POMOC, můj počítaček je nemocný... :(

[vivienn@centrum.cz]

Avira hlásí nějaké "divné" věci, viz obrázek.

Předem děkuji za pomoc!

Můj log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Julinka at 2013-12-03 10:29:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 174 GB (38%) free of 459 GB
Total RAM: 4007 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:29:31, on 3.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Users\Julinka\AppData\Local\Pokki\Engine\pokki.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Users\Julinka\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.49\opera_crashreporter.exe
C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
C:\Program Files\trend micro\Julinka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: wandoujia_helper.lnk = Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A0D345A-B63F-45B5-95D9-5408FE413DD2}: NameServer = 8.8.8.8
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: WACService - Wondershare - C:\Program Files (x86)\Wondershare\Wondershare Application Center\WACService.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18166 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {A97B4F43-80D6-4275-A6C1-8E26E211F62E}
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
taskeng.exe {197294F3-EC83-4859-B5CA-26B0BABD8CB5}
"C:\Program Files (x86)\GoforFiles\GFFUpdater.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\system32\dmwu.exe
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\SysWOW64\SAsrv.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Wondershare\Wondershare Application Center\WACService.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2944
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Users\Julinka\AppData\Local\Pokki\Engine\pokki.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe" View=show_in_tray
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
"C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" /PROTECT
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Windows\SysWOW64\jmdp\stij.exe"
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\ljkb\stij.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000834
"C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe" /start
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
"C:\Users\Julinka\AppData\Local\Pokki\Engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/14/OneClickSignIn/BlueOnWhite/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderControl/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/group_01/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_94/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="3508.2.217740114\2118508198" /prefetch:3
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4355f366-0144-490f-9952-5a3797fc7338 -SystemEventPortName:HostProcess-ea591c92-bd72-489f-a7d6-aece067f9a9e -IoCancelEventPortName:HostProcess-69192831-177f-4849-84ad-dae8047f98ae -NonStateChangingEventPortName:HostProcess-4299c0ac-b82c-448e-a45a-189cdcee4046 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a2897b63-5903-4bb5-9034-7c131c5333bd -DeviceGroupId:
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{D92A5367-9A38-41CE-909E-9F2DA6BDE1FA}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
{EA1B6E13-4ACF-4561-9A41-1B737479C2A7}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe" --ran-launcher /crash-reporter-parent-id=6372
"C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe" --type=gpu-process --channel="6372.0.1619798358\1330472584" --crash-reporter-pid=3276 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2476 --crash-reporter-pid=3276 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe" --type=renderer --lang=cs --disable-client-side-phishing-detection --crash-reporter-pid=3276 --disable-accelerated-video-decode --channel="6372.1.551168741\817760713" /prefetch:673131151
"C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe" --type=renderer --lang=cs --disable-client-side-phishing-detection --crash-reporter-pid=3276 --disable-accelerated-video-decode --channel="6372.10.1312613655\1801373549" /prefetch:673131151
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" "C:\Users\Julinka\AppData\Local\Temp\Hávránková, Houfková - Friedovi - plná moc k převodu.doc"
"C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" "C:\Users\Julinka\AppData\Local\Temp\Hávránková, Houfková - Friedovi - plná moc k převodu.doc" -writer
"C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" "C:\Users\Julinka\AppData\Local\Temp\Hávránková, Houfková - Friedovi - plná moc k převodu.doc" "-writer" "-env:OOO_CWD=2C:\\Program Files (x86)\\Mozilla Thunderbird"
C:\Windows\splwow64.exe 12288
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" "-launchedbycsxs"
"taskhost.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Julinka\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec49aa9d9cfa3.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2013-10-23 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-08 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-10-23 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-08 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-08 256080]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2013-10-23 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-10-23 12240]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-08 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-19 2789160]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2011-03-29 380776]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2011-04-26 310912]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-19 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-19 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-19 416024]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2011-05-31 40808]
"ALCKRESI.EXE"=C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [2011-05-25 281960]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-03-28 39408]
"Pokki"=C:\Users\Julinka\AppData\Local\Pokki\Engine\Launcher.dll [2013-11-01 1240344]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-30 55808]
"PWMTRV"=rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-07-14 4351712]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2013-09-03 41336]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2013-09-03 840568]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-11-25 683576]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-23 1673680]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Users\Julinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
wandoujia_helper.lnk - C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-19 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2010-12-08 135504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2013-12-03 10:29:22 ----D---- C:\rsit
2013-12-03 10:29:22 ----D---- C:\Program Files\trend micro
2013-12-03 09:41:33 ----D---- C:\Program Files\CCleaner
2013-11-20 04:46:46 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-11-14 05:57:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-14 05:57:41 ----A---- C:\Windows\system32\ieui.dll
2013-11-14 05:57:40 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-14 05:57:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-14 05:57:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-14 05:57:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-14 05:57:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-14 05:57:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 05:57:40 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-14 05:57:40 ----A---- C:\Windows\system32\iesetup.dll
2013-11-14 05:57:40 ----A---- C:\Windows\system32\iernonce.dll
2013-11-14 05:57:40 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-14 05:57:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-14 05:57:39 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-14 05:57:39 ----A---- C:\Windows\system32\iertutil.dll
2013-11-14 05:57:38 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-14 05:57:38 ----A---- C:\Windows\system32\jscript9.dll
2013-11-14 05:57:38 ----A---- C:\Windows\system32\jscript.dll
2013-11-14 05:57:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-14 05:57:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-14 05:57:37 ----A---- C:\Windows\system32\urlmon.dll
2013-11-14 05:57:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-14 05:57:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-14 05:57:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-14 05:57:35 ----A---- C:\Windows\system32\wininet.dll
2013-11-14 05:57:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-14 05:57:33 ----A---- C:\Windows\system32\ieframe.dll
2013-11-14 05:57:32 ----A---- C:\Windows\system32\mshtml.dll
2013-11-14 05:57:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-14 04:31:35 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-14 04:31:35 ----A---- C:\Windows\system32\crypt32.dll
2013-11-14 04:31:27 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-14 04:31:25 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-14 04:31:25 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-14 04:31:25 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-14 04:31:25 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 04:31:25 ----A---- C:\Windows\system32\credui.dll
2013-11-14 04:31:25 ----A---- C:\Windows\system32\authui.dll
2013-11-14 04:31:18 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-14 04:31:18 ----A---- C:\Windows\system32\schannel.dll
2013-11-14 04:31:18 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-14 04:31:18 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-14 04:31:18 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-14 04:31:18 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-14 04:31:17 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-14 04:31:17 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-14 04:31:17 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-14 04:31:17 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-14 04:31:17 ----A---- C:\Windows\system32\sspicli.dll
2013-11-14 04:31:17 ----A---- C:\Windows\system32\secur32.dll
2013-11-14 04:31:17 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-14 04:31:17 ----A---- C:\Windows\system32\lsass.exe
2013-11-14 04:31:13 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-14 04:31:13 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-14 04:31:13 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-14 04:31:13 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-14 04:31:13 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-14 04:31:13 ----A---- C:\Windows\system32\gdi32.dll
2013-11-14 04:31:13 ----A---- C:\Windows\system32\FWPUCLNT.DLL

======List of files/folders modified in the last 1 month======

2013-12-03 10:29:24 ----D---- C:\Windows\Temp
2013-12-03 10:29:22 ----RD---- C:\Program Files
2013-12-03 10:22:42 ----D---- C:\Windows\system32\Tasks
2013-12-03 10:10:00 ----D---- C:\Windows\system32\config
2013-12-03 10:05:48 ----D---- C:\Windows\inf
2013-12-03 10:05:45 ----D---- C:\Windows
2013-12-03 10:01:51 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-03 09:56:51 ----D---- C:\Windows\Minidump
2013-12-03 09:44:05 ----D---- C:\Windows\Panther
2013-12-03 09:44:00 ----D---- C:\Windows\Logs
2013-12-03 09:44:00 ----D---- C:\Windows\debug
2013-12-03 07:19:57 ----SHD---- C:\System Volume Information
2013-12-03 06:45:02 ----SHD---- C:\Windows\Installer
2013-12-03 06:40:15 ----RD---- C:\Program Files (x86)
2013-12-03 05:57:32 ----D---- C:\Windows\System32
2013-12-03 05:57:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-03 05:55:04 ----D---- C:\Users\Julinka\AppData\Roaming\Wandoujia2
2013-11-25 21:00:17 ----D---- C:\Windows\system32\catroot
2013-11-25 21:00:12 ----D---- C:\Windows\system32\drivers
2013-11-25 20:59:49 ----D---- C:\Windows\SysWOW64
2013-11-22 21:25:35 ----D---- C:\ProgramData\BitGuard
2013-11-22 21:25:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-22 21:24:01 ----D---- C:\Users\Julinka\AppData\Roaming\SoftGrid Client
2013-11-20 18:04:07 ----D---- C:\Windows\system32\catroot2
2013-11-19 19:57:05 ----D---- C:\Program Files (x86)\Opera
2013-11-15 05:05:16 ----D---- C:\Windows\winsxs
2013-11-15 05:01:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-15 05:01:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-15 05:01:46 ----D---- C:\Program Files\Internet Explorer
2013-11-15 05:01:45 ----D---- C:\Windows\system32\cs-CZ
2013-11-14 05:57:01 ----D---- C:\Windows\system32\MRT
2013-11-14 05:53:19 ----A---- C:\Windows\system32\MRT.exe
2013-11-11 05:50:16 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-06 01:48:39 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2011-03-30 139888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2011-03-30 23664]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-11-25 132600]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-25 28600]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
R1 PHCORE;PHCORE; \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [2011-07-09 32104]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2011-08-31 14960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-11-25 106904]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 13840]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-03-05 166016]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2011-08-11 39024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-19 12289472]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-19 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2012-03-28 40248]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\Windows\system32\DRIVERS\rtl8192Ce.sys [2011-04-13 1143912]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-19 1442352]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-03-27 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-04-27 436776]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-04-27 150568]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-04-27 164392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-04-27 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-04-27 21544]
S3 GemCCID;GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [2013-01-09 126848]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-07-13 51712]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-25 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-11-25 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-11-25 1164360]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-23 166352]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 BitGuard;BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2013-11-18 3780064]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-04-28 968480]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-16 198784]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2011-08-11 45928]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2013-10-15 1754928]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2011-05-31 41320]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-05-31 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2011-07-26 28672]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R2 WACService;WACService; C:\Program Files (x86)\Wondershare\Wondershare Application Center\WACService.exe [2012-11-09 103272]
R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 136176]
S2 HyperW7Svc;HyperW7 Service; C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-07-09 144232]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-22 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-28 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-24 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-20 119408]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2013-08-22 37176]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2011-08-31 87400]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2011-08-31 173416]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2011-03-30 47728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

[vyosek]

Zdravim, pekne poledne preji a vitam vas u nas na foru

Jste se dala na chov konicku trojskych ci co?? Cel zoo i s babkou pokladni

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[vivienn@centrum.cz]

Děkuju moc za rychlou reakci! No já koníčky miluju, ale vůbec ne tyhle!

Tady je log z první fáze:

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Julinka on Łt 03.12.2013 at 11:53:43,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetpacks communicator
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
Pokki REG_EXPAND_SZ C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-744973435-459267832-2605002383-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0c43fe6b-e881-4afc-b384-4aebc90047e8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15d2d75c-9cb2-4efd-bad7-b9b4cb4bc693}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}



~~~ Files

Successfully deleted: [File] "C:\Users\Julinka\appdata\local\google\chrome\user data\default\bprotector web data"
Successfully deleted: [File] "C:\Users\Julinka\appdata\local\google\chrome\user data\default\bprotectorpreferences"
Successfully deleted: [File] "C:\Users\Julinka\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] C:\Windows\syswow64\shoF26F.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Failed to delete: [Folder] "C:\ProgramData\bitguard"
Successfully deleted: [Folder] "C:\ProgramData\dsearchlink"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Julinka\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Julinka\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Julinka\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Julinka\AppData\Roaming\opencandy"
Failed to delete: [Folder] "C:\Program Files (x86)\goforfiles"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Failed to delete: [Folder] "C:\Windows\syswow64\jmdp"
Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt"
Failed to delete: [Folder] "C:\Windows\system32\jmdp"
Successfully deleted: [Empty Folder] C:\Users\Julinka\appdata\local\{01D37A89-62B3-4CD0-B6CB-F018505BAE80}
Successfully deleted: [Empty Folder] C:\Users\Julinka\appdata\local\{5083BA73-D371-4C48-BD35-194DF2F2B69A}
Successfully deleted: [Empty Folder] C:\Users\Julinka\appdata\local\{74F5A7DF-703A-4FAB-B26A-1F3BA21BEA51}
Successfully deleted: [Empty Folder] C:\Users\Julinka\appdata\local\{C21CA8C4-94ED-4276-8AF7-DEBD74DDA06F}



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Julinka\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

[vyosek]

Tak a sup tam jeste AdwCleaner

[vivienn@centrum.cz]

A tady je další log:

# AdwCleaner v3.014 - Report created 03/12/2013 at 13:09:47
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Julinka - IVETIK
# Running from : C:\Users\Julinka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BitGuard
[#] Service Deleted : IBUpdaterService

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\BitGuard
Folder Deleted : C:\Program Files (x86)\goforfiles
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\System32\ljkb
[!] Folder Deleted : C:\Users\Julinka\AppData\Local\Pokki
Folder Deleted : C:\Users\Julinka\AppData\Roaming\SpeedAnalysis3
Folder Deleted : C:\Users\Julinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\Julinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Deleted : C:\Users\Julinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\Julinka\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Windows\System32\Tasks\BitGuard
File Deleted : C:\Windows\System32\Tasks\BrowserDefendert
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKCU\Software\8558c88b66ded41
Key Deleted : HKLM\SOFTWARE\8558c88b66ded41
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\wnlt
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\PIP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoforFiles
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\wnlt
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Features\B6EF34C0188ECFA43B48A4BE9C00748E
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\B6EF34C0188ECFA43B48A4BE9C00748E
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Julinka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [6176 octets] - [03/12/2013 13:07:44]
AdwCleaner[S0].txt - [6026 octets] - [03/12/2013 13:09:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6086 octets] ##########

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[vivienn@centrum.cz]

Tak tady to mám:

OTL logfile created on: 3.12.2013 13:37:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julinka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,12% Memory free
7,82 Gb Paging File | 5,55 Gb Available in Paging File | 70,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,67 Gb Total Space | 169,55 Gb Free Space | 37,79% Space Free | Partition Type: NTFS
Drive Q: | 15,62 Gb Total Space | 5,04 Gb Free Space | 32,24% Space Free | Partition Type: NTFS

Computer Name: IVETIK | User Name: Julinka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.12.03 13:33:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Julinka\Desktop\OTL.exe
PRC - [2013.12.02 09:27:04 | 006,913,920 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe
PRC - [2013.11.25 20:59:06 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.11.25 20:57:49 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.11.25 20:57:36 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.11.25 20:57:34 | 000,683,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.11.15 15:23:06 | 001,392,480 | ---- | M] () -- C:\Program Files (x86)\Opera\18.0.1284.49\opera_crashreporter.exe
PRC - [2013.11.15 15:23:05 | 043,702,624 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\18.0.1284.49\opera.exe
PRC - [2013.10.23 20:52:09 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.10.09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.09.03 14:54:02 | 000,840,568 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2013.06.26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013.06.26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.09 15:59:16 | 000,103,272 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Wondershare\Wondershare Application Center\WACService.exe
PRC - [2012.06.26 13:10:30 | 001,516,632 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2012.06.22 09:32:12 | 000,625,816 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012.06.11 11:33:26 | 000,724,376 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.06.11 11:33:06 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011.12.21 08:25:02 | 000,065,336 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2011.11.04 07:37:18 | 000,330,304 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011.08.31 19:03:00 | 000,062,824 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2011.07.26 07:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2011.07.12 08:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011.05.31 18:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2011.05.31 18:48:34 | 000,040,808 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2011.05.31 18:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2011.05.25 22:21:32 | 000,281,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
PRC - [2011.02.22 04:19:12 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.22 04:19:08 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.07 04:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2010.03.11 22:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2013.12.02 09:27:04 | 006,913,920 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe
MOD - [2013.12.02 09:27:02 | 000,997,760 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\adb_dev.dll
MOD - [2013.12.02 09:26:36 | 023,470,976 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\libcef.dll
MOD - [2013.11.15 15:23:08 | 000,886,624 | ---- | M] () -- C:\Program Files (x86)\Opera\18.0.1284.49\libGLESv2.dll
MOD - [2013.11.15 15:23:08 | 000,108,896 | ---- | M] () -- C:\Program Files (x86)\Opera\18.0.1284.49\libEGL.dll
MOD - [2013.11.15 15:23:07 | 000,879,968 | ---- | M] () -- C:\Program Files (x86)\Opera\18.0.1284.49\ffmpegsumo.dll
MOD - [2013.11.15 15:23:06 | 001,392,480 | ---- | M] () -- C:\Program Files (x86)\Opera\18.0.1284.49\opera_crashreporter.exe
MOD - [2013.09.03 14:54:46 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\cs_CZ\AcroTray.CZE
MOD - [2012.11.28 13:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 13:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.06.26 13:11:10 | 000,345,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2012.06.26 13:11:08 | 000,282,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2012.06.26 13:11:02 | 008,197,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2012.06.26 13:11:00 | 002,302,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2012.06.26 13:10:58 | 000,202,328 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2012.06.26 13:10:58 | 000,027,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2010.04.06 17:05:16 | 002,085,888 | ---- | M] () -- C:\Program Files\Lenovo\AutoLock\cv210.dll
MOD - [2010.04.06 17:04:06 | 002,201,088 | ---- | M] () -- C:\Program Files\Lenovo\AutoLock\cxcore210.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.08.22 14:25:08 | 000,037,176 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.08.11 03:20:42 | 000,045,928 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2011.07.12 08:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2011.07.12 08:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2011.07.12 08:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2011.07.09 01:53:20 | 000,144,232 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:64bit: - [2011.05.31 18:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2011.05.31 18:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2011.04.28 07:41:18 | 000,968,480 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011.03.30 03:15:36 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2010.12.16 23:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.11.13 10:28:38 | 000,129,536 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2013.11.25 20:59:06 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.11.25 20:57:49 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.11.25 20:57:36 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.11.20 04:46:53 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.23 20:52:09 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.10.22 16:06:42 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.09.05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013.06.26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.09 15:59:16 | 000,103,272 | ---- | M] (Wondershare) [Auto | Running] -- C:\Program Files (x86)\Wondershare\Wondershare Application Center\WACService.exe -- (WACService)
SRV - [2012.06.22 09:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.06.11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.08.31 19:03:00 | 000,173,416 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2011.08.31 19:03:00 | 000,087,400 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2011.07.26 07:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011.02.22 04:19:12 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.22 04:19:08 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.07 04:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.11 22:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.16 07:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.12.03 11:32:48 | 000,107,416 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.11.25 20:59:18 | 000,132,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.11.25 20:59:18 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.08.29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.08.22 13:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013.07.13 16:59:28 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013.06.26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013.06.26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013.06.26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013.06.26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013.01.09 12:47:53 | 000,126,848 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GemCCID.sys -- (GemCCID)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.11 11:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.28 00:14:14 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2012.03.27 23:43:15 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.03.27 23:43:15 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.31 19:03:00 | 000,014,960 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2011.08.19 06:20:36 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.08.19 06:20:10 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.08.11 03:20:42 | 000,039,024 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2011.07.09 01:53:24 | 000,032,104 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:64bit: - [2011.05.26 01:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2011.05.19 13:06:46 | 001,442,352 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.04.27 16:50:38 | 000,436,776 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011.04.27 16:50:32 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011.04.27 16:50:32 | 000,150,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011.04.27 16:50:32 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.04.27 16:50:32 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011.04.13 01:21:56 | 001,143,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011.03.30 03:13:40 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2011.03.30 03:11:48 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2011.03.24 07:36:20 | 001,576,064 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.05 02:18:42 | 000,166,016 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2010.12.28 19:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 15:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.19 08:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.07 06:09:36 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2010.04.29 05:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.01.27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.13 21:47:34 | 000,013,840 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp)
DRV:64bit: - [2009.02.13 10:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENP
IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\SearchScopes\6D3763D855224A9B861C6B31D65F2523: "URL" = http://www.google.com/search?sourceid=i ... CZ499CZ500
IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@servis24.cz/PKIComponent: C:\Users\Julinka\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll (Česká spořitelna, a.s.)
FF - HKCU\Software\MozillaPlugins\@servis24.cz/PKIComponent-x64: C:\Users\Julinka\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll (Česká spořitelna, a.s.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.10.22 16:11:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013.10.15 03:55:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.11.20 04:46:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013.10.15 03:55:11 | 000,000,000 | ---D | M]

[2013.10.15 03:55:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions
[2013.10.15 03:55:11 | 000,000,000 | ---D | M] (Speed Analysis 3) -- C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
[2013.10.24 03:27:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julinka\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions
[2013.10.23 20:52:51 | 001,048,572 | ---- | M] () (No name found) -- C:\Users\Julinka\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi

========== Chrome ==========

CHR - default_search_provider: Sweetpacks (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = ,
CHR - homepage:
CHR - plugin: Silverlight (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Skype Click to Call = C:\Users\Julinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Julinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Skype Click to Call = C:\Users\Julinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Julinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-744973435-459267832-2605002383-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-744973435-459267832-2605002383-1000..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Julinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk = C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..Trusted Domains: business24.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..Trusted Domains: servis24.cz ([www] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EF342F7-0269-4F33-9E55-866B9C6A19CC}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A0D345A-B63F-45B5-95D9-5408FE413DD2}: DhcpNameServer = 90.182.221.2 93.157.130.65 10.0.0.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A0D345A-B63F-45B5-95D9-5408FE413DD2}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F285600-59E0-4452-B120-F58D7476067D}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk Q:\
O33 - MountPoints2\{2ced36e9-08f5-11e3-aa98-f0def1e169d5}\Shell - "" = AutoRun
O33 - MountPoints2\{2ced36e9-08f5-11e3-aa98-f0def1e169d5}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{c59598c6-785e-11e1-8e8f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c59598c6-785e-11e1-8e8f-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 22:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.12.03 13:33:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Julinka\Desktop\OTL.exe
[2013.12.03 13:07:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.03 11:53:38 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.12.03 11:51:41 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\Julinka\Desktop\JRT.exe
[2013.12.03 10:29:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.12.03 10:29:22 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.03 10:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.12.03 09:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.12.03 05:32:27 | 000,000,000 | ---D | C] -- C:\Users\Julinka\Documents\photo
[2013.08.06 20:32:10 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WADesktop.Updater.exe
[2013.03.03 16:34:55 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files (x86)\Common Files\ApnStub.exe

========== Files - Modified Within 7 Days ==========

[2013.12.03 13:40:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.03 13:38:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.12.03 13:33:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Julinka\Desktop\OTL.exe
[2013.12.03 13:25:44 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.03 13:25:44 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.03 13:22:58 | 000,692,116 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.12.03 13:22:58 | 000,661,524 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.12.03 13:22:58 | 000,149,094 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.12.03 13:22:58 | 000,129,814 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.12.03 13:22:58 | 000,006,476 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.12.03 13:16:46 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec49aa9d9cfa3.job
[2013.12.03 13:16:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.12.03 13:15:59 | 3151,417,344 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.03 12:45:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.12.03 11:52:00 | 001,110,034 | ---- | M] () -- C:\Users\Julinka\Desktop\adwcleaner.exe
[2013.12.03 11:51:55 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\Julinka\Desktop\JRT.exe
[2013.12.03 11:32:48 | 000,107,416 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.12.03 10:27:20 | 000,072,792 | ---- | M] () -- C:\Users\Julinka\Desktop\VIRY.jpg
[2013.12.03 10:27:20 | 000,001,480 | ---- | M] () -- C:\Users\Julinka\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2013.12.03 09:52:57 | 000,176,274 | ---- | M] () -- C:\Users\Julinka\Documents\cc_20131203_095250.reg
[2013.12.03 05:55:04 | 000,001,464 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk
[2013.11.30 19:31:24 | 000,020,354 | ---- | M] () -- C:\Users\Julinka\Desktop\odkazy.odt
[2013.11.27 20:46:09 | 000,034,744 | ---- | M] () -- C:\Users\Julinka\Desktop\Hávránková, Houfková - Friedovi - protokol o úschově.odt

========== Files Created - No Company Name ==========

[2013.12.03 13:40:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.03 11:51:55 | 001,110,034 | ---- | C] () -- C:\Users\Julinka\Desktop\adwcleaner.exe
[2013.12.03 10:27:19 | 000,072,792 | ---- | C] () -- C:\Users\Julinka\Desktop\VIRY.jpg
[2013.12.03 09:52:53 | 000,176,274 | ---- | C] () -- C:\Users\Julinka\Documents\cc_20131203_095250.reg
[2013.11.30 19:31:22 | 000,020,354 | ---- | C] () -- C:\Users\Julinka\Desktop\odkazy.odt
[2013.11.27 20:35:25 | 000,034,744 | ---- | C] () -- C:\Users\Julinka\Desktop\Hávránková, Houfková - Friedovi - protokol o úschově.odt
[2013.10.27 02:19:37 | 000,193,972 | ---- | C] () -- C:\Users\Julinka\happy_birthday_s.jpg
[2013.10.26 11:51:46 | 032,359,944 | ---- | C] () -- C:\Users\Julinka\KMPlayer_3-7-0-113.exe
[2013.10.23 15:32:16 | 000,038,072 | ---- | C] () -- C:\Users\Julinka\fa_o2.pdf
[2013.10.15 03:55:23 | 000,000,000 | ---- | C] () -- C:\Users\Julinka\AppData\Roaming\pdfperformer
[2013.10.05 19:36:17 | 000,059,807 | ---- | C] () -- C:\Users\Julinka\saty_ruzove2.jpg
[2013.10.05 19:35:59 | 000,059,807 | ---- | C] () -- C:\Users\Julinka\saty_ruzove.jpg
[2013.09.20 12:59:16 | 120,505,082 | ---- | C] () -- C:\Program Files (x86)\openoffice1.cab
[2013.09.20 12:57:48 | 002,260,992 | ---- | C] () -- C:\Program Files (x86)\openoffice401.msi
[2013.09.20 12:57:48 | 000,475,136 | ---- | C] () -- C:\Program Files (x86)\setup.exe
[2013.09.20 12:57:48 | 000,000,279 | ---- | C] () -- C:\Program Files (x86)\setup.ini
[2013.08.29 02:41:10 | 000,064,761 | ---- | C] () -- C:\Users\Julinka\juli_mimi_tluste.jpg
[2013.08.26 20:34:51 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ4809N.DAT
[2013.08.08 00:52:26 | 000,003,005 | ---- | C] () -- C:\Program Files (x86)\WebCakeLayers.crx
[2013.08.04 11:27:24 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013.06.26 01:58:02 | 009,515,639 | ---- | C] () -- C:\Windows\SysWow64\ArtD - Grafický atelier Černý_Book-Maker_uninstaller.exe
[2013.06.22 12:48:25 | 021,274,624 | ---- | C] () -- C:\Program Files (x86)\SMSender.msi
[2013.06.22 12:48:25 | 000,088,064 | ---- | C] () -- C:\Program Files (x86)\1029.MST
[2013.05.24 10:00:31 | 000,717,291 | ---- | C] () -- C:\Users\Julinka\frapovac_doklad.jpg
[2013.02.26 22:29:26 | 000,012,072 | ---- | C] () -- C:\Windows\SysWow64\drivers\MoborobAssDriver64.sys
[2012.12.08 01:15:22 | 000,001,480 | ---- | C] () -- C:\Users\Julinka\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2012.03.28 00:08:36 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.28 00:08:35 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.03.28 00:08:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.03.28 00:08:35 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.28 00:08:34 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.03.28 00:01:21 | 001,557,328 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.27 23:25:06 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.08.26 21:09:41 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Canon
[2013.10.26 09:04:57 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.12.06 17:17:09 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.01.09 13:44:19 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\CSAS
[2013.09.15 08:48:15 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\GHISLER
[2012.08.23 04:12:10 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Leadertech
[2013.01.31 00:32:04 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Lenovo
[2013.02.06 18:36:56 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Nokia
[2013.06.22 17:09:44 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\O2
[2013.10.22 16:25:34 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\OpenOffice
[2012.08.26 09:44:46 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Opera
[2013.10.27 02:12:46 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Opera Software
[2013.02.06 18:36:56 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\PC Suite
[2012.08.23 06:00:58 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\PwrMgr
[2013.11.22 21:24:01 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\SoftGrid Client
[2013.05.21 03:38:48 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.14 18:53:34 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\TeamViewer
[2013.02.09 03:28:44 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Thunderbird
[2012.08.28 13:08:49 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\TP
[2013.03.03 16:36:26 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\TuneUp Software
[2013.12.03 05:55:04 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Wandoujia2
[2013.07.13 17:54:34 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\WandoujiaUsbDriver
[2013.08.21 10:34:36 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Western Digital
[2013.02.21 02:36:14 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Wondershare

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,588 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.28 00:15:59 | 000,000,966 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.27 14:04:44 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.10.09 03:52:59 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec49aa9d9cfa3.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2012.03.27 23:36:53 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012.03.27 23:36:53 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012.03.27 23:36:53 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012.03.27 23:36:53 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012.03.27 23:36:53 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012.03.27 23:36:53 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[vivienn@centrum.cz]

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[12 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.07.06 22:35:05 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Adobe
[2013.07.13 17:54:57 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Apple Computer
[2013.08.06 20:35:55 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Avira
[2013.08.26 21:09:41 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Canon
[2013.10.26 09:04:57 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.12.06 17:17:09 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.01.09 13:44:19 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\CSAS
[2013.09.15 08:48:15 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\GHISLER
[2012.09.03 22:05:43 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Google
[2012.08.23 04:10:47 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Identities
[2012.08.23 04:12:10 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Leadertech
[2013.01.31 00:32:04 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Lenovo
[2012.03.28 00:12:18 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Macromedia
[2010.11.21 08:16:41 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Media Center Programs
[2013.10.24 03:38:21 | 000,000,000 | --SD | M] -- C:\Users\Julinka\AppData\Roaming\Microsoft
[2013.10.24 03:27:51 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Mozilla
[2013.02.06 18:36:56 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Nokia
[2013.06.22 17:09:44 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\O2
[2013.10.22 16:25:34 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\OpenOffice
[2012.08.26 09:44:46 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Opera
[2013.10.27 02:12:46 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Opera Software
[2013.02.06 18:36:56 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\PC Suite
[2012.08.23 06:00:58 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\PwrMgr
[2013.10.26 01:20:41 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Skype
[2013.11.22 21:24:01 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\SoftGrid Client
[2013.05.21 03:38:48 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.14 18:53:34 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\TeamViewer
[2013.02.09 03:28:44 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Thunderbird
[2012.08.28 13:08:49 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\TP
[2013.03.03 16:36:26 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\TuneUp Software
[2012.11.20 11:41:57 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\vlc
[2013.12.03 05:55:04 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Wandoujia2
[2013.07.13 17:54:34 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\WandoujiaUsbDriver
[2013.08.21 10:34:36 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Western Digital
[2013.10.14 19:07:39 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\WinRAR
[2013.02.21 02:36:14 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Wondershare

< %APPDATA%\*.exe /s >
[2013.01.09 13:44:21 | 001,185,517 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\CSAS\lib\unins000.exe
[2012.12.06 17:43:41 | 000,053,664 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Julinka\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.12.02 09:26:30 | 000,830,848 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\aapt.exe
[2013.12.02 09:27:16 | 000,201,088 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\DriverInstallerX64.exe
[2013.12.02 09:27:16 | 000,189,312 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\DriverInstallerX86.exe
[2013.12.02 09:26:52 | 000,243,584 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia2.exe
[2013.12.02 09:27:04 | 006,913,920 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe
[2013.12.02 09:26:44 | 001,611,136 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_installer.exe
[2013.12.02 09:05:02 | 000,098,752 | ---- | M] (Microsoft Corporation) -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdjconx64.exe
[2013.12.02 09:05:02 | 000,061,888 | ---- | M] (Microsoft Corporation) -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdjconx86.exe
[2013.12.02 09:27:18 | 001,480,576 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\WDJDriverInstaller.exe
[2013.12.02 09:26:34 | 000,209,280 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdj_tool.exe
[2012.10.29 16:23:48 | 001,381,496 | ---- | M] (Wondershare ) -- C:\Users\Julinka\AppData\Roaming\Wondershare\Wondershare Helper Compact\Wondershare Helper Compact.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.12.03 13:38:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.12.03 13:16:46 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec49aa9d9cfa3.job
[2013.12.03 13:45:04 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.12.03 13:20:28 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AdobeBridge" =
"PC Suite Tray" = "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2012.06.26 13:10:30 | 001,516,632 | ---- | M] (Nokia)
"swg" = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2012.03.28 00:16:14 | 000,039,408 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.10.12 08:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.07.08 21:06:55 | 000,879,456 | ---- | M] (Opera Software) MD5=FFC67949EF7C2BF307ED91B293581DD2 -- C:\Program Files (x86)\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.11.14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.) MD5=636D97B3BAF854511FF3F4093E895FED -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.03 13:40:34 | 000,000,512 | ---- | M] () MD5=708EA8F55505550D2E0BD3AFCA09E127 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.03.31 00:24:54 | 000,003,556 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\PHP\CrackF.html
[2013.02.26 03:15:15 | 1425,987,880 | ---- | M] () -- \Users\Julinka\Downloads\Adobe-photoshop-CS6-13.0-[Extended-x86+x64]-(2012)+crack.rar
[2013.06.08 03:52:30 | 005,276,296 | ---- | M] () -- \Users\Julinka\Downloads\powerpoint_recovery_full_version_crack_downloader_cz_99028.exe
[2013.06.16 12:02:57 | 734,003,200 | ---- | M] () -- \Users\Julinka\Downloads\HRY\Princezna-a-zabak-PC-hra-cesky-+-crack_The-Princess-And-The-Frog.part1.rar
[2013.06.18 01:06:12 | 734,003,200 | ---- | M] () -- \Users\Julinka\Downloads\HRY\Princezna-a-zabak-PC-hra-cesky-+-crack_The-Princess-And-The-Frog.part2.rar
[2013.06.19 02:53:06 | 734,003,200 | ---- | M] () -- \Users\Julinka\Downloads\HRY\Princezna-a-zabak-PC-hra-cesky-+-crack_The-Princess-And-The-Frog.part3.rar
[2013.06.16 12:02:57 | 734,003,200 | ---- | M] () -- \Users\Julinka\Downloads\princezna a zabak - hra\Princezna-a-zabak-PC-hra-cesky-+-crack_The-Princess-And-The-Frog.part1.rar
[2013.06.18 01:06:12 | 734,003,200 | ---- | M] () -- \Users\Julinka\Downloads\princezna a zabak - hra\Princezna-a-zabak-PC-hra-cesky-+-crack_The-Princess-And-The-Frog.part2.rar
[2013.06.19 02:53:06 | 734,003,200 | ---- | M] () -- \Users\Julinka\Downloads\princezna a zabak - hra\Princezna-a-zabak-PC-hra-cesky-+-crack_The-Princess-And-The-Frog.part3.rar
[2013.06.26 02:53:48 | 734,003,200 | ---- | M] () -- \Users\Julinka\Downloads\princezna a zabak - hra\Princezna-a-zabak-PC-hra-cesky-+-crack_The-Princess-And-The-Frog.part4.rar

< *keygen* /s >
[2012.03.31 00:24:44 | 000,013,367 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\HTML\KEYGEN.html
[2012.03.31 00:26:56 | 000,009,211 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\TagLibraries\HTML\keygen.vtm

< *loader* /s >
[2013.11.18 15:32:41 | 001,958,880 | ---- | M] () -- \AdwCleaner\Quarantine\C\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll.vir
[2013.09.07 02:54:56 | 000,004,613 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Julinka\AppData\Local\Pokki\Engine\frames\frame\loader.gif.vir
[2013.11.21 21:18:21 | 000,006,888 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Julinka\AppData\Local\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\b29206e88c56df354ba3028461626d035aa0e7e9\images\loader-2x.gif.vir
[2013.11.21 21:18:21 | 000,004,613 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Julinka\AppData\Local\Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\b29206e88c56df354ba3028461626d035aa0e7e9\images\loader.gif.vir
[2011.10.18 11:25:42 | 000,855,136 | ---- | M] () -- \Art D\Book-Maker\MPR500 Pro 5\AlbumFTPUploader.exe
[2011.10.30 10:01:12 | 000,001,902 | ---- | M] () -- \Art D\Book-Maker\MPR500 Pro 5\Lang\Czech\AlbumFTPUploaderDialogs.txt
[2011.07.05 15:21:12 | 000,064,263 | ---- | M] () -- \Art D\Book-Maker\MPR500 Pro 5\Lang\Czech\AlbumMakerHelp_files\FTP_uploader.jpg
[2011.11.13 09:27:34 | 000,001,830 | ---- | M] () -- \Art D\Book-Maker\MPR500 Pro 5\Lang\English\AlbumFTPUploaderDialogs.txt
[2011.09.05 10:05:04 | 000,012,278 | ---- | M] () -- \Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\WebPublish\BootStrapLoader.swf
[2012.03.13 12:18:28 | 003,297,128 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 10:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 10:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.03.31 00:26:14 | 000,000,454 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\PhoneGapBuildPlugin\res\loader.htm
[2012.03.31 00:26:42 | 000,037,112 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Shared\MM\Media\FLVLoader.swf
[2012.03.31 00:27:02 | 000,000,366 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Third Party Source Code\jquery-mobile\images\ajax-loader.png
[2012.03.30 11:57:02 | 000,000,366 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS6\cs_CZ\Configuration\Third Party Source Code\jquery-mobile\images\ajax-loader.png
[2012.03.28 18:52:50 | 000,008,962 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe InDesign CS6\Presets\multimedia\HTMLLoader\HTMLLoader-app.xml
[2012.03.28 18:52:50 | 000,268,719 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe InDesign CS6\Presets\multimedia\HTMLLoader\HTMLLoader.swf
[2012.03.28 18:52:04 | 000,003,754 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe InDesign CS6\Scripts\converturltohyperlink\startup scripts\ConvertURLToHyperlinkMenuItemLoader.jsx
[2013.11.25 20:57:49 | 000,053,304 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2013.11.25 20:57:50 | 000,564,792 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2013.11.25 20:57:53 | 001,741,880 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[4 \Program Files (x86)\Avira\AntiVir Desktop\*.tmp files -> \Program Files (x86)\Avira\AntiVir Desktop\*.tmp -> ]
[2012.02.22 23:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 23:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 23:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012.11.28 13:13:38 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.06.26 12:36:20 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2013.09.17 03:54:36 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\javaloader.uno.dll
[2013.09.17 03:57:36 | 000,005,813 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.py
[2013.09.17 03:54:38 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.uno.dll
[2013.09.20 12:57:06 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.uno.ini
[2013.09.20 12:39:02 | 000,003,868 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\classes\unoloader.jar
[2013.09.16 21:10:56 | 000,013,420 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\python-core-2.7.5\lib\unittest\loader.py
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2012.11.09 15:58:58 | 000,007,168 | ---- | M] () -- \Program Files (x86)\Wondershare\Wondershare Application Center\Interop.wac_downloaderLib.dll
[2012.11.09 15:59:36 | 000,297,832 | ---- | M] () -- \Program Files (x86)\Wondershare\Wondershare Application Center\wac_downloader.dll
[2012.03.13 12:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 10:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.03.16 00:17:30 | 000,115,712 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.03.16 00:17:30 | 000,225,280 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.03.16 00:17:30 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS6\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012.06.09 18:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.04.25 16:31:28 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.04.25 16:31:28 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.04.25 16:31:28 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.04.25 16:31:28 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.04.25 16:31:28 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.04.25 16:31:28 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.03 16:35:01 | 000,000,879 | ---- | M] () -- \Users\Julinka\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fvdownloader.com%2Ffavicon.png
[2013.12.02 09:25:36 | 000,001,653 | ---- | M] () -- \Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\GuideLoader.js
[2013.12.02 09:25:52 | 000,001,643 | ---- | M] () -- \Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\PhotoModuleLoader.js
[2013.12.02 09:26:06 | 001,399,267 | ---- | M] () -- \Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\SnapPeaLoader.js
[2013.12.02 09:25:52 | 000,001,074 | ---- | M] () -- \Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\ui\ImageLoader.js
[2013.07.20 13:15:32 | 000,007,499 | ---- | M] () -- \Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Cache Data\icons\com.google.android.apps.uploader_1514.png
[2013.09.28 10:14:00 | 000,003,277 | ---- | M] () -- \Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Cache Data\icons\com.google.android.apps.uploader_1514_36_36.png
[2013.03.03 17:07:52 | 000,002,131 | ---- | M] () -- \Users\Julinka\Desktop\Nep_ikony\MP3 Downloader.lnk
[2013.03.02 20:38:55 | 000,009,426 | ---- | M] () -- \Users\Julinka\Documents\moborobo\Cache\UpdateInfo\Icon\com.google.android.apps.uploader.png
[2013.06.08 03:52:30 | 005,276,296 | ---- | M] () -- \Users\Julinka\Downloads\powerpoint_recovery_full_version_crack_downloader_cz_99028.exe
[2013.03.03 16:33:17 | 015,240,116 | ---- | M] () -- \Users\Julinka\Downloads\VDownloaderSetup.exe
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.03.27 23:29:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2012.03.27 23:29:45 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2012.03.27 23:29:45 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2012.03.27 23:29:45 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2012.03.27 23:29:45 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.03.27 23:35:56 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.03.27 23:35:56 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.03.27 23:35:56 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.03.27 23:35:56 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.03.27 23:35:56 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2012.03.27 23:27:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2012.03.27 23:35:52 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.03.27 23:35:52 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

[vivienn@centrum.cz]

A ještě další...

OTL Extras logfile created on: 3.12.2013 13:37:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julinka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,12% Memory free
7,82 Gb Paging File | 5,55 Gb Available in Paging File | 70,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,67 Gb Total Space | 169,55 Gb Free Space | 37,79% Space Free | Partition Type: NTFS
Drive Q: | 15,62 Gb Total Space | 5,04 Gb Free Space | 32,24% Space Free | Partition Type: NTFS

Computer Name: IVETIK | User Name: Julinka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Julinka\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Julinka\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042415C6-4FB6-4C16-A759-6DD31B70910C}" = rport=445 | protocol=6 | dir=out | app=system |
"{183B83CE-4253-45D2-99C0-E646BAAD02EC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1A863358-DC96-4A58-81CA-7D6D63872E53}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1DCF8E7A-FB77-46E5-B927-EA394FE4606D}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D7D9126-9DF9-4DED-9221-BC7B047FDB53}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2E447F1C-7536-4C53-8748-DD8A33C41063}" = rport=10243 | protocol=6 | dir=out | app=system |
"{35745A83-456C-434A-AEF1-46F9A036C00A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47BE46B1-9719-49DC-8BB8-061F867AC28E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47E59A3D-9EDA-410A-A374-9B51EE1C0A33}" = rport=138 | protocol=17 | dir=out | app=system |
"{569C185C-8969-470B-BC71-357D991B6FD8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57E2AE4B-CF4D-4180-9FF2-4D1D70FBB95F}" = lport=139 | protocol=6 | dir=in | app=system |
"{5E07DD11-A969-422B-8524-70054EA559C3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6A810B50-9FDE-4B55-B253-4F498776C346}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6DBC5349-3F5C-4D41-AE39-70857C5A3176}" = lport=445 | protocol=6 | dir=in | app=system |
"{79197C43-170C-44BD-AF09-78EDBFC3BE31}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92FC4D3B-FA87-4BC1-A615-510072200F38}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{953F3672-4433-4560-88DB-700EAA353FA9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7324353-2F01-4C88-B1B1-73E4D6AEEC6D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A93C0786-3DF8-4E63-8965-6D20B991D643}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CD166232-C775-4344-88E1-B54317CA3B9B}" = lport=137 | protocol=17 | dir=in | app=system |
"{CFE66CAF-D291-4139-B36A-6D92B03F4CFE}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3FB0BCC-F655-4315-AA52-9B7941A4916C}" = rport=139 | protocol=6 | dir=out | app=system |
"{DC5A3ECC-98EA-48D2-907B-3D5751B29A12}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E4D5BC73-049D-4094-85B4-1479CB4A396D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F66834B6-C589-484A-85D4-8B88D3B6D7E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0085868B-A0B4-46C6-B8A8-AA33E5FD35D8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{05C3F8C6-7E11-42AE-AD25-D1BBE338555B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{063B1E07-5CD6-4F76-8192-7835B3AF31AA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0BA89E6C-DB3A-40EE-8BFA-47B35AC17CE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C97A5FD-BEB6-40AB-9D84-62E4A63DF325}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0ED3DF5E-386C-4E1B-B7AB-1D40E3DEC280}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{1077B023-0AAF-48DA-85CD-095BF361FA74}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{138F9E5A-2BA5-4F3F-A53F-E2DA6AE6BA12}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{15F3D838-0125-4217-9F93-2CFA00FF0BAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19F3EB77-59DF-43B2-8559-AB8B31EE007C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1E062F0D-678E-4729-B8C9-4027486D0D46}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{22312950-C2EE-4CB2-BAF7-B8DE5D6C671B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2CC3F493-CF2A-4A54-951E-96F7B3BEA8C0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3DD4798C-81F9-416E-A0A0-5602DC71B37F}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{49541B50-307F-4134-B4B3-C93370830A44}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{4A344F11-06C1-4F43-8FA1-C873714656B1}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
"{53045739-2D23-45C1-8CED-4A0511C31192}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{582DC3A0-2458-4759-8184-6F4DBC8F7D87}" = protocol=17 | dir=in | app=c:\program files (x86)\wandoulabs\wandoujia2.exe |
"{60816FDF-50B5-42B4-B915-40355DBC5898}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{614E7009-2883-410C-9039-5DFCC1FF870C}" = protocol=6 | dir=in | app=c:\program files (x86)\wandoulabs\wandoujia2.exe |
"{632B051C-FF23-46F4-AC5E-B406CEDC9D93}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CC73C7E-1257-414B-B776-CBCECDC2FC76}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6D6F6DFE-2558-44D4-BDE3-32EAF1CB48DD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6E0386F1-4ACF-4A44-A633-08AAF677BA3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72440D5F-2696-404D-B36D-90067F2F86E3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8325EAA8-61A7-4DEA-AC33-BA55A76FB692}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
"{8B23C653-495D-4EF8-9119-E6641DED47A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8FB3FFCA-24CC-4526-BDA8-0909E6B29E59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{91AD3829-4654-4B46-8BDA-55B323AFF86D}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{96668F31-C899-40A3-9211-D61BDE8F53CD}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{A1A7CFCA-F85C-4587-83E7-03999554B30D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A6DB9FEB-C921-46AB-945B-7EB12C08291F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A847F39C-010A-4E68-819D-83C6446D0948}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A964BA6C-487E-43A2-9693-864F25BB3F7A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AA8B760B-7D4A-40C9-93BA-020425D00B1A}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{AFF1014D-DAEA-4023-8D82-F65783E26C80}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B0BEDE3A-133C-4C1E-808E-0F1AF5F759FE}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{B40817F1-1A5C-459C-BCCB-87B3EF4A406D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B52B1E90-7157-4308-8526-4D037C4D8FB5}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
"{BDA3EC85-0607-4EC6-A857-B35F48971C24}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C280AD4F-ACAA-4A4C-980D-C74E83235B4B}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{C5F20500-841D-47B3-869B-906536B5C46D}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{CE6EA47C-0D0E-49F3-B861-7A6B36F78347}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D01CFBBA-1FDA-4ED2-9537-98AC20A80D31}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D25BEEF3-819F-4E34-B936-25244B0B9C4C}" = protocol=58 | dir=in | app=system |
"{D2BB5C2F-17C0-4C5D-809E-EA2C1A237AD4}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{D7570C35-8064-4E99-BE21-FBFADF4AB7EF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D7F8FC24-1D15-449D-AF10-E5F73DB7FB36}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D852C767-8525-404F-9BD4-4A4C3DBF2BCC}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E05BAC7D-EEB3-4B35-AD7E-0757775FA347}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
"{E800BAA6-2D19-4EB8-AB27-5CE097558C72}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{EC05A820-C7FB-4319-B95C-94CA40282032}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F409ED0A-48A6-4072-90C8-0BBBF40D993C}" = protocol=6 | dir=out | app=system |
"{FB9E8083-E07D-4A01-959E-B3D50DB19A39}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{FDB51E24-43C0-4ED9-A274-AD91AADA7923}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809" = CanoScan LiDE 210 Scanner Driver
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{39A04221-294E-4D90-A0F2-CCB1EF15CB56}" = Lenovo Patch Utility 64 bit
"{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}" = ThinkVantage Fingerprint Software
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{604CB4FC-3D32-405F-A109-165F170529B6}" = WD SmartWare
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{828CE72E-718B-4FDC-A469-8DE674CE8C4D}" = Lenovo Solution Center
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1" = ThinkVantage AutoLock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"01E3B64834B04ABAC85D8E1D3EBDC567D83AD29B" = Windows Driver Package - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00)
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12" = Windows Driver Package - Intel (iaStor) hdc (11/06/2010 10.1.0.1008)
"828B05D2B647CDAEA22493F7BFB96847265EE596" = Windows Driver Package - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DDD8A532E361E9A878EBEF69C338B306810DF059" = Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"OnScreenDisplay" = On Screen Display
"OpenVPN" = OpenVPN 2.3.2-I003
"Power Management Driver" = ThinkPad Power Management Driver
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"TAP-Windows" = TAP-Windows 9.9.2
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0327A4BF-62BF-48BB-8928-B971B749E9E1}" = Adobe Creative Suite 6 Design Standard
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C463A-2890-4C7F-B97C-C49FE175B849}" = OpenOffice 4.0.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{41564952-412D-5637-00A7-A758B70C0600}" = Avira SearchFree Toolbar
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{769CC8AC-50C3-4776-95F5-A1ABF15A38F4}_is1" = Wondershare Application Center 1.0.0.58
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}" = Message Center Plus
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{90300405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D2C60-A55F-4fed-B2B9-17311226DF01}" = ThinkPad Wireless LAN Adapter Software
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}" = Adobe Dreamweaver CS6
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-1029-4770-7760-000000000005}" = Adobe Acrobat X Pro - Eastern European (Group 1)
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2CA6F37-1602-4823-81B5-0384B6888AA6}" = Integrated Camera Driver Installer Package Ver.1.1.0.1147
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Power Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2672232-FF17-4DC9-8F24-A1E1829FE086}" = BisonCam Twain Pro
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArtD - Grafický atelier Černý_Book-Maker" = Book-Maker
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Kalenden 2013_is1" = Kalenden 2013 verze 13.0
"Lenovo Welcome_is1" = Lenovo Welcome
"Mozilla Thunderbird 24.1.1 (x86 cs)" = Mozilla Thunderbird 24.1.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Nokia PC Suite" = Nokia PC Suite
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"Opera 12.16.1860" = Opera 12.16
"Opera 18.0.1284.49" = Opera Stable 18.0.1284.49
"SMPlayer" = SMPlayer 0.8.1
"The KMPlayer" = The KMPlayer (remove only)
"Wandoujia2" = SnapPea
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.12.2013 8:29:14 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:29:14 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:33:22 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:33:22 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:37:36 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:37:36 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:52:41 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:52:41 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:58:46 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:58:46 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

[ Lenovo-Message Center Plus/Admin Events ]
Error - 28.1.2013 10:00:00 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 19.5.2013 6:20:37 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 19.5.2013 6:20:37 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 19.5.2013 6:20:37 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 23.5.2013 20:18:35 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 23.5.2013 20:18:49 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 23.5.2013 20:19:03 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 30.7.2013 8:55:46 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 30.7.2013 8:55:46 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 30.7.2013 8:55:46 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

[ System Events ]
Error - 3.12.2013 8:09:51 | Computer Name = Ivetik | Source = Service Control Manager | ID = 7031
Description = Služba IBUpdaterService byla nečekaně ukončena. Stalo se to 2 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


< End of report >

[vivienn@centrum.cz]

A ještě další...

OTL Extras logfile created on: 3.12.2013 13:37:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julinka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,12% Memory free
7,82 Gb Paging File | 5,55 Gb Available in Paging File | 70,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,67 Gb Total Space | 169,55 Gb Free Space | 37,79% Space Free | Partition Type: NTFS
Drive Q: | 15,62 Gb Total Space | 5,04 Gb Free Space | 32,24% Space Free | Partition Type: NTFS

Computer Name: IVETIK | User Name: Julinka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Julinka\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Julinka\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042415C6-4FB6-4C16-A759-6DD31B70910C}" = rport=445 | protocol=6 | dir=out | app=system |
"{183B83CE-4253-45D2-99C0-E646BAAD02EC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1A863358-DC96-4A58-81CA-7D6D63872E53}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1DCF8E7A-FB77-46E5-B927-EA394FE4606D}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D7D9126-9DF9-4DED-9221-BC7B047FDB53}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2E447F1C-7536-4C53-8748-DD8A33C41063}" = rport=10243 | protocol=6 | dir=out | app=system |
"{35745A83-456C-434A-AEF1-46F9A036C00A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47BE46B1-9719-49DC-8BB8-061F867AC28E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47E59A3D-9EDA-410A-A374-9B51EE1C0A33}" = rport=138 | protocol=17 | dir=out | app=system |
"{569C185C-8969-470B-BC71-357D991B6FD8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57E2AE4B-CF4D-4180-9FF2-4D1D70FBB95F}" = lport=139 | protocol=6 | dir=in | app=system |
"{5E07DD11-A969-422B-8524-70054EA559C3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6A810B50-9FDE-4B55-B253-4F498776C346}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6DBC5349-3F5C-4D41-AE39-70857C5A3176}" = lport=445 | protocol=6 | dir=in | app=system |
"{79197C43-170C-44BD-AF09-78EDBFC3BE31}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92FC4D3B-FA87-4BC1-A615-510072200F38}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{953F3672-4433-4560-88DB-700EAA353FA9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7324353-2F01-4C88-B1B1-73E4D6AEEC6D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A93C0786-3DF8-4E63-8965-6D20B991D643}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CD166232-C775-4344-88E1-B54317CA3B9B}" = lport=137 | protocol=17 | dir=in | app=system |
"{CFE66CAF-D291-4139-B36A-6D92B03F4CFE}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3FB0BCC-F655-4315-AA52-9B7941A4916C}" = rport=139 | protocol=6 | dir=out | app=system |
"{DC5A3ECC-98EA-48D2-907B-3D5751B29A12}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E4D5BC73-049D-4094-85B4-1479CB4A396D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F66834B6-C589-484A-85D4-8B88D3B6D7E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0085868B-A0B4-46C6-B8A8-AA33E5FD35D8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{05C3F8C6-7E11-42AE-AD25-D1BBE338555B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{063B1E07-5CD6-4F76-8192-7835B3AF31AA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0BA89E6C-DB3A-40EE-8BFA-47B35AC17CE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C97A5FD-BEB6-40AB-9D84-62E4A63DF325}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0ED3DF5E-386C-4E1B-B7AB-1D40E3DEC280}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{1077B023-0AAF-48DA-85CD-095BF361FA74}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{138F9E5A-2BA5-4F3F-A53F-E2DA6AE6BA12}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{15F3D838-0125-4217-9F93-2CFA00FF0BAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19F3EB77-59DF-43B2-8559-AB8B31EE007C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1E062F0D-678E-4729-B8C9-4027486D0D46}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{22312950-C2EE-4CB2-BAF7-B8DE5D6C671B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2CC3F493-CF2A-4A54-951E-96F7B3BEA8C0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3DD4798C-81F9-416E-A0A0-5602DC71B37F}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{49541B50-307F-4134-B4B3-C93370830A44}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{4A344F11-06C1-4F43-8FA1-C873714656B1}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
"{53045739-2D23-45C1-8CED-4A0511C31192}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{582DC3A0-2458-4759-8184-6F4DBC8F7D87}" = protocol=17 | dir=in | app=c:\program files (x86)\wandoulabs\wandoujia2.exe |
"{60816FDF-50B5-42B4-B915-40355DBC5898}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{614E7009-2883-410C-9039-5DFCC1FF870C}" = protocol=6 | dir=in | app=c:\program files (x86)\wandoulabs\wandoujia2.exe |
"{632B051C-FF23-46F4-AC5E-B406CEDC9D93}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CC73C7E-1257-414B-B776-CBCECDC2FC76}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6D6F6DFE-2558-44D4-BDE3-32EAF1CB48DD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6E0386F1-4ACF-4A44-A633-08AAF677BA3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72440D5F-2696-404D-B36D-90067F2F86E3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8325EAA8-61A7-4DEA-AC33-BA55A76FB692}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
"{8B23C653-495D-4EF8-9119-E6641DED47A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8FB3FFCA-24CC-4526-BDA8-0909E6B29E59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{91AD3829-4654-4B46-8BDA-55B323AFF86D}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{96668F31-C899-40A3-9211-D61BDE8F53CD}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{A1A7CFCA-F85C-4587-83E7-03999554B30D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A6DB9FEB-C921-46AB-945B-7EB12C08291F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A847F39C-010A-4E68-819D-83C6446D0948}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A964BA6C-487E-43A2-9693-864F25BB3F7A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AA8B760B-7D4A-40C9-93BA-020425D00B1A}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{AFF1014D-DAEA-4023-8D82-F65783E26C80}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B0BEDE3A-133C-4C1E-808E-0F1AF5F759FE}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{B40817F1-1A5C-459C-BCCB-87B3EF4A406D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B52B1E90-7157-4308-8526-4D037C4D8FB5}" = protocol=6 | dir=in | app=c:\program files (x86)\goforfiles\goforfilesdl.exe |
"{BDA3EC85-0607-4EC6-A857-B35F48971C24}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C280AD4F-ACAA-4A4C-980D-C74E83235B4B}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{C5F20500-841D-47B3-869B-906536B5C46D}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{CE6EA47C-0D0E-49F3-B861-7A6B36F78347}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D01CFBBA-1FDA-4ED2-9537-98AC20A80D31}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D25BEEF3-819F-4E34-B936-25244B0B9C4C}" = protocol=58 | dir=in | app=system |
"{D2BB5C2F-17C0-4C5D-809E-EA2C1A237AD4}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{D7570C35-8064-4E99-BE21-FBFADF4AB7EF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D7F8FC24-1D15-449D-AF10-E5F73DB7FB36}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D852C767-8525-404F-9BD4-4A4C3DBF2BCC}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E05BAC7D-EEB3-4B35-AD7E-0757775FA347}" = protocol=17 | dir=in | app=c:\program files (x86)\goforfiles\goforfiles.exe |
"{E800BAA6-2D19-4EB8-AB27-5CE097558C72}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{EC05A820-C7FB-4319-B95C-94CA40282032}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F409ED0A-48A6-4072-90C8-0BBBF40D993C}" = protocol=6 | dir=out | app=system |
"{FB9E8083-E07D-4A01-959E-B3D50DB19A39}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{FDB51E24-43C0-4ED9-A274-AD91AADA7923}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809" = CanoScan LiDE 210 Scanner Driver
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{39A04221-294E-4D90-A0F2-CCB1EF15CB56}" = Lenovo Patch Utility 64 bit
"{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}" = ThinkVantage Fingerprint Software
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{604CB4FC-3D32-405F-A109-165F170529B6}" = WD SmartWare
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{828CE72E-718B-4FDC-A469-8DE674CE8C4D}" = Lenovo Solution Center
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1" = ThinkVantage AutoLock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"01E3B64834B04ABAC85D8E1D3EBDC567D83AD29B" = Windows Driver Package - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00)
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12" = Windows Driver Package - Intel (iaStor) hdc (11/06/2010 10.1.0.1008)
"828B05D2B647CDAEA22493F7BFB96847265EE596" = Windows Driver Package - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"DDD8A532E361E9A878EBEF69C338B306810DF059" = Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"OnScreenDisplay" = On Screen Display
"OpenVPN" = OpenVPN 2.3.2-I003
"Power Management Driver" = ThinkPad Power Management Driver
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"TAP-Windows" = TAP-Windows 9.9.2
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0327A4BF-62BF-48BB-8928-B971B749E9E1}" = Adobe Creative Suite 6 Design Standard
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C463A-2890-4C7F-B97C-C49FE175B849}" = OpenOffice 4.0.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{41564952-412D-5637-00A7-A758B70C0600}" = Avira SearchFree Toolbar
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{769CC8AC-50C3-4776-95F5-A1ABF15A38F4}_is1" = Wondershare Application Center 1.0.0.58
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}" = Message Center Plus
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{90300405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D2C60-A55F-4fed-B2B9-17311226DF01}" = ThinkPad Wireless LAN Adapter Software
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}" = Adobe Dreamweaver CS6
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-1029-4770-7760-000000000005}" = Adobe Acrobat X Pro - Eastern European (Group 1)
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2CA6F37-1602-4823-81B5-0384B6888AA6}" = Integrated Camera Driver Installer Package Ver.1.1.0.1147
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Power Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2672232-FF17-4DC9-8F24-A1E1829FE086}" = BisonCam Twain Pro
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArtD - Grafický atelier Černý_Book-Maker" = Book-Maker
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Kalenden 2013_is1" = Kalenden 2013 verze 13.0
"Lenovo Welcome_is1" = Lenovo Welcome
"Mozilla Thunderbird 24.1.1 (x86 cs)" = Mozilla Thunderbird 24.1.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Nokia PC Suite" = Nokia PC Suite
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"Opera 12.16.1860" = Opera 12.16
"Opera 18.0.1284.49" = Opera Stable 18.0.1284.49
"SMPlayer" = SMPlayer 0.8.1
"The KMPlayer" = The KMPlayer (remove only)
"Wandoujia2" = SnapPea
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.12.2013 8:29:14 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:29:14 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:33:22 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:33:22 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:37:36 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:37:36 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:52:41 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:52:41 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:58:46 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

Error - 3.12.2013 8:58:46 | Computer Name = Ivetik | Source = Bonjour Service | ID = 100
Description = AppendDNSNameString: Illegal empty label in name "."

[ Lenovo-Message Center Plus/Admin Events ]
Error - 28.1.2013 10:00:00 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 19.5.2013 6:20:37 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 19.5.2013 6:20:37 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 19.5.2013 6:20:37 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 23.5.2013 20:18:35 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 23.5.2013 20:18:49 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 23.5.2013 20:19:03 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 30.7.2013 8:55:46 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 30.7.2013 8:55:46 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 30.7.2013 8:55:46 | Computer Name = Ivetik | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

[ System Events ]
Error - 3.12.2013 8:09:51 | Computer Name = Ivetik | Source = Service Control Manager | ID = 7031
Description = Služba IBUpdaterService byla nečekaně ukončena. Stalo se to 2 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - [2013.10.23 20:52:09 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
  SRV - [2012.06.22 09:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
  IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  IE - HKLM\..\SearchScopes,DefaultScope =
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENP
  IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
  IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
  IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
  IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\SearchScopes,DefaultScope =
  IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  IE - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\SearchScopes\6D3763D855224A9B861C6B31D65F2523: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_csCZ499CZ500
  FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
  FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  [2013.10.15 03:55:11 | 000,000,000 | ---D | M] (Speed Analysis 3) -- C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
  [2013.10.24 03:27:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julinka\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions
  [2013.10.23 20:52:51 | 001,048,572 | ---- | M] () (No name found) -- C:\Users\Julinka\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
  CHR - default_search_provider: Sweetpacks (Enabled)
  CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
  CHR - default_search_provider: suggest_url = ,
  CHR - homepage: 
  O2:64bit: - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
  O2 - BHO: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
  O3:64bit: - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
  O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3:64bit: - HKU\S-1-5-21-744973435-459267832-2605002383-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
  O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - Startup: C:\Users\Julinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk = C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe ()
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\livecall - No CLSID value found
  O18:64bit: - Protocol\Handler\msnim - No CLSID value found
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
  O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O32 - Unable to obtain root file information for disk Q:\
  O33 - MountPoints2\{2ced36e9-08f5-11e3-aa98-f0def1e169d5}\Shell - "" = AutoRun
  O33 - MountPoints2\{c59598c6-785e-11e1-8e8f-806e6f6e6963}\Shell - "" = AutoRun
  [2013.03.03 16:34:55 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files (x86)\Common Files\ApnStub.exe
  [2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [2013.01.09 13:44:21 | 001,185,517 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\CSAS\lib\unins000.exe
  [2012.12.06 17:43:41 | 000,053,664 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Julinka\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
  [2013.12.02 09:26:30 | 000,830,848 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\aapt.exe
  [2013.12.02 09:27:16 | 000,201,088 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\DriverInstallerX64.exe
  [2013.12.02 09:27:16 | 000,189,312 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\DriverInstallerX86.exe
  [2013.12.02 09:26:52 | 000,243,584 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia2.exe
  [2013.12.02 09:27:04 | 006,913,920 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe
  [2013.12.02 09:26:44 | 001,611,136 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_installer.exe
  [2013.12.02 09:05:02 | 000,098,752 | ---- | M] (Microsoft Corporation) -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdjconx64.exe
  [2013.12.02 09:05:02 | 000,061,888 | ---- | M] (Microsoft Corporation) -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdjconx86.exe
  [2013.12.02 09:27:18 | 001,480,576 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\WDJDriverInstaller.exe
  [2013.12.02 09:26:34 | 000,209,280 | ---- | M] () -- C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdj_tool.exe
  [2012.10.29 16:23:48 | 001,381,496 | ---- | M] (Wondershare ) -- C:\Users\Julinka\AppData\Roaming\Wondershare\Wondershare Helper Compact\Wondershare Helper 
  [2013.12.03 13:38:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2013.12.03 13:16:46 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec49aa9d9cfa3.job
  [2013.12.03 13:45:04 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "AdobeAAMUpdater-1.0"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "AdobeBridge"=-
  "PC Suite Tray"=-
  "swg"=-
  "Pokki"=-
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  "Sweetpacks Communicator"=-
  "SwitchBoard"=-
  "AdobeCS6ServiceManager"=-
  ""=-
  "Adobe Acrobat Speed Launcher"=-
  "Acrobat Assistant 8.0"=-
  "ApnTBMon"=-
  "QuickTime Task"=-
  "iTunesHelper"=-
  
  :files
  C:\Users\Julinka\AppData\Roaming\Wandoujia2
  C:\Program Files (x86)\AskPartnerNetwork
  C:\Program Files (x86)\PANDORA.TV
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[vivienn@centrum.cz]

Nemohu najít nový log z otl...
Von mi ho nechce dát...

[vyosek]

Neni v C:\_OTL\MovedFiles\mmddyyyy_hhmmss

[vivienn@centrum.cz]

No jo, něco jsem tam našla...

All processes killed
========== OTL ==========
Service APNMCP stopped successfully!
Service APNMCP deleted successfully!
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe moved successfully.
Service PanService stopped successfully!
Service PanService deleted successfully!
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-21-744973435-459267832-2605002383-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-744973435-459267832-2605002383-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ deleted successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll moved successfully.
HKEY_USERS\S-1-5-21-744973435-459267832-2605002383-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-744973435-459267832-2605002383-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-744973435-459267832-2605002383-1000\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions folder moved successfully.
File C:\Users\Julinka\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ deleted successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ not found.
File V7\Passport_x64.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-744973435-459267832-2605002383-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ not found.
File V7\Passport_x64.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Julinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ced36e9-08f5-11e3-aa98-f0def1e169d5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2ced36e9-08f5-11e3-aa98-f0def1e169d5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c59598c6-785e-11e1-8e8f-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c59598c6-785e-11e1-8e8f-806e6f6e6963}\ not found.
C:\Program Files (x86)\Common Files\ApnStub.exe moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C21.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1758.tmp\SMDiagnostics.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1758.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP253D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4C2C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D1E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP61B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6BBD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8A9C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA68D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE8C8.tmp\System.Data.Services.Client.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE8C8.tmp folder deleted successfully.
C:\Windows\Installer\MSIE3FD.tmp deleted successfully.
C:\Users\Julinka\AppData\Roaming\CSAS\lib\unins000.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\aapt.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\DriverInstallerX64.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\DriverInstallerX86.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia2.exe moved successfully.
File C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_helper.exe not found.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wandoujia_installer.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdjconx64.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdjconx86.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\WDJDriverInstaller.exe moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\wdj_tool.exe moved successfully.
File C:\Users\Julinka\AppData\Roaming\Wondershare\Wondershare Helper Compact\Wondershare Helper not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec49aa9d9cfa3.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Pokki not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Sweetpacks Communicator not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
========== FILES ==========
C:\Users\Julinka\AppData\Roaming\Wandoujia2\User Data\Default\Local Storage folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\User Data\Default\AppCache folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\User Data\Default folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\User Data folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Logs folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\LocalStorage folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\HelperLogs folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\extension\icon folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\extension\0 folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\extension folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Download\Apps folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Download folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\device_cache folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\temp folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\icons folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\Default\Jobs folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\Default\Contacts folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\Default\Applications folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\Default\8053dda7da7d2b4f73d07777edfce91bbc9e6988 folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\Default\36c89e09ea414139ae3c293bc7f648f9973c5176 folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\Default folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\vedio folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Sync folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\photo folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\music folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Jobs folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Contacts folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Cache Data\temp\936cb1b7c68aceb490e15d2c9fd70814.tmp folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Cache Data\temp\4d627ac57c127b83ee61121f362043d2.tmp folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Cache Data\temp folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Cache Data\icons folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Cache Data folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988\Applications folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices\8053dda7da7d2b4f73d07777edfce91bbc9e6988 folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Devices folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\style\White folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\style\Black folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\style folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\08pi\templates folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\08pi folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\07changweiwei\templates folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\07changweiwei folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\05bian\templates folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\05bian folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\04liuguotai\templates folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\04liuguotai folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\03dark\templates folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\03dark folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\02green\templates folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\02green folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\01blue\templates folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin\01blue folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes\skin folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\themes folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\conn\images folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\conn folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\stylesheets folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\workers folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\utilities folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\ui\behavior folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\ui folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\nls\root folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\nls\en folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\nls folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\welcome\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\welcome\guide\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\welcome\guide folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\welcome\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\welcome folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\video\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\video\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\video\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\video folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\taskmanager\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\taskmanager\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\taskmanager\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\taskmanager folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\sync\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\sync folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\social\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\social folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\photo\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\photo\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\photo\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\photo folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\optimize\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\optimize folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\new_backuprestore\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\new_backuprestore\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\new_backuprestore\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\new_backuprestore folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\music\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\music\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\music\iTunes\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\music\iTunes\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\music\iTunes\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\music\iTunes folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\music\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\music folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\message\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\message\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\message\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\message folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\main\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\main\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\main folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\doraemon\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\doraemon\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\doraemon\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\doraemon folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\contact\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\contact\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\contact\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\contact folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\browser\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\browser folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\backuprestore\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\backuprestore\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\backuprestore folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\app\wash\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\app\wash\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\app\wash folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\app\views folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\app\models folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\app\collections folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules\app folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts\modules folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\javascripts folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\images\tx folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\images folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components\underscore folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components\requirejs-text folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components\requirejs-i18n folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components\requirejs folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components\qrcode.js folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components\jquery folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components\dot folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components\backbone folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app\bower_components folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates\app folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\templates folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\resources\inspector folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\resources folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\meepo_resource folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051\locales folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications\2.65.0.5051 folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2\Applications folder moved successfully.
C:\Users\Julinka\AppData\Roaming\Wandoujia2 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\PANDORA.TV\PanService folder moved successfully.
C:\Program Files (x86)\PANDORA.TV folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Julinka
->Temp folder emptied: 191078983 bytes
->Temporary Internet Files folder emptied: 60568 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 3752 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 528368206 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 4641805 bytes
RecycleBin emptied: 3167145 bytes

Total Files Cleaned = 694,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Julinka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Julinka

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12032013

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse