Prosím o kontrolu notebooku

Zpráva

subaru · #1 Příspěvek od **subaru** » 03 říj 2015 10:03

Notebook je pomalý, prosím o jeho pročištění, plno programů po spuštění.... Díky moc

Logfile of random's system information tool 1.10 (written by random/random)
Run by michaela at 2015-10-03 10:36:59
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 124 GB (42%) free of 294 GB
Total RAM: 2937 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:48:34, on 3.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\TpShocks.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\ICQ7.1\ICQ.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play.exe
C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\michaela\AppData\Local\iLivid\iLivid.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\michaela\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Users\michaela\Downloads\RSIT.exe
C:\Program Files\trend micro\michaela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - (no file)
O2 - BHO: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O3 - Toolbar: Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544936.dll
O3 - Toolbar: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: (no name) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcWin7Hlpr.exe showdeskband
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AllShare Play] C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [iLivid] "C:\Users\michaela\AppData\Local\iLivid\iLivid.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\michaela\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E78FD1AFF9754AC45C3C9D930EADF038] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\michaela\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 10.129.153.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 10.129.153.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 81.25.16.250,81.25.18.250
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
O23 - Service: AllShare Play Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate1caec2b9032cd20) (gupdate1caec2b9032cd20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

--
End of file - 16191 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-514183033-1028300980-1572349650-1003Core.job - C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-514183033-1028300980-1572349650-1003UA.job - C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for michaela.job - C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\pcdlauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\Windows\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -silentenumeration

=========Mozilla firefox=========

ProfilePath - C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"{0153E448-190B-4987-BDE1-F256CADA672F}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\samsung.com/AllSharePlayPCPlugin]
"Description"=
"Path"=C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
npvsharetvplg.dll

C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\extensions\
2020Player_IKEA@2020Technologies.com
23fb8bb3-ac21-4230-bbfa-49b94968bc63@gmail.com
staged
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\
Ask.xml
askcom.xml
conduit.xml
firmycz.xml
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-34.xml
icqplugin-35.xml
icqplugin-36.xml
icqplugin-37.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
keepmysearch.xml
seznam-avast.xml
startsear.xml
yahoo-1.xml
yahoo.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-24 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-17 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-05 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-03 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
IePasswordManagerHelper Class - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2009-08-27 763192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1dac034-9fd9-4c13-a388-d2e10e57707f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-17 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7c5c0f58-e061-457d-9033-77307f5ed00c}
{86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - Lenovo ThinkVantage Toolbox - C:\Program Files\PC-Doctor\ATLPcdToolbar544936.dll [2009-11-22 137712]
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{d1dac034-9fd9-4c13-a388-d2e10e57707f}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-03 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
""= []
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-07-09 337184]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-19 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-19 151064]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcWin7Hlpr.exe [2009-09-09 274432]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2009-08-27 3089720]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-14 1541416]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [2009-08-04 244208]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"TkBellExe"=C:\Program Files\real\realplayer\update\realsched.exe [2012-10-24 296096]
"AllShare Play"=C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [2013-02-21 407384]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-11 5227112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe [2011-01-05 133432]
"Badoo Desktop"=C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe []
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-05-16 1084840]
"Facebook Update"=C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-22 138096]
"iLivid"=C:\Users\michaela\AppData\Local\iLivid\iLivid.exe [2014-02-12 7307776]
"cz.seznam.software.autoupdate"=C:\Users\michaela\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"GoogleChromeAutoLaunch_E78FD1AFF9754AC45C3C9D930EADF038"=C:\Program Files\Google\Chrome\Application\chrome.exe [2015-09-24 815944]
"Yahoo! Search"=C:\Users\michaela\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [2014-07-10 535472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
Facebook Messenger.lnk - C:\Users\michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-28 216576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2009-08-17 100104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-03 10:36:59 ----D---- C:\rsit
2015-10-03 10:36:59 ----D---- C:\Program Files\trend micro
2015-10-03 10:19:23 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2015-10-03 10:42:32 ----D---- C:\Windows\Temp
2015-10-03 10:39:07 ----SHD---- C:\Windows\Installer
2015-10-03 10:36:59 ----RD---- C:\Program Files
2015-10-03 10:28:23 ----D---- C:\Users\michaela\AppData\Roaming\Skype
2015-10-03 10:27:19 ----D---- C:\Windows\Panther
2015-10-03 10:27:19 ----D---- C:\Windows\inf
2015-10-03 10:27:14 ----D---- C:\Windows\Logs
2015-10-03 10:27:14 ----D---- C:\Windows\debug
2015-10-03 10:27:14 ----D---- C:\Windows
2015-10-03 10:27:13 ----D---- C:\Windows\Minidump
2015-10-03 10:21:51 ----D---- C:\Windows\Tasks
2015-10-03 10:21:33 ----D---- C:\Windows\System32
2015-10-03 10:21:25 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-10-03 10:19:47 ----SHD---- C:\System Volume Information
2015-10-03 10:19:31 ----D---- C:\Windows\system32\Tasks
2015-10-03 10:06:25 ----D---- C:\Windows\system32\config
2015-10-03 10:00:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-03 09:59:48 ----D---- C:\Windows\system32\DriverStore
2015-10-03 09:58:55 ----D---- C:\Users\michaela\AppData\Roaming\Seznam.cz
2015-10-03 09:54:48 ----D---- C:\AllShare Play
2015-09-20 11:38:18 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-05 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-05 206248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [2009-06-29 117800]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-05 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-05 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-05 423784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-08-23 11552]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-05 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-05 70384]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-05 91496]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 12560]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-08-18 24872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-07-28 5924864]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-10 2660896]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw1v32.sys [2009-08-03 5958656]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-10-23 33088]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-14 212656]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-10-23 378672]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-15 111408]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-04-22 18816]
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc.pkms [2009-11-20 20848]
S3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\progra~1\pc-doc~1\pcdsrvc.pkms [2009-11-20 20848]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-09-09 124192]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-09-09 242976]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [2012-10-23 406648]
R2 AllShare Play Service;AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [2013-02-21 631368]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-05 50344]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2009-07-02 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-08-18 38176]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2009-09-04 15872]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-27 1021240]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-05-21 62320]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
R3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2009-09-04 1474560]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate1caec2b9032cd20;Služba Google Update (gupdate1caec2b9032cd20); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03 144200]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-04 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-08-04 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-08-04 166384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-03 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-10 114800]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-04 313840]
S3 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-08-04 1124848]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-06-29 39976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-24 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 03 říj 2015 10:54

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

subaru · #3 Příspěvek od **subaru** » 03 říj 2015 12:29

# AdwCleaner v5.009 - Logfile created 03/10/2015 at 13:12:58
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : michaela - LENOVO
# Running from : C:\Users\michaela\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : wStLibG

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Ask.com
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\Driver Pro
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar
[-] Folder Deleted : C:\Program Files\Movies Toolbar
[-] Folder Deleted : C:\Program Files\Surftastic
[-] Folder Deleted : C:\Program Files\sweetpacks bundle uninstaller
[-] Folder Deleted : C:\Program Files\vShare.tv plugin
[-] Folder Deleted : C:\Program Files\Zrychleni Pocitace
[-] Folder Deleted : C:\Program Files\SweetPlayer
[-] Folder Deleted : C:\Program Files\oTweak
[-] Folder Deleted : C:\Program Files\BitLord
[-] Folder Deleted : C:\Program Files\CinPlus-2.4cV10.01
[-] Folder Deleted : C:\ProgramData\Ask
[+] Folder Deleted : C:\ProgramData\BitGuard
[+] Folder Deleted : C:\ProgramData\Browser Manager
[+] Folder Deleted : C:\ProgramData\BrowserProtect
[-] Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
[-] Folder Deleted : C:\ProgramData\torchcrashhandler
[-] Folder Deleted : C:\ProgramData\wincert
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweetPlayer
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord
[-] Folder Deleted : C:\Users\michaela\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\michaela\AppData\Local\iLivid
[-] Folder Deleted : C:\Users\michaela\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
[-] Folder Deleted : C:\Users\michaela\AppData\Local\pay-by-ads
[-] Folder Deleted : C:\Users\michaela\AppData\Local\SwvUpdater
[-] Folder Deleted : C:\Users\michaela\AppData\Local\torch
[-] Folder Deleted : C:\Users\michaela\AppData\Local\GetnowUninstall
[-] Folder Deleted : C:\Users\michaela\AppData\Local\TNT2
[-] Folder Deleted : C:\Users\michaela\AppData\Local\GetNowUpdater
[-] Folder Deleted : C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
[-] Folder Deleted : C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe
[!] Folder Not Deleted : C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe
[-] Folder Deleted : C:\Users\michaela\AppData\LocalLow\AlterGeo
[-] Folder Deleted : C:\Users\michaela\AppData\LocalLow\AskToolbar
[-] Folder Deleted : C:\Users\michaela\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\michaela\AppData\LocalLow\ilividmoviestoolbar181
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Driver Pro
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\Conduit
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\ConduitCommon
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\ICQToolbarData
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\ilividmoviestoolbar181
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\Smartbar
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\ValueApps
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\Extensions\staged\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\Extensions\23fb8bb3-ac21-4230-bbfa-49b94968bc63@gmail.com
[!] Folder Not Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\Extensions\23fb8bb3-ac21-4230-bbfa-49b94968bc63@gmail.com
[-] Folder Deleted : C:\Users\michaela\Documents\PCSpeedUp
[-] Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[-] Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\torch

***** [ Files ] *****

[-] File Deleted : C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-1.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-10.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-11.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-12.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-13.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-14.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-15.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-16.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-17.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-18.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-19.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-2.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-20.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-21.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-22.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-23.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-24.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-25.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-26.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-27.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-28.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-29.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-3.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-30.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-31.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-32.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-33.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-34.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-35.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-36.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-37.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-4.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-5.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-6.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-7.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-8.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin-9.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin.gif
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin.src
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\icqplugin.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\Ask.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\Askcom.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\Conduit.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\Startsear.xml
[-] File Deleted : C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\yahoo.xml
[-] File Deleted : C:\Users\michaela\Desktop\iLivid.lnk
[-] File Deleted : C:\Users\Public\Desktop\Free Games.lnk
[-] File Deleted : C:\Windows\system32\drivers\wStLibG.sys

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle\SweeetPlayer bundle.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : Scheduled Update for Ask Toolbar
[-] Task Deleted : Yahoo! Search
[-] Task Deleted : Adobe Flash Player Updater
[-] Task Deleted : DiskUpdate

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\iLivid.torrent
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
[-] Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
[-] Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
[-] Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
[-] Key Deleted : HKCU\Software\Classes\keepmysearch
[-] Key Deleted : HKLM\SOFTWARE\Classes\IEhelperActiveX.IEhelperLabel
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Key Deleted : HKU\.DEFAULT\Software\ICQ\ICQToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\APN
[-] Key Deleted : HKCU\Software\APNDTX
[-] Key Deleted : HKCU\Software\Ask.com
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\ilivid
[-] Key Deleted : HKCU\Software\ilividmoviestoolbar181
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\StartSearch
[-] Key Deleted : HKCU\Software\SweetIM
[-] Key Deleted : HKCU\Software\torch
[-] Key Deleted : HKCU\Software\vShare.tv
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\Condut
[-] Key Deleted : HKCU\Software\Surftastic
[-] Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\APN
[-] Key Deleted : HKLM\SOFTWARE\AskToolbar
[-] Key Deleted : HKLM\SOFTWARE\DataMngr
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\SweetIM
[-] Key Deleted : HKLM\SOFTWARE\torch
[-] Key Deleted : HKLM\SOFTWARE\Surftastic
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-514183033-1028300980-1572349650-1003\Software\AppDataLow\Software\AskToolbar
[!] Key Not Deleted : HKU\S-1-5-21-514183033-1028300980-1572349650-1003\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{532F1C88-D5A5-4A87-BCBE-04BB6ABEA471}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{762F560D-98D4-4D10-8B8D-5FFB64FF7A3F}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C79A9056-7F39-463C-B43C-54F764090FAD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[!] Key Not Deleted : HKU\S-1-5-21-514183033-1028300980-1572349650-1003\Software\Microsoft\Internet Explorer\SearchScopes\{532F1C88-D5A5-4A87-BCBE-04BB6ABEA471}
[!] Key Not Deleted : HKU\S-1-5-21-514183033-1028300980-1572349650-1003\Software\Microsoft\Internet Explorer\SearchScopes\{762F560D-98D4-4D10-8B8D-5FFB64FF7A3F}
[!] Key Not Deleted : HKU\S-1-5-21-514183033-1028300980-1572349650-1003\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[!] Key Not Deleted : HKU\S-1-5-21-514183033-1028300980-1572349650-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[!] Key Not Deleted : HKU\S-1-5-21-514183033-1028300980-1572349650-1003\Software\Microsoft\Internet Explorer\SearchScopes\{C79A9056-7F39-463C-B43C-54F764090FAD}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]

***** [ Web browsers ] *****

[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.FirstTime", "true");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.FirstTimeFF3", "true");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.RestartDialogFirstTime", "false");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.RestartDialogShouldDisplay", "false");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.UserID", "UN72922191192511945");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.addressBarTakeOverEnabledInHidden", "true");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.countryCode", "CZ");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.dum", "2");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.enableAlerts", "always");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.firstTimeDialogOpened", "true");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.fixPageNotFoundErrorByUser", "TRUE");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.fixPageNotFoundErrorInHidden", "true");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.fullUserID", "UN72922191192511945.UP.20550509");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.installType", "DirectDownload");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.isCheckedStartAsHidden", true);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.lastVersion", "10.33.0.517");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.mam_gk_installer_preapproved.enc", "RkFMU0U=");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.performedDomainChangesMigration", "true");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.revertSettingsEnabled", "false");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.search.searchAppId", "128302917554194320");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.search.searchCount", "1");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.searchFromAddressBarEnabledByUser", "false");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.searchInNewTabEnabledByUser", "false");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.searchInNewTabEnabledInHidden", "true");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.searchSuggestEnabledByUser", "false");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.searchUninstallUserMode", "1");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.searchUserMode", "1");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_Configuration_lastUpdate", "1410609662901");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-afrikart_lastUpdate", "1402630526114");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-aoltv_lastUpdate", "1402630526179");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-dishnetwork_lastUpdate", "1402630526183");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-googletv_lastUpdate", "1402630526106");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-newteevee_lastUpdate", "1402630526182");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-referencias_tv_lastUpdate", "1402630526112");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-rollerdiscotv_lastUpdate", "1402630526115");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-tivo_lastUpdate", "1402630526180");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-vimeo_lastUpdate", "1402630526110");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_app.twitter.user-youtube_lastUpdate", "1402630526108");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1409852876241");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_appsMetadata_lastUpdate", "1410609661783");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_clientErrorLog_lastUpdate", "1401738748512");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_getTwitterExtraInfo_lastUpdate", "1402630528048");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1410517611537");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_login_10.29.0.520_lastUpdate", "1399292570466");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_login_10.30.1.502_lastUpdate", "1400728653759");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_login_10.31.0.526_lastUpdate", "1403165254802");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_login_10.31.2.501_lastUpdate", "1403851720017");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_login_10.33.0.505_lastUpdate", "1408551181646");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_login_10.33.0.517_lastUpdate", "1410634482375");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1410517611686");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_searchAPI_lastUpdate", "1410609662588");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_serviceMap_lastUpdate", "1410609661790");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_setupAPI_lastUpdate", "1397905209647");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_toolbarContextMenu_lastUpdate", "1410609661817");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_toolbarSettings_lastUpdate", "1410634483496");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.serviceLayer_services_translation_lastUpdate", "1410609661674");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.settingsINI", true);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.showToolbarPermission", "false");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.smartbar.CTID", "CT1408409");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.smartbar.Uninstall", "0");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.smartbar.toolbarName", "References.TV ");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.toolbarBornServerTime", "19-4-2014");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.toolbarCurrentServerTime", "13-9-2014");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.toolbarInstallDate", "19-04-2014 13:00:09");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("CT1408409.toolbarLoginClientTime", "Sat Apr 19 2014 13:00:09 GMT+0200");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("extensions.enabledAddons", "2020Player_IKEA%402020Technologies.com:5.0.94.0,toolbar11183%40freshy.com:2.0.0.1923,23fb8bb3-ac21-4230-bbfa-49b94968bc63%40gmail.com:0.95.57,%7B972ce4c6-7e08-44[...]
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("extensions.foxcub.prev.KWD", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.6&q=");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.engineVerified", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.geolastmodified", 1410283382);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.history", "enola%20gaynata%C5%A1a%20slav%C3%ADkov%C3%A1%20phoenix%C5%A1vestkov%C3%A1%20oma%C4%8Dkaom%C3%A1%C4%8Dka%20ze%20%C5%A1vestekcalofrig%20a.scalofingcentrum%20[...]
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.icqgeo", 42);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.installTime", "1397905199");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.itbsitescount", 190);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.newtab_state", "1");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.previousFFVersion", "32.0.1");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.removedsitescount", 14);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.uniqueID", "175958930518107561241397905199701");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("icqtoolbar.version", "2.0.1.6");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("smartbar.machineId", "W1YVLI0PJX6/BPTRRTPFJQO2ZWIKKSTYGK/NA48FAXX6CEOJVTRWF/7/CO53WGKXOWOBFCDDLFEGSNVDWLA4NA");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E+x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E+x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E,x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E,x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E-x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E-x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E.:2z527", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E.:2z527.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E.x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E.x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E/x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E/x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E06CG5EL8:", "6E6D686B6A747074756F");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E06CG5EL8:.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E71707A767A7B75242F4B49474F42357D5D5C3D");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E06CG5EL;8I:K.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E0x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E0x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E1x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E1x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E2x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E2x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E3x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E3x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E4x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E4x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E5x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E5x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E6x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E6x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E7x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E7x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E8x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E8x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E9x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E9x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E:x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E:x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E;x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E;x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E<x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E<x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E=x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E=x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E>x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E>x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E?x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E?x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E@x305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7E@x305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7EAx305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7EAx305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7EBE3G=;D9N9=D.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7EBx305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7EBx305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7ECx305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7ECx305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7EDx305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7EDx305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7Etx305", "2423");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B+7Etx305.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B-0?3G>D", "6D3F703D6A7372747A4648477B207B787920254C7D24212A5621245724265A59595D305C");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B-0?3G>D.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B-0?3G@6:5;", "");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B-0?3G@6:5;.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B-0?3GFA7EF", "2B2E2C3D");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B-0?3GFA7EF.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E6857705A6C60606B6668563F73796F697861");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B-3=3ECCJA=F>.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B/>01=9A6K6<IM;KRIE@PDAWM", "6E6A68707374757677");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B3=>@44I48?.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B5BA==9CJAG", "3D3A3F41726B75457A784576464677794D7B7B4C50");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B5BA==9CJAG.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B6B11G4C56B>F;P;ANR@P", "6E6C7072717071707576797673");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B9643G3/9E", "6A");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B9643G3/9E.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B;45>:BI9I7IE", "2B2E2C3D");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B;45>:BI9I7IE.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B<:222H64<", "393F352F3E");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B<:222H64<.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B<:222H64<L8DAJ", "6D70706E76747179766F2A797A727D7E757E78");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B<:222H64<L8DAJ.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B=+03EH8H8J?:", "4443");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B=+03EH8H8J?:.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B?+E2A52D8.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B?B0D:8AJ62<H", "6D");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9B?B0D:8AJ62<H.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9BA@0<0BI6A7GN:6@L?", "6C");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409./9BA@0<0BI6A7GN:6@L?.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.PG_ENABLE", "74727565");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.PG_ENABLE.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409._key_cl_active", "66363462313833662D643138612D346639332D623939642D653130363661373731653439");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409._key_cl_active.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.cb_experience_000", "3630");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.cb_experience_000.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.cb_firstuse0100", "31");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.cb_firstuse0100.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.cb_user_id_000", "43423931333136393331303434335F313339383239323433373737335F46697265666F78");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.cb_user_id_000.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.cbfirsttime", "5361742041707220313920323031342031333A30303A333320474D542B30323030");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.cbfirsttime.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appStateReportTime", "31343130363334353036313338");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appStateReportTime.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_Clarity_Active", "6F6E");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_Clarity_Active.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_CouponBuddy", "6F6E");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_CouponBuddy.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_Easytobook", "6F6E");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_Easytobook.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_Easytobook_targeted", "6F6E");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_Easytobook_targeted.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_PriceGong", "6F6E");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appState_PriceGong.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appsConfig.storedInFile", true);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appsDefaultEnabled", "6E756C6C");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_appsDefaultEnabled.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_calledSetupService", "31");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_calledSetupService.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_currentVersion", "312E31332E302E3137");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_currentVersion.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_eventsCache", "7B2232653435366237642D646565302D343338322D383262622D323331386534616365643737223A7B22746F706963223A2273656E645573616765222C2264617461223A7B226361746[...]
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_eventsCache.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_existingUsersRecoveryDone", "31");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_existingUsersRecoveryDone.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_first_time", "31");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_first_time.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_gadgetOpen", "30");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_gadgetOpen.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_lastLoginTime", "31343130363334353038383031");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_lastLoginTime.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_localization.storedInFile", true);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_mamEnabled", "66616C7365");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_mamEnabled.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_migrated_from_ls", "31");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_migrated_from_ls.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_new_welcome_experience", "31");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_new_welcome_experience.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_settings1.13.0.17.storedInFile", true);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_showWelcomeGadget", "66616C7365");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_showWelcomeGadget.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_stamp", "35345F30");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_stamp.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_userBornDate", "4E2F41");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_userBornDate.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_userId", "39383330663862632D633466392D343964302D383763342D613362386638633130666337");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_userId.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_user_approval_interacted", "31");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_user_approval_interacted.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_welcomeDialogMode", "31");
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.mam_gk_welcomeDialogMode.storedInFile", false);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.url_history0001", "687474703A2F2F73706F72742E69646E65732E637A2F2375746D5F736F757263653D69646E65732675746D5F6D656469756D3D746578742675746D5F636F6E74656E743D746F702D6E6176[...]
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.CT1408409.url_history0001.storedInFile", true);
[-] [C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\prefs.js] [Preference] Deleted : user_pref("valueApps.storage.mam_gk_userId", "39383330663862632D633466392D343964302D383763342D613362386638633130666337");
[-] [C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : pay-by-ads.com
[-] [C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.conduit.com
[-] [C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch.ask.com
[-] [C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : eagomcfjiefffhpaejnlpjccikpipdoe
[-] [C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : eagomcfjiefffhpaejnlpjccikpipdoe
[-] [C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : kpionmjnkbpcdpcflammlgllecmejgjj

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [77378 bytes] ##########

#4 Příspěvek od **Rudy** » 03 říj 2015 15:20

Dejte nový log RSIT.

subaru · #5 Příspěvek od **subaru** » 03 říj 2015 19:51

Nový log RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by michaela at 2015-10-03 20:48:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 123 GB (42%) free of 294 GB
Total RAM: 2937 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:39, on 3.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ICQ7.1\ICQ.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\michaela\Downloads\RSIT.exe
C:\Program Files\trend micro\michaela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O3 - Toolbar: Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544936.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcWin7Hlpr.exe showdeskband
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AllShare Play] C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\michaela\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E78FD1AFF9754AC45C3C9D930EADF038] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\michaela\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 10.129.153.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 10.129.153.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 10.129.153.129
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
O23 - Service: AllShare Play Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate1caec2b9032cd20) (gupdate1caec2b9032cd20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

--
End of file - 15078 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-514183033-1028300980-1572349650-1003Core.job - C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-514183033-1028300980-1572349650-1003UA.job - C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for michaela.job - C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\pcdlauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\Windows\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -silentenumeration

=========Mozilla firefox=========

ProfilePath - C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"{0153E448-190B-4987-BDE1-F256CADA672F}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobeï¿½ Flashï¿½ Player 19.0.0.185 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\samsung.com/AllSharePlayPCPlugin]
"Description"=
"Path"=C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll

C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\extensions\
2020Player_IKEA@2020Technologies.com
staged

C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\
firmycz.xml
icq-search.xml
keepmysearch.xml
seznam-avast.xml
yahoo-1.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-24 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-17 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-03 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-03 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
IePasswordManagerHelper Class - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2009-08-27 763192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-17 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7c5c0f58-e061-457d-9033-77307f5ed00c}
{86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - Lenovo ThinkVantage Toolbox - C:\Program Files\PC-Doctor\ATLPcdToolbar544936.dll [2009-11-22 137712]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-10-03 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
""= []
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-07-09 337184]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-19 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-19 151064]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcWin7Hlpr.exe [2009-09-09 274432]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2009-08-27 3089720]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-14 1541416]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [2009-08-04 244208]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"TkBellExe"=C:\Program Files\real\realplayer\update\realsched.exe [2012-10-24 296096]
"AllShare Play"=C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [2013-02-21 407384]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-10-03 6134544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe [2011-01-05 133432]
"Badoo Desktop"=C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe []
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-05-16 1084840]
"Facebook Update"=C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-22 138096]
"cz.seznam.software.autoupdate"=C:\Users\michaela\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"GoogleChromeAutoLaunch_E78FD1AFF9754AC45C3C9D930EADF038"=C:\Program Files\Google\Chrome\Application\chrome.exe [2015-09-24 815944]
"Yahoo! Search"=C:\Users\michaela\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
Facebook Messenger.lnk - C:\Users\michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-28 216576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2009-08-17 100104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-03 13:38:23 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-03 13:38:06 ----A---- C:\Windows\avastSS.scr
2015-10-03 13:34:50 ----D---- C:\Program Files\Mozilla Firefox
2015-10-03 13:09:05 ----D---- C:\AdwCleaner
2015-10-03 10:36:59 ----D---- C:\rsit
2015-10-03 10:36:59 ----D---- C:\Program Files\trend micro
2015-10-03 10:19:23 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2015-10-03 20:48:52 ----D---- C:\Windows\Temp
2015-10-03 20:04:01 ----D---- C:\Users\michaela\AppData\Roaming\Seznam.cz
2015-10-03 20:01:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-10-03 20:01:29 ----RD---- C:\Program Files
2015-10-03 20:00:49 ----D---- C:\Users\michaela\AppData\Roaming\Dropbox
2015-10-03 20:00:12 ----D---- C:\AllShare Play
2015-10-03 19:59:42 ----D---- C:\Windows\system32\Tasks
2015-10-03 19:59:00 ----D---- C:\Windows\system32\config
2015-10-03 19:57:47 ----D---- C:\Windows\system32\drivers
2015-10-03 13:43:42 ----SHD---- C:\Windows\Installer
2015-10-03 13:43:37 ----SHD---- C:\System Volume Information
2015-10-03 13:38:23 ----D---- C:\Windows\System32
2015-10-03 13:38:22 ----D---- C:\Windows
2015-10-03 13:14:12 ----D---- C:\Windows\Tasks
2015-10-03 13:13:12 ----HD---- C:\ProgramData
2015-10-03 11:19:47 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-10-03 10:28:23 ----D---- C:\Users\michaela\AppData\Roaming\Skype
2015-10-03 10:27:19 ----D---- C:\Windows\Panther
2015-10-03 10:27:19 ----D---- C:\Windows\inf
2015-10-03 10:27:14 ----D---- C:\Windows\Logs
2015-10-03 10:27:14 ----D---- C:\Windows\debug
2015-10-03 10:27:13 ----D---- C:\Windows\Minidump
2015-10-03 10:00:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-03 09:59:48 ----D---- C:\Windows\system32\DriverStore
2015-09-20 11:38:18 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-03 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-03 208664]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [2009-06-29 117800]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-03 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-10-03 789296]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-10-03 434184]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-08-23 11552]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-03 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-03 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-03 115640]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 12560]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-08-18 24872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-07-28 5924864]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-10 2660896]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw1v32.sys [2009-08-03 5958656]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-10-23 33088]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-14 212656]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-10-23 378672]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-15 111408]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-04-22 18816]
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc.pkms [2009-11-20 20848]
S3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\progra~1\pc-doc~1\pcdsrvc.pkms [2009-11-20 20848]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-09-09 124192]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-09-09 242976]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [2012-10-23 406648]
R2 AllShare Play Service;AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [2013-02-21 631368]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-03 146600]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2009-07-02 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-08-18 38176]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2009-09-04 15872]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-27 1021240]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-05-21 62320]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate1caec2b9032cd20;Služba Google Update (gupdate1caec2b9032cd20); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03 144200]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-04 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-08-04 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-08-04 166384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-03 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-03 147624]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-04 313840]
S3 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-08-04 1124848]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-06-29 39976]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2009-09-04 1474560]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-24 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 03 říj 2015 20:26

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\McAfee Security Scan
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
C:\Program Files\Google\Google Toolbar
C:\Program Files\Skype\Toolbars
C:\Program Files\Microsoft\BingBar
C:\Users\michaela\AppData\Local\Facebook\Update
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-514183033-1028300980-1572349650-1003Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-514183033-1028300980-1572349650-1003UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\Veetle\plugins\npVeetle.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19]
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17]
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Badoo Desktop"=-
"Facebook Update"=-

:services
BBUpdate

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

subaru · #7 Příspěvek od **subaru** » 03 říj 2015 21:02

Logfile of random's system information tool 1.10 (written by random/random)
Run by michaela at 2015-10-03 21:45:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 124 GB (42%) free of 294 GB
Total RAM: 2937 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:45:55, on 3.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Windows\notepad.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\System32\TpShocks.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ICQ7.1\ICQ.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Users\michaela\Downloads\RSIT.exe
C:\Program Files\trend micro\michaela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcWin7Hlpr.exe showdeskband
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AllShare Play] C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\michaela\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E78FD1AFF9754AC45C3C9D930EADF038] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\michaela\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 10.129.153.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 10.129.153.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{02C96636-0A4A-4E15-88AD-AA3C20F3AF54}: NameServer = 10.129.153.129
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
O23 - Service: AllShare Play Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bing Bar Update Service (BBSvc) - Unknown owner - C:\Program Files\Microsoft\BingBar\BBSvc.EXE (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate1caec2b9032cd20) (gupdate1caec2b9032cd20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

--
End of file - 13264 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Norton Security Scan for michaela.job - C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\pcdlauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\Windows\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -silentenumeration

=========Mozilla firefox=========

ProfilePath - C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobeï¿½ Flashï¿½ Player 19.0.0.185 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\samsung.com/AllSharePlayPCPlugin]
"Description"=
"Path"=C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll

C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\extensions\
2020Player_IKEA@2020Technologies.com
staged

C:\Users\michaela\AppData\Roaming\Mozilla\Firefox\Profiles\6hd87i03.default\searchplugins\
firmycz.xml
icq-search.xml
keepmysearch.xml
seznam-avast.xml
yahoo-1.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-17 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-03 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
IePasswordManagerHelper Class - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2009-08-27 763192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-17 59376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
""= []
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-07-09 337184]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-19 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-19 151064]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcWin7Hlpr.exe [2009-09-09 274432]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2009-08-27 3089720]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-14 1541416]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [2009-08-04 244208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"TkBellExe"=C:\Program Files\real\realplayer\update\realsched.exe [2012-10-24 296096]
"AllShare Play"=C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [2013-02-21 407384]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-10-03 6134544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe [2011-01-05 133432]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-05-16 1084840]
"cz.seznam.software.autoupdate"=C:\Users\michaela\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\michaela\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"GoogleChromeAutoLaunch_E78FD1AFF9754AC45C3C9D930EADF038"=C:\Program Files\Google\Chrome\Application\chrome.exe [2015-09-24 815944]
"Yahoo! Search"=C:\Users\michaela\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-28 216576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2009-08-17 100104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-03 21:34:36 ----D---- C:\_OTM
2015-10-03 13:38:23 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-03 13:38:06 ----A---- C:\Windows\avastSS.scr
2015-10-03 13:34:50 ----D---- C:\Program Files\Mozilla Firefox
2015-10-03 13:09:05 ----D---- C:\AdwCleaner
2015-10-03 10:36:59 ----D---- C:\rsit
2015-10-03 10:36:59 ----D---- C:\Program Files\trend micro
2015-10-03 10:19:23 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2015-10-03 21:45:19 ----D---- C:\Users\michaela\AppData\Roaming\Seznam.cz
2015-10-03 21:44:43 ----D---- C:\Windows\Temp
2015-10-03 21:41:56 ----D---- C:\Users\michaela\AppData\Roaming\Dropbox
2015-10-03 21:41:21 ----D---- C:\AllShare Play
2015-10-03 21:39:08 ----D---- C:\Windows\system32\config
2015-10-03 21:38:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-10-03 21:35:27 ----D---- C:\Windows\Tasks
2015-10-03 21:35:20 ----D---- C:\Program Files\Microsoft
2015-10-03 21:34:41 ----RD---- C:\Program Files\Skype
2015-10-03 21:34:41 ----D---- C:\Program Files\Google
2015-10-03 21:34:40 ----RD---- C:\Program Files
2015-10-03 19:59:42 ----D---- C:\Windows\system32\Tasks
2015-10-03 19:57:47 ----D---- C:\Windows\system32\drivers
2015-10-03 13:43:42 ----SHD---- C:\Windows\Installer
2015-10-03 13:43:37 ----SHD---- C:\System Volume Information
2015-10-03 13:38:23 ----D---- C:\Windows\System32
2015-10-03 13:38:22 ----D---- C:\Windows
2015-10-03 13:13:12 ----HD---- C:\ProgramData
2015-10-03 11:19:47 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-10-03 10:28:23 ----D---- C:\Users\michaela\AppData\Roaming\Skype
2015-10-03 10:27:19 ----D---- C:\Windows\Panther
2015-10-03 10:27:19 ----D---- C:\Windows\inf
2015-10-03 10:27:14 ----D---- C:\Windows\Logs
2015-10-03 10:27:14 ----D---- C:\Windows\debug
2015-10-03 10:27:13 ----D---- C:\Windows\Minidump
2015-10-03 10:00:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-03 09:59:48 ----D---- C:\Windows\system32\DriverStore
2015-09-20 11:38:18 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-03 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-03 208664]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [2009-06-29 117800]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-03 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-10-03 789296]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-10-03 434184]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-08-23 11552]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-03 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-03 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-03 115640]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 12560]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-08-18 24872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-07-28 5924864]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-10 2660896]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw1v32.sys [2009-08-03 5958656]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-10-23 33088]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-14 212656]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-10-23 378672]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-15 111408]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-04-22 18816]
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc.pkms [2009-11-20 20848]
S3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\progra~1\pc-doc~1\pcdsrvc.pkms [2009-11-20 20848]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-09-09 124192]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-09-09 242976]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [2012-10-23 406648]
R2 AllShare Play Service;AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [2013-02-21 631368]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-03 146600]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2009-07-02 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-08-18 38176]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2009-09-04 15872]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-27 1021240]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-05-21 62320]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate1caec2b9032cd20;Služba Google Update (gupdate1caec2b9032cd20); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03 144200]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-04 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-08-04 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-08-04 166384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-03 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-03 147624]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-04 313840]
S3 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-08-04 1124848]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-06-29 39976]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2009-09-04 1474560]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-24 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 03 říj 2015 21:15

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

subaru · #9 Příspěvek od **subaru** » 03 říj 2015 21:52

Každým restartem se to zlepšovalo.
Díky moc

#10 Příspěvek od **Rudy** » 04 říj 2015 11:15

Rádo se stalo!

VIRY.CZ

Prosím o kontrolu notebooku

Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku

Re: Prosím o kontrolu notebooku