prosim o kontrolu logu Vyřešeno

[pavel66]

tak tady je ten log, je normální, že po skončení programu sem cekal na ten log nez se ukazal, asi 15 minut?

ComboFix 10-03-07.04 - NB 08.03.2010 17:54:39.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3068.1485 [GMT 1:00]
Spuštěný z: c:\users\NB\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\NB\Desktop\CFScript.txt
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý


FILE ::
"c:\users\NB\AppData\Local\d3d9caps.dat"
"c:\users\NB\AppData\Local\Temp\cpuz130\cpuz_x32.sys"
"c:\users\NB\AppData\Roaming\Microsoft\Installer\{2955A9A5-A18A-4E77-9C20-2205225A9D62}\NewShortcut1_2955A9A5A18A4E779C202205225A9D62.exe"
"c:\users\NB\AppData\Roaming\Microsoft\Installer\{2955A9A5-A18A-4E77-9C20-2205225A9D62}\NewShortcut2_2955A9A5A18A4E779C202205225A9D62.exe"
"c:\windows\Setup1.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\users\NB\AppData\Local\d3d9caps.dat
c:\users\NB\AppData\Roaming\Microsoft\Installer\{2955A9A5-A18A-4E77-9C20-2205225A9D62}\NewShortcut1_2955A9A5A18A4E779C202205225A9D62.exe
c:\users\NB\AppData\Roaming\Microsoft\Installer\{2955A9A5-A18A-4E77-9C20-2205225A9D62}\NewShortcut2_2955A9A5A18A4E779C202205225A9D62.exe
c:\windows\Setup1.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CPUZ130
-------\Service_cpuz130


((((((((((((((((((((((((( Soubory vytvořené od 2010-02-08 do 2010-03-08 )))))))))))))))))))))))))))))))
.

2010-03-08 17:08 . 2010-03-08 17:12 -------- d-----w- c:\users\NB\AppData\Local\temp
2010-03-08 17:08 . 2010-03-08 17:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-08 17:08 . 2010-03-08 17:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-08 17:08 . 2010-03-08 17:08 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-03-08 15:00 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-07 16:56 . 2010-03-07 16:56 -------- d-----w- c:\users\NB\AppData\Roaming\Malwarebytes
2010-03-07 16:56 . 2010-03-07 16:56 -------- d-----w- c:\programdata\Malwarebytes
2010-03-07 16:56 . 2010-03-07 16:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-07 11:35 . 2010-03-07 11:35 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}(13)
2010-03-07 10:43 . 2010-03-07 10:48 -------- d-----w- c:\program files\Common Files\Stardock
2010-03-07 09:21 . 2010-03-07 08:35 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-03-07 08:36 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-03-07 08:36 . 2010-03-07 08:35 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-07 08:32 . 2010-03-07 23:40 -------- d-----w- c:\program files\Lavasoft
2010-03-07 08:32 . 2010-03-07 23:39 -------- d-----w- c:\programdata\Lavasoft
2010-03-06 17:53 . 2010-03-07 23:25 -------- d-----w- c:\program files\WinClamAVShield
2010-03-06 09:01 . 2010-03-06 09:09 -------- d-----w- c:\users\NB\AppData\Roaming\BatteryBar
2010-03-06 09:01 . 2010-03-06 09:01 -------- d-----w- c:\program files\BatteryBar
2010-03-05 21:24 . 2010-03-05 21:33 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-03-05 20:34 . 2010-03-05 20:34 -------- d-----w- c:\program files\LS
2010-03-05 17:13 . 2010-03-05 17:22 -------- d-----w- c:\programdata\AutoPowerOn
2010-03-05 16:24 . 2010-03-05 16:24 -------- d-----w- c:\users\NB\AppData\Roaming\Key Metric Software
2010-03-05 16:24 . 2010-03-05 16:24 -------- d-----w- c:\users\NB\AppData\Local\PackageAware
2010-03-05 16:14 . 2010-03-05 16:14 -------- d-----w- c:\users\NB\AppData\Local\Tamir_Khason
2010-03-05 14:57 . 2010-03-05 17:31 -------- d-----w- c:\program files\Drawing Hand
2010-03-05 14:57 . 2010-03-05 14:57 -------- d-----w- c:\windows\SWP
2010-03-05 12:18 . 2010-03-05 12:22 -------- d-----w- c:\users\NB\AppData\Roaming\Desktop Sidebar
2010-03-05 12:16 . 2010-03-05 12:21 -------- d-----w- c:\program files\Desktop Sidebar
2010-03-05 12:00 . 2010-03-05 12:00 -------- d-----w- c:\users\NB\AppData\Roaming\VirtuaWin
2010-03-05 09:19 . 2010-03-05 09:19 -------- d-----w- c:\program files\RocketDock
2010-03-05 09:00 . 2010-03-05 12:09 -------- d-----w- c:\users\NB\AppData\Roaming\Dexpot
2010-03-05 09:00 . 2010-03-08 07:32 -------- d-----w- c:\program files\Dexpot
2010-03-04 18:13 . 2010-03-04 18:13 -------- d-----w- c:\users\NB\AppData\Local\Microsoft Corporation
2010-03-04 18:11 . 2010-03-04 18:11 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2010-03-03 16:37 . 2010-03-03 16:37 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-03-03 16:37 . 2010-03-03 16:37 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-03-03 16:37 . 2010-03-03 16:37 -------- d-----w- c:\program files\OpenAL
2010-03-03 16:35 . 2010-03-03 17:02 -------- d-----w- c:\program files\City Interactive
2010-03-02 17:45 . 2010-03-02 17:45 -------- d-----w- c:\users\NB\AppData\Local\SEGA
2010-03-02 17:39 . 2010-03-02 17:39 -------- d-----w- c:\windows\system32\xlive
2010-03-02 17:39 . 2010-03-02 17:39 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-03-02 17:33 . 2010-03-02 17:33 -------- d-----w- c:\program files\SEGA
2010-02-27 17:53 . 2010-02-27 17:54 -------- d-----w- c:\users\NB\AppData\Roaming\Summer Athletics 2009
2010-02-27 17:38 . 2010-02-27 19:55 -------- d-----w- c:\program files\Summer Athletics 2009
2010-02-25 19:17 . 2010-03-02 17:43 -------- d-----w- c:\program files\Aliens Vs Predator
2010-02-23 21:22 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-23 21:21 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-23 21:21 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-23 21:21 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-23 21:21 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-23 21:21 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-23 21:21 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-23 21:21 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-23 21:21 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-23 21:21 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-23 21:21 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-23 21:21 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-23 21:21 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-02-19 15:31 . 2010-02-19 15:31 -------- d-----w- c:\program files\Winamp Detect
2010-02-19 15:30 . 2010-03-07 23:02 -------- d-----w- c:\users\NB\AppData\Roaming\Winamp
2010-02-19 15:30 . 2010-03-06 17:48 -------- d-----w- c:\program files\Winamp
2010-02-17 16:08 . 2010-02-17 16:16 -------- d-----w- c:\program files\ICQ6.5
2010-02-15 19:16 . 2010-02-15 20:19 -------- d-----w- c:\programdata\TrackMania
2010-02-11 14:35 . 2010-02-11 14:35 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-11 14:35 . 2010-03-07 23:35 -------- d-----w- c:\users\NB\AppData\Roaming\Spyware Terminator
2010-02-11 14:35 . 2010-03-08 07:39 -------- d-----w- c:\programdata\Spyware Terminator
2010-02-11 14:35 . 2010-03-07 23:30 -------- d-----w- c:\program files\Spyware Terminator
2010-02-10 09:14 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-02-10 09:14 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-10 09:14 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-10 09:14 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-10 09:14 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-10 09:14 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-10 09:14 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-10 09:14 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-02-10 09:14 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-02-10 09:13 . 2009-12-08 20:01 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-10 09:13 . 2009-12-08 20:01 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-10 09:13 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 09:13 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-10 09:13 . 2009-12-08 20:01 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-02-10 09:13 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-02-10 09:13 . 2009-12-04 15:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-10 09:13 . 2009-12-04 15:56 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-08 17:13 . 2009-10-03 11:24 -------- d-----w- c:\users\NB\AppData\Roaming\IM
2010-03-08 17:11 . 2009-10-11 19:09 218714 ----a-w- c:\programdata\nvModes.dat
2010-03-08 17:08 . 2008-12-16 01:43 12 ----a-w- c:\windows\bthservsdp.dat
2010-03-08 16:36 . 2009-06-01 11:54 -------- d-----w- c:\users\NB\AppData\Roaming\ICQ
2010-03-08 07:50 . 2008-12-16 09:12 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-03-08 07:50 . 2008-12-16 09:12 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-03-07 10:43 . 2009-12-23 16:48 -------- d-----w- c:\program files\Stardock
2010-03-07 08:07 . 2009-09-21 12:11 -------- d-----w- c:\users\NB\AppData\Roaming\vlc
2010-03-05 15:49 . 2008-12-16 01:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-05 15:21 . 2009-08-25 21:46 -------- d-----w- c:\users\NB\AppData\Roaming\Skype
2010-03-05 15:07 . 2009-10-03 22:30 -------- d-----w- c:\users\NB\AppData\Roaming\skypePM
2010-02-25 15:25 . 2009-10-03 14:42 -------- d-----w- c:\users\NB\AppData\Roaming\SolidWorks
2010-02-25 11:09 . 2009-11-27 15:41 -------- d-----w- c:\program files\Safari
2010-02-24 16:23 . 2009-05-28 10:27 98856 ----a-w- c:\users\NB\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-03 07:57 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 21:03 . 2009-07-17 12:44 -------- d-----w- c:\program files\SpeedFan
2010-02-22 12:56 . 2008-12-16 02:12 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
2010-02-17 16:11 . 2010-01-22 23:28 -------- d-----w- c:\programdata\ICQ
2010-02-17 15:36 . 2009-12-14 12:31 -------- d-----w- c:\program files\ICQ Password Changer
2010-02-17 15:30 . 2009-12-14 12:21 -------- d-----w- c:\program files\ICQ Password Hasher
2010-02-16 18:51 . 2009-05-29 12:48 -------- d-----w- c:\programdata\Microsoft Help
2010-02-10 12:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-08 06:48 . 2009-05-31 21:19 -------- d-----w- c:\program files\Google
2010-01-28 14:00 . 2010-01-28 14:00 -------- d-----w- c:\program files\Neoact
2010-01-28 00:08 . 2009-11-22 15:04 -------- d-----w- c:\program files\FreeTime
2010-01-26 19:30 . 2009-11-19 13:45 -------- d-----w- c:\program files\Electronic Arts
2010-01-26 19:28 . 2009-11-19 14:07 -------- d-----w- c:\programdata\Electronic Arts
2010-01-26 19:18 . 2010-01-26 19:18 -------- d-----w- c:\program files\EA Games
2010-01-26 19:15 . 2009-05-31 17:58 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-22 08:45 . 2010-01-21 21:58 -------- d-----w- c:\program files\Valve
2010-01-21 11:40 . 2009-09-08 19:10 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-11 17:42 . 2010-01-11 17:42 -------- d-----w- c:\program files\IMSIDesign
2010-01-02 06:38 . 2010-01-22 08:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 08:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 08:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 08:53 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-23 10:54 . 2009-12-19 14:02 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-12-23 10:54 . 2009-12-19 14:02 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-12-16 09:35 . 2008-12-16 09:17 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\SWP ----

2006-06-20 23:32 . 2006-06-20 23:32 5574 ----a-w- c:\windows\SWP\product.gif
2006-06-20 23:24 . 2006-06-20 23:24 17473 ----a-w- c:\windows\SWP\box.gif
2005-07-08 07:19 . 2005-07-08 07:19 2070 ----a-w- c:\windows\SWP\customerSvc_sm.gif
2005-07-08 07:18 . 2005-07-08 07:18 1934 ----a-w- c:\windows\SWP\reissuekey_sm.gif
2005-07-08 07:18 . 2005-07-08 07:18 1978 ----a-w- c:\windows\SWP\register_sm.gif
2005-07-08 07:17 . 2005-07-08 07:17 1707 ----a-w- c:\windows\SWP\OK_sm.gif
2005-07-08 07:17 . 2005-07-08 07:17 1720 ----a-w- c:\windows\SWP\exit_sm.gif
2005-07-08 07:17 . 2005-07-08 07:17 1997 ----a-w- c:\windows\SWP\enterkey_sm.gif
2005-07-08 07:17 . 2005-07-08 07:17 1857 ----a-w- c:\windows\SWP\Cancel_sm.gif
2005-07-08 07:17 . 2005-07-08 07:17 1835 ----a-w- c:\windows\SWP\buyNow_sm.gif
2005-05-05 12:12 . 2005-05-05 12:12 3300 ----a-w- c:\windows\SWP\reissueKey.gif
2005-05-05 12:10 . 2005-05-05 12:10 4153 ----a-w- c:\windows\SWP\customerSvc.gif
2005-05-05 12:03 . 2005-05-05 12:03 3975 ----a-w- c:\windows\SWP\register.gif
2005-05-05 12:03 . 2005-05-05 12:03 3882 ----a-w- c:\windows\SWP\cancel.gif
2005-05-05 12:01 . 2005-05-05 12:01 3017 ----a-w- c:\windows\SWP\buyNow.gif
2004-02-18 08:07 . 2004-02-18 08:07 4491 ----a-w- c:\windows\SWP\enterkey.gif
2004-02-09 15:33 . 2004-02-09 15:33 3993 ----a-w- c:\windows\SWP\exit.gif
2004-01-16 15:01 . 2004-01-16 15:01 1846 ----a-w- c:\windows\SWP\powered_by_dr.gif
2004-01-13 12:16 . 2004-01-13 12:16 4436 ----a-w- c:\windows\SWP\money_back_g.gif
2004-01-13 12:16 . 2004-01-13 12:16 3171 ----a-w- c:\windows\SWP\security_lock_text.gif
2004-01-13 12:16 . 2004-01-13 12:16 2760 ----a-w- c:\windows\SWP\buy.gif
2004-01-13 12:16 . 2004-01-13 12:16 2765 ----a-w- c:\windows\SWP\continue_free_trial.gif


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-12 1414144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-11 3037696]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904]
"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]
"TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-09-25 1152296]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-25 189736]
"UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-09-26 210216]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652]
"SolidWorks_CheckForUpdates"="c:\program files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe" [2008-09-15 7218472]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-19 13793824]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-01 149280]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-12 37888]

c:\users\NB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
KN StrongDC.lnk - c:\program files\KN_StrongDC\StrongDC.exe [2008-7-15 3361792]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):45,11,5b,f6,65,01,ca,01

R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe [2008-09-09 79144]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
getPlusHelper REG_MULTI_SZ getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 21:46]

2010-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 21:46]

2010-03-05 c:\windows\Tasks\HPCeeScheduleForNB.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-12-16 07:02]

2010-03-06 c:\windows\Tasks\NeroLiveEpgUpdate-Notebook_NB.job
- c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-01 12:58]

2010-03-08 c:\windows\Tasks\User_Feed_Synchronization-{BFDFD7B1-3B62-40A2-8353-9B7DEA9EBB15}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
FF - ProfilePath - c:\users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFAlert.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-08 18:12
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll acpi.sys >>UNKNOWN [0x86D2D1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x82f10d24
\Driver\ACPI -> acpi.sys @ 0x805bbd68
\Driver\atapi -> 0x86d2d1f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-4091301431-3146374880-2057195779-1000\Software\SecuROM\License information*]
"datasecu"=hex:40,5a,77,4b,d1,44,52,b6,b2,ba,1d,b1,37,30,58,58,62,6b,9c,bd,c7,
e5,90,cd,44,a0,d7,70,bc,dd,53,46,0f,d7,34,cc,1b,f7,68,4b,b8,bf,c0,b5,06,67,\
"rkeysecu"=hex:65,d5,b9,a7,83,a8,f8,fc,81,f1,98,f0,6f,0e,cb,f6

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(5680)
c:\program files\RocketDock\RocketDock.dll
c:\program files\Bonjour\mdnsNSP.dll
c:\windows\System32\netshell.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\Hpservice.exe
c:\progra~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WBVista.exe
c:\windows\system32\vfsFPService.exe
c:\windows\system32\WLANExt.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\SMINST\BLService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WBVista.exe
c:\windows\system32\conime.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\windows\system32\DllHost.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2010-03-08 18:23:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-08 17:23
ComboFix2.txt 2010-03-08 08:15

Před spuštěním: Volných bajtů: 82 154 795 008
Po spuštění: Volných bajtů: 81 727 361 024

- - End Of File - - 8D404D683F1E085BBD7D6D36EB4AC0FA

[Reklama]

[Damned]

Ano, vytvoření logu může trvat déle.

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG, Aviru.)
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Všechny ostatní nastavení ponech jak jsou. Klikni na Run Scan. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

[pavel66]

tak log OTL.Txt

OTL logfile created on: 8.3.2010 20:15:13 - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Users\NB\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,54 Gb Total Space | 78,33 Gb Free Space | 27,05% Space Free | Partition Type: NTFS
Drive D: | 8,55 Gb Total Space | 1,59 Gb Free Space | 18,62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 1,88 Gb Total Space | 1,74 Gb Free Space | 92,62% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NOTEBOOK
Current User Name: NB
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\NB\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files\Stardock\Object Desktop\WindowBlinds\WBVista.exe ()
PRC - C:\Program Files\Stardock\Object Desktop\WindowBlinds\VistaSrv.exe (Stardock Corporation)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\SMINST\BLService.exe ()
PRC - C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
PRC - C:\Program Files\KN_StrongDC\StrongDC.exe ()
PRC - C:\Program Files\RocketDock\RocketDock.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\NB\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Common Files\Motive\McciContextHook_6-1-0_DSR.dll (Motive Communications, Inc.)
MOD - C:\Program Files\RocketDock\RocketDock.dll ()


========== Win32 Services (SafeList) ==========

SRV - (Lavasoft Ad-Aware Service) -- File not found
SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (SolidWorks Licensing Service) -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (WindowBlinds) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\VistaSrv.exe (Stardock Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe (IDT, Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (Recovery Service for Windows) -- C:\Program Files\SMINST\BLService.exe ()
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (CoordinatorServiceHost) -- C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (msvsmon80) -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (sp_rsdrv2) -- C:\Windows\System32\drivers\sp_rsdrv2.sys ()
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (epfwwfpr) -- C:\Windows\System32\drivers\epfwwfpr.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.)
DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS_Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.cz"
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:1.5.48.2
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.712
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.18
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.07.10 13:46:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.07.10 22:00:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.03 15:03:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.19 16:31:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.08.06 21:12:46 | 000,000,000 | ---D | M]

[2009.05.30 23:15:54 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Mozilla\Extensions
[2009.05.30 23:15:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NB\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.03.08 09:27:49 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions
[2009.07.10 15:53:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.03 22:52:49 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.12.14 13:21:33 | 000,002,532 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\askcom.xml
[2010.02.17 17:18:11 | 000,000,825 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\conduit.xml
[2009.10.03 19:32:58 | 000,002,399 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\daemon-search.xml
[2010.03.06 01:13:24 | 000,000,950 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\icqplugin-1.xml
[2009.09.22 11:42:46 | 000,000,944 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\icqplugin.xml
[2010.03.08 09:27:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.02.17 17:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.02.19 12:14:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.12.01 19:36:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.02.19 12:14:50 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.02.19 12:14:50 | 000,134,616 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.07.14 01:16:26 | 001,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2009.12.01 19:36:02 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.07.14 01:15:48 | 001,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009.07.14 01:15:58 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2008.09.05 18:58:42 | 000,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll
[2009.02.06 12:44:28 | 001,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2010.02.19 12:14:52 | 000,065,496 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009.02.27 11:13:42 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.01.12 21:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.07.14 01:16:26 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.02.17 17:18:11 | 000,001,395 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009.12.14 13:21:33 | 000,000,828 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.12.14 13:21:33 | 000,001,916 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.12.14 13:21:33 | 000,001,323 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.12.14 13:21:33 | 000,000,901 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.12.14 13:21:33 | 000,001,244 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.03.08 18:11:37 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\NB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KN StrongDC.lnk = C:\Program Files\KN_StrongDC\StrongDC.exe ()
O4 - Startup: C:\Users\NB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

[pavel66]

pokracovani log OTL.Txt

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.229.196.2 147.229.191.135 147.229.3.10
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\NB\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\NB\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.03.08 20:12:33 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\NB\Desktop\OTL.exe
[2010.03.08 18:24:01 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.03.08 18:11:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.03.08 18:08:00 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Local\temp
[2010.03.08 16:00:45 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.08 00:40:02 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.03.07 17:56:56 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Roaming\Malwarebytes
[2010.03.07 17:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.03.07 17:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.07 13:18:51 | 000,000,000 | ---D | C] -- C:\Users\NB\Desktop\BZI
[2010.03.07 12:35:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}(13)
[2010.03.07 11:44:22 | 000,000,000 | ---D | C] -- C:\Users\NB\Documents\Stardock
[2010.03.07 11:43:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Stardock
[2010.03.07 09:36:11 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010.03.07 09:36:05 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.03.07 09:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010.03.07 09:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.03.06 18:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2010.03.06 12:26:19 | 000,000,000 | ---D | C] -- C:\Users\NB\Desktop\laborky veci
[2010.03.06 10:01:20 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Roaming\BatteryBar
[2010.03.06 10:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\BatteryBar
[2010.03.05 22:24:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.03.05 21:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\LS
[2010.03.05 18:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoPowerOn
[2010.03.05 17:24:21 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Roaming\Key Metric Software
[2010.03.05 17:24:03 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Local\PackageAware
[2010.03.05 17:14:17 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Local\Tamir_Khason
[2010.03.05 15:57:52 | 000,000,000 | ---D | C] -- C:\Windows\SWP
[2010.03.05 15:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Drawing Hand
[2010.03.05 15:44:17 | 000,000,000 | R--D | C] -- C:\Users\NB\Documents\My Games
[2010.03.05 13:18:42 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Roaming\Desktop Sidebar
[2010.03.05 13:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\Desktop Sidebar
[2010.03.05 13:00:42 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Roaming\VirtuaWin
[2010.03.05 10:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\RocketDock
[2010.03.05 10:00:14 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Roaming\Dexpot
[2010.03.05 10:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\Dexpot
[2010.03.04 19:13:19 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Local\Microsoft Corporation
[2010.03.04 19:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2010.03.03 17:41:37 | 000,000,000 | ---D | C] -- C:\Users\NB\Documents\Motorm4x
[2010.03.03 17:37:50 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010.03.03 17:37:50 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010.03.03 17:37:50 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2010.03.03 17:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive
[2010.03.02 18:45:04 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Local\SEGA
[2010.03.02 18:39:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.03.02 18:39:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010.03.02 18:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
[2010.03.01 22:17:41 | 000,000,000 | ---D | C] -- C:\Users\NB\Desktop\Season 09
[2010.02.27 18:53:44 | 000,000,000 | ---D | C] -- C:\Users\NB\AppData\Roaming\Summer Athletics 2009
[2010.02.27 18:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\Summer Athletics 2009
[2010.02.25 20:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Aliens Vs Predator
[2010.02.23 22:23:05 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.02.23 22:22:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.02.23 22:21:49 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.02.23 22:21:49 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.02.23 22:21:45 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.02.23 22:21:44 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.02.23 22:21:44 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.02.23 22:21:44 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.02.23 22:21:43 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010.02.23 22:21:43 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.02.23 22:21:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.02.23 22:21:37 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.02.23 22:21:35 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.02.23 22:21:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010.03.08 20:16:20 | 000,218,714 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.03.08 20:15:59 | 005,767,168 | -HS- | M] () -- C:\Users\NB\ntuser.dat
[2010.03.08 20:15:53 | 000,000,460 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BFDFD7B1-3B62-40A2-8353-9B7DEA9EBB15}.job
[2010.03.08 20:13:16 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\NB\Desktop\OTL.exe
[2010.03.08 19:55:00 | 000,218,714 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.03.08 19:54:57 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.08 19:54:42 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.08 19:54:41 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.08 19:54:36 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.08 19:54:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.08 19:53:20 | 000,524,288 | -HS- | M] () -- C:\Users\NB\NTUSER.DAT{691e9240-73b4-11de-a69d-00247e1bfe72}.TMContainer00000000000000000001.regtrans-ms
[2010.03.08 19:53:20 | 000,065,536 | -HS- | M] () -- C:\Users\NB\NTUSER.DAT{691e9240-73b4-11de-a69d-00247e1bfe72}.TM.blf
[2010.03.08 19:50:57 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.03.08 19:50:53 | 002,638,263 | -H-- | M] () -- C:\Users\NB\AppData\Local\IconCache.db
[2010.03.08 19:50:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.08 18:33:35 | 001,393,902 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.08 18:33:35 | 000,598,832 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.03.08 18:33:35 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.08 18:33:35 | 000,114,992 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.03.08 18:33:35 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.08 18:11:44 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.03.08 18:11:37 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.03.08 17:49:57 | 000,001,589 | ---- | M] () -- C:\Users\Public\Desktop\Výběr prohlížeče.lnk
[2010.03.08 09:36:36 | 000,152,576 | ---- | M] () -- C:\Users\NB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.08 00:32:14 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.03.07 14:25:59 | 000,168,263 | ---- | M] () -- C:\Users\NB\Desktop\zkouky tahem.pdf
[2010.03.07 12:56:34 | 003,074,799 | ---- | M] () -- C:\Users\NB\Desktop\BZI komplet.docx
[2010.03.07 09:35:58 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.03.07 09:35:52 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010.03.07 00:00:26 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\NeroLiveEpgUpdate-Notebook_NB.job
[2010.03.05 22:33:35 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.03.05 22:24:44 | 000,000,564 | ---- | M] () -- C:\Windows\ST6UNST.000
[2010.03.05 21:33:15 | 000,024,206 | ---- | M] () -- C:\Users\NB\AppData\Roaming\UserTile.png
[2010.03.05 18:31:36 | 000,000,075 | ---- | M] () -- C:\Windows\drawinghand.ini
[2010.03.05 16:30:46 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForNB.job
[2010.03.05 15:57:54 | 000,001,849 | ---- | M] () -- C:\Users\NB\Desktop\Drawing Hand Screen Saver.lnk
[2010.03.03 17:37:50 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010.03.03 17:37:50 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010.03.02 18:53:10 | 000,002,675 | ---- | M] () -- C:\Users\NB\Desktop\Microsoft Office Word 2007.lnk
[2010.02.26 09:38:48 | 000,000,000 | ---- | M] () -- C:\Users\NB\AppData\Local\Temptable.xml
[2010.02.25 11:16:10 | 000,011,417 | ---- | M] () -- C:\Users\NB\Desktop\knihovny.docx
[2010.02.24 17:54:58 | 000,015,180 | ---- | M] () -- C:\Users\NB\Desktop\informace.docx
[2010.02.24 17:23:18 | 000,098,856 | ---- | M] () -- C:\Users\NB\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.02.24 17:20:19 | 000,354,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.08 17:49:57 | 000,001,589 | ---- | C] () -- C:\Users\Public\Desktop\Výběr prohlížeče.lnk
[2010.03.08 00:32:14 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.03.07 14:25:58 | 000,168,263 | ---- | C] () -- C:\Users\NB\Desktop\zkouky tahem.pdf
[2010.03.07 12:56:29 | 003,074,799 | ---- | C] () -- C:\Users\NB\Desktop\BZI komplet.docx
[2010.03.07 10:21:53 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010.03.06 19:52:44 | 003,807,566 | ---- | C] () -- C:\Users\NB\Desktop\E-Rotic - Fred Come To Bed.mp3
[2010.03.05 22:24:40 | 000,000,564 | ---- | C] () -- C:\Windows\ST6UNST.000
[2010.03.05 15:58:00 | 000,000,075 | ---- | C] () -- C:\Windows\drawinghand.ini
[2010.03.05 15:57:54 | 000,001,849 | ---- | C] () -- C:\Users\NB\Desktop\Drawing Hand Screen Saver.lnk
[2010.03.05 13:17:47 | 000,303,062 | ---- | C] () -- C:\Users\NB\Desktop\09-Dodge_Charger.jpg
[2010.02.25 11:14:44 | 000,011,417 | ---- | C] () -- C:\Users\NB\Desktop\knihovny.docx
[2010.02.24 17:54:44 | 000,015,180 | ---- | C] () -- C:\Users\NB\Desktop\informace.docx
[2010.02.11 15:35:48 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2010.01.28 15:01:08 | 000,000,026 | ---- | C] () -- C:\Windows\NeoSetup.INI
[2009.12.23 17:48:29 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll
[2009.12.19 15:02:53 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.12.19 15:02:52 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.12.06 23:47:20 | 000,006,767 | ---- | C] () -- C:\Windows\hpdj3600.ini
[2009.12.01 10:13:08 | 000,974,848 | ---- | C] () -- C:\Windows\vorbis.dll
[2009.12.01 10:13:08 | 000,049,152 | ---- | C] () -- C:\Windows\ogg.dll
[2009.12.01 10:13:08 | 000,028,672 | ---- | C] () -- C:\Windows\vorbisfile.dll
[2009.11.25 20:03:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.11.05 21:48:04 | 000,139,152 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.11.05 21:48:04 | 000,139,152 | ---- | C] () -- C:\Users\NB\AppData\Roaming\PnkBstrK.sys
[2009.10.31 19:31:59 | 000,001,646 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009.10.27 18:52:38 | 000,212,992 | ---- | C] () -- C:\Windows\System32\WMIMPLEX.dll
[2009.10.27 18:52:38 | 000,040,960 | ---- | C] () -- C:\Windows\System32\maplec.dll
[2009.10.27 18:52:38 | 000,020,480 | ---- | C] () -- C:\Windows\System32\maplecompat.dll
[2009.10.11 20:09:26 | 000,218,714 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.10.11 20:09:25 | 000,218,714 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.10.11 08:52:59 | 000,000,000 | ---- | C] () -- C:\Users\NB\AppData\Local\Temptable.xml
[2009.10.03 14:03:41 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2009.09.03 14:52:27 | 000,000,000 | ---- | C] () -- C:\Users\NB\AppData\Local\FnF4.txt
[2009.07.10 14:22:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.26 16:57:31 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.06.03 13:41:44 | 000,024,206 | ---- | C] () -- C:\Users\NB\AppData\Roaming\UserTile.png
[2009.06.01 22:29:43 | 000,152,576 | ---- | C] () -- C:\Users\NB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.31 12:26:10 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2009.05.28 11:27:19 | 000,000,000 | ---- | C] () -- C:\Users\NB\AppData\Local\QSwitch.txt
[2009.05.28 11:27:19 | 000,000,000 | ---- | C] () -- C:\Users\NB\AppData\Local\DSwitch.txt
[2009.05.28 11:27:19 | 000,000,000 | ---- | C] () -- C:\Users\NB\AppData\Local\AtStart.txt
[2008.12.16 03:34:55 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2008.12.16 03:34:46 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2008.12.16 03:34:24 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2008.12.16 03:33:52 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2008.12.16 03:32:45 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2008.12.16 03:01:15 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2008.12.16 02:56:17 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2008.12.16 02:54:42 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2008.12.16 02:53:51 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2008.12.16 02:53:34 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.11.14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007.08.21 19:46:34 | 000,059,160 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2002.02.15 21:32:40 | 000,200,704 | ---- | C] () -- C:\Windows\System32\TSUZ.DLL
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1998.06.05 11:54:38 | 000,009,136 | ---- | C] () -- C:\Windows\System32\INETWH16.DLL
[1997.06.14 03:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2009.11.22 16:01:31 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Any Video Converter
[2009.10.05 18:15:17 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Autodesk
[2010.03.06 10:09:10 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\BatteryBar
[2009.12.29 22:34:04 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\BSplayer
[2009.06.03 22:52:47 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\BSplayer Pro
[2009.10.29 19:42:11 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\DAEMON Tools Lite
[2010.03.05 13:22:01 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Desktop Sidebar
[2010.03.05 13:09:56 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Dexpot
[2009.10.03 14:15:30 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\DWGeditor
[2009.10.02 19:00:24 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\GrabPro
[2009.12.21 21:57:44 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\gtk-2.0
[2010.03.08 19:56:37 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\ICQ
[2010.03.08 19:56:22 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\IM
[2010.03.05 17:24:21 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Key Metric Software
[2009.10.10 19:41:49 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Luxology
[2009.12.02 00:01:47 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Nokia
[2009.12.14 13:21:28 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\OCS
[2009.12.14 13:21:33 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Opera
[2009.10.06 09:45:29 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Orbit
[2009.07.10 22:07:43 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\PC Suite
[2009.10.04 09:53:49 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\sldIM
[2010.03.08 00:35:00 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Spyware Terminator
[2010.02.27 18:54:12 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Summer Athletics 2009
[2009.11.03 17:35:57 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\Uniblue
[2009.10.07 14:05:44 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\uTorrent
[2010.03.05 13:00:42 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\VirtuaWin
[2009.10.01 13:03:26 | 000,000,000 | ---D | M] -- C:\Users\NB\AppData\Roaming\VitySoft
[2010.03.08 19:50:58 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.03.08 20:15:53 | 000,000,460 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{BFDFD7B1-3B62-40A2-8353-9B7DEA9EBB15}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:D083E4C6
< End of report >

[pavel66]

log Extras.Txt

OTL Extras logfile created on: 8.3.2010 20:15:13 - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Users\NB\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,54 Gb Total Space | 78,33 Gb Free Space | 27,05% Space Free | Partition Type: NTFS
Drive D: | 8,55 Gb Total Space | 1,59 Gb Free Space | 18,62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 1,88 Gb Total Space | 1,74 Gb Free Space | 92,62% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NOTEBOOK
Current User Name: NB
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20C1E2C8-2E0C-41E6-847C-D9267E2ECFF5}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x86\rpcsandrasrv.exe |
"{23BABBBC-8FCE-45C2-B53A-02FEAC79FF98}" = lport=2869 | protocol=6 | dir=in | app=system |
"{33F18D69-9C3F-475C-8DBE-425544AAC436}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{375D0F0C-6463-46D3-98D4-38261139C5AD}" = lport=139 | protocol=6 | dir=in | app=system |
"{3CC88C09-2F15-483F-9EE4-14E561150883}" = rport=138 | protocol=17 | dir=out | app=system |
"{490EE524-03A1-4B7D-BF4A-49BC909327E5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6040AB25-7717-48E3-9A05-E73468C50DB0}" = rport=139 | protocol=6 | dir=out | app=system |
"{686E65C6-736C-45F9-88E9-2FA18B42A92F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7D7482E3-BA5C-47F8-B2A6-D2565DCB1D8C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{91C8FCA1-F7AF-4B51-AB19-B9D7F9D21817}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{94B0C394-CD36-4F2E-B267-61B38A7C59DD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9F493DD8-D5BC-4997-B8C5-82BD49FB128C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5E72BCB-F54E-4114-8A6D-D5D7EF6D3E07}" = lport=138 | protocol=17 | dir=in | app=system |
"{C4EDE604-0269-4842-B109-C16A5A005DDA}" = lport=445 | protocol=6 | dir=in | app=system |
"{C829F35E-E333-45F8-B67F-CFFE1BE2B28C}" = lport=137 | protocol=17 | dir=in | app=system |
"{C8D08458-9A47-49DA-B4A5-F68C18028A43}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D270F12D-3DD6-4AA8-B540-A1CCB02CEAB1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D7D35556-9C08-4231-BAA8-86A9E1073428}" = rport=137 | protocol=17 | dir=out | app=system |
"{E04269D3-5DB2-46EE-B6F1-3B6D244CF1A1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EF36C99F-84EA-408A-905E-0526B0C5A5DE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F1CF9CE7-3DBC-4F13-B55B-0B4CF7D3CB0B}" = rport=445 | protocol=6 | dir=out | app=system |
"{FB3C964F-642B-48F4-A564-7BCB8F6C7595}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B9DEA9A-D45A-4E06-9230-66287E9C4407}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0E1F19DB-F3B2-4519-BCBA-4CA0EA2225F5}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{0EFAFD4D-3589-42A7-ABB9-BDD989C7F74A}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{0FC43CD7-D8A8-4A77-AD7D-7E722407C496}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{117CAF2E-863E-4383-A3D6-DE457EC1619C}" = protocol=17 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{1634DD85-5DBE-4CA1-86E6-A9B33B23E046}" = protocol=6 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mp.exe |
"{1B53A2B8-E9C6-4ECA-9B3C-1CA4F827F0E9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1C8B1441-89BA-4B4E-89C4-6AE6357A89A4}" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{1F42BA91-6D89-4048-920B-AC9D446D7178}" = protocol=6 | dir=out | app=system |
"{1FE8B217-DE9D-4151-9732-67CF70B4696E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2EA90013-319F-44C6-AA42-219F0346EA0F}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{362927C9-39E4-4BB0-95D7-E52529053D22}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{3DC9C983-052B-4105-ABD4-594D1154F328}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{42082753-8986-4E72-80D2-59072C3A3C43}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{481B05DC-858E-4A05-BBCE-4A65DEBFE3A4}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{4F8CED76-0AAC-45D3-B24E-44F8B7AEA43D}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{52CF8C4F-4FFE-48C9-87DB-83837C832E9C}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"{5AD594DA-E93E-4C5D-8ECA-6B5D6BF3CB6D}" = protocol=17 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mplite.exe |
"{5B0247E1-E052-4C18-8C8F-48E7A0078060}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe |
"{695C1C17-D0F3-4B74-8BE7-4C3C940069DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D74E17C-8DCD-4809-9278-A14185C13612}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6DCCAA94-4E8C-4D44-8202-6C7F21C65058}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{711AE9EC-972A-4770-86D6-FCCBCAAAE756}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7168D511-55DA-4CBE-9DDB-5F3919545FC9}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{72C4796B-2341-412B-ADBE-AF7E1EC59ABF}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{79904D3C-7CF8-4069-B57C-B70978502D97}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{89764387-0B68-44C6-B46F-0C7F40C30AE7}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{8CA1B5B6-99DB-452F-A51A-977C04D77047}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8FEAE5EB-0D69-423D-85EC-69338CE43390}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{91245371-44A8-449D-8EBC-D1F2827A306C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9681246B-CC33-477D-A454-438187A8FD2B}" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{9A989B73-A79B-4FE1-A002-F69A8851F8F8}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe |
"{9DCE85E9-9652-463D-9D09-ADC71E3AB8E5}" = protocol=6 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mplite.exe |
"{9F8BA3A0-C7A0-40DE-A85C-CD51D446DAFB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A1E681B6-E447-4E22-9D43-40C3CEE1A4AC}" = protocol=17 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mp.exe |
"{A829E07B-8FCF-4782-8095-DC562DAA2BC5}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{ABCF4EC7-4C2F-48AD-9590-DC770C5CFBAF}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{B0802F62-ED6C-4AB0-B879-4D357EC4F5EE}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{B9E51F82-2A36-416B-B5BD-99D452A6CFBC}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe |
"{C0DD8B0C-4D66-4DE3-8E06-F66B5F1E60BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C26E0525-0008-430E-A70A-3B6CE0262E0D}" = protocol=17 | dir=in | app=c:\program files\sega\vancouver 2010\vancouver.exe |
"{D42F186F-03A9-465F-BC90-DBDCCDC674E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D604B3C1-F6C9-4039-A28A-92B61BE18ADC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DAE2D34B-ABCC-4DEF-B40C-4E04A4559E1D}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{DBE2B2EE-0606-47F4-BA5D-1C52C3B6D452}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2B085BA-919F-4B5C-B757-583D6EF45D63}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E3D8E70F-E4D7-48AF-AB0C-FF1957CD59DA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E8D273AB-3BBF-45CF-B0FB-AB5E351B8CA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E90B4213-BD8A-4027-BDCF-09C9123FDEFF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EA33474F-5C06-4ED5-9EC6-D7CB89F2D251}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EAA05E24-01AC-4BFB-BC42-99B74E150ACC}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x86\rpcsandrasrv.exe |
"{EB02B66B-CB93-4EA0-B99E-0629A57BFEDA}" = protocol=6 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{ECE2AA2E-255A-4BB4-998D-3DC6F9767642}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EF06F4F4-2A17-4E43-9B83-186C96786E4E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F64872CE-35C0-4467-BB84-F5702E740BF8}" = protocol=6 | dir=in | app=c:\program files\sega\vancouver 2010\vancouver.exe |
"{FA43BE48-F76B-45FE-B8B5-CA81B93655B5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{0633EB00-64C9-42E6-8BE2-50A392F1B902}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0E417155-940A-444F-8CF3-EE0845776092}C:\users\nb\appdata\local\temp\rar$ex00.536\game.exe" = protocol=6 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.536\game.exe |
"TCP Query User{0F12A315-9F8A-44F0-B34D-4184DA0E6AEC}C:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=c:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe |
"TCP Query User{0FD09154-37BE-43BB-B4D4-ACFE456CD956}C:\users\nb\desktop\flatout2\flatout2\flatout2.exe" = protocol=6 | dir=in | app=c:\users\nb\desktop\flatout2\flatout2\flatout2.exe |
"TCP Query User{14CC70E8-CF50-4784-B54B-CC7089373C36}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{14CD01C5-5B36-4863-B2C6-02261A0663BF}C:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=c:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe |
"TCP Query User{18DF0290-3F90-4C1B-96EF-EDBFACDA2275}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{1D14C6A9-9CB8-4C00-925A-DA9A02919FA0}C:\users\nb\appdata\local\temp\rar$ex00.368\sdc230\strongdc.exe" = protocol=6 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.368\sdc230\strongdc.exe |
"TCP Query User{2B99AFBF-EFB8-4274-9746-4E6757C7F762}C:\program files\maple 12\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files\maple 12\jre\bin\maple.exe |
"TCP Query User{4458EABC-BBFE-4A47-AB0D-FD754BFF5319}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{53084CD0-7DA1-41AD-991B-07095556FB44}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{53A6298E-5D52-4CBB-B571-1D056E1F07C3}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{6AFB813E-8B68-4E69-958E-398EF79A0183}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{727ECF60-DD54-46DD-8DC0-E32D526C76A0}C:\program files\maple 12\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files\maple 12\jre\bin\maple.exe |
"TCP Query User{774A49EC-4FFA-4F9A-9BF3-9EA4F082DE81}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"TCP Query User{7A0DEE09-C5C2-41B0-AA57-365C9D4FD792}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"TCP Query User{84D5A765-6AF9-4BDE-96A8-05F3F352D388}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{851B5248-8D2B-4E7B-805A-DA3E7E128B90}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{8B63B9EA-5B6B-450A-977C-4A685BC4C486}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{92E95365-646B-4045-BAF3-919E1D49E7A1}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{98C861F8-4004-486F-949B-BFCBB7AD5DDF}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{9E343155-1A54-4493-AB72-10CD0F375233}C:\program files\codemasters\colin mcrae rally 2\cmr2network.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\colin mcrae rally 2\cmr2network.exe |
"TCP Query User{A95C8B95-7E25-44C9-A461-9F90D1FE45FF}C:\program files\sega\vancouver 2010\vancouver.exe" = protocol=6 | dir=in | app=c:\program files\sega\vancouver 2010\vancouver.exe |
"TCP Query User{B01C085B-0498-4EAC-BFBB-ABD945CB2E59}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{B7768EA3-29CB-4208-BA93-729527EBA9C8}C:\users\nb\appdata\local\temp\rar$ex00.742\strongdc.exe" = protocol=6 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.742\strongdc.exe |
"TCP Query User{B77EECB9-32D1-4EAF-8DA5-43D030E9E495}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{C34047BE-C327-4EF4-A891-8B7A2B3781B3}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{CC4869C3-28DB-49BE-9F32-E1F594D2AA11}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\czech\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\czech\setup.exe |
"TCP Query User{D54CE274-27EA-496B-B24B-AC0A302580A5}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{DAABE754-33D2-4C26-87E0-625696A5CB50}C:\program files\maple 12\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\maple 12\jre\bin\java.exe |
"TCP Query User{E149FC26-858C-45C2-8AF0-D3E45BCD4B4F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{E3B87A7F-276A-496E-9A83-4C60C8CDCDB4}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{EE2BFB21-B72C-4D97-BCBC-B749399C47B1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EF42496C-6398-4F70-BD6B-2C517E3DD9D4}C:\program files\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmunitedforever\tmforever.exe |
"TCP Query User{EF4B87D4-2793-4110-9BCF-1A3B291D9817}C:\program files\kn_strongdc\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\kn_strongdc\strongdc.exe |
"TCP Query User{F38522DF-F413-406B-9F5C-E7DA6A7DA343}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{FA7DC7C7-735F-486A-ACC8-D11A57ADB288}C:\users\nb\desktop\flatout2\flatout\flatout2.exe" = protocol=6 | dir=in | app=c:\users\nb\desktop\flatout2\flatout\flatout2.exe |
"TCP Query User{FAC57459-396B-47D2-A497-40A8561DB1D5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{FE0274DF-614C-4C21-8036-31894290539B}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{FFE89F0C-D0C7-4F29-9BAC-6942D8BBCCC0}C:\program files\kn_strongdc\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\kn_strongdc\strongdc.exe |
"UDP Query User{00AFABBC-DEDF-4DF5-B9F8-E0D4211567E8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{08544AAA-7445-4C31-B37E-0796904FFA72}C:\users\nb\desktop\flatout2\flatout\flatout2.exe" = protocol=17 | dir=in | app=c:\users\nb\desktop\flatout2\flatout\flatout2.exe |
"UDP Query User{1F435388-4BF7-4226-A791-B89D4DA6A679}C:\program files\maple 12\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files\maple 12\jre\bin\maple.exe |
"UDP Query User{28ADEBC3-2467-4A7D-85A0-AD0A13C8779E}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{430134BA-0297-40A3-AADF-19C257A214F5}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{4985D49B-B16D-4A35-93BB-D9D85B91A393}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{49A71492-9E22-4ED1-AC44-F15AA59F18EA}C:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=c:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe |
"UDP Query User{5210903D-9CC8-4E5B-B3F4-74F6920083DA}C:\program files\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmunitedforever\tmforever.exe |
"UDP Query User{5A4860B8-F9FE-4329-A7BC-74CD8867178B}C:\program files\codemasters\colin mcrae rally 2\cmr2network.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\colin mcrae rally 2\cmr2network.exe |
"UDP Query User{658D66D2-1019-48C6-8E89-6243517D3C46}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{6A0A9D63-22F0-4269-AF75-9B37C8A2976F}C:\users\nb\desktop\flatout2\flatout2\flatout2.exe" = protocol=17 | dir=in | app=c:\users\nb\desktop\flatout2\flatout2\flatout2.exe |
"UDP Query User{6F146C24-954D-49E2-A996-1A57251F7EDD}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{71FD8792-FF5E-4F01-B881-790DB3A0998F}C:\program files\kn_strongdc\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\kn_strongdc\strongdc.exe |
"UDP Query User{765EDC21-DEA1-442A-8547-CF09DF0079E3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8961F83D-30CC-4409-A232-E19D27F19A64}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{9006BC92-4318-4797-88CB-1B7CB48DD335}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{90D87719-D378-4BE7-86E7-E1A20958C383}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"UDP Query User{93A9130F-C6F0-4D93-8149-BA919DEA63C7}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{95181E16-9E07-416E-882B-1D5A934E759D}C:\users\nb\appdata\local\temp\rar$ex00.368\sdc230\strongdc.exe" = protocol=17 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.368\sdc230\strongdc.exe |
"UDP Query User{96F8B08D-B8D9-4CD8-B264-D84922D6CCFF}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{9EA8BDFA-428B-4F90-B32A-551C944C7047}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{A3B32A64-B792-47D9-81E7-9653C8C3A34F}C:\program files\maple 12\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\maple 12\jre\bin\java.exe |
"UDP Query User{A81DA3B3-5621-46F0-9EE5-BA672BD8E8D4}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{A8AEF428-3377-47B6-BA2D-5F79C1D42143}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{AA15FD1A-45EA-4E93-A7EC-DA77A66B1A0E}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{AB97367C-8BF0-4FA3-9095-2FCFC636C941}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{B076213E-D0AC-44AF-9842-9F06B07FD0C7}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{BBDF5F30-D9DD-4D9E-BC10-1EC5EA011E80}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"UDP Query User{BC2D8E54-7137-4576-8D0E-441C1BDD4FEC}C:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=c:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe |
"UDP Query User{BE2B5B8C-2899-4BD0-92A8-9252B99007B9}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{C148660C-E3E8-464B-BDE6-4911F9BBF1E8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{C160DA3D-2EB4-44EF-8E40-B8BDC777E988}C:\users\nb\appdata\local\temp\rar$ex00.742\strongdc.exe" = protocol=17 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.742\strongdc.exe |
"UDP Query User{CCCCF623-5985-46FD-99EA-186D77329A35}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"UDP Query User{CE6A7E97-0D41-4AB6-925A-DEBA343966D0}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{DD9B0D86-59EC-45D3-AC9C-81DF9A6A2822}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{F2342957-819A-4B6E-A704-0E93C8F83AA9}C:\program files\maple 12\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files\maple 12\jre\bin\maple.exe |
"UDP Query User{F249D1B8-A3E4-4540-A093-C50B104C44A2}C:\program files\sega\vancouver 2010\vancouver.exe" = protocol=17 | dir=in | app=c:\program files\sega\vancouver 2010\vancouver.exe |
"UDP Query User{F3FEDAFB-90C3-4926-951C-B2AD5C906FCF}C:\program files\kn_strongdc\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\kn_strongdc\strongdc.exe |
"UDP Query User{F4964DC0-B345-42AD-9A85-5BA63A21DA07}C:\users\nb\appdata\local\temp\rar$ex00.536\game.exe" = protocol=17 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.536\game.exe |
"UDP Query User{FEDAE68D-6813-4C96-8903-3775F0D7257A}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\czech\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\czech\setup.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
"{06379784-4648-46BF-9426-0B10817F0AF5}" = PhotoView 360
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Pomocník pro přihlášení ke službě Windows Live ID
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{11C3DB90-D872-49F4-A428-40B13E7745CD}" = HP Customer Experience Enhancements
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{15262012-213A-4f65-9019-C8A409EC0156}" = HP Officejet J6400 Series
"{15D7ECFC-B252-4990-A6BC-1C550A046FE5}" = SolidWorks eDrawings 2009
"{188C0E25-3D65-4DAC-9C00-7483FBA4C7EB}" = Status
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{279D3818-7287-4ab4-A927-542EBEA9E365}" = ProductContext
"{2955A9A5-A18A-4E77-9C20-2205225A9D62}" = Drawing Hand Screen Saver 2009.1
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{325CC540-F105-4074-BFC0-B8E26BFFE1D5}" = SolidWorks Explorer 2009 sp0
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{380CC749-8C28-4C74-BE01-45921D062302}" = BPDSoftware_Ini
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41853D20-40CC-4266-978D-F128BB97CA96}" = 6400_Help
"{4C6A8BA7-06F9-4F4E-8D58-4419767A0CD2}" = HP Easy Setup - Frontend
"{4D262E86-E37A-4BCD-9BA6-D8FA1C3F5F39}" = SolidWorks 2009 SP0
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}" = Nokia PC Suite
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5D934326-165A-413b-B056-26BE1EC082AF}" = J6400
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6291FC10-FDF0-4022-A1A5-710C728D49C2}" = Vancouver 2010
"{63C2981B-6E59-4514-8FC8-3C7A6368D0AE}" = HP User Guides 0126
"{63D0588C-2740-459D-AFB4-6B03461B7891}" = SolidWorks Simulation 2009 SP0
"{65BD9AB2-696E-4598-91E6-C3EE77E64460}" = SolidWorks Motion 2009 SP0
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85155187-3BEF-47B4-A662-346FEABF67A6}" = ProtectSmart Hard Drive Protection
"{85C8D391-0EAE-4492-8A0A-2EE8B0B6DA03}" = BPDSoftware
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1EE19E5-30DC-4912-85E9-B656867F27B6}_is1" = ICQ Password Changer 1.0
"{b25af741-265e-4ea4-8f0e-3b9df68bdeae}" = Nero 9
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BBF5C82E-78DE-48CD-9A83-B6D4E0AB7785}_is1" = CzechRO All-In-One Pack 24.2.2009
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C3A13A35-63AC-427a-92E6-960C1D01FABB}" = Poradce pro upgrade na systém Windows 7
"{C4BE99A4-D1C7-46CC-9E06-B901A4BC7854}_is1" = ICQ Password Hasher 1.2
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EE1671E1-ECB2-446B-A278-E8C56CFC839E}" = DWGeditor
"{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}" = HP MediaSmart SmartMenu
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"BatteryBar" = BatteryBar (remove only)
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"BSPlayerf" = BS.Player FREE
"Cadkey 98 Release 1.04 CZ_is1" = Cadkey 98 Release 1.04 CZ
"Carom3D" = Carom3D
"CCleaner" = CCleaner (remove only)
"CzechRO" = CzechRO
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Maple 12" = Maple 12
"MatlabR2008a" = MATLAB R2008a
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox (3.0.18)" = Mozilla Firefox (3.0.18)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"Shop for HP Supplies" = Shop for HP Supplies
"SolidWorks Installation Manager 20090-40000-1100-200" = SolidWorks 2009 SP0
"SpeedFan" = SpeedFan (remove only)
"Spyware Terminator_is1" = Spyware Terminator
"Summer Athletics 2009_is1" = Summer Athletics 2009
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"szn-software-listicka" = Seznam Lištička 2 (Všichni uživatelé tohoto počítače.)
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever_Fix_2009_10_09
"VLC media player" = VLC media player 1.0.1
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7.3.2010 19:10:31 | Computer Name = Notebook | Source = ESENT | ID = 454
Description = Catalog Database (1788) Catalog Database: Při zotavení či obnovení
databáze došlo k neočekávané chybě -543.

Error - 7.3.2010 19:10:36 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description =

Error - 7.3.2010 19:23:44 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 7.3.2010 19:26:07 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Chybující aplikace Ad-AwareInstaller.exe, verze 8.2.0.0, časové razítko
0x48bf6ca2, chybující modul mia.lib, verze 6.0.6002.18005, časové razítko 0x49e03821,
kód výjimky 0xc0000135, posun chyby 0x00009eed, ID procesu 0x1768, čas spuštění
aplikace 0x01cabe4d90048142.

Error - 7.3.2010 19:26:24 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Chybující aplikace Ad-AwareInstaller.exe, verze 8.2.0.0, časové razítko
0x48bf6ca2, chybující modul mia.lib, verze 6.0.6002.18005, časové razítko 0x49e03821,
kód výjimky 0xc0000135, posun chyby 0x00009eed, ID procesu 0x1050, čas spuštění
aplikace 0x01cabe4d980ec352.

Error - 7.3.2010 19:35:27 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Chybující aplikace Ad-AwareInstaller.exe, verze 8.2.0.0, časové razítko
0x48bf6ca2, chybující modul mia.lib, verze 6.0.6002.18005, časové razítko 0x49e03821,
kód výjimky 0xc0000135, posun chyby 0x00009eed, ID procesu 0x1628, čas spuštění
aplikace 0x01cabe4edd561842.

Error - 7.3.2010 19:50:06 | Computer Name = Notebook | Source = Google Update | ID = 20
Description =

Error - 7.3.2010 19:58:38 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description =

Error - 7.3.2010 20:50:06 | Computer Name = Notebook | Source = Google Update | ID = 20
Description =

Error - 8.3.2010 3:21:34 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ Media Center Events ]
Error - 1.3.2010 16:13:21 | Computer Name = Notebook | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerAccumulate failed;
Win32 GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media
Center Guide

[ OSession Events ]
Error - 11.2.2010 10:24:24 | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8.3.2010 14:46:40 | Computer Name = Notebook | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D09CAB3D-CDE6-4DB3-824A-CB7FFB268124},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 8.3.2010 14:46:40 | Computer Name = Notebook | Source = netbt | ID = 4321
Description = Název NOTEBOOK :0 nelze zaregistrovat v rozhraní s adresou IP
147.229.196.130. Počítač s adresou IP 147.229.199.60 nepovolil získání názvu tímto
počítačem.

Error - 8.3.2010 14:46:40 | Computer Name = Notebook | Source = netbt | ID = 4321
Description = Název NOTEBOOK :0 nelze zaregistrovat v rozhraní s adresou IP
147.229.196.130. Počítač s adresou IP 147.229.199.60 nepovolil získání názvu tímto
počítačem.

Error - 8.3.2010 14:46:40 | Computer Name = Notebook | Source = netbt | ID = 4321
Description = Název NOTEBOOK :20 nelze zaregistrovat v rozhraní s adresou
IP 147.229.196.130. Počítač s adresou IP 147.229.199.60 nepovolil získání názvu tímto
počítačem.

Error - 8.3.2010 14:54:29 | Computer Name = Notebook | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (19:52:44, 8.3.2010) bylo neočekávané.

Error - 8.3.2010 14:56:08 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 8.3.2010 14:56:08 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 8.3.2010 14:56:50 | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description =

Error - 8.3.2010 14:59:52 | Computer Name = Notebook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 8.3.2010 15:11:02 | Computer Name = Notebook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =


< End of report >

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service) -- File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "BS_Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
[2009.06.03 22:52:49 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.12.14 13:21:33 | 000,002,532 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\askcom.xml
[2010.02.17 17:18:11 | 000,000,825 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\conduit.xml
[2009.10.03 19:32:58 | 000,002,399 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\daemon-search.xml
[2010.03.06 01:13:24 | 000,000,950 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\icqplugin-1.xml
[2009.09.22 11:42:46 | 000,000,944 | ---- | M] () -- C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\icqplugin.xml
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:D083E4C6

:Files
C:\ProgramData\*.tmp
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\ProgramData\nvModes.001
C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\Windows\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
*****************************************************************************************************************************************
Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.


C:\Windows\System32\bcmwlrc.dll

[pavel66]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Service Lavasoft Ad-Aware Service stopped successfully!
Service Lavasoft Ad-Aware Service deleted successfully!
File File not found not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "BS_Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin folder moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF folder moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\lib folder moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults folder moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components folder moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome folder moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} folder moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\askcom.xml moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\conduit.xml moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\daemon-search.xml moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\NB\AppData\Roaming\Mozilla\Firefox\Profiles\9n4tuko3.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\ProgramData\Temp:D083E4C6 deleted successfully.
========== FILES ==========
C:\ProgramData\xml360B.tmp moved successfully.
C:\ProgramData\xml3772.tmp moved successfully.
C:\ProgramData\xml38BB.tmp moved successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder moved successfully.
C:\Windows\msdownld.tmp folder moved successfully.
C:\Windows\System32\_r_a_p_.tmp moved successfully.
File\Folder C:\Recycler not found.
C:\$RECYCLE.BIN\S-1-5-21-4091301431-3146374880-2057195779-1000 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
C:\ProgramData\nvModes.001 moved successfully.
C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log moved successfully.
C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log moved successfully.
C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log moved successfully.
C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log moved successfully.
C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log moved successfully.
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log moved successfully.
C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log moved successfully.
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log moved successfully.
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NB
->Temp folder emptied: 274693 bytes
->Temporary Internet Files folder emptied: 6737399 bytes
->Java cache emptied: 14 bytes
->FireFox cache emptied: 63695752 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 97510555 bytes
->Flash cache emptied: 2877 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26338 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 160,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: NB
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.1.35.0 log created on 03082010_220446

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[pavel66]

http://www.virustotal.com/cs/analisis/76fa4329ab5497752b5b785878fb6ae375fdbb596d6c511e6f3d4114adee072e-1268082746

[Damned]

Smaž složku C:\_OTL

Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.

Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.


Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.

[pavel66]

ok, dík moc za super pomoc:)