068 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.12.08 22:15:19 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.12.08 22:15:19 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.12.08 22:15:19 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.12.08 22:15:19 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.12.08 22:15:19 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.12.08 22:15:19 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.06.22 18:13:39 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.12.08 22:12:52 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.12.08 22:21:52 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.12.08 22:12:52 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.12.08 22:21:52 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012.06.22 18:13:39 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4358cc0f59764edf7cd085b2ddea85cb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4358cc0f59764edf7cd085b2ddea85cb\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.08.21 18:13:07 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\ACD Systems
[2012.08.23 17:57:50 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Adobe
[2012.08.27 16:25:08 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Azureus
[2012.08.24 17:41:23 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\DAEMON Tools Lite
[2012.08.21 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\FileZilla
[2012.08.21 15:51:17 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\GHISLER
[2012.08.15 22:10:48 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Identities
[2012.08.27 16:11:46 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\ImagingShop 2
[2012.08.15 22:03:55 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Intel
[2012.08.15 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Leadertech
[2012.08.17 01:48:39 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Lenovo
[2012.08.15 22:11:27 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\LSC
[2012.06.22 18:44:20 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Macromedia
[2011.12.08 22:02:50 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Media Center Programs
[2012.08.23 18:57:44 | 000,000,000 | --SD | M] -- C:\Users\Max_cz\AppData\Roaming\Microsoft
[2012.08.19 18:31:53 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Mozilla
[2012.08.21 18:25:00 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Nokia
[2012.08.21 18:25:03 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Nokia Suite
[2012.08.23 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\NVIDIA
[2012.08.21 18:24:47 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\PC Suite
[2012.08.16 07:13:34 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\PwrMgr
[2012.08.21 18:10:15 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\QIP
[2012.08.24 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Skype
[2012.08.21 18:19:46 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Thinstall
[2012.08.20 20:07:11 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Thunderbird
[2012.08.27 17:01:39 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\Ulozto File Manager
[2012.08.19 20:52:43 | 000,000,000 | ---D | M] -- C:\Users\Max_cz\AppData\Roaming\WhatPulse

< %APPDATA%\*.exe /s >
[2012.08.16 16:35:18 | 029,354,000 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Max_cz\AppData\Roaming\LSC\Local Store\LSCSetup64.exe
[2012.08.16 15:39:53 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Max_cz\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.08.16 16:48:42 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Max_cz\AppData\Roaming\Microsoft\Installer\{0369F866-2CE0-4EB9-B426-88FA122C6E82}\ARPPRODUCTICON.exe
[2012.08.17 00:11:03 | 000,010,134 | R--- | M] () -- C:\Users\Max_cz\AppData\Roaming\Microsoft\Installer\{1C83CB66-D345-4D6C-95A2-63A03269ADA0}\ARPPRODUCTICON.exe
[2012.08.16 16:48:39 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Max_cz\AppData\Roaming\Microsoft\Installer\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}\ARPPRODUCTICON.exe
[2012.08.17 00:11:00 | 000,010,134 | R--- | M] () -- C:\Users\Max_cz\AppData\Roaming\Microsoft\Installer\{A7BB9BBD-DFE4-4276-820A-7CD141FC09E6}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.08.28 15:17:23 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001Core.job
[2012.08.28 15:24:00 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001UA.job
[2012.08.28 15:22:14 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.28 15:57:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.25 13:59:29 | 000,000,828 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.08.28 15:13:14 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.08.27 16:07:33 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll
[2012.08.27 16:07:36 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\java.exe
[2012.08.27 16:07:37 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaw.exe
[2012.08.27 16:07:37 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaws.exe
[2012.08.27 16:07:34 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npDeployJava1.dll
[2012.08.27 16:07:43 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge-32.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"WhatPulse" = C:\Program Files (x86)\WhatPulse\WhatPulse.exe -- [2011.11.15 15:13:22 | 003,990,528 | ---- | M] (WhatPulse.org)
"ATnotes.exe" = C:\Program Files\ATnotes\ATnotes.exe -- [2005.01.05 16:45:36 | 001,015,808 | ---- | M] (Thomas Ascher)
"Infium" = "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun -- [2012.03.23 16:55:44 | 007,351,760 | ---- | M] (QIP)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.06.29 03:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.08.18 00:28:57 | 001,229,848 | ---- | M] (Google Inc.) MD5=2339760B238226DAD9ED03F939D92323 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.28 16:22:15 | 000,000,512 | ---- | M] () MD5=25D04C44E1F7FEFAEBB1E6A41F265ACF -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.04.26 04:01:25 | 011,248,360 | ---- | M] () -- \Users\Max_cz\Music\Faith no more\Faith No More-Angel Dust\11 Crack Hitler.mp3
[2000.02.24 16:37:20 | 004,240,323 | ---- | M] () -- \Users\Max_cz\Music\Nazareth\1989 - Snakes 'N' Ladders\08 - Donna - Get Off That Crack.mp3
[2008.06.26 17:20:15 | 006,271,269 | ---- | M] () -- \Users\Max_cz\Music\The Ark Discography\The Ark - Racing with the Rabbits EP\03 - The Ark - Cracked Messiah.mp3
[2008.09.02 15:27:26 | 004,073,522 | ---- | M] () -- \Users\Max_cz\Pictures\Photoshop brushes\Room122_Sidewalk_Cracks.abr

[Max_cz]

< *keygen* /s >
< *loader* /s >
[2010.04.28 13:31:32 | 001,612,256 | ---- | M] () -- \Program Files (x86)\ACD Systems\ACDSee\12.0\PlugIns\CX_Ftpuploader.apl
[2009.02.06 12:09:18 | 000,042,739 | ---- | M] () -- \Program Files (x86)\ACD Systems\ACDSee\12.0\PlugIns\CX_Ftpuploader.chm
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.05.28 04:08:10 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2012.05.16 07:50:40 | 000,342,528 | ---- | M] () -- \Program Files (x86)\Fotolab\Fotolab Fotosvet\CWImageLoader0.dll
[2011.10.17 23:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 22:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 20:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.11 00:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2012.06.03 14:57:45 | 000,003,208 | ---- | M] () -- \Program Files\web stránky\server\autoelektroliberec.cz\wp-content\plugins\wp-skitter-slideshow\images\ajax-loader.gif
[2012.06.01 18:31:34 | 000,035,936 | ---- | M] () -- \Program Files\web stránky\server\autoelektroliberec.cz\wp-includes\script-loader.php
[2012.06.01 18:31:34 | 000,001,893 | ---- | M] () -- \Program Files\web stránky\server\autoelektroliberec.cz\wp-includes\template-loader.php
[2011.12.26 13:52:45 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\autoservistichy.cz\wp-content\plugins\nextgen-gallery\images\ajax-loader.gif
[2011.12.26 13:52:45 | 000,006,820 | ---- | M] () -- \Program Files\web stránky\server\autoservistichy.cz\wp-content\plugins\nextgen-gallery\images\loader.gif
[2011.12.26 13:53:24 | 000,035,727 | ---- | M] () -- \Program Files\web stránky\server\autoservistichy.cz\wp-includes\script-loader.php
[2011.12.26 13:53:25 | 000,001,893 | ---- | M] () -- \Program Files\web stránky\server\autoservistichy.cz\wp-includes\template-loader.php
[2012.04.06 20:26:56 | 000,003,723 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\symfony\cache\backend\dev\sf_compat_autoloader.txt
[2012.07.28 10:15:58 | 000,003,723 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\symfony\cache\backend\prod\sf_compat_autoloader.txt
[2012.07.28 10:16:15 | 000,003,723 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\symfony\cache\frontend\dev\sf_compat_autoloader.txt
[2012.07.28 10:16:18 | 000,003,723 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\symfony\cache\frontend\prod\sf_compat_autoloader.txt
[2012.07.28 10:16:41 | 000,000,910 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\symfony\lib\Swift\ClassLoader.php
[2012.07.28 10:17:12 | 000,002,999 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\symfony\lib\symfony\config\sfLoader.class.php
[2012.07.28 10:18:10 | 000,000,902 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\symfony\lib\symfony\plugin\sfPearDownloader.class.php
[2012.07.28 10:21:33 | 000,004,659 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\images\nyromodal\ajaxLoader.gif
[2012.07.28 10:21:38 | 000,039,986 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\js\fileuploader.js
[2012.07.28 10:21:44 | 000,008,455 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\js\ckeditor\_source\core\loader.js
[2012.07.28 10:21:44 | 000,005,043 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\js\ckeditor\_source\core\scriptloader.js
[2012.07.28 10:22:35 | 000,000,847 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\js\ckeditor\filemanager\images\ajax-loader.gif
[2012.07.28 10:24:20 | 000,004,659 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\images\nyromodal\ajaxLoader.gif
[2012.07.28 10:24:31 | 000,039,986 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\js\fileuploader.js
[2012.07.28 10:24:46 | 000,008,455 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\js\ckeditor\_source\core\loader.js
[2012.07.28 10:24:45 | 000,005,043 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\js\ckeditor\_source\core\scriptloader.js
[2012.07.28 10:25:20 | 000,000,847 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\js\ckeditor\filemanager\images\ajax-loader.gif
[2012.07.28 10:27:12 | 000,004,125 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\symfony\cache\backend\dev\sf_compat_autoloader.txt
[2012.07.28 10:27:19 | 000,004,125 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\symfony\cache\frontend\dev\sf_compat_autoloader.txt
[2012.07.28 10:27:20 | 000,004,125 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\symfony\cache\frontend\prod\sf_compat_autoloader.txt
[2012.07.28 10:27:45 | 000,000,910 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\symfony\lib\Swift\ClassLoader.php
[2012.07.28 10:28:54 | 000,002,999 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\symfony\lib\symfony\config\sfLoader.class.php
[2012.07.28 10:29:33 | 000,000,902 | ---- | M] () -- \Program Files\web stránky\server\bmwfriends.cz\www\subdom\beta\symfony\lib\symfony\plugin\sfPearDownloader.class.php
[2012.06.11 23:13:49 | 000,035,927 | ---- | M] () -- \Program Files\web stránky\server\bmw-moto-shop.cz\wp-includes\script-loader.php
[2012.06.11 23:13:48 | 000,001,893 | ---- | M] () -- \Program Files\web stránky\server\bmw-moto-shop.cz\wp-includes\template-loader.php
[2011.11.19 23:01:07 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\elektro\wp-content\plugins\nextgen-gallery\images\ajax-loader.gif
[2011.11.19 23:01:07 | 000,006,820 | ---- | M] () -- \Program Files\web stránky\server\elektro\wp-content\plugins\nextgen-gallery\images\loader.gif
[2011.11.19 23:02:23 | 000,035,727 | ---- | M] () -- \Program Files\web stránky\server\elektro\wp-includes\script-loader.php
[2011.11.19 23:02:24 | 000,001,893 | ---- | M] () -- \Program Files\web stránky\server\elektro\wp-includes\template-loader.php
[2012.04.06 19:59:06 | 000,008,695 | ---- | M] () -- \Program Files\web stránky\server\inzenyring.com\js\ckeditor\_source\core\loader.js
[2012.04.06 19:59:05 | 000,005,223 | ---- | M] () -- \Program Files\web stránky\server\inzenyring.com\js\ckeditor\_source\core\scriptloader.js
[2012.04.06 20:01:22 | 000,000,847 | ---- | M] () -- \Program Files\web stránky\server\inzenyring.com\js\ckeditor\filemanager\images\ajax-loader.gif
[2012.04.06 20:03:58 | 000,004,000 | ---- | M] () -- \Program Files\web stránky\server\inzenyring.com\symfony\cache\backend\prod\sf_compat_autoloader.txt
[2012.04.06 20:05:07 | 000,004,000 | ---- | M] () -- \Program Files\web stránky\server\inzenyring.com\symfony\cache\frontend\prod\sf_compat_autoloader.txt
[2012.04.06 20:06:36 | 000,000,948 | ---- | M] () -- \Program Files\web stránky\server\inzenyring.com\symfony\lib\Swift\ClassLoader.php
[2012.04.06 20:07:48 | 000,003,107 | ---- | M] () -- \Program Files\web stránky\server\inzenyring.com\symfony\lib\symfony\config\sfLoader.class.php
[2012.04.06 20:09:17 | 000,000,932 | ---- | M] () -- \Program Files\web stránky\server\inzenyring.com\symfony\lib\symfony\plugin\sfPearDownloader.class.php
[2012.05.12 13:37:38 | 000,035,927 | ---- | M] () -- \Program Files\web stránky\server\jan-vejvoda.cz\domains\bmw-moto-shop.cz\wp-includes\script-loader.php
[2012.05.12 13:37:36 | 000,001,893 | ---- | M] () -- \Program Files\web stránky\server\jan-vejvoda.cz\domains\bmw-moto-shop.cz\wp-includes\template-loader.php
[2012.03.04 14:44:52 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\jan-vejvoda.cz\wp-content\plugins\nextgen-gallery\images\ajax-loader.gif
[2012.03.04 14:44:52 | 000,006,820 | ---- | M] () -- \Program Files\web stránky\server\jan-vejvoda.cz\wp-content\plugins\nextgen-gallery\images\loader.gif
[2012.05.12 13:40:39 | 000,035,936 | ---- | M] () -- \Program Files\web stránky\server\jan-vejvoda.cz\wp-includes\script-loader.php
[2012.05.12 13:40:38 | 000,001,893 | ---- | M] () -- \Program Files\web stránky\server\jan-vejvoda.cz\wp-includes\template-loader.php
[2009.03.04 00:22:29 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\new_maxsnowboardcom\wp-content\plugins\admin-management-xtended\img\set1\loader.gif
[2009.03.04 00:22:29 | 000,001,079 | ---- | M] () -- \Program Files\web stránky\server\new_maxsnowboardcom\wp-content\plugins\admin-management-xtended\img\set1\loader2.gif
[2009.03.04 00:22:31 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\new_maxsnowboardcom\wp-content\plugins\admin-management-xtended\img\set2\loader.gif
[2009.03.04 00:22:31 | 000,001,079 | ---- | M] () -- \Program Files\web stránky\server\new_maxsnowboardcom\wp-content\plugins\admin-management-xtended\img\set2\loader2.gif
[2009.02.26 11:05:11 | 000,021,157 | ---- | M] () -- \Program Files\web stránky\server\new_maxsnowboardcom\wp-includes\script-loader.php
[2009.02.26 11:05:12 | 000,002,184 | ---- | M] () -- \Program Files\web stránky\server\new_maxsnowboardcom\wp-includes\template-loader.php
[2008.08.10 01:29:21 | 000,014,705 | ---- | M] () -- \Program Files\web stránky\server\retop.eu\wp-includes\script-loader.php
[2008.08.10 01:29:21 | 000,002,184 | ---- | M] () -- \Program Files\web stránky\server\retop.eu\wp-includes\template-loader.php
[2011.11.16 23:09:22 | 000,003,719 | ---- | M] () -- \Program Files\web stránky\server\shop\wp-content\themes\prestashop\img\loader.gif
[2011.11.16 23:09:25 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\shop\wp-content\themes\prestashop\img\admin\ajax-loader.gif
[2011.11.16 23:11:34 | 000,001,720 | ---- | M] () -- \Program Files\web stránky\server\shop\wp-content\themes\prestashop\js\cropper\loader.js
[2010.03.20 16:08:40 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\snowboard-jan-vejvoda.wz.cz\wp-content\plugins\admin-management-xtended\img\set1\loader.gif
[2010.03.20 16:08:40 | 000,001,079 | ---- | M] () -- \Program Files\web stránky\server\snowboard-jan-vejvoda.wz.cz\wp-content\plugins\admin-management-xtended\img\set1\loader2.gif
[2010.03.20 16:08:44 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\snowboard-jan-vejvoda.wz.cz\wp-content\plugins\admin-management-xtended\img\set2\loader.gif
[2010.03.20 16:08:44 | 000,001,079 | ---- | M] () -- \Program Files\web stránky\server\snowboard-jan-vejvoda.wz.cz\wp-content\plugins\admin-management-xtended\img\set2\loader2.gif
[2010.03.20 16:16:16 | 000,031,640 | ---- | M] () -- \Program Files\web stránky\server\snowboard-jan-vejvoda.wz.cz\wp-includes\script-loader.php
[2010.03.20 16:16:17 | 000,002,184 | ---- | M] () -- \Program Files\web stránky\server\snowboard-jan-vejvoda.wz.cz\wp-includes\template-loader.php
[2008.08.20 16:51:11 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\wp\wp-content\plugins\admin-management-xtended\img\set1\loader.gif
[2008.08.20 16:51:11 | 000,001,079 | ---- | M] () -- \Program Files\web stránky\server\wp\wp-content\plugins\admin-management-xtended\img\set1\loader2.gif
[2008.08.20 16:51:14 | 000,000,673 | ---- | M] () -- \Program Files\web stránky\server\wp\wp-content\plugins\admin-management-xtended\img\set2\loader.gif
[2008.08.20 16:51:14 | 000,001,079 | ---- | M] () -- \Program Files\web stránky\server\wp\wp-content\plugins\admin-management-xtended\img\set2\loader2.gif
[2008.07.30 14:20:47 | 000,014,705 | ---- | M] () -- \Program Files\web stránky\server\wp\wp-includes\script-loader.php
[2008.07.30 14:20:48 | 000,002,184 | ---- | M] () -- \Program Files\web stránky\server\wp\wp-includes\template-loader.php
[2012.04.29 11:45:30 | 000,035,936 | ---- | M] () -- \Program Files\web stránky\wordpress 3.3.2\wp-includes\script-loader.php
[2012.04.29 11:45:30 | 000,001,893 | ---- | M] () -- \Program Files\web stránky\wordpress 3.3.2\wp-includes\template-loader.php
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.08.16 15:50:08 | 000,000,673 | ---- | M] () -- \Users\Max_cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.5.3_1\images\ajaxLoader.gif
[2012.08.27 16:49:42 | 000,013,777 | ---- | M] () -- \Users\Max_cz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5C5S1JFE\universaldownloader-prefetch[1].htm
[2012.04.29 11:45:30 | 000,035,936 | ---- | M] () -- \Users\Max_cz\Downloads\wordpress\wp-includes\script-loader.php
[2012.04.29 11:45:30 | 000,001,893 | ---- | M] () -- \Users\Max_cz\Downloads\wordpress\wp-includes\template-loader.php
[2012.08.23 17:50:37 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.08.27 16:59:19 | 000,021,028 | ---- | M] () -- \Windows\Prefetch\ULOZ.TO_UPLOADER-SETUP.EXE-A98324A2.pf
[2011.12.08 22:22:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.12.08 22:22:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.08 22:22:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.08 22:22:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.06.22 18:10:29 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2012.06.22 18:10:29 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2012.06.22 18:10:29 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2012.06.22 18:10:29 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2012.06.22 18:10:29 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.12.08 22:13:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.12.08 22:13:24 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.12.08 22:13:25 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.12.08 22:13:25 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.12.08 22:13:26 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2012.06.22 18:07:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.12.08 22:13:21 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.12.08 22:13:21 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.08 22:22:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.12.08 22:22:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[Max_cz]

OTL Extras logfile created on: 28.8.2012 16:19:32 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Max_cz\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,60 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 48,19% Memory free
7,20 Gb Paging File | 4,32 Gb Available in Paging File | 60,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,72 Gb Total Space | 299,90 Gb Free Space | 67,13% Space Free | Partition Type: NTFS
Drive F: | 7,41 Gb Total Space | 7,39 Gb Free Space | 99,82% Space Free | Partition Type: FAT32
Drive Q: | 17,58 Gb Total Space | 3,43 Gb Free Space | 19,53% Space Free | Partition Type: NTFS

Computer Name: MAX_CZ-LENOVO | User Name: Max_cz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotolab\Fotolab Fotosvet\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet] -- "C:\Program Files (x86)\Fotolab\Fotolab Fotosvet\Fotolab Fotosvet.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [CEWE prezentace fotografií] -- "C:\Program Files (x86)\Fotolab\Fotolab Fotosvet\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet] -- "C:\Program Files (x86)\Fotolab\Fotolab Fotosvet\Fotolab Fotosvet.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{106FA007-7279-460C-9AE3-18570DAF33C5}" = rport=445 | protocol=6 | dir=out | app=system |
"{1E8F0C57-3F9C-4A4B-8947-8FAD00F6BCDC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29AEB61B-C638-4286-B53F-64EA971D22E8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2B85A41F-FB51-42D8-92B0-A61D21DBDEDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2D5D653A-E2F0-42C2-AD7E-E9C245C78690}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{314FEE64-443F-4E4E-8A08-3796894CE91C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{378426E2-0660-4BF7-AB56-FD1F1626281B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3904E68B-93DD-4569-8143-D6A80E58AB79}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3AC14854-EED7-4C1F-B82A-53AF8BFB3521}" = lport=139 | protocol=6 | dir=in | app=system |
"{3E688619-E374-4340-83CA-A0578EEAED68}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{585605C2-3BA2-408B-ACA7-0B632CB66ADF}" = lport=138 | protocol=17 | dir=in | app=system |
"{5953DDE9-8705-4DDC-9E74-D711C47233AF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6CBA2D9F-F6B9-425A-8992-900FD2CA1638}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6DAF0FD6-574C-4D4B-B900-B4055290E99A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7AC9846E-F94B-42B1-8C63-6871A6002476}" = lport=445 | protocol=6 | dir=in | app=system |
"{8A509F9A-6BF3-40C9-BD18-C222E171A98E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8A521947-EF93-4C39-AB7A-5926E222099A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8C6CBA5A-0BE3-4DE7-AEFE-AB03961B73AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{998A943A-4FD0-4AE6-B8ED-97ECF010B582}" = lport=2869 | protocol=6 | dir=in | app=system |
"{99A09D97-EC3C-4F07-B980-B5FC6679B2F7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9C87EBBD-351C-4C53-828A-0B037AB030C1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D0082C7-504B-40D6-8043-F65A360CCD10}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3C98C9A-489B-4863-967D-DA47FC2C4991}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A3F5E5B5-BD2B-46BF-A8BA-2DEB03F696CE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A4500449-11AE-4F7A-B3C7-7EABCB2944B6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A947C326-6825-4A76-A210-2236301C32D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B180E27C-DF68-4ABE-A847-0C8E1C369FBF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B4B8BB23-AAB1-4CF0-A944-637A7B57AB86}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0EF6CAB-496F-4664-93B8-0B38E4F9B29C}" = lport=137 | protocol=17 | dir=in | app=system |
"{F4BB6AE4-79EE-4E5D-818D-7762044F2948}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F52131E2-7976-4C22-B322-E13334153555}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F9638360-19C4-4882-9A34-B5A88C58CE87}" = rport=138 | protocol=17 | dir=out | app=system |
"{FCE11323-2643-4BE3-9979-C0339313E964}" = rport=137 | protocol=17 | dir=out | app=system |
"{FF7CE6CF-60E5-464B-8740-455CD26E356C}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04866E48-584A-4835-8804-9386969D8B3B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B019B38-6DD7-4115-94B2-8FDC4ED5E896}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{0B1A5DF9-F5E7-4AE5-B6CB-D9148F3B52A3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{135016F3-C5B4-48A7-A7AF-C9A2B23D9981}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{18F84CAC-B8F0-4215-A2B4-3A72E95E0D0E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{26A9CE48-8E9C-4524-A3F7-CD44A80A13BB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{297D363C-2B16-4798-9EE5-15E6028E9194}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{32B04D15-2DE6-497E-AF03-4FF00A75816D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3AF43B36-A50E-477E-8930-08F54CEB16E8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{423E2C14-2EB7-4A80-97F0-ACF24F99783A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{450A1743-79B8-4221-A4F5-E4147CB4A8B9}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{47F1B90A-9C54-4045-A0ED-0D8B22DA26C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F47D05D-25B4-42D1-8B78-6BEF2D12DECE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{513D7DB3-E769-4355-BDDD-75B9D9E2EAE8}" = protocol=6 | dir=out | app=system |
"{54D211EA-EEE1-4712-9A0F-2DC2748303BE}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{7063EE72-A35E-4F68-8818-EDED1592A517}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7438F519-5AF4-4E3B-A05F-E2D02E31A7B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7DE38733-34AA-4D91-9499-00CC7A79F42F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{861767AE-276C-4510-8D80-FABBD0918AA8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{891503E2-A817-4778-81E9-807084A4E840}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8D754905-78AE-4063-90E3-74318794DCCA}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{9369D03B-5768-4EC1-8A7A-B051DFE9EE37}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A1C399AC-31F5-494D-8EB5-13FF99CB5EE3}" = dir=in | app=c:\users\max_cz\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{A945274F-7F62-4CD3-91D0-12FE9480490E}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{BB40CB0C-F0DA-46BC-8713-43CDD7212EFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE7F8E3C-2696-427B-A396-FD624E3DC7F0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C0CB79D0-015D-4D0F-B024-54D5D84F6554}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C6D65E37-1C79-411F-954E-0DFEBD683FDA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CAD610C6-E294-4094-9DAE-5C4399BC55BF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4BC82EE-A3BC-4635-9D8A-1335F91DA655}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DDEC82DF-5F5F-48BF-B8F7-2F4E3F6501C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E80C98AD-08FD-4681-8318-444DD7E57179}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E88E0F12-28CF-42EE-A159-71B4650FB33E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F1CE7EEC-1EF8-4B0C-9CDE-0B5E970ABC78}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FC420410-B55B-49BC-AEDA-599EB0909350}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FD5C4F5B-6A6D-44FA-AB4D-C565812AA08C}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"TCP Query User{31FDB423-2079-4262-ABFA-84328FEF091B}C:\program files (x86)\qip 2012\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |
"UDP Query User{9E57FC51-904C-49C1-874A-0984995A0777}C:\program files (x86)\qip 2012\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip 2012\qip.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0369F866-2CE0-4EB9-B426-88FA122C6E82}" = Lenovo Patch Utility 64 bit
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C83CB66-D345-4D6C-95A2-63A03269ADA0}" = Lenovo Patch Utility 64 bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{38FA7C5F-914D-4725-ACF2-2FD940AD0BF9}" = Adobe Photoshop Lightroom 2.1 64-bit
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{520C4DD4-2BC7-409B-BA48-E1A4F832662D}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 290.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 290.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.6.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1111
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.6.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC7CE075-0A45-4DC0-A973-67626CF41144}" = Lenovo Graphics Software
"{C3BC4C2C-39C1-44E1-B4B7-6AAA22D469EE}" = DisplayLink Core Software
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Intel® PROSet/Wireless WiFi Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"64A62163FE43328D13305746CB8BCC93F2DF6545" = Windows Driver Package - Intel (iaStor) hdc (11/29/2011 11.0.0.1032)
"76052A6680822C2132A1EB4E64568F3C9591560E" = Windows Driver Package - Synaptics (SynTP) Mouse (04/02/2012 16.0.5.2)
"CCleaner" = CCleaner
"E3535F123E7F666D573665142F90D3E5004DC326" = Windows Driver Package - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20)
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"OnScreenDisplay" = On Screen Display
"Power Management Driver" = Lenovo Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{683315B1-68E0-4A1B-9397-509C3EB911D2}" = MusicJet
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E6E7725-C7BC-4C39-8B3F-14B67331A120}" = Lenovo Patch Utility
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.5
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78800AF-1779-4AE8-8EBE-16E1BE727C71}" = Integrated Camera Driver Installer Package Ver.1.2.1.18
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7BB9BBD-DFE4-4276-820A-7CD141FC09E6}" = Lenovo Patch Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}" = ACDSee 9 Photo Manager
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Power Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED085D5-A3FA-4FB2-BC93-48C1194E6E26}" = Adobe Photoshop Lightroom
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FD99BD01-1700-4704-BEB3-DDDD1A049179}_is1" = ImagingShop 2.1.0
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"ACDSee Photo Manager 12 Build 344" = ACDSee Photo Manager 12 Build 344 - odinstalovat češtinu
"Adobe AIR" = Adobe AIR
"Azureus" = Azureus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fastboot" = RapidBoot HDD Accelerator
"Fotolab Fotosvet" = Fotolab Fotosvet
"Fotolab Fotosvet 4" = Fotolab Fotosvet 4
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Mozilla Thunderbird 14.0 (x86 cs)" = Mozilla Thunderbird 14.0 (x86 cs)
"MusicJet" = MusicJet
"Nokia Suite" = Nokia Suite
"ProFact 3.0_is1" = ProFact 3.0
"Totalcmd" = Total Commander (Remove or Repair)
"WhatPulse" = WhatPulse 1.7.1
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1498473-3231918899-2401847616-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.3
"QIP 2012" = QIP 2012 4.0.7221

========== Last 20 Event Log Errors ==========

[ Lenovo-Message Center Plus/Admin Events ]
Error - 16.8.2012 1:13:00 | Computer Name = Max_cz-lenovo | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Vzdálený server vrátil chybu: (404) Nenalezeno. -> Exception message:
Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 16.8.2012 16:26:00 | Computer Name = Max_cz-lenovo | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Vzdálený server vrátil chybu: (404) Nenalezeno. -> Exception message:
Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 16.8.2012 20:34:14 | Computer Name = Max_cz-lenovo | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Vzdálený server vrátil chybu: (404) Nenalezeno. -> Exception message:
Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 17.8.2012 10:50:10 | Computer Name = Max_cz-lenovo | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Odkaz na objekt není nastaven na instanci objektu. -> Exception message:
Odkaz na objekt není nastaven na instanci objektu.

Error - 18.8.2012 9:11:25 | Computer Name = Max_cz-lenovo | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Vzdálený server vrátil chybu: (404) Nenalezeno. -> Exception message:
Vzdálený server vrátil chybu: (404) Nenalezeno.

[ System Events ]
Error - 18.8.2012 9:23:51 | Computer Name = Max_cz-lenovo | Source = Service Control Manager | ID = 7000
Description = Služba NSNDIS5 NDIS Protocol Driver neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 18.8.2012 9:23:51 | Computer Name = Max_cz-lenovo | Source = Service Control Manager | ID = 7000
Description = Služba NSNDIS5 NDIS Protocol Driver neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 18.8.2012 9:23:51 | Computer Name = Max_cz-lenovo | Source = Service Control Manager | ID = 7000
Description = Služba NSNDIS5 NDIS Protocol Driver neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 19.8.2012 13:25:57 | Computer Name = Max_cz-lenovo | Source = Service Control Manager | ID = 7034
Description = Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 19.8.2012 13:29:55 | Computer Name = Max_cz-lenovo | Source = DCOM | ID = 10010
Description =

Error - 19.8.2012 13:29:55 | Computer Name = Max_cz-lenovo | Source = DCOM | ID = 10010
Description =

Error - 19.8.2012 13:36:51 | Computer Name = Max_cz-lenovo | Source = volsnap | ID = 393241
Description = Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie
nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému
nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.

Error - 19.8.2012 14:49:38 | Computer Name = Max_cz-lenovo | Source = BTHUSB | ID = 327696
Description = Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou
adaptéru Bluetooth (c8:df:7c:32:07:1f) se nezdařilo.

Error - 20.8.2012 8:41:18 | Computer Name = Max_cz-lenovo | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
192.168.0.21. Počítač s IP adresou 192.168.0.1 nepovolil získání názvu tímto počítačem.

Error - 20.8.2012 9:14:39 | Computer Name = Max_cz-lenovo | Source = BROWSER | ID = 8032
Description =


< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  O3:64bit: - HKLM\..\Toolbar: (no name) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - No CLSID value found.
  O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-21-1498473-3231918899-2401847616-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
  O18:64bit: - Protocol\Handler\livecall - No CLSID value found
  O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
  O18:64bit: - Protocol\Handler\msnim - No CLSID value found
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
  O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
  O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O33 - MountPoints2\{3bfbf073-eae4-11e1-b578-685d438a27de}\Shell - "" = AutoRun
  O33 - MountPoints2\{3d22cd26-bc86-11e1-b811-806e6f6e6963}\Shell - "" = AutoRun
  [2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\4358cc0f59764edf7cd085b2ddea85cb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4358cc0f59764edf7cd085b2ddea85cb\*.tmp -> ]
  [2012.08.28 15:17:23 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001Core.job
  [2012.08.28 15:24:00 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001UA.job
  [2012.08.28 15:22:14 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  [2012.08.28 15:57:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  [2012.08.25 13:59:29 | 000,000,828 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
  [2012.08.28 15:13:14 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job¨
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "SwitchBoard"=-
  "Adobe Photo Downloader"=-
  "SunJavaUpdateSched"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  ""=-
  "Infium"=-
  
  :files
  C:\ProgramData\Ask
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Max_cz]

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C98EE38D-21E4-4A50-907D-2B56FEC7013E} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C98EE38D-21E4-4A50-907D-2B56FEC7013E}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C98EE38D-21E4-4A50-907D-2B56FEC7013E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C98EE38D-21E4-4A50-907D-2B56FEC7013E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1498473-3231918899-2401847616-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bfbf073-eae4-11e1-b578-685d438a27de}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bfbf073-eae4-11e1-b578-685d438a27de}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d22cd26-bc86-11e1-b811-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d22cd26-bc86-11e1-b811-806e6f6e6963}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DFD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP21C2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP52BC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8008.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8692.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFF4B.tmp folder deleted successfully.
C:\Windows\Installer\MSI1E2A.tmp deleted successfully.
C:\Windows\Installer\MSI3C31.tmp deleted successfully.
C:\Windows\Installer\MSIBFEF.tmp deleted successfully.
C:\Windows\Installer\MSIC7AF.tmp deleted successfully.
C:\Windows\Installer\MSIF39F.tmp deleted successfully.
C:\Windows\Installer\MSIF4C9.tmp deleted successfully.
C:\Windows\Installer\MSIF881.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\4358cc0f59764edf7cd085b2ddea85cb\BIT8A12.tmp deleted successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1498473-3231918899-2401847616-1001UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job moved successfully.
File C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job¨ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Photo Downloader not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
========== FILES ==========
C:\ProgramData\Ask\APN-Stub\PTV folder moved successfully.
C:\ProgramData\Ask\APN-Stub folder moved successfully.
C:\ProgramData\Ask folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56478 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Max_cz
->Temp folder emptied: 13801918 bytes
->Temporary Internet Files folder emptied: 135994512 bytes
->Google Chrome cache emptied: 410071057 bytes
->Flash cache emptied: 57590 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 2665888 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4049136 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 338871 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 541,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Max_cz
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Max_cz

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.59.1 log created on 08292012_170714

Files\Folders moved on Reboot...
C:\Users\Max_cz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[vyosek]

Jak se chova ntb

[Max_cz]

Víceméně rychlejší je , ale po přechodu na tohle nové jsem zvyklej na horší věci, ze staršího

Ale pořád po spuštění lenovo-rapidboot, lenovo-communications, Intel-igfxpers.exe, Tpshock.exe atd... což mi přijde jako dosti zbytečné věci, co jsem koukal tak 90% nastrkaných věcí od Lenova nevyužiji

a v Internet Explorer a Scheduled Tasks v CCleaneru ani nepočítám, co se tam toho pouští, takže by mě ještě zajímalo, co vše se dá odebrat jako nepotřebný program pro chod ntb...

Děkuji

[vyosek]

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Ai takto, ono Lenovo moc neznam, ale rekl bych, ze kdyz budete v CCleaneru veci po spusteni Disablovat a pak bude nejake chybet, date jen Enable a je to

Z toho co jste napsal bych nechal ten Intel - je to ke graf.karte a Tpshock.exe tez nechte

[Max_cz]

Ok, zitra nahodim log z rsit, az bude po vsem, predem dekuji

[vyosek]

OK, prozatim neni zac

[Max_cz]

vyčištěno, tak znovu log z RSIT


Logfile of random's system information tool 1.09 (written by random/random)
Run by Max_cz at 2012-08-30 16:38:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 307 GB (67%) free of 457 GB
Total RAM: 3685 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:38:49, on 30.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Max_cz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files (x86)\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1498473-3231918899-2401847616-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4602B8AB-05E9-4E91-BFCA-E3A11E2146A7}: NameServer = 8.8.8.8,8.8.4.4
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13482 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e36c9e5f-7c87-4cfe-9c54-60f9a19d92d6 -SystemEventPortName:HostProcess-b0ced38b-a1ad-461a-b74b-b55c70123ced -IoCancelEventPortName:HostProcess-c8fb9b23-059d-4a93-9edc-5a1e486e37c0 -NonStateChangingEventPortName:HostProcess-7143cf69-b3ae-402b-a17b-d94c99b5bcbb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c6e759bc-492a-4874-ba6e-fc309b1bf4fa
"C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe"
C:\Windows\system32\WLANExt.exe 4950736
\??\C:\Windows\system32\conhost.exe "19974942459770672341798929428-109634975913650580141958852-1080608511155083332
C:\Windows\System32\spoolsv.exe
taskeng.exe {F8FD3A8F-804E-477A-9183-67C5090C013A}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
WLIDSvcM.exe 3360
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2fff86a1-90ca-4b2f-850d-b76cb77ad2ba -SystemEventPortName:HostProcess-d9746504-8bd3-42cd-8a3f-8b215b0ddab3 -IoCancelEventPortName:HostProcess-3c3867ea-a5cd-4816-afea-36b61b7026da -NonStateChangingEventPortName:HostProcess-c855f4cc-4c7a-4285-b8ca-e889a4027ed2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0387fa52-b614-42ea-92bf-5d4488a57f47
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxSearchSuggest/8/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/npn_with_http/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="3748.0.1294892808\1432083027" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/npn_with_http/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="3748.1.788153010\124375828" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/npn_with_http/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="3748.2.1646570406\2080025961" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/npn_with_http/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="3748.6.455300041\838638527" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3748.8.764476582\1636871958" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/npn_with_http/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="3748.9.1390319555\140663644" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3748.10.673979685\1350597463" --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-version=8.15.10.2639 --ignored=" --type=renderer " /prefetch:12
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Max_cz\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/npn_with_http/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_16/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="3748.12.2114234335\1633834740" /prefetch:3
"C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe" -cfpau

======Scheduled tasks folder======

C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll [2012-06-22 750064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]
Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-10 2443376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-08-27 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2012-06-22 433648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]
Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-10 2109040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-08-27 157672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-02 2899216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-09 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-09 440600]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-02-18 177936]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-02-22 11406608]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2012-06-21 222720]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2012-06-01 290160]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 9569096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WhatPulse"=C:\Program Files (x86)\WhatPulse\WhatPulse.exe [2011-11-15 3990528]
"ATnotes.exe"=C:\Program Files\ATnotes\ATnotes.exe [2005-01-05 1015808]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-03-23 7351760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-31 55808]
"PWMTRV"=rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"Fastboot"=C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [2012-01-17 1091376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-01 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-30 16:38:24 ----D---- C:\Program Files\trend micro
2012-08-30 16:38:20 ----D---- C:\rsit
2012-08-27 17:04:46 ----D---- C:\Program Files (x86)\trend micro
2012-08-27 16:59:50 ----D---- C:\Users\Max_cz\AppData\Roaming\Ulozto File Manager
2012-08-27 16:59:31 ----D---- C:\Program Files (x86)\Uložto File Manager
2012-08-27 16:52:59 ----D---- C:\Program Files (x86)\The KMPlayer
2012-08-27 16:49:57 ----D---- C:\ProgramData\tmp
2012-08-27 16:49:57 ----D---- C:\ProgramData\hps
2012-08-27 16:37:02 ----D---- C:\databases
2012-08-27 16:09:07 ----D---- C:\Users\Max_cz\AppData\Roaming\ImagingShop 2
2012-08-27 16:08:51 ----D---- C:\Users\Max_cz\AppData\Roaming\Azureus
2012-08-27 16:08:46 ----D---- C:\Program Files (x86)\ImagingShop 2
2012-08-27 16:08:36 ----D---- C:\ProgramData\Sun
2012-08-27 16:08:30 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-08-27 16:08:30 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-08-27 16:08:30 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-08-27 16:08:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-08-27 16:08:08 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-08-27 16:08:08 ----A---- C:\Windows\SYSWOW64\java.exe
2012-08-27 16:07:29 ----D---- C:\Program Files (x86)\Java
2012-08-27 16:05:52 ----D---- C:\Program Files (x86)\Fotolab
2012-08-27 16:03:36 ----D---- C:\Program Files (x86)\Azureus
2012-08-25 13:45:59 ----D---- C:\Program Files\web stránky
2012-08-23 17:57:43 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2012-08-23 17:57:43 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2012-08-23 17:50:48 ----D---- C:\Program Files (x86)\Microsoft Works
2012-08-23 17:49:27 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2012-08-23 17:45:40 ----D---- C:\Program Files\Microsoft Office
2012-08-23 17:45:31 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-08-23 17:43:56 ----RHD---- C:\MSOCache
2012-08-23 17:42:01 ----D---- C:\Users\Max_cz\AppData\Roaming\NVIDIA
2012-08-23 17:41:20 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-08-23 17:39:09 ----D---- C:\Program Files\Adobe
2012-08-23 17:35:56 ----D---- C:\Program Files\Common Files\Adobe
2012-08-23 17:34:24 ----D---- C:\Program Files (x86)\Adobe Media Player
2012-08-23 17:28:39 ----A---- C:\Windows\SYSWOW64\DBCLIENT.DLL
2012-08-23 17:26:29 ----D---- C:\Program Files (x86)\ProFact 3.0
2012-08-23 17:23:11 ----D---- C:\Program Files (x86)\Microsoft Office
2012-08-23 17:23:01 ----D---- C:\ProgramData\Microsoft Help
2012-08-23 16:18:29 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-08-23 16:18:11 ----D---- C:\Users\Max_cz\AppData\Roaming\DAEMON Tools Lite
2012-08-23 16:17:57 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2012-08-23 16:14:37 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-08-22 18:51:07 ----D---- C:\ProgramData\CPA_VA
2012-08-22 16:44:15 ----D---- C:\ProgramData\Comodo
2012-08-22 16:44:11 ----D---- C:\Program Files\COMODO
2012-08-22 16:44:11 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2012-08-21 20:15:42 ----D---- C:\Users\Max_cz\AppData\Roaming\Skype
2012-08-21 20:15:33 ----RD---- C:\Program Files (x86)\Skype
2012-08-21 20:15:25 ----D---- C:\ProgramData\Skype
2012-08-21 18:25:03 ----D---- C:\Users\Max_cz\AppData\Roaming\Nokia Suite
2012-08-21 18:25:00 ----D---- C:\Users\Max_cz\AppData\Roaming\Nokia
2012-08-21 18:19:46 ----D---- C:\Users\Max_cz\AppData\Roaming\Thinstall
2012-08-21 18:13:07 ----D---- C:\Users\Max_cz\AppData\Roaming\ACD Systems
2012-08-21 18:11:46 ----D---- C:\ProgramData\ACD Systems
2012-08-21 18:11:42 ----D---- C:\Program Files (x86)\ACD Systems
2012-08-21 18:11:25 ----A---- C:\Windows\SYSWOW64\drivers\pfc.sys
2012-08-21 17:31:41 ----D---- C:\Users\Max_cz\AppData\Roaming\QIP
2012-08-21 17:31:18 ----D---- C:\Program Files (x86)\PSPad editor
2012-08-21 16:00:49 ----D---- C:\Program Files (x86)\QIP 2012
2012-08-21 15:54:07 ----D---- C:\Users\Max_cz\AppData\Roaming\FileZilla
2012-08-21 15:52:34 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2012-08-21 15:50:08 ----D---- C:\Users\Max_cz\AppData\Roaming\GHISLER
2012-08-21 15:50:08 ----D---- C:\Program Files\totalcmd
2012-08-21 15:50:08 ----A---- C:\Windows\UC.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\RAR.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\PKZIP.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\PKUNZIP.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\NOCLOSE.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\LHA.PIF
2012-08-21 15:50:08 ----A---- C:\Windows\ARJ.PIF
2012-08-20 20:07:10 ----D---- C:\Users\Max_cz\AppData\Roaming\Thunderbird
2012-08-20 20:06:42 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-08-20 20:05:56 ----D---- C:\Program Files\ATnotes
2012-08-19 18:37:35 ----D---- C:\Users\Max_cz\AppData\Roaming\WhatPulse
2012-08-19 18:37:32 ----D---- C:\Program Files (x86)\WhatPulse
2012-08-19 18:31:53 ----D---- C:\Users\Max_cz\AppData\Roaming\Mozilla
2012-08-18 15:42:42 ----D---- C:\ProgramData\McAfee
2012-08-17 01:23:36 ----D---- C:\DRIVERS
2012-08-17 00:42:15 ----D---- C:\Users\Max_cz\AppData\Roaming\Lenovo
2012-08-16 23:55:53 ----D---- C:\Program Files (x86)\MusicJet
2012-08-16 23:55:48 ----HDC---- C:\ProgramData\{B69EB34A-91EB-4FF3-B741-664179483319}
2012-08-16 22:46:46 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys
2012-08-16 22:46:30 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2012-08-16 21:49:59 ----D---- C:\ProgramData\PC Suite
2012-08-16 21:49:57 ----D---- C:\Users\Max_cz\AppData\Roaming\PC Suite
2012-08-16 21:47:58 ----D---- C:\ProgramData\Nokia
2012-08-16 21:47:03 ----DC---- C:\Windows\system32\DRVSTORE
2012-08-16 21:46:16 ----A---- C:\Windows\system32\nmwcdclsX64.dll
2012-08-16 21:44:35 ----D---- C:\ProgramData\NokiaInstallerCache
2012-08-16 21:44:35 ----D---- C:\Program Files (x86)\Nokia
2012-08-16 20:50:12 ----D---- C:\Windows\SYSWOW64\Wat
2012-08-16 20:50:11 ----D---- C:\Windows\system32\Wat
2012-08-16 20:48:18 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-08-16 20:48:17 ----A---- C:\Windows\system32\qdvd.dll
2012-08-16 17:54:51 ----D---- C:\Windows\Minidump
2012-08-16 17:51:38 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-08-16 17:31:50 ----D---- C:\Program Files (x86)\MSXML 4.0
2012-08-16 17:22:21 ----A---- C:\Windows\system32\browserchoice.exe
2012-08-16 17:02:29 ----D---- C:\ProgramData\Conexant
2012-08-16 17:00:36 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-16 17:00:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-08-16 17:00:33 ----A---- C:\Windows\SYSWOW64\url.dll
2012-08-16 17:00:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-08-16 17:00:32 ----A---- C:\Windows\system32\url.dll
2012-08-16 17:00:32 ----A---- C:\Windows\system32\iertutil.dll
2012-08-16 17:00:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-08-16 17:00:31 ----A---- C:\Windows\system32\urlmon.dll
2012-08-16 17:00:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-08-16 17:00:28 ----A---- C:\Windows\system32\ieui.dll
2012-08-16 17:00:27 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-08-16 17:00:27 ----A---- C:\Windows\system32\ieUnatt.exe
2012-08-16 17:00:24 ----A---- C:\Windows\system32\jscript9.dll
2012-08-16 17:00:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-08-16 17:00:22 ----A---- C:\Windows\system32\wininet.dll
2012-08-16 17:00:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-08-16 17:00:21 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-16 17:00:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-16 17:00:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-08-16 17:00:19 ----A---- C:\Windows\system32\jscript.dll
2012-08-16 17:00:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-08-16 17:00:11 ----A---- C:\Windows\system32\mshtml.dll
2012-08-16 17:00:06 ----A---- C:\Windows\system32\ieframe.dll
2012-08-16 17:00:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-08-16 16:55:36 ----A---- C:\Windows\system32\drivers\5U877.sys
2012-08-16 16:55:36 ----A---- C:\Windows\system32\5U877.dll
2012-08-16 16:43:49 ----A---- C:\Windows\system32\tpinspm.dll
2012-08-16 16:43:49 ----A---- C:\Windows\system32\ibmpmsvc.exe
2012-08-16 16:43:49 ----A---- C:\Windows\system32\drivers\ibmpmdrv.sys
2012-08-16 16:29:03 ----A---- C:\Windows\system32\MRT.exe
2012-08-16 16:28:23 ----D---- C:\Program Files\CCleaner
2012-08-16 16:27:57 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-08-16 16:27:57 ----A---- C:\Windows\system32\srcore.dll
2012-08-16 16:27:54 ----A---- C:\Windows\system32\DWrite.dll
2012-08-16 16:27:53 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-08-16 16:26:56 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-08-16 16:26:56 ----A---- C:\Windows\system32\msxml6.dll
2012-08-16 16:26:55 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-08-16 16:26:55 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-08-16 16:26:55 ----A---- C:\Windows\system32\msxml3r.dll
2012-08-16 16:26:55 ----A---- C:\Windows\system32\msxml3.dll
2012-08-16 16:26:49 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-08-16 16:26:49 ----A---- C:\Windows\system32\poqexec.exe
2012-08-16 16:26:24 ----A---- C:\Windows\system32\win32k.sys
2012-08-16 16:26:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-08-16 16:26:21 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-08-16 16:26:20 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-08-16 16:26:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-08-16 16:26:10 ----A---- C:\Windows\system32\crypt32.dll
2012-08-16 16:26:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-08-16 16:26:09 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-08-16 16:26:09 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-08-16 16:26:09 ----A---- C:\Windows\system32\cryptsvc.dll
2012-08-16 16:26:09 ----A---- C:\Windows\system32\cryptnet.dll
2012-08-16 16:25:31 ----A---- C:\Windows\system32\win32spl.dll
2012-08-16 16:25:30 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-08-16 16:25:30 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-16 16:25:29 ----A---- C:\Windows\splwow64.exe
2012-08-16 16:25:27 ----A---- C:\Windows\system32\profsvc.dll
2012-08-16 16:25:26 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-08-16 16:24:53 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-08-16 16:24:50 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-08-16 16:24:50 ----A---- C:\Windows\system32\XpsPrint.dll
2012-08-16 16:24:45 ----A---- C:\Windows\system32\msi.dll
2012-08-16 16:24:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-08-16 16:24:43 ----A---- C:\Windows\system32\browser.dll
2012-08-16 16:24:42 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-16 16:24:42 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-16 16:24:42 ----A---- C:\Windows\system32\netapi32.dll
2012-08-16 16:24:42 ----A---- C:\Windows\system32\browcli.dll
2012-08-16 16:24:38 ----A---- C:\Windows\system32\schannel.dll
2012-08-16 16:24:38 ----A---- C:\Windows\system32\ncrypt.dll
2012-08-16 16:24:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-08-16 16:24:38 ----A---- C:\Windows\system32\drivers\cng.sys
2012-08-16 16:24:37 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-08-16 16:24:37 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-08-16 16:24:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-08-16 16:24:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-08-16 16:24:36 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-08-16 16:24:16 ----A---- C:\Windows\system32\localspl.dll
2012-08-16 16:24:12 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-08-16 16:24:10 ----A---- C:\Windows\system32\cdosys.dll
2012-08-16 16:24:06 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-08-16 16:24:06 ----A---- C:\Windows\system32\rdpwsx.dll
2012-08-16 16:24:06 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-08-16 16:23:49 ----A---- C:\Windows\system32\shell32.dll
2012-08-16 16:23:47 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-08-16 16:23:42 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-08-16 15:59:32 ----A---- C:\Windows\system32\wups2.dll
2012-08-16 15:59:31 ----A---- C:\Windows\system32\wucltux.dll
2012-08-16 15:59:31 ----A---- C:\Windows\system32\wuauclt.exe
2012-08-16 15:59:30 ----A---- C:\Windows\system32\wuaueng.dll
2012-08-16 15:59:07 ----A---- C:\Windows\system32\wups.dll
2012-08-16 15:59:07 ----A---- C:\Windows\system32\wudriver.dll
2012-08-16 15:59:06 ----A---- C:\Windows\system32\wuapi.dll
2012-08-16 15:58:30 ----A---- C:\Windows\system32\wuwebv.dll
2012-08-16 15:58:30 ----A---- C:\Windows\system32\wuapp.exe
2012-08-16 15:48:07 ----D---- C:\49192962e21f3439e070
2012-08-16 15:43:30 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-08-16 15:43:23 ----D---- C:\Program Files (x86)\Microsoft Security Client
2012-08-16 15:43:17 ----D---- C:\Program Files\Microsoft Security Client
2012-08-15 22:19:05 ----D---- C:\Users\Max_cz\AppData\Roaming\PwrMgr
2012-08-15 22:12:04 ----D---- C:\Users\Max_cz\AppData\Roaming\Adobe
2012-08-15 22:11:30 ----D---- C:\Users\Max_cz\AppData\Roaming\Leadertech
2012-08-15 22:11:27 ----D---- C:\Users\Max_cz\AppData\Roaming\LSC
2012-08-15 22:10:48 ----D---- C:\Users\Max_cz\AppData\Roaming\Identities
2012-08-15 22:08:31 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2012-08-15 22:04:15 ----A---- C:\Windows\firstboot.dat
2012-08-15 22:03:55 ----D---- C:\Users\Max_cz\AppData\Roaming\Intel
2012-08-15 22:03:45 ----SD---- C:\Users\Max_cz\AppData\Roaming\Microsoft
2012-08-15 22:03:45 ----D---- C:\Users\Max_cz\AppData\Roaming\Media Center Programs
2012-08-15 22:03:45 ----D---- C:\Users\Max_cz\AppData\Roaming\Macromedia

======List of files/folders modified in the last 1 month======

2012-08-30 16:38:24 ----RD---- C:\Program Files
2012-08-30 16:38:02 ----D---- C:\Windows\Temp
2012-08-30 16:37:03 ----D---- C:\Windows\System32
2012-08-30 16:37:03 ----D---- C:\Windows\inf
2012-08-30 16:37:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-30 16:33:22 ----A---- C:\Windows\SYSWOW64\log.txt
2012-08-30 16:30:52 ----D---- C:\Windows\system32\config
2012-08-29 17:11:07 ----D---- C:\Windows\Prefetch
2012-08-29 17:09:08 ----D---- C:\Windows
2012-08-29 17:07:20 ----D---- C:\Windows\system32\drivers\etc
2012-08-29 17:07:18 ----SHD---- C:\Windows\Installer
2012-08-29 17:07:18 ----HD---- C:\ProgramData
2012-08-29 17:07:18 ----D---- C:\Windows\Tasks
2012-08-28 16:22:11 ----SHD---- C:\System Volume Information
2012-08-27 17:04:46 ----RD---- C:\Program Files (x86)
2012-08-27 16:08:34 ----D---- C:\Program Files (x86)\Common Files
2012-08-27 16:08:30 ----D---- C:\Windows\SysWOW64
2012-08-27 15:32:06 ----D---- C:\Windows\winsxs
2012-08-27 15:31:21 ----D---- C:\Program Files (x86)\Adobe
2012-08-27 15:31:15 ----D---- C:\Windows\system32\catroot2
2012-08-27 14:59:43 ----A---- C:\Windows\win.ini
2012-08-27 14:57:22 ----RSD---- C:\Windows\assembly
2012-08-27 14:52:02 ----D---- C:\Windows\system32\wdi
2012-08-24 17:38:11 ----D---- C:\Windows\Panther
2012-08-24 17:37:52 ----D---- C:\Windows\Logs
2012-08-24 17:37:52 ----D---- C:\Windows\debug
2012-08-24 15:31:52 ----RSD---- C:\Windows\Fonts
2012-08-23 18:49:33 ----D---- C:\Windows\system32\catroot
2012-08-23 18:49:08 ----D---- C:\Program Files\CONEXANT
2012-08-23 18:48:25 ----D---- C:\Windows\system32\DriverStore
2012-08-23 18:48:25 ----D---- C:\Windows\system32\drivers
2012-08-23 17:58:32 ----D---- C:\ProgramData\Adobe
2012-08-23 17:50:15 ----D---- C:\Program Files (x86)\MSBuild
2012-08-23 17:49:20 ----D---- C:\Windows\ShellNew
2012-08-23 17:48:00 ----SD---- C:\ProgramData\Microsoft
2012-08-23 17:48:00 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-08-23 17:46:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-23 17:35:56 ----D---- C:\Program Files\Common Files
2012-08-22 18:19:54 ----D---- C:\Windows\system32\Tasks
2012-08-21 21:05:06 ----D---- C:\Windows\rescache
2012-08-21 21:02:00 ----D---- C:\Program Files\Windows Sidebar
2012-08-21 21:02:00 ----D---- C:\Program Files\Windows Media Player
2012-08-21 21:02:00 ----D---- C:\Program Files\Windows Mail
2012-08-21 21:02:00 ----D---- C:\Program Files\Windows Journal
2012-08-21 21:02:00 ----D---- C:\Program Files\DVD Maker
2012-08-21 21:01:59 ----D---- C:\Program Files\Windows Photo Viewer
2012-08-21 21:01:59 ----D---- C:\Program Files\Windows Defender
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Media Player
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Mail
2012-08-21 21:01:59 ----D---- C:\Program Files (x86)\Windows Defender
2012-08-21 21:01:58 ----D---- C:\Windows\SYSWOW64\winrm
2012-08-21 21:01:58 ----D---- C:\Windows\SYSWOW64\slmgr
2012-08-21 21:01:58 ----D---- C:\Windows\SYSWOW64\migwiz
2012-08-21 21:01:58 ----D---- C:\Windows\SYSWOW64\en-US
2012-08-21 21:01:58 ----D---- C:\Windows\SYSWOW64\en
2012-08-21 21:01:58 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2012-08-21 21:01:58 ----D---- C:\Windows\servicing
2012-08-21 21:01:48 ----D---- C:\Windows\SYSWOW64\WCN
2012-08-21 21:01:48 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2012-08-21 21:01:48 ----D---- C:\Windows\SYSWOW64\DriverStore
2012-08-21 21:01:48 ----D---- C:\Windows\SYSWOW64\Dism
2012-08-21 21:01:47 ----D---- C:\Windows\system32\winrm
2012-08-21 21:01:47 ----D---- C:\Windows\system32\slmgr
2012-08-21 21:01:47 ----D---- C:\Windows\system32\migwiz
2012-08-21 21:01:47 ----D---- C:\Windows\system32\en
2012-08-21 21:01:47 ----D---- C:\Windows\system32\Boot
2012-08-21 21:01:47 ----D---- C:\Windows\en-US
2012-08-21 21:01:46 ----D---- C:\Windows\system32\en-US
2012-08-21 21:01:36 ----D---- C:\Windows\system32\WCN
2012-08-21 21:01:36 ----D---- C:\Windows\system32\drivers\en-US
2012-08-21 21:01:36 ----D---- C:\Windows\system32\Dism
2012-08-21 21:01:35 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2012-08-21 21:01:34 ----D---- C:\Windows\Speech
2012-08-21 19:30:53 ----D---- C:\Windows\system32\drivers\UMDF
2012-08-21 18:11:25 ----D---- C:\Windows\SYSWOW64\drivers
2012-08-21 18:10:21 ----D---- C:\Windows\Downloaded Installations
2012-08-19 21:14:47 ----D---- C:\ProgramData\Lenovo
2012-08-19 19:30:53 ----D---- C:\Windows\system32\cs-CZ
2012-08-18 15:51:05 ----D---- C:\Program Files (x86)\Lenovo
2012-08-18 15:51:01 ----D---- C:\SWTOOLS
2012-08-17 19:18:18 ----D---- C:\Windows\system32\LogFiles
2012-08-17 03:56:08 ----D---- C:\Windows\Microsoft.NET
2012-08-17 01:48:39 ----D---- C:\Program Files\Lenovo
2012-08-17 01:48:36 ----D---- C:\Program Files\Common Files\Lenovo
2012-08-17 00:00:10 ----D---- C:\Program Files\Common Files\System
2012-08-16 21:47:07 ----D---- C:\Program Files\DIFX
2012-08-16 17:56:29 ----D---- C:\Windows\SYSWOW64\migration
2012-08-16 17:56:29 ----D---- C:\Program Files (x86)\Internet Explorer
2012-08-16 17:56:28 ----D---- C:\Windows\system32\migration
2012-08-16 17:56:27 ----D---- C:\Program Files\Internet Explorer
2012-08-16 17:56:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-08-16 17:53:52 ----D---- C:\ProgramData\Norton
2012-08-16 17:53:51 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-08-16 16:57:49 ----D---- C:\Program Files (x86)\Integrated Camera Driver
2012-08-16 16:47:50 ----RSD---- C:\Windows\Media
2012-08-16 16:43:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-16 16:33:24 ----D---- C:\Windows\SoftwareDistribution
2012-08-16 15:57:41 ----D---- C:\Windows\system32\restore
2012-08-16 13:00:46 ----D---- C:\Windows\SYSWOW64\NV
2012-08-16 13:00:45 ----D---- C:\Windows\system32\NV
2012-08-16 00:22:13 ----D---- C:\Windows\system32\NDF
2012-08-15 22:10:46 ----SHD---- C:\$Recycle.Bin
2012-08-15 22:03:45 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-12-23 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-12-24 28992]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2011-12-29 147784]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2011-12-29 25416]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 577824]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-23 283200]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-02-03 93200]
R1 PHCORE;PHCORE; \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [2012-01-31 33344]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2012-05-16 19784]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 5U877;5U877; C:\Windows\system32\DRIVERS\5U877.sys [2012-03-28 216704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-12-08 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-11-30 94720]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-11-30 747008]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2012-04-11 42280]
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-02-14 60928]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-01 14659808]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-02-20 11471872]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-26 40248]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-27 259688]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-02 428304]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2011-05-29 40248]
R3 tvtvcamd;ThinkVantage Virtual Camera; C:\Windows\system32\DRIVERS\tvtvcamd.sys [2011-12-08 27432]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 Fastboot;Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [2012-01-17 70416]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\syswow64\NSNDIS5.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-22 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-22 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 2815496]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2011-11-09 8447848]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2012-01-17 169776]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2012-04-11 47440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-07 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-07 163608]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2012-06-01 58224]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-06-01 61296]
R2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2012-06-01 179568]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-07 277784]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-12-25 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2011-12-24 2348864]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]
R2 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2012-05-11 34104]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2011-12-29 144960]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-07 363800]
R2 VIPAppService;VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-04-10 84080]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-22 1304912]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 136176]
S2 HyperW7Svc;HyperW7 Service; C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2012-02-02 145472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-09 276248]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-22 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2012-06-22 332272]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-05-16 1662560]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-05-16 1665120]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2011-12-29 49480]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-16 1255736]

-----------------EOF-----------------

[vyosek]

Nic spatneho nevidim

[Max_cz]

Už to vypadá mnohem lépe jak s vytížením CPU, tak s vytížením RAM... Povypínám ještě ty programy po spuštění, co tam jsou nepotřebné a uvidíme, teď mám při zapnutém g chrome, m thunderbird, t commander, qip, comodo, MSE a pár dalších programů cca 40% vytížení CPU a 1,85GB RAM (Intel CPU B970 2,3 GHz 2,3GHz a 4GB RAM)