Prosím o kontrolu logu Vyřešeno

[Dymon]

OTL logfile created on: 6.12.2009 9:06:36 - Run 1
OTL by OldTimer - Version 3.1.11.7 Folder = E:\Documents and Settings\Petr\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,30 Mb Total Physical Memory | 453,81 Mb Available Physical Memory | 44,35% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): E:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 97,65 Gb Total Space | 20,82 Gb Free Space | 21,32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 51,39 Gb Total Space | 14,11 Gb Free Space | 27,45% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PETR-93F360F962
Current User Name: Petr
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - E:\Documents and Settings\Petr\Plocha\OTL.exe (OldTimer Tools)
PRC - E:\Program Files\Opera\opera.exe (Opera Software)
PRC - E:\Program Files\Hotspot Shield\bin\openvpnas.exe ()
PRC - E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - E:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - E:\Program Files\Deamon tools\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - E:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - E:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - E:\Program Files\Pošťák\Postak\Postak.exe (Seznam.cz a.s.)
PRC - E:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
PRC - C:\Acronis True Image Home 11.0 cz\TimounterMonitor.exe (Acronis)
PRC - E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - E:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Acronis True Image Home 11.0 cz\TrueImageMonitor.exe (Acronis)
PRC - E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - E:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - E:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - E:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)
PRC - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)
PRC - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe (Apache Software Foundation)
PRC - E:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
PRC - E:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
PRC - E:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe (Hewlett-Packard Co.)
PRC - E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)


========== Modules (SafeList) ==========

MOD - E:\Documents and Settings\Petr\Plocha\OTL.exe (OldTimer Tools)
MOD - E:\Program Files\ESET\ESET NOD32 Antivirus\eplgHooks.dll (ESET)
MOD - E:\WINDOWS\system32\iphlpapi.dll (Microsoft Corporation)
MOD - E:\WINDOWS\system32\wbsys.dll (Stardock.Net, Inc)
MOD - E:\Program Files\Stardock\Object Desktop\ThemeManager\wbhelp.dll (Stardock.Net, Inc)
MOD - E:\WINDOWS\system32\lpad32.dll ()


========== Win32 Services (SafeList) ==========

SRV - (MSSQL$SONY_MEDIAMGR2) SQL Server (SONY_MEDIAMGR2) -- E:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (HssTrayService) -- E:\Program Files\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HotspotShieldService) -- E:\Program Files\Hotspot Shield\bin\openvpnas.exe ()
SRV - (HssSrv) -- E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (EhttpSrv) -- E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (Ati HotKey Poller) -- E:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart) -- E:\WINDOWS\system32\ati2sgag.exe ()
SRV - (SQLWriter) -- E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- E:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- E:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing) -- E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (TryAndDecideService) -- E:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
SRV - (AcrSch2Svc) -- E:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (Microsoft Office Groove Audit Service) -- E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (StarWindServiceAE) -- E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (NMIndexingService) -- E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NBService) -- E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (ose) -- E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (nSvcIp) -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)
SRV - (nSvcLog) -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)
SRV - (ForcewareWebInterface) -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe (Apache Software Foundation)
SRV - (Bonjour Service) -- E:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (IDriverT) -- E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (catchme) -- File not found
DRV - (TVICHW32) -- E:\WINDOWS\system32\drivers\TVICHW32.SYS (EnTech Taiwan)
DRV - (sptd) -- E:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (timounter) -- E:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- E:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- E:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (tdrpman) -- E:\WINDOWS\system32\DRIVERS\tdrpman.sys (Acronis)
DRV - (hamachi) -- E:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (epfwtdir) -- E:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- E:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- E:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (ati2mtag) -- E:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- E:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (usb_rndisx) -- E:\WINDOWS\system32\drivers\usb8023x.sys (Microsoft Corporation)
DRV - (MPE) -- E:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (Secdrv) -- E:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (HDAudBus) -- E:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (tapvpn) -- E:\WINDOWS\system32\drivers\tapvpn.sys (The OpenVPN Project)
DRV - (ENTECH) -- E:\WINDOWS\system32\drivers\Entech.sys (EnTech Taiwan)
DRV - (PxHelp20) -- E:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ADIHdAudAddService) -- E:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (nvnetbus) -- E:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- E:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdK8) -- E:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (ATIAVAIW) -- E:\WINDOWS\system32\drivers\atinavt2.sys (ATI Technologies Inc.)
DRV - (AEAudio) -- E:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (SenFiltService) -- E:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (prohlp02) -- E:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- E:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (MTsensor) -- E:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (prosync1) -- E:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (sfhlp01) -- E:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (Ptilink) -- E:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = E:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "BS Player Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1750559&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.1.0.19
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.5.1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.01 21:17:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2009.10.05 12:54:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2009.10.05 12:54:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: E:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.03.19 19:49:13 | 00,000,000 | ---D | M]

[2008.11.19 17:30:18 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Extensions
[2008.11.19 17:30:18 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.10.17 12:28:23 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\extensions
[2009.10.05 12:54:22 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009.10.17 12:02:33 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.11.19 19:52:42 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.09.16 20:40:14 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.07.01 13:22:12 | 00,000,880 | ---- | M] () -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\searchplugins\conduit.xml
[2009.10.05 12:54:29 | 00,000,962 | ---- | M] () -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\searchplugins\icqplugin-1.xml
[2008.11.19 19:52:19 | 00,000,962 | ---- | M] () -- E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\searchplugins\icqplugin.xml
[2009.10.05 12:54:10 | 00,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions
[2009.10.05 12:54:10 | 00,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.07.31 00:39:00 | 00,023,544 | ---- | M] (Mozilla Foundation) -- E:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009.07.31 00:39:00 | 00,137,208 | ---- | M] (Mozilla Foundation) -- E:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.07.31 00:39:00 | 00,065,016 | ---- | M] (mozilla.org) -- E:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009.07.31 00:38:59 | 00,002,371 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009.07.30 23:15:16 | 00,000,638 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.07.30 23:15:16 | 00,001,687 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.07.30 23:15:16 | 00,001,367 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.07.30 23:15:16 | 00,000,654 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.07.30 23:15:16 | 00,001,179 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

Hosts file not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - E:\Program Files\Pošťák\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - E:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - E:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - E:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - E:\Program Files\Pošťák\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Acronis True Image Home 11.0 cz\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] E:\Program Files\sdasdas\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [egui] E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [GrooveMonitor] E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Component Manager] E:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SMail] E:\Program Files\Pošťák\Postak\Postak.exe (Seznam.cz a.s.)
O4 - HKLM..\Run: [StartCCC] E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Acronis True Image Home 11.0 cz\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WinampAgent] E:\Program Files\winamp\winampa.exe ()
O4 - HKCU..\Run: [AFProg] E:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe ()
O4 - HKCU..\Run: [AlcoholAutomount] E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] E:\Program Files\Deamon tools\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [H/PC Connection Agent] E:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - Startup: E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rychlé spuštění aplikace HP Image Zone.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: E:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download Using &BitSpirit - E:\Program Files\BitSpirit\bsurl.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - E:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - E:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - E:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - E:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - E:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - E:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - E:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - E:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - E:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - E:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - E:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - E:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - E:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (E:\WINDOWS\system32\wbsys.dll) - E:\WINDOWS\system32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:\WINDOWS\system32\userinit.exe) - E:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - E:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - E:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - E:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - E:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - E:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - E:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - E:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - E:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - E:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WB: DllName - E:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll - E:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll (Stardock)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - E:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - E:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - E:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - E:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - E:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - E:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - E:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {8DCB0AE8-533C-A1D2-29E1-3A811135D25A} - E:\WINDOWS\system32\lpad32.dll ()
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - E:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - E:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - E:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - E:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - E:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - E:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - E:\WINDOWS\System32\relog_ap.dll (Acronis)
O30 - LSA: Security Packages - (kerberos) - E:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - E:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - E:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - E:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.12 03:35:05 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009.12.06 09:04:05 | 00,536,576 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Petr\Plocha\OTL.exe
[2009.12.06 09:01:03 | 00,000,000 | ---D | C] -- E:\WINDOWS\temp
[2009.12.06 08:44:53 | 00,000,000 | ---D | C] -- E:\ComboFix
[2009.12.05 20:15:35 | 00,031,232 | ---- | C] (NirSoft) -- E:\WINDOWS\NIRCMD.exe
[2009.12.05 20:15:32 | 00,161,792 | ---- | C] (SteelWerX) -- E:\WINDOWS\SWREG.exe
[2009.12.05 20:15:31 | 00,212,480 | ---- | C] (SteelWerX) -- E:\WINDOWS\SWXCACLS.exe
[2009.12.05 20:15:31 | 00,136,704 | ---- | C] (SteelWerX) -- E:\WINDOWS\SWSC.exe
[2009.12.05 20:15:22 | 00,000,000 | ---D | C] -- E:\WINDOWS\ERDNT
[2009.12.05 20:12:50 | 00,000,000 | ---D | C] -- E:\Qoobox
[2009.12.05 18:58:24 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Petr\Data aplikací\Malwarebytes
[2009.12.05 18:58:16 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.12.05 18:58:14 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.12.05 18:58:12 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2009.12.05 18:58:11 | 00,000,000 | ---D | C] -- E:\Program Files\Malwarebytes' Anti-Malware
[2009.12.05 18:56:29 | 00,000,000 | -HSD | C] -- E:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.12.05 18:52:55 | 04,844,264 | ---- | C] (Malwarebytes Corporation ) -- E:\Documents and Settings\Petr\Plocha\mbam-setup.exe
[2009.12.05 18:40:57 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Petr\Local Settings\Data aplikací\Hotspot_Shield
[2009.12.05 17:47:20 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- E:\Documents and Settings\Petr\Plocha\HijackThisInstaller.exe
[2009.12.04 15:50:53 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Data aplikací\KONAMI
[2009.11.22 13:01:38 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Petr\Dokumenty\WM_Petr Dokumenty
[2009.11.13 09:23:24 | 02,470,798 | ---- | C] (OnlySoftwareGr) -- E:\Documents and Settings\Petr\Plocha\ESET keygen.exe
[2004.11.24 19:25:52 | 00,335,872 | ---- | C] ( ) -- E:\WINDOWS\System32\drvc.dll
[5 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
[1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009.12.06 09:04:12 | 00,536,576 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Petr\Plocha\OTL.exe
[2009.12.06 08:55:02 | 00,000,227 | ---- | M] () -- E:\WINDOWS\system.ini
[2009.12.06 08:54:36 | 00,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT
[2009.12.06 08:54:34 | 00,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2009.12.06 08:53:09 | 06,029,312 | ---- | M] () -- E:\Documents and Settings\Petr\NTUSER.DAT
[2009.12.06 08:53:09 | 00,000,178 | -HS- | M] () -- E:\Documents and Settings\Petr\ntuser.ini
[2009.12.06 08:42:19 | 03,581,119 | R--- | M] () -- E:\Documents and Settings\Petr\Plocha\ComboFix.exe
[2009.12.05 21:55:10 | 00,144,789 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\základní deska.JPG
[2009.12.05 20:44:13 | 00,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2009.12.05 18:58:19 | 00,000,700 | ---- | M] () -- E:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.12.05 18:57:09 | 04,844,264 | ---- | M] (Malwarebytes Corporation ) -- E:\Documents and Settings\Petr\Plocha\mbam-setup.exe
[2009.12.05 18:41:04 | 00,002,560 | ---- | M] () -- E:\WINDOWS\_MSRSTRT.EXE
[2009.12.05 17:48:25 | 00,001,738 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\HijackThis.lnk
[2009.12.05 17:47:20 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- E:\Documents and Settings\Petr\Plocha\HijackThisInstaller.exe
[2009.12.04 16:01:33 | 00,000,546 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\PES 10.lnk
[2009.12.04 14:55:10 | 00,000,030 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\realmlist.wtf
[2009.12.03 21:22:42 | 00,016,167 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\DPM_core_zip.zip
[2009.12.03 21:19:35 | 00,176,499 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\Gladius-v1.0.2.zip
[2009.12.03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.12.03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2009.12.02 17:06:08 | 00,191,488 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\Rodinná výchova.doc
[2009.11.28 09:13:09 | 00,000,596 | ---- | M] () -- E:\Documents and Settings\All Users\Plocha\Opera.lnk
[2009.11.25 07:17:51 | 00,001,393 | ---- | M] () -- E:\WINDOWS\imsins.BAK
[2009.11.24 19:27:32 | 00,023,040 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\čeština.doc
[2009.11.22 13:34:33 | 00,490,872 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2009.11.22 13:34:33 | 00,487,794 | ---- | M] () -- E:\WINDOWS\System32\perfh005.dat
[2009.11.22 13:34:33 | 00,101,624 | ---- | M] () -- E:\WINDOWS\System32\perfc005.dat
[2009.11.22 13:34:33 | 00,089,922 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[2009.11.22 13:34:32 | 01,187,384 | ---- | M] () -- E:\WINDOWS\System32\PerfStringBackup.INI
[2009.11.22 13:03:07 | 00,001,395 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\WM_Petr Dokumenty.LNK
[2009.11.22 11:33:58 | 00,039,424 | ---- | M] () -- E:\Documents and Settings\Petr\Plocha\Projekt chemie.doc
[2009.11.14 01:47:57 | 00,260,608 | ---- | M] () -- E:\WINDOWS\PEV.exe
[2009.11.12 08:47:52 | 01,554,008 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2009.11.10 07:41:45 | 00,057,856 | ---- | M] () -- E:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[5 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
[1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009.12.05 21:55:10 | 00,144,789 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\základní deska.JPG
[2009.12.05 20:15:35 | 00,077,312 | ---- | C] () -- E:\WINDOWS\MBR.exe
[2009.12.05 20:15:32 | 00,260,608 | ---- | C] () -- E:\WINDOWS\PEV.exe
[2009.12.05 20:15:31 | 00,098,816 | ---- | C] () -- E:\WINDOWS\sed.exe
[2009.12.05 20:15:31 | 00,080,412 | ---- | C] () -- E:\WINDOWS\grep.exe
[2009.12.05 20:15:31 | 00,068,096 | ---- | C] () -- E:\WINDOWS\zip.exe
[2009.12.05 19:56:49 | 03,581,119 | R--- | C] () -- E:\Documents and Settings\Petr\Plocha\ComboFix.exe
[2009.12.05 18:58:19 | 00,000,700 | ---- | C] () -- E:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.12.05 18:41:02 | 00,002,560 | ---- | C] () -- E:\WINDOWS\_MSRSTRT.EXE
[2009.12.05 17:48:24 | 00,001,738 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\HijackThis.lnk
[2009.12.04 16:01:34 | 00,000,546 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\PES 10.lnk
[2009.12.03 21:22:41 | 00,016,167 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\DPM_core_zip.zip
[2009.12.03 21:19:30 | 00,176,499 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\Gladius-v1.0.2.zip
[2009.12.02 16:51:33 | 00,191,488 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\Rodinná výchova.doc
[2009.11.24 15:40:21 | 00,023,040 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\čeština.doc
[2009.11.22 13:03:07 | 00,001,395 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\WM_Petr Dokumenty.LNK
[2009.11.22 12:35:39 | 35,025,313 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\TUNE_UP_2009_KEYGENY_a_INSTALACE_8.0.3300.1_by_Hanusch.rar
[2009.11.18 18:56:44 | 00,039,424 | ---- | C] () -- E:\Documents and Settings\Petr\Plocha\Projekt chemie.doc
[2009.08.22 13:18:54 | 00,000,038 | ---- | C] () -- E:\WINDOWS\AviSplitter.INI
[2009.07.11 16:30:50 | 00,000,151 | ---- | C] () -- E:\WINDOWS\PhotoSnapViewer.INI
[2009.07.09 07:38:22 | 00,815,104 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2009.07.09 07:38:21 | 00,180,224 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2009.07.07 11:59:12 | 00,027,648 | ---- | C] () -- E:\WINDOWS\System32\AVSredirect.dll
[2009.05.04 14:03:00 | 00,059,904 | ---- | C] () -- E:\WINDOWS\System32\zlib1.dll
[2009.05.04 13:53:28 | 00,286,720 | ---- | C] () -- E:\WINDOWS\System32\libcurl.dll
[2009.05.04 13:53:10 | 00,143,360 | ---- | C] () -- E:\WINDOWS\System32\libexpatw.dll
[2009.05.01 13:45:37 | 00,002,528 | ---- | C] () -- E:\Documents and Settings\Petr\Data aplikací\$_hpcst$.hpc
[2009.04.21 23:19:06 | 00,172,173 | ---- | C] () -- E:\WINDOWS\System32\xlive.dll.cat
[2009.04.10 14:56:04 | 00,000,675 | ---- | C] () -- E:\WINDOWS\System32\WEHLanguage.ini
[2009.04.10 14:56:04 | 00,000,580 | ---- | C] () -- E:\WINDOWS\System32\WEH5ColorConfig.ini
[2009.03.07 14:12:45 | 00,000,390 | ---- | C] () -- E:\WINDOWS\ODBC.INI
[2009.03.03 14:30:26 | 00,000,010 | ---- | C] () -- E:\WINDOWS\WININIT.INI
[2009.02.20 13:46:52 | 00,000,032 | ---- | C] () -- E:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2009.02.08 19:22:38 | 00,000,390 | ---- | C] () -- E:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.01.26 17:09:42 | 00,022,328 | ---- | C] () -- E:\Documents and Settings\Petr\Data aplikací\PnkBstrK.sys
[2009.01.26 17:09:22 | 00,000,267 | ---- | C] () -- E:\WINDOWS\game.ini
[2009.01.05 19:03:27 | 00,003,972 | ---- | C] () -- E:\WINDOWS\System32\drivers\PciBus.sys
[2008.12.25 15:12:11 | 00,000,082 | ---- | C] () -- E:\WINDOWS\wb.ini
[2008.12.25 07:27:58 | 00,000,580 | ---- | C] () -- E:\WINDOWS\wincmd.ini
[2008.12.19 15:15:58 | 04,338,246 | ---- | C] () -- E:\WINDOWS\System32\libavcodec.dll
[2008.12.17 17:41:18 | 00,884,237 | ---- | C] () -- E:\WINDOWS\System32\ff_x264.dll
[2008.12.17 17:22:58 | 00,093,184 | ---- | C] () -- E:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 17:22:48 | 00,057,344 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 17:17:34 | 00,239,247 | ---- | C] () -- E:\WINDOWS\System32\ff_theora.dll
[2008.12.17 16:59:54 | 00,560,802 | ---- | C] () -- E:\WINDOWS\System32\libmplayer.dll
[2008.12.12 14:24:59 | 00,057,856 | ---- | C] () -- E:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.11 11:27:02 | 00,000,547 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.12.04 14:51:49 | 00,000,157 | ---- | C] () -- E:\Documents and Settings\Petr\Data aplikací\default.rss
[2008.11.21 22:15:19 | 00,000,069 | ---- | C] () -- E:\WINDOWS\NeroDigital.ini
[2008.11.21 21:16:51 | 00,004,767 | ---- | C] () -- E:\WINDOWS\Irremote.ini
[2008.11.21 13:29:58 | 00,138,184 | ---- | C] () -- E:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.11.19 18:55:04 | 00,721,904 | ---- | C] () -- E:\WINDOWS\System32\drivers\sptd.sys
[2008.11.19 18:13:16 | 00,354,816 | ---- | C] () -- E:\WINDOWS\System32\PsisDecd.dll
[2008.11.19 18:12:54 | 00,000,124 | ---- | C] () -- E:\Documents and Settings\Petr\Local Settings\Data aplikací\fusioncache.dat
[2008.11.19 17:53:44 | 00,017,704 | ---- | C] () -- E:\WINDOWS\Ascd_log.ini
[2008.11.19 17:53:16 | 00,017,470 | ---- | C] () -- E:\WINDOWS\Ascd_tmp.ini
[2008.11.19 17:53:13 | 00,005,810 | R--- | C] () -- E:\WINDOWS\System32\drivers\ASACPI.sys
[2008.11.19 17:53:03 | 00,005,824 | ---- | C] () -- E:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004.10.03 17:50:54 | 00,129,024 | ---- | C] () -- E:\WINDOWS\System32\ff_mpeg2enc.dll
[2003.04.09 15:38:04 | 00,005,664 | ---- | C] () -- E:\WINDOWS\System32\OUTLPERF.INI
[1996.04.03 20:33:26 | 00,005,248 | ---- | C] () -- E:\WINDOWS\System32\giveio.sys
[1990.01.01 02:01:14 | 00,045,056 | RHS- | C] () -- E:\WINDOWS\System32\lpad32.dll

========== LOP Check ==========

[2009.06.09 16:31:48 | 00,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\Acronis
[2009.03.07 15:13:00 | 00,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.03.19 19:49:11 | 00,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\ESET
[2008.12.19 19:12:13 | 00,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.12.04 15:50:53 | 00,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\KONAMI
[2009.10.11 14:09:52 | 00,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2009.07.06 12:12:09 | 00,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\Sony
[2009.08.12 09:32:49 | 00,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.12.05 18:56:29 | 00,000,000 | -HSD | M] -- E:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.06.09 20:25:59 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Acronis
[2009.04.19 16:37:57 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Atari
[2008.11.20 18:55:36 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\BitSpirit
[2008.12.14 15:41:06 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\BSplayer
[2008.12.14 15:33:15 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\BSplayer Pro
[2009.03.07 15:13:17 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\DAEMON Tools
[2009.03.07 15:13:17 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2009.03.07 15:13:17 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Pro
[2009.02.03 07:05:43 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\EuroTalk
[2008.12.02 17:41:12 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\HideIP
[2009.05.30 17:21:23 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\ICQ
[2008.11.20 22:14:41 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\ICQ Toolbar
[2009.04.09 13:49:29 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\ICQLite
[2008.12.13 11:27:26 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\LangSoft
[2008.11.21 13:28:13 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Leadertech
[2008.11.19 18:26:18 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Opera
[2009.07.06 12:20:22 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Publish Providers
[2009.07.06 12:19:48 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\Sony
[2009.06.12 14:06:06 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Petr\Data aplikací\TeamViewer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 498 bytes -> E:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> E:\Documents and Settings\All Users\Data aplikací\TEMP:888AFB86
< End of report >

[Reklama]

[Dymon]

OTL Extras logfile created on: 6.12.2009 9:06:36 - Run 1
OTL by OldTimer - Version 3.1.11.7 Folder = E:\Documents and Settings\Petr\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,30 Mb Total Physical Memory | 453,81 Mb Available Physical Memory | 44,35% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): E:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 97,65 Gb Total Space | 20,82 Gb Free Space | 21,32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 51,39 Gb Total Space | 14,11 Gb Free Space | 27,45% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PETR-93F360F962
Current User Name: Petr
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1
.html [@ = Opera.HTML] -- E:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "E:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- E:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "E:\Program Files\winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "E:\Program Files\winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "E:\Program Files\winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "E:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"E:\Program Files\Microsoft ActiveSync\rapimgr.exe" = E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"E:\Program Files\Microsoft ActiveSync\wcescomm.exe" = E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"E:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"E:\Program Files\BitSpirit\BitSpirit.exe" = E:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client -- (LANSPIRIT.NET)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"E:\WINDOWS\system32\PnkBstrA.exe" = E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"E:\WINDOWS\system32\PnkBstrB.exe" = E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"E:\Program Files\World of Warcraft\Launcher.exe" = E:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"E:\Program Files\ICQ6.5\ICQ.exe" = E:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"E:\Program Files\Microsoft ActiveSync\rapimgr.exe" = E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"E:\Program Files\Microsoft ActiveSync\wcescomm.exe" = E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"E:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"E:\Program Files\Bonjour\mDNSResponder.exe" = E:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"E:\Program Files\Hamachi\hamachi.exe" = E:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client -- (LogMeIn Inc.)
"E:\Program Files\Garena\Garena.exe" = E:\Program Files\Garena\Garena.exe:*:Enabled:Garena -- (Garena Interactive PTE LTD)
"E:\Program Files\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe" = E:\Program Files\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\WINDOWS\system32\dpvsetup.exe" = E:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"E:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe" = E:\Program Files\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe" = E:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe" = E:\Program Files\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe" = E:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\Program Files\Skype\Phone\Skype.exe" = E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath -- (Skype Technologies S.A.)
"E:\Program Files\Opera\opera.exe" = E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\PES 10\PLAY\pes2010.exe" = C:\PES 10\PLAY\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{028814FB-D05F-495E-81D7-636A87321025}" = CreativeProjectsTemplates
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{0863885D-E64B-9E5A-9747-03321A2D2A49}" = CCC Help Korean
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero BurningROM
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C40E716-2558-01E2-4797-484E4CCB2500}" = Catalyst Control Center Localization All
"{10FDD69C-2428-0FFB-12A2-2A6907D6282F}" = CCC Help Japanese
"{11680998-6792-4DE9-8DE1-D6D041418B26}" = SkinsHP1
"{139DEC1F-D380-EB76-B0DF-88BC99B3B7BB}" = Catalyst Control Center Graphics Light
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2347E903-6299-A99F-C46C-05EB55912539}" = CCC Help Chinese Traditional
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SONY_MEDIAMGR2)
"{2B3A996D-CCBF-3D62-B0AD-EA05553D3CEE}" = CCC Help Chinese Standard
"{300D2ECE-DA75-1623-871F-935A205FC450}" = CCC Help German
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{3662AF19-6E4B-4F6D-A61C-F3CB6D67097D}" = QuickProjects
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{43D092A7-D91E-45D1-A3F0-4060B9CA5E4F}" = HP Fotoaparáty Photosmart 4.0
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4BF8A8A5-B3EA-6073-0457-669CC1E929C8}" = CCC Help Hungarian
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{501C0FDB-DCA5-E211-956C-26ADC4C54B66}" = Catalyst Control Center Core Implementation
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}" = Driver Detective
"{57F85CF9-B9EF-6C77-8095-A2CF95738099}" = CCC Help Danish
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{63A17691-ABC0-E86F-5D7A-A2F7EE36145E}" = CCC Help Dutch
"{6501E9B8-77C7-7D81-7F1A-4C2D7E36B403}" = CCC Help Italian
"{690BE098-6D0D-493D-B079-BD7E8F81A141}" = Opera 10.10
"{696C94BC-44BC-4B8E-ABAA-6FFC0F11A6D3}" = PhotoGallery
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7107A761-B2F7-4BB0-84DA-CD90B562A72D}" = Director
"{725249C3-B94C-4141-8799-0D3BA43D0812}" = CameraDrivers
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72A5824D-08E9-9A96-2104-19E4FE86E5FA}" = CCC Help Spanish
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7907CAB0-6C4F-C554-34EA-93EAC98B42F9}" = CCC Help Turkish
"{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{827ECAB7-3F8E-4A66-A663-67A8F678536C}" = CreativeProjects
"{82982D26-D60E-27D8-361F-F14A8F6440E7}" = Catalyst Control Center HydraVision Full
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87934EAD-CE6F-16C6-6004-73E092AA15A6}" = Catalyst Control Center Graphics Previews Common
"{89B80F72-CCD0-95C3-21CB-89BA03D98155}" = CCC Help Finnish
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FA5B6B7-D8BD-49F7-98D7-701C26B01E97}" = Sony Media Manager 2.3
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISER_{3C3813E1-C370-4F32-9639-8B43C7C780CD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISER_{F67648A4-713E-4298-BBAD-A83D8283B0F3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISER_{2659571A-3405-4486-B7D8-2F125BC0E3B2}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISER_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{906D95BA-4515-59A5-F2E4-072B1E73BB75}" = CCC Help English
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D8BE52A-2C9A-91F2-310E-560CCE4FD247}" = CCC Help Russian
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{A0D62771-4353-8D52-44B8-0FCFF07D5FF1}" = ccc-core-preinstall
"{A10A14F5-DF18-4151-9EB0-B79ABBFE6863}" = WebReg
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A20A58C4-6784-4B4B-86CC-94E2E3671029}" = Nero 7 Premium
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3AE78AD-093F-57F1-280D-A31B0C1C1425}" = CCC Help Greek
"{A41A9C99-0029-783E-40C3-3AA0D1A6535D}" = CCC Help Polish
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A680CE58-7B2C-9A45-D05F-5AC22DFA2F76}" = CCC Help Portuguese
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A97B911E-8B1F-3B0F-F3D1-63B04084CC0F}" = Skins
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD3AE2EE-E0DB-7818-3F05-7E8B2FB22C49}" = CCC Help Norwegian
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3A77A42-DCF7-4830-AE0E-8CEE34A76200}" = CueTour
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B414174C-97E4-9E8B-018E-AC77055D0107}" = CCC Help Thai
"{B6D0AACC-1F01-A901-5348-FF3599EFE70D}" = CCC Help French
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B98604A2-5229-CBE6-98A4-A6D7C63B7458}" = ccc-utility
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBC8862B-BFC8-475D-9BB8-93289703BD33}" = ESET NOD32 Antivirus
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBD1A47D-691E-56C2-AC6A-1B3F80E3EC14}" = CCC Help Swedish
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D34313F7-B5E2-D3AF-FBB1-EF3ED1DEF5AB}" = CCC Help Czech
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E3A6437F-DE5B-6F3E-7BB3-39185D0BBDCE}" = ccc-core-static
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E5343B27-55DF-40BD-9FCF-A643C1331E8A}" = Acronis True Image Home
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{E889F95A-B9E3-4580-B3D7-43DBC9C9CD43}" = TrayApp
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB1446FB-A3EF-D04D-C224-EEC74F11805F}" = Catalyst Control Center Graphics Full New
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE931AAE-B6D9-8A02-60C7-EF4862306F58}" = Catalyst Control Center Graphics Full Existing
"{FF5506ED-4D15-41F1-8588-E097B18124F2}" = BufferChm
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"BitSpirit_is1" = BitSpirit v3.3.2.263 Stable
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriverAgent_is1" = DriverAgent by eSupport.com
"EAX Unified" = EAX Unified
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EuroTalk Talk Now Plus!" = EuroTalk Talk Now Plus!
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"FastStone Photo Resizer" = FastStone Photo Resizer 2.3
"Garena" = Garena
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"HotspotShield" = Hotspot Shield 1.15
"HP Photo & Imaging" = HP Image Zone 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"Kubik SMS DreamCom_is1" = Kubik SMS DreamCom 5.86
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marsu-Fix" = Marsu-Fix
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Revo Uninstaller" = Revo Uninstaller 1.83
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SMail" = Seznam Pošťák
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Theme Manager" = Theme Manager
"Totalcmd" = Total Commander (Remove or Repair)
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Příručka k zařízení Windows Mobile®
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"World of Warcraft Desktop" = World of Warcraft Desktop
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23.8.2009 8:56:26 | Computer Name = PETR-93F360F962 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.3.3.977, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.8.2009 13:19:45 | Computer Name = PETR-93F360F962 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hpqgalry.exe, verze 43.0.120.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.8.2009 13:23:58 | Computer Name = PETR-93F360F962 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wmplayer.exe, verze 11.0.5721.5145, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ OSession Events ]
Error - 19.10.2009 4:37:25 | Computer Name = PETR-93F360F962 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7034
Description = Služba NMIndexingService byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7034
Description = Služba Hotspot Shield Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7034
Description = Služba ForceWare user log service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7031
Description = Služba SQL Server Browser byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7034
Description = Služba ForceWare IP service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7031
Description = Služba ESET Service byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error - 6.12.2009 3:46:10 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7034
Description = Služba StarWind AE Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 6.12.2009 3:54:59 | Computer Name = PETR-93F360F962 | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126


< End of report >

[Dymon]

Další změny na které jsem přišel, jsou že mi hra World of Warcraft docela často háže error. Ted to bylo například u spouštěni Opery, přičemž opera hodila taky error. Na druhy pokus se zapla.

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
DRV - (catchme) -- File not found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "BS Player Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1750559&SearchSource=13"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q="
O3 - HKCU\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found

:Files
E:\WINDOWS\*.tmp
E:\WINDOWS\System32\*.tmp
E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\searchplugins\conduit.xml
E:\Documents and Settings\Petr\Plocha\ESET keygen.exe
E:\Documents and Settings\Petr\Plocha\TUNE_UP_2009_KEYGENY_a_INSTALACE_8.0.3300.1_by_Hanusch.rar
E:\Documents and Settings\All Users\Data aplikací\ezsid.dat

:Reg

:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Dymon]

All processes killed
========== OTL ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
File File not found not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "BS Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "BS Player Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.conduit.com/?ctid=CT1750559&SearchSource=13" removed from browser.startup.homepage
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=" removed from keyword.URL
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ not found.
========== FILES ==========
E:\WINDOWS\002936_.tmp moved successfully.
E:\WINDOWS\NV13641400.TMP folder moved successfully.
E:\WINDOWS\SET3.tmp moved successfully.
E:\WINDOWS\SET4.tmp moved successfully.
E:\WINDOWS\SET8.tmp moved successfully.
E:\WINDOWS\System32\CONFIG.TMP moved successfully.
E:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\searchplugins\conduit.xml moved successfully.
E:\Documents and Settings\Petr\Plocha\ESET keygen.exe moved successfully.
E:\Documents and Settings\Petr\Plocha\TUNE_UP_2009_KEYGENY_a_INSTALACE_8.0.3300.1_by_Hanusch.rar moved successfully.
E:\Documents and Settings\All Users\Data aplikací\ezsid.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Opera cache emptied: 25160 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Mamka a Vlasťa
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 98151 bytes
->Opera cache emptied: 35433019 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Petr
->Temp folder emptied: 79006 bytes
->Temporary Internet Files folder emptied: 37213 bytes
->FireFox cache emptied: 23886509 bytes
->Opera cache emptied: 3821641 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 186337360 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 6710419 bytes

Total Files Cleaned = 244,61 mb


OTL by OldTimer - Version 3.1.11.7 log created on 12062009_132910

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Damned]

Já tam nevidím už žádnýho šmejda, který by ti měl způsobovat nějakou neplechu.

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/Uninstall

Pokud nepůjde a ComboFix je na Ploše, tak Start-->Spustit a do řádku zkopíruj:

Kód: Vybrat vše

"%userprofile%\Plocha\combofix" /uninstall

(Podle CF community bylo změněno /u na uninstall, pokud je na Ploše, tak daný řetězec)

Napiš zda Combofix šel odinstalovat a vlož mi sem nový log z HJT.

[Dymon]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:43:16, on 6.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\Hotspot Shield\bin\openvpnas.exe
E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\winamp\winampa.exe
E:\Program Files\Pošťák\Postak\Postak.exe
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
E:\Program Files\HP\hpcoretech\hpcmpmgr.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Acronis True Image Home 11.0 cz\TrueImageMonitor.exe
C:\Acronis True Image Home 11.0 cz\TimounterMonitor.exe
E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
E:\Program Files\sdasdas\Reader\Reader_sl.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe
E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
E:\PROGRA~1\MI3AA1~1\rapimgr.exe
E:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - E:\Program Files\Pošťák\Postak\SRank.dll
O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\winamp\winampa.exe"
O4 - HKLM\..\Run: [SMail] "E:\Program Files\Pošťák\Postak\Postak.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Component Manager] "E:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Acronis True Image Home 11.0 cz\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Acronis True Image Home 11.0 cz\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\sdasdas\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [combofix] "E:\ComboFix\CF351.cfxxe" /c "E:\ComboFix\C.bat"
O4 - HKCU\..\Run: [AFProg] E:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\Deamon tools\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Download Using &BitSpirit - E:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCFE3FAC-4BE7-41F6-B87B-87F2A7DA2B30}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: E:\WINDOWS\system32\wbsys.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - E:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - E:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - E:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 10876 bytes


ComboFix byl odinstalován úspěšně. Jen jsem se chtěl zeptat co přesně si opravil / smazal, čeho jsem si nevšiml abych v tom měl přehled, jinak moc děkuji za pomoc :)

[Dymon]

Tak ještě při zapínání PC se mi objeví Error:

DAEMON Tools Lite
This program requires at least Windows 2000 with SPTD 1.56 or higher.
Kernel Debugger must be deactivated

[Damned]

Něco se opravilo v registru, smazaly se podvodné odkazy a dočasné soubory, atp.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O4 - HKLM\..\Run: [combofix] "E:\ComboFix\CF351.cfxxe" /c "E:\ComboFix\C.bat"
*****************************************************************************************************************************************
Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.

Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.