Noťas ovládá mě, né já jeho :-( Vyřešeno

[pechytce]

tak tady to je :-)


ComboFix 11-03-24.06 - sitel 25.03.2011 19:23:18.7.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.502.212 [GMT 1:00]
Spuštěný z: d:\documents and settings\sitel\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\sitel\Plocha\CFScript.txt
AV: AVG Anti-Virus Network Edition *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\sitel\Data aplikací\AVG9
d:\documents and settings\sitel\Data aplikací\AVG9\cfgall\usergui.cfg
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-25 do 2011-03-25 )))))))))))))))))))))))))))))))
.
.
2011-03-25 18:10 . 2011-03-25 18:10 28752 ----a-w- d:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CD08A436-FCA9-4DA9-BEEA-3D54FE71E03A}\MpKsl200519af.sys
2011-03-25 18:09 . 2011-01-13 00:41 5890896 ----a-w- d:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-25 18:06 . 2011-03-14 20:05 6792528 ----a-w- d:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CD08A436-FCA9-4DA9-BEEA-3D54FE71E03A}\mpengine.dll
2011-03-25 17:58 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-25 17:54 . 2011-03-25 17:54 -------- d-----w- c:\windows\LastGood
2011-03-25 17:53 . 2011-03-25 17:55 -------- d-----w- c:\program files\Microsoft Security Client
2011-03-25 11:58 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-25 11:57 . 2011-03-25 11:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-25 11:57 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-25 11:04 . 2011-03-25 11:04 388096 ----a-r- d:\documents and settings\sitel\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-22 19:48 . 2011-03-22 19:48 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-22 19:48 . 2011-03-22 19:48 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-22 19:48 . 2011-03-22 19:48 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-22 19:48 . 2011-03-22 19:48 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-22 19:48 . 2011-03-22 19:48 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-03-22 19:48 . 2011-03-22 19:48 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-22 19:48 . 2011-03-22 19:48 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-22 19:48 . 2011-03-22 19:48 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-15 12:19 . 2011-03-15 12:19 -------- d--h--w- d:\documents and settings\All Users\Data aplikací\Common Files
2011-03-04 19:38 . 2011-03-04 19:35 737280 ----a-w- c:\windows\iun6002.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2004-09-13 15:20 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-09-13 15:20 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2004-09-13 15:34 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2004-09-13 15:34 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-24 13:25 . 2010-08-15 07:29 5648 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-01-21 14:44 . 2004-09-13 15:20 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2004-09-13 15:20 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2004-09-13 15:20 1854976 ----a-w- c:\windows\system32\win32k.sys
2008-01-05 19:52 . 2008-01-05 19:52 3928264 -c--a-w- c:\program files\FLV PlayerRCATSetup.exe
2008-01-05 19:50 . 2008-01-05 19:50 411248 -c--a-w- c:\program files\FLV PlayerRCSetup.exe
2011-03-22 19:48 . 2011-03-22 19:48 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-03-25_17.31.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-25 17:54 . 2011-03-25 17:54 47616 c:\windows\Installer\26781a.msi
+ 2011-03-25 17:54 . 2011-03-25 17:54 27648 c:\windows\Installer\26780b.msi
+ 2010-10-24 20:25 . 2010-10-24 20:25 165264 c:\windows\system32\drivers\MpFilter.sys
+ 2011-03-25 17:54 . 2011-03-25 17:54 786432 c:\windows\Installer\267811.msi
+ 2011-03-25 17:54 . 2011-03-25 17:54 479744 c:\windows\Installer\267804.msi
+ 2011-03-25 17:54 . 2011-03-25 17:54 301056 c:\windows\Installer\2677fe.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-02-20 1191936]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-10-31 1392640]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-05-02 184320]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-9-6 24576]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-10-8 118784]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^TMMonitor.lnk]
path=d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\TMMonitor.lnk
backup=c:\windows\pss\TMMonitor.lnkCommon Startup
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^TV Expert Schedule Agent.lnk]
path=d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\TV Expert Schedule Agent.lnk
backup=c:\windows\pss\TV Expert Schedule Agent.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
2003-09-10 01:24 20480 -c--a-w- c:\program files\NetWaiting\netwaiting.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 -c--a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2006-08-17 08:00 1116920 -c--a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2006-11-05 10:22 221184 -c--a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TV Card Remote Control Device Monitor]
2007-05-31 20:00 466944 -c--a-r- c:\windows\6000RMT.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.2.2009 13:18 717296]
R1 MpKsl200519af;MpKsl200519af;d:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CD08A436-FCA9-4DA9-BEEA-3D54FE71E03A}\MpKsl200519af.sys [25.3.2011 19:10 28752]
R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [24.10.2007 19:18 60255]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.4.2010 18:48 136176]
S3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [24.10.2007 19:18 675581]
S3 TridDev;Trident Device;c:\windows\system32\drivers\Triddev.sys [24.9.2007 14:38 3584]
S3 tridhid;tridhid - USB 2.0 HID Driver;c:\windows\system32\drivers\tridhid.sys [24.9.2007 14:38 15488]
S3 TridVid;TM6000 TV Service;c:\windows\system32\drivers\TridVid.sys [24.9.2007 14:38 154112]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPFILTER
*NewlyCreated* - MPKSL200519AF
*NewlyCreated* - MSMPSVC
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-25 18:50]
.
2011-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-25 18:50]
.
2011-03-25 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
2011-03-25 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
2011-03-25 c:\windows\Tasks\User_Feed_Synchronization-{39057D99-C384-4D0A-9A88-057F7C7AD157}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/sm
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - d:\documents and settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=hp
FF - prefs.js: keyword.URL - hxxp://www.google.cz/#hl=cs&source=hp&q=
FF - prefs.js: network.proxy.type - 2
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-25 19:31
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-03-25 19:40:20
ComboFix-quarantined-files.txt 2011-03-25 18:40
ComboFix2.txt 2011-03-25 17:39
.
Před spuštěním: 743 940 096
Po spuštění: 722 505 728
.
- - End Of File - - 1DC7CDD021F7CA5429A85B6CB65ACBEA

[Reklama]

[Damned]

Odinstaluj ComboFix. ComboFix se odinstaluje takto:
Vypni antivir a pokud máš i Antispyware ( nutné ) .

Start -> Spustit (nebo klávesy Win+R) a zadej do řádku: Combofix[mezera]/uninstall

Stáhni si T-Cleaner (nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš Avast,AVG,Aviru, MSSE před stažením T-Cleaneru a po dobu čištění deaktivuj Avast,AVG,Aviru,MSSE (i rezidenty), následně T-Cleaner smaž a zapni si Avast,AVG, Aviru...)
*************************************************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na Minimální výstup, zaškrtni Pro všechny uživatele.Pod Běžné registry změň na Vše, Specifické registry na Vše. Zatrhni Kontrola na havěť LOP a Kontrola na havěť Purity. Stáří souborů změň na 14 dnů. Všechny ostatní nastavení ponech jak jsou. Klikni na [b]Prohledat. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[pechytce]

OTL Extras logfile created on: 25.3.2011 20:52:18 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

502,00 Mb Total Physical Memory | 119,00 Mb Available Physical Memory | 24,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 44,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,79 Gb Total Space | 0,91 Gb Free Space | 9,26% Space Free | Partition Type: NTFS
Drive D: | 40,94 Gb Total Space | 5,25 Gb Free Space | 12,83% Space Free | Partition Type: NTFS
Drive E: | 4,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: HNH00129 | User Name: sitel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = jsfile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe"
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Procházet v &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (Ghisler Software GmbH)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 21
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{2E0A8315-9A0B-4310-BD0A-14471A7CB69F}_is1" = MyFindsGpxGenerator 2.22.0.1
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5434A77C-D95F-4D36-9240-4BDF295DA88A}" = Concealar Setup
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{68CC21AD-B6EC-4DB8-954D-F27AD0D9A83F}" = TV Expert
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client CS-CZ Language Pack
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}" = Citrix Presentation Server Client
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E3BE95F0-DC7F-439D-818D-F94C1F9EB56F}" = ArcSoft TotalMedia 3
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EFF87108-C9D0-43F1-BEE1-28DA87778F1A}" = Garmin Communicator Plugin
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F6197679-051D-4E3E-9757-4D5CDA6D658B}" = Microsoft Antimalware Service CS-CZ Language Pack
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"7-Zip" = 7-Zip 4.42
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"BSRScreenRecorder5" = BSR Screen Recorder 5
"Capture-A-ScreenShot_is1" = Capture-A-ScreenShot
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"DrillBook_is1" = DrillBook 1.50
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.0.0
"Easy Screen Ripper" = Easy Screen Ripper
"foobar2000" = foobar2000 v0.9.6.8
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.0.4370
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 4.0 (x86 cs)" = Mozilla Firefox 4.0 (x86 cs)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.50
"StmAdsl" = ADSL Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Vicsoft QuickClear" = Vicsoft QuickClear
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.3.2011 1:27:38 | Computer Name = HNH00129 | Source = ESENT | ID = 490
Description = svchost (1260) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 25.3.2011 1:27:38 | Computer Name = HNH00129 | Source = ESENT | ID = 470
Description = Catalog Database (1260) Databáze C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
je částečně připojena. Fáze připojení: 3. Chyba: -1032

Error - 25.3.2011 1:28:56 | Computer Name = HNH00129 | Source = ESENT | ID = 494
Description = Catalog Database (1260) Obnovení databáze se nezdařilo a došlo k chybě
-1216, protože byly zjištěny odkazy na databázi C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb,
která již není k dispozici. Databáze nebyla před odebráním (či případným přesunutím
nebo přejmenováním) převedena do konzistentního stavu. Databázový stroj nepovolí
dokončení obnovení pro tuto instanci, dokud nebude chybějící databáze znovu zařazena.
Pokud databáze již skutečně není k dispozici a není již nadále požadována, obraťte
se na PSS se žádostí o další pokyny týkající se kroků nezbytných k dokončení obnovení
bez této databáze.

Error - 25.3.2011 1:28:56 | Computer Name = HNH00129 | Source = ESENT | ID = 454
Description = Catalog Database (1260) Při zotavení či obnovení databáze došlo k
neočekávané chybě -1216.

Error - 25.3.2011 1:37:37 | Computer Name = HNH00129 | Source = ESENT | ID = 490
Description = svchost (1260) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 25.3.2011 1:37:37 | Computer Name = HNH00129 | Source = ESENT | ID = 439
Description = Catalog Database (1260) Pro soubor C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
nelze zapsat stínové záhlaví. Chyba -1032

Error - 25.3.2011 1:37:37 | Computer Name = HNH00129 | Source = ESENT | ID = 473
Description = Catalog Database (1260) Databáze C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
byla částečně odpojena. Při aktualizaci záhlaví databáze došlo k chybě -1032.

Error - 25.3.2011 13:54:41 | Computer Name = HNH00129 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8107.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 25.3.2011 14:43:38 | Computer Name = HNH00129 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 25.3.2011 14:43:38 | Computer Name = HNH00129 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


[ System Events ]
Error - 25.3.2011 12:22:41 | Computer Name = HNH00129 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 25.3.2011 12:25:17 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 25.3.2011 12:25:26 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 25.3.2011 13:12:43 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 25.3.2011 13:12:43 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 25.3.2011 13:22:05 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7034
Description = Služba Dell Wireless WLAN Tray Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 25.3.2011 14:12:17 | Computer Name = HNH00129 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.101.147.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%854 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze stroje: Předchozí verze stroje: 1.1.6702.0 Kód chyby: 0x80070008 Popis chyby:
Ke zpracování tohoto příkazu není dostatečný prostor.

Error - 25.3.2011 14:12:17 | Computer Name = HNH00129 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.101.147.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%854 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze stroje: Předchozí verze stroje: 1.1.6702.0 Kód chyby: 0x80070008 Popis chyby:
Ke zpracování tohoto příkazu není dostatečný prostor.

Error - 25.3.2011 14:12:17 | Computer Name = HNH00129 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.101.147.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%854 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze stroje: Předchozí verze stroje: 1.1.6702.0 Kód chyby: 0x80070008 Popis chyby:
Ke zpracování tohoto příkazu není dostatečný prostor.

Error - 25.3.2011 14:12:17 | Computer Name = HNH00129 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.101.147.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%854 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze stroje: Předchozí verze stroje: 1.1.6702.0 Kód chyby: 0x80070008 Popis chyby:
Ke zpracování tohoto příkazu není dostatečný prostor.


< End of report >

[pechytce]

OTL logfile created on: 25.3.2011 20:52:18 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

502,00 Mb Total Physical Memory | 119,00 Mb Available Physical Memory | 24,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 44,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,79 Gb Total Space | 0,91 Gb Free Space | 9,26% Space Free | Partition Type: NTFS
Drive D: | 40,94 Gb Total Space | 5,25 Gb Free Space | 12,83% Space Free | Partition Type: NTFS
Drive E: | 4,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: HNH00129 | User Name: sitel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (SafeList) ==========

PRC - D:\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)


========== Modules (SafeList) ==========

MOD - D:\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (MSFtpsvc) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (ProtexisLicensing) -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()


========== Driver Services (SafeList) ==========

DRV - (MpKsl6cbacc6a) -- d:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{96EBCC84-AE18-4225-838E-16DD2C0B3696}\MpKsl6cbacc6a.sys (Microsoft Corporation)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfo.sys ()
DRV - (TridVid) -- C:\WINDOWS\system32\drivers\TridVid.sys ()
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (tridhid) -- C:\WINDOWS\system32\drivers\tridhid.sys (Trident Multimedia Technologies Co.,Ltd)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (TridDev) -- C:\WINDOWS\system32\drivers\Triddev.sys (Trident Microsystem Inc.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (TaurusUsb) -- C:\WINDOWS\system32\drivers\torususb.sys ()
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Inc)
DRV - (Stmatm) -- C:\WINDOWS\system32\drivers\stmatm.sys (STMicroelectronics )
DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.07.14 06:46:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.05.29 10:06:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.22 20:49:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 20:49:30 | 000,000,000 | ---D | M]

[2009.05.27 19:12:46 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Extensions
[2009.05.27 19:12:46 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.04.13 22:49:19 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Extensions\MediaCoder
[2011.03.24 20:29:18 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions
[2011.03.24 12:37:39 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.22 13:36:33 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.01.26 19:33:06 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.01.26 19:33:15 | 000,000,000 | ---D | M] (Sothink Web Video Downloader for Firefox) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2011.02.16 20:49:23 | 000,000,000 | ---D | M] ("Xmarks") -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\foxmarks@kei.com
[2010.12.13 18:29:42 | 000,000,000 | ---D | M] (Echofon) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\twitternotifier@naan.net
[2011.03.22 13:49:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.03.22 20:49:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.05.29 10:06:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2010.08.05 08:03:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.03.22 20:48:22 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.15 13:22:12 | 000,002,309 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2011.03.22 20:48:50 | 000,002,364 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2011.03.22 20:48:50 | 000,002,208 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\heureka-cz.xml
[2011.03.22 20:48:51 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.10 20:31:32 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.03.22 20:48:51 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.03.22 20:48:51 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.03.22 20:48:51 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.03.25 19:31:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2011.03.25 18:58:41 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011.03.25 18:54:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.03.25 18:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.03.25 14:06:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.25 12:58:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.03.25 12:58:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.03.25 12:57:54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.03.25 12:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.03.25 12:04:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\sitel\Nabídka Start\Programy\HiJackThis
[2011.03.25 06:47:33 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\sitel\Recent
[2011.03.22 21:14:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\sitel\Plocha\videa pechy
[2011.03.20 10:17:11 | 000,000,000 | ---D | C] -- D:\Documents and Settings\sitel\Plocha\fotky brezen
[2011.03.15 13:19:28 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.02.21 15:21:44 | 000,047,360 | ---- | C] (VSO Software) -- D:\Documents and Settings\sitel\Data aplikací\pcouffin.sys
[2008.01.05 20:50:50 | 000,411,248 | ---- | C] (Applian Technologies Inc.) -- C:\Program Files\FLV PlayerRCSetup.exe
[3 D:\Documents and Settings\sitel\Plocha\*.tmp files -> D:\Documents and Settings\sitel\Plocha\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2011.03.25 21:03:03 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.25 21:02:35 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011.03.25 21:02:32 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{39057D99-C384-4D0A-9A88-057F7C7AD157}.job
[2011.03.25 20:49:15 | 000,004,768 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011.03.25 20:03:01 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.25 19:31:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.03.25 18:59:58 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.03.25 18:55:19 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011.03.25 18:52:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.25 18:12:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.25 17:46:37 | 000,019,253 | ---- | M] () -- D:\Documents and Settings\sitel\Plocha\combo.JPG
[2011.03.25 17:44:28 | 000,451,508 | ---- | M] () -- D:\Documents and Settings\sitel\Plocha\cf1.jpg
[2011.03.25 12:58:06 | 000,000,672 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.25 12:48:42 | 000,002,323 | ---- | M] () -- D:\Documents and Settings\sitel\Plocha\HiJackThis.lnk
[2011.03.24 21:02:18 | 000,000,569 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2011.03.24 13:24:53 | 000,000,417 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2011.03.22 20:38:15 | 000,084,700 | ---- | M] () -- D:\Documents and Settings\sitel\Plocha\confirmation.pdf
[2011.03.13 20:41:30 | 000,247,551 | ---- | M] () -- D:\Documents and Settings\sitel\Plocha\zp_rambousek_petr.pdf
[3 D:\Documents and Settings\sitel\Plocha\*.tmp files -> D:\Documents and Settings\sitel\Plocha\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.03.25 19:01:04 | 000,000,390 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011.03.25 18:59:57 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.03.25 18:55:19 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011.03.25 18:54:11 | 000,001,558 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
[2011.03.25 17:46:37 | 000,019,253 | ---- | C] () -- D:\Documents and Settings\sitel\Plocha\combo.JPG
[2011.03.25 17:44:28 | 000,451,508 | ---- | C] () -- D:\Documents and Settings\sitel\Plocha\cf1.jpg
[2011.03.25 12:58:06 | 000,000,672 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.25 12:04:03 | 000,002,323 | ---- | C] () -- D:\Documents and Settings\sitel\Plocha\HiJackThis.lnk
[2011.03.22 20:49:47 | 000,000,634 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2011.03.22 20:38:14 | 000,084,700 | ---- | C] () -- D:\Documents and Settings\sitel\Plocha\confirmation.pdf
[2011.03.13 20:41:27 | 000,247,551 | ---- | C] () -- D:\Documents and Settings\sitel\Plocha\zp_rambousek_petr.pdf
[2010.12.23 18:08:29 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.12.22 23:53:04 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\Tr_sttool2.dat
[2010.12.22 23:53:03 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\bsrmgcv.dll
[2010.12.22 23:53:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\bsrmgps.dll
[2010.12.22 23:53:03 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\bsrgvas.dll
[2010.12.22 23:49:55 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll
[2010.12.22 23:49:55 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll
[2010.02.15 17:45:17 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\GkSui20.EXE
[2010.01.06 21:54:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.12.06 21:52:56 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.12.06 21:52:55 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.12.04 11:28:32 | 000,000,417 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2009.08.20 06:40:21 | 000,000,002 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\preview.html
[2009.08.18 12:45:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009.07.07 19:38:58 | 000,000,131 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2009.03.07 17:31:14 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.03.03 19:54:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.21 15:21:44 | 000,087,608 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\inst.exe
[2009.02.21 15:21:44 | 000,007,887 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\pcouffin.cat
[2009.02.21 15:21:44 | 000,001,144 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\pcouffin.inf
[2008.09.19 22:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.06.25 18:10:02 | 000,000,388 | ---- | C] () -- C:\WINDOWS\System32\gmsblist.dll
[2008.04.26 07:58:11 | 000,011,946 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2008.04.26 07:58:09 | 000,058,716 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2008.04.26 07:58:09 | 000,014,691 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2008.04.26 07:58:07 | 000,018,097 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2008.02.09 19:17:33 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\bcdcaadddb_r.dll
[2008.01.31 21:06:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\webica.ini
[2008.01.09 14:01:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2008.01.09 14:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008.01.05 20:52:40 | 003,928,264 | ---- | C] () -- C:\Program Files\FLV PlayerRCATSetup.exe
[2008.01.02 19:16:35 | 000,033,548 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2007.11.18 23:25:44 | 000,000,032 | ---- | C] () -- D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2007.11.10 16:44:21 | 000,466,944 | R--- | C] () -- C:\WINDOWS\6000RMT.exe
[2007.10.31 20:28:20 | 000,002,528 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\$_hpcst$.hpc
[2007.10.28 22:24:48 | 000,052,224 | ---- | C] () -- D:\Documents and Settings\sitel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.10.24 19:18:06 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe
[2007.10.24 19:18:05 | 000,675,581 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2007.10.17 11:25:24 | 000,000,125 | ---- | C] () -- D:\Documents and Settings\sitel\Local Settings\Data aplikací\fusioncache.dat
[2007.10.08 10:59:20 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2007.10.08 10:52:21 | 000,000,569 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.10.08 10:18:49 | 000,004,768 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.10.05 15:32:57 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.09.24 14:38:18 | 000,154,112 | R--- | C] () -- C:\WINDOWS\System32\drivers\TridVid.sys
[2007.09.24 14:38:18 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\VendorCmdRW.dll
[2007.09.24 14:38:12 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.09.06 21:18:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.09.06 21:16:32 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2007.09.06 21:15:24 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007.09.06 21:15:24 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007.09.06 21:10:25 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007.09.06 21:10:23 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007.09.06 21:10:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2007.09.06 20:43:39 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2007.09.06 20:43:34 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007.09.06 20:42:22 | 000,001,290 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006.11.07 04:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006.09.16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006.09.16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006.05.24 18:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005.11.30 12:49:56 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004.10.03 19:28:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\chckshll.dll
[2004.09.13 16:45:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004.09.13 16:35:02 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.09.13 16:34:16 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.09.13 16:29:37 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.09.13 16:28:47 | 000,189,792 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.09.13 16:21:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.09.13 16:21:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.09.13 16:20:42 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.09.13 16:20:39 | 000,484,146 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.09.13 16:20:39 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.09.13 16:20:39 | 000,083,068 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.09.13 16:20:39 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.09.13 16:20:38 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.09.13 16:20:37 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.09.13 16:20:35 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.09.13 16:20:29 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.09.13 16:20:28 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.09.13 16:20:20 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.09.13 16:20:11 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003.12.22 14:40:06 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2011.03.25 18:13:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\avg9
[2011.03.15 13:19:28 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.09.27 16:04:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\GARMIN
[2009.11.03 21:21:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
[2008.02.23 16:48:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2008.01.17 21:14:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Prevx
[2009.02.07 17:27:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\TEMP
[2008.11.25 16:49:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2008.06.02 19:43:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\VadeRetro
[2010.08.08 11:09:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\{65893B95-F47B-4483-B883-86BA181E9B54}
[2011.03.25 16:39:00 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Data aplikací\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009.04.13 22:41:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Broad Intelligence
[2008.04.09 18:37:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\CoolYouTubeDownloader
[2010.07.02 19:30:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Easy Sync
[2009.11.03 21:22:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Euro4
[2007.11.29 23:26:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\FDRLab
[2009.06.10 21:18:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\fltk.org
[2011.03.01 13:37:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\foobar2000
[2010.01.21 12:05:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\FreeAudioPack
[2009.09.27 16:04:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GARMIN
[2010.07.04 10:56:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GeoGet
[2008.01.05 20:52:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GetRightToGo
[2007.10.23 18:10:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GlobalSearch toolbar
[2010.04.30 11:20:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GSBuilder
[2008.11.25 18:03:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\ICAClient
[2009.05.03 08:48:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\IObit
[2008.05.19 23:36:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\IrfanView
[2008.05.07 01:13:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Jpeg Resampler
[2008.06.25 18:38:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\LogicWeave Software
[2010.07.02 19:44:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\MoZiGo
[2007.12.25 19:56:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Nvu
[2007.10.23 18:23:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Opera
[2010.10.14 21:21:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\PLANStudio Setup
[2010.01.06 21:54:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Thunderbird
[2009.02.07 17:30:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Uniblue
[2009.02.21 15:22:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Vso
[2008.01.21 13:20:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\WebCompiler3
[2009.09.06 07:14:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\XnView
[2011.03.25 18:59:58 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011.03.25 21:02:35 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2011.03.25 21:02:32 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{39057D99-C384-4D0A-9A88-057F7C7AD157}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> D:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 106 bytes -> D:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2

< End of report >

[Damned]

Červený soubor zkontroluj na Virustotalu a vlož mi sem odkaz na výsledek: C:\WINDOWS\setpwrcg.exe
*************************************************************************************************************************************************************************
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/Opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sm
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
@Alternate Data Stream - 116 bytes -> D:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 106 bytes -> D:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2

:Services

:Files
D:\Documents and Settings\sitel\Data aplikací\GlobalSearch toolbar
D:\Documents and Settings\All Users\Data aplikací\avg9
C:\Qoobox
D:\Documents and Settings\sitel\Plocha\*.tmp
C:\WINDOWS\System32\ezsidmv.dat
C:\WINDOWS\System32\Tr_sttool2.dat
C:\WINDOWS\System32\d3d9caps.dat
D:\Documents and Settings\sitel\Data aplikací\inst.exe
D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
C:\WINDOWS\System32\emptyregdb.dat
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\system32\SET*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\RECYCLER
C:\Windows\tasks\*.job

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[pechytce]

http://www.virustotal.com/file-scan/rep ... 1301086099

xxxxxxxxxxxxxxxxxxxxxx

========== OTL ==========
Process explorer.exe killed successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
ADS D:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
ADS D:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
========== SERVICES/DRIVERS ==========

OTL by OldTimer - Version 3.2.22.3 log created on 03252011_215749

[Damned]

To je celý log? Chybí mi tam vykonání příkazů

[pechytce]

me pocitac zrusil plochu a funkcni prvky, takhle bez hnuti vydrzel asi dvacet minut, tak jsem ho rerstartil...asi blbe ?! mam neco udelat znova???

[Damned]

Je tam příkaz pro vypnutí Exploreru. Zkus to znovu.

[pechytce]

prvni cast
OTL Extras logfile created on: 25.3.2011 22:44:04 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = D:\Documents and Settings\sitel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

502,00 Mb Total Physical Memory | 254,00 Mb Available Physical Memory | 51,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,79 Gb Total Space | 0,86 Gb Free Space | 8,83% Space Free | Partition Type: NTFS
Drive D: | 40,94 Gb Total Space | 5,23 Gb Free Space | 12,77% Space Free | Partition Type: NTFS
Drive E: | 4,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: HNH00129 | User Name: sitel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = jsfile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe"
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Procházet v &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (Ghisler Software GmbH)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 21
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{2E0A8315-9A0B-4310-BD0A-14471A7CB69F}_is1" = MyFindsGpxGenerator 2.22.0.1
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5434A77C-D95F-4D36-9240-4BDF295DA88A}" = Concealar Setup
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{68CC21AD-B6EC-4DB8-954D-F27AD0D9A83F}" = TV Expert
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client CS-CZ Language Pack
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}" = Citrix Presentation Server Client
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E3BE95F0-DC7F-439D-818D-F94C1F9EB56F}" = ArcSoft TotalMedia 3
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EFF87108-C9D0-43F1-BEE1-28DA87778F1A}" = Garmin Communicator Plugin
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F6197679-051D-4E3E-9757-4D5CDA6D658B}" = Microsoft Antimalware Service CS-CZ Language Pack
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"7-Zip" = 7-Zip 4.42
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"BSRScreenRecorder5" = BSR Screen Recorder 5
"Capture-A-ScreenShot_is1" = Capture-A-ScreenShot
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"DrillBook_is1" = DrillBook 1.50
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.0.0
"Easy Screen Ripper" = Easy Screen Ripper
"foobar2000" = foobar2000 v0.9.6.8
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.0.4370
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 4.0 (x86 cs)" = Mozilla Firefox 4.0 (x86 cs)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.50
"StmAdsl" = ADSL Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Vicsoft QuickClear" = Vicsoft QuickClear
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.3.2011 1:27:38 | Computer Name = HNH00129 | Source = ESENT | ID = 490
Description = svchost (1260) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 25.3.2011 1:27:38 | Computer Name = HNH00129 | Source = ESENT | ID = 470
Description = Catalog Database (1260) Databáze C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
je částečně připojena. Fáze připojení: 3. Chyba: -1032

Error - 25.3.2011 1:28:56 | Computer Name = HNH00129 | Source = ESENT | ID = 494
Description = Catalog Database (1260) Obnovení databáze se nezdařilo a došlo k chybě
-1216, protože byly zjištěny odkazy na databázi C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb,
která již není k dispozici. Databáze nebyla před odebráním (či případným přesunutím
nebo přejmenováním) převedena do konzistentního stavu. Databázový stroj nepovolí
dokončení obnovení pro tuto instanci, dokud nebude chybějící databáze znovu zařazena.
Pokud databáze již skutečně není k dispozici a není již nadále požadována, obraťte
se na PSS se žádostí o další pokyny týkající se kroků nezbytných k dokončení obnovení
bez této databáze.

Error - 25.3.2011 1:28:56 | Computer Name = HNH00129 | Source = ESENT | ID = 454
Description = Catalog Database (1260) Při zotavení či obnovení databáze došlo k
neočekávané chybě -1216.

Error - 25.3.2011 1:37:37 | Computer Name = HNH00129 | Source = ESENT | ID = 490
Description = svchost (1260) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 25.3.2011 1:37:37 | Computer Name = HNH00129 | Source = ESENT | ID = 439
Description = Catalog Database (1260) Pro soubor C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
nelze zapsat stínové záhlaví. Chyba -1032

Error - 25.3.2011 1:37:37 | Computer Name = HNH00129 | Source = ESENT | ID = 473
Description = Catalog Database (1260) Databáze C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
byla částečně odpojena. Při aktualizaci záhlaví databáze došlo k chybě -1032.

Error - 25.3.2011 13:54:41 | Computer Name = HNH00129 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8107.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 25.3.2011 14:43:38 | Computer Name = HNH00129 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 25.3.2011 14:43:38 | Computer Name = HNH00129 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


[ System Events ]
Error - 25.3.2011 12:25:17 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 25.3.2011 12:25:26 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 25.3.2011 13:12:43 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 25.3.2011 13:12:43 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 25.3.2011 13:22:05 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7034
Description = Služba Dell Wireless WLAN Tray Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 25.3.2011 14:12:17 | Computer Name = HNH00129 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.101.147.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%854 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze stroje: Předchozí verze stroje: 1.1.6702.0 Kód chyby: 0x80070008 Popis chyby:
Ke zpracování tohoto příkazu není dostatečný prostor.

Error - 25.3.2011 14:12:17 | Computer Name = HNH00129 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.101.147.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%854 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze stroje: Předchozí verze stroje: 1.1.6702.0 Kód chyby: 0x80070008 Popis chyby:
Ke zpracování tohoto příkazu není dostatečný prostor.

Error - 25.3.2011 14:12:17 | Computer Name = HNH00129 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.101.147.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%854 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze stroje: Předchozí verze stroje: 1.1.6702.0 Kód chyby: 0x80070008 Popis chyby:
Ke zpracování tohoto příkazu není dostatečný prostor.

Error - 25.3.2011 14:12:17 | Computer Name = HNH00129 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.101.147.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%854 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094

Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\NETWORK SERVICE Aktuální
verze stroje: Předchozí verze stroje: 1.1.6702.0 Kód chyby: 0x80070008 Popis chyby:
Ke zpracování tohoto příkazu není dostatečný prostor.

Error - 25.3.2011 17:07:51 | Computer Name = HNH00129 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd


< End of report >

[pechytce]

dil 2
OTL logfile created on: 25.3.2011 22:44:04 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = D:\Documents and Settings\sitel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

502,00 Mb Total Physical Memory | 254,00 Mb Available Physical Memory | 51,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,79 Gb Total Space | 0,86 Gb Free Space | 8,83% Space Free | Partition Type: NTFS
Drive D: | 40,94 Gb Total Space | 5,23 Gb Free Space | 12,77% Space Free | Partition Type: NTFS
Drive E: | 4,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: HNH00129 | User Name: sitel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (SafeList) ==========

PRC - D:\Documents and Settings\sitel\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)


========== Modules (SafeList) ==========

MOD - D:\Documents and Settings\sitel\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Dell\QuickSet\dadkeyb.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\WINDOWS\system32\hccutils.dll (Intel Corporation)


========== Win32 Services (SafeList) ==========

SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (MSFtpsvc) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (ProtexisLicensing) -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe ()


========== Driver Services (SafeList) ==========

DRV - (MpKsl39c11493) -- d:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{96EBCC84-AE18-4225-838E-16DD2C0B3696}\MpKsl39c11493.sys (Microsoft Corporation)
DRV - (MpKsl6cbacc6a) -- d:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{96EBCC84-AE18-4225-838E-16DD2C0B3696}\MpKsl6cbacc6a.sys (Microsoft Corporation)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfo.sys ()
DRV - (TridVid) -- C:\WINDOWS\system32\drivers\TridVid.sys ()
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (tridhid) -- C:\WINDOWS\system32\drivers\tridhid.sys (Trident Multimedia Technologies Co.,Ltd)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (TridDev) -- C:\WINDOWS\system32\drivers\Triddev.sys (Trident Microsystem Inc.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (TaurusUsb) -- C:\WINDOWS\system32\drivers\torususb.sys ()
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Inc)
DRV - (Stmatm) -- C:\WINDOWS\system32\drivers\stmatm.sys (STMicroelectronics )
DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.07.14 06:46:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.05.29 10:06:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.22 20:49:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 20:49:30 | 000,000,000 | ---D | M]

[2009.05.27 19:12:46 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Extensions
[2009.05.27 19:12:46 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.04.13 22:49:19 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Extensions\MediaCoder
[2011.03.24 20:29:18 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions
[2011.03.24 12:37:39 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.22 13:36:33 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.01.26 19:33:06 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.01.26 19:33:15 | 000,000,000 | ---D | M] (Sothink Web Video Downloader for Firefox) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2011.02.16 20:49:23 | 000,000,000 | ---D | M] ("Xmarks") -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\foxmarks@kei.com
[2010.12.13 18:29:42 | 000,000,000 | ---D | M] (Echofon) -- D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Profiles\sfest62z.default\extensions\twitternotifier@naan.net
[2011.03.22 13:49:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.03.22 20:49:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.05.29 10:06:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2010.08.05 08:03:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.03.22 20:48:22 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.15 13:22:12 | 000,002,309 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2011.03.22 20:48:50 | 000,002,364 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2011.03.22 20:48:50 | 000,002,208 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\heureka-cz.xml
[2011.03.22 20:48:51 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.10 20:31:32 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.03.22 20:48:51 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.03.22 20:48:51 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.03.22 20:48:51 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.03.25 19:31:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3233550095-745866152-1855651448-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\sitel\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2011.03.25 22:41:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\sitel\Plocha\OTL.exe
[2011.03.25 18:58:41 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011.03.25 18:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.03.25 14:06:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.25 12:58:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.03.25 12:58:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.03.25 12:57:54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.03.25 12:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.03.25 12:04:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\sitel\Nabídka Start\Programy\HiJackThis
[2011.03.25 06:47:33 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\sitel\Recent
[2011.03.22 21:14:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\sitel\Plocha\videa pechy
[2011.03.20 10:17:11 | 000,000,000 | ---D | C] -- D:\Documents and Settings\sitel\Plocha\fotky brezen
[2011.03.15 13:19:28 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.02.21 15:21:44 | 000,047,360 | ---- | C] (VSO Software) -- D:\Documents and Settings\sitel\Data aplikací\pcouffin.sys
[2008.01.05 20:50:50 | 000,411,248 | ---- | C] (Applian Technologies Inc.) -- C:\Program Files\FLV PlayerRCSetup.exe
[3 D:\Documents and Settings\sitel\Plocha\*.tmp files -> D:\Documents and Settings\sitel\Plocha\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2011.03.25 22:48:46 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{39057D99-C384-4D0A-9A88-057F7C7AD157}.job
[2011.03.25 22:44:47 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011.03.25 22:41:34 | 000,004,768 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011.03.25 22:30:03 | 000,000,348 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2011.03.25 22:13:26 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.03.25 22:07:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.25 22:07:16 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.25 22:06:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.25 22:03:19 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.25 20:50:05 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\sitel\Plocha\OTL.exe
[2011.03.25 19:31:18 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.03.25 18:55:19 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011.03.25 12:58:06 | 000,000,672 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.25 12:48:42 | 000,002,323 | ---- | M] () -- D:\Documents and Settings\sitel\Plocha\HiJackThis.lnk
[2011.03.24 21:02:18 | 000,000,569 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2011.03.22 20:38:15 | 000,084,700 | ---- | M] () -- D:\Documents and Settings\sitel\Plocha\confirmation.pdf
[2011.03.13 20:41:30 | 000,247,551 | ---- | M] () -- D:\Documents and Settings\sitel\Plocha\zp_rambousek_petr.pdf
[3 D:\Documents and Settings\sitel\Plocha\*.tmp files -> D:\Documents and Settings\sitel\Plocha\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.03.25 19:01:04 | 000,000,390 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2011.03.25 18:59:57 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.03.25 18:55:19 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011.03.25 18:54:11 | 000,001,558 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
[2011.03.25 12:58:06 | 000,000,672 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.25 12:04:03 | 000,002,323 | ---- | C] () -- D:\Documents and Settings\sitel\Plocha\HiJackThis.lnk
[2011.03.22 20:49:47 | 000,000,634 | ---- | C] () -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2011.03.22 20:38:14 | 000,084,700 | ---- | C] () -- D:\Documents and Settings\sitel\Plocha\confirmation.pdf
[2011.03.13 20:41:27 | 000,247,551 | ---- | C] () -- D:\Documents and Settings\sitel\Plocha\zp_rambousek_petr.pdf
[2010.12.23 18:08:29 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.12.22 23:53:04 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\Tr_sttool2.dat
[2010.12.22 23:53:03 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\bsrmgcv.dll
[2010.12.22 23:53:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\bsrmgps.dll
[2010.12.22 23:53:03 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\bsrgvas.dll
[2010.12.22 23:49:55 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll
[2010.12.22 23:49:55 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll
[2010.02.15 17:45:17 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\GkSui20.EXE
[2010.01.06 21:54:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.12.06 21:52:56 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.12.06 21:52:55 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.12.04 11:28:32 | 000,000,348 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2009.08.20 06:40:21 | 000,000,002 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\preview.html
[2009.08.18 12:45:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009.07.07 19:38:58 | 000,000,131 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2009.03.07 17:31:14 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.03.03 19:54:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.21 15:21:44 | 000,087,608 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\inst.exe
[2009.02.21 15:21:44 | 000,007,887 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\pcouffin.cat
[2009.02.21 15:21:44 | 000,001,144 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\pcouffin.inf
[2008.09.19 22:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.06.25 18:10:02 | 000,000,388 | ---- | C] () -- C:\WINDOWS\System32\gmsblist.dll
[2008.04.26 07:58:11 | 000,011,946 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2008.04.26 07:58:09 | 000,058,716 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2008.04.26 07:58:09 | 000,014,691 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2008.04.26 07:58:07 | 000,018,097 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2008.02.09 19:17:33 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\bcdcaadddb_r.dll
[2008.01.31 21:06:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\webica.ini
[2008.01.09 14:01:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2008.01.09 14:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008.01.05 20:52:40 | 003,928,264 | ---- | C] () -- C:\Program Files\FLV PlayerRCATSetup.exe
[2008.01.02 19:16:35 | 000,033,548 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2007.11.18 23:25:44 | 000,000,032 | ---- | C] () -- D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2007.11.10 16:44:21 | 000,466,944 | R--- | C] () -- C:\WINDOWS\6000RMT.exe
[2007.10.31 20:28:20 | 000,002,528 | ---- | C] () -- D:\Documents and Settings\sitel\Data aplikací\$_hpcst$.hpc
[2007.10.28 22:24:48 | 000,052,224 | ---- | C] () -- D:\Documents and Settings\sitel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.10.24 19:18:06 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe
[2007.10.24 19:18:05 | 000,675,581 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2007.10.17 11:25:24 | 000,000,125 | ---- | C] () -- D:\Documents and Settings\sitel\Local Settings\Data aplikací\fusioncache.dat
[2007.10.08 10:59:20 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2007.10.08 10:52:21 | 000,000,569 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.10.08 10:18:49 | 000,004,768 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.10.05 15:32:57 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.09.24 14:38:18 | 000,154,112 | R--- | C] () -- C:\WINDOWS\System32\drivers\TridVid.sys
[2007.09.24 14:38:18 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\VendorCmdRW.dll
[2007.09.24 14:38:12 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.09.06 21:18:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.09.06 21:16:32 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2007.09.06 21:15:24 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007.09.06 21:15:24 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007.09.06 21:10:25 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007.09.06 21:10:23 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007.09.06 21:10:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2007.09.06 20:43:39 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2007.09.06 20:43:34 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007.09.06 20:42:22 | 000,001,290 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006.11.07 04:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006.09.16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006.09.16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006.05.24 18:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005.11.30 12:49:56 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004.10.03 19:28:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\chckshll.dll
[2004.09.13 16:45:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004.09.13 16:35:02 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.09.13 16:34:16 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.09.13 16:29:37 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.09.13 16:28:47 | 000,189,792 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.09.13 16:21:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.09.13 16:21:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.09.13 16:20:42 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.09.13 16:20:39 | 000,484,146 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.09.13 16:20:39 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.09.13 16:20:39 | 000,083,068 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.09.13 16:20:39 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.09.13 16:20:38 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.09.13 16:20:37 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.09.13 16:20:35 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.09.13 16:20:29 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.09.13 16:20:28 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.09.13 16:20:20 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.09.13 16:20:11 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003.12.22 14:40:06 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2011.03.25 18:13:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\avg9
[2011.03.15 13:19:28 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.09.27 16:04:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\GARMIN
[2009.11.03 21:21:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
[2008.02.23 16:48:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2008.01.17 21:14:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Prevx
[2009.02.07 17:27:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\TEMP
[2008.11.25 16:49:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2008.06.02 19:43:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\VadeRetro
[2010.08.08 11:09:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\{65893B95-F47B-4483-B883-86BA181E9B54}
[2011.03.25 16:39:00 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Data aplikací\{83C91755-2546-441D-AC40-9A6B4B860800}
[2010.01.06 19:14:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\la\Data aplikací\AVG9
[2009.04.13 22:41:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Broad Intelligence
[2008.04.09 18:37:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\CoolYouTubeDownloader
[2010.07.02 19:30:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Easy Sync
[2009.11.03 21:22:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Euro4
[2007.11.29 23:26:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\FDRLab
[2009.06.10 21:18:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\fltk.org
[2011.03.01 13:37:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\foobar2000
[2010.01.21 12:05:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\FreeAudioPack
[2009.09.27 16:04:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GARMIN
[2010.07.04 10:56:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GeoGet
[2008.01.05 20:52:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GetRightToGo
[2007.10.23 18:10:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GlobalSearch toolbar
[2010.04.30 11:20:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\GSBuilder
[2008.11.25 18:03:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\ICAClient
[2009.05.03 08:48:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\IObit
[2008.05.19 23:36:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\IrfanView
[2008.05.07 01:13:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Jpeg Resampler
[2008.06.25 18:38:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\LogicWeave Software
[2010.07.02 19:44:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\MoZiGo
[2007.12.25 19:56:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Nvu
[2007.10.23 18:23:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Opera
[2010.10.14 21:21:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\PLANStudio Setup
[2010.01.06 21:54:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Thunderbird
[2009.02.07 17:30:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Uniblue
[2009.02.21 15:22:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\Vso
[2008.01.21 13:20:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\WebCompiler3
[2009.09.06 07:14:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\sitel\Data aplikací\XnView
[2011.03.25 22:13:26 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011.03.25 22:44:47 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2011.03.25 22:48:46 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{39057D99-C384-4D0A-9A88-057F7C7AD157}.job

========== Purity Check ==========



< End of report >

[Damned]

Jenom ten skript! viewtopic.php?f=70&t=65712&p=480898#p480859