PC-HELP.CZ

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 20:40:56, on 26.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\DRIVERS\WtSrv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\TP-LINK\TWCU\TWCU.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\WService.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\explorer.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=14542
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB1.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyB1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [WService] WService.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S12E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9198194875
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\RpcAgentSrv.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\system32\DRIVERS\WtSrv.exe

--
End of file - 11651 bytes

nuuu, kazdopadne mam tu jeste info z mwav
pekne zaprasene to mam...

Invalid Entry DllName = appmgmts.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}). Action Taken: Deleting Registry Key {c6dc5466-785a-11d2-84d0-00c04fb169f7}.
** Scanning may fail! File Locked [SUSPICIOUS]: C:\WINDOWS\system32\Drivers\sptd.sys (????)
Objekt "CoreGuardAntivirus2009 Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "grokster Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Spyware.NetScreenWatch Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "ZapSpot Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Windows Police PRO Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Unknown Toolbar4 Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Unknown Toolbar4 Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Unknown Toolbar4 Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Windows Police PRO Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Unknown Toolbar4 Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Unknown Toolbar4 Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Unknown Toolbar4 Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "ZapSpot Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "RegSort Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Spyware.PCAgent Commercial KeyLogger" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Virtob Leftover Virus" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\Adobe.Illustrator.dwg" odkazuje na neplatný objekt "{C0ED15F0-61BB-11d3-B6CA-00C04F6A0D06}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\Adobe.Illustrator.dxf" odkazuje na neplatný objekt "{C0ED15F0-61BB-11d3-B6CA-00C04F6A0D06}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\Adobe.Illustrator.pict" odkazuje na neplatný objekt "{C0ED15F0-61BB-11d3-B6CA-00C04F6A0D06}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\KMPlayer.kpl" odkazuje na neplatný objekt "{9EB4C4CB-74C2-4BE9-AA5D-8249F16020AD}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\KMPlayer.ksf" odkazuje na neplatný objekt "{9EB4C4CB-74C2-4BE9-AA5D-8249F16020AD}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\VisualStudio.Launcher.sln" odkazuje na neplatný objekt "{8B10A141-87EE-4A0F-823F-D79F5FF7B10A}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".srt". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "Cool's_Codec_pack_4.12". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "Nvu". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "Opanda IExif_is1". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "Spyware Terminator_is1". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "Studio 2010 Professional Edition_is1". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{52E819E9-C69A-4AF6-B2B3-BC01F8B0ECA3}". Provedené akce: Ponecháno, neodstraněno!.

Odinstaluj:
myBabylon English Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Jsou problémy?

V MWAV není nic nebezpečného..

Provedeno, Malwarebytes nic nenasel. Je mozny ze se kvuli tomu predchozimu nastaveni sekal explorer.exe resp. rozjel to vzdy na 99pro CPU?
Diky za tvuj nocni cas.

prave se to stalo znovu... 99pro z cpu tak jsem ho sprahnul jen s jednim na 50pro

Tu je log z OTL TXT
OTL logfile created on: 26.10.2010 22:50:32 - Run 2
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Documents and Settings\zv\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 20,84 Gb Free Space | 42,68% Space Free | Partition Type: NTFS
Drive D: | 249,25 Gb Total Space | 66,62 Gb Free Space | 26,73% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: Z | User Name: zv | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\zv\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
PRC - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
PRC - C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\TP-LINK\TWCU\TWCU.exe ()
PRC - C:\WINDOWS\system32\acs.exe ()
PRC - C:\WINDOWS\system32\drivers\WtSrv.exe (Tablet Driver)
PRC - C:\WINDOWS\system32\WService.exe (Tablet Driver)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\zv\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (afcdpsrv) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\RpcAgentSrv.exe (SiSoftware)
SRV - (SentinelProtectionServer) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
SRV - (SentinelKeysServer) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (ACS) -- C:\WINDOWS\system32\acs.exe ()
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (WinTabService) -- C:\WINDOWS\system32\drivers\WtSrv.exe (Tablet Driver)


========== Driver Services (SafeList) ==========

DRV - (WFTUNE) -- C:\WINDOWS\System32\drivers\WF88TUNE.sys File not found
DRV - (WFIOCTL) -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS File not found
DRV - (WF88XBAR) -- C:\WINDOWS\System32\drivers\WF88XBAR.sys File not found
DRV - (WF23880) -- C:\WINDOWS\System32\drivers\wf88vcap.sys File not found
DRV - (vpnva) -- C:\WINDOWS\System32\DRIVERS\vpnva.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys File not found
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (s1039bus) Sony Ericsson Device 1039 driver (WDM) -- C:\WINDOWS\system32\drivers\s1039bus.sys (MCCI Corporation)
DRV - (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) -- C:\WINDOWS\system32\drivers\s1039nd5.sys (MCCI Corporation)
DRV - (s1039mdm) -- C:\WINDOWS\system32\drivers\s1039mdm.sys (MCCI Corporation)
DRV - (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) -- C:\WINDOWS\system32\drivers\s1039unic.sys (MCCI Corporation)
DRV - (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s1039mgmt.sys (MCCI Corporation)
DRV - (s1039obex) -- C:\WINDOWS\system32\drivers\s1039obex.sys (MCCI Corporation)
DRV - (s1039mdfl) -- C:\WINDOWS\system32\drivers\s1039mdfl.sys (MCCI Corporation)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech Webcam 200(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (afcdp) -- C:\WINDOWS\system32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) -- C:\WINDOWS\system32\DRIVERS\tdrpm251.sys (Acronis)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\WNt500x86\sandra.sys (SiSoftware)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Sentinel) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS (SafeNet, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (usbaudio) Ovladač zvukové karty USB (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM) -- C:\WINDOWS\system32\drivers\s3017unic.sys (MCCI Corporation)
DRV - (s3017obex) -- C:\WINDOWS\system32\drivers\s3017obex.sys (MCCI Corporation)
DRV - (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s3017mgmt.sys (MCCI Corporation)
DRV - (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS) -- C:\WINDOWS\system32\drivers\s3017nd5.sys (MCCI Corporation)
DRV - (s3017mdm) -- C:\WINDOWS\system32\drivers\s3017mdm.sys (MCCI Corporation)
DRV - (s3017mdfl) -- C:\WINDOWS\system32\drivers\s3017mdfl.sys (MCCI Corporation)
DRV - (s3017bus) Sony Ericsson Device 3017 driver (WDM) -- C:\WINDOWS\system32\drivers\s3017bus.sys (MCCI Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfo.sys ()
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (tap0901_2gm) -- C:\WINDOWS\system32\drivers\tap0901_2gm.sys (The OpenVPN Project)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (TClass2k) -- C:\WINDOWS\system32\drivers\TClass2k.sys (Tablet Driver)
DRV - (UCTblHid) -- C:\WINDOWS\system32\drivers\UCTblHid.sys (Tablet Driver)
DRV - (Tablet2k) -- C:\WINDOWS\System32\Drivers\Tablet2k.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.11

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.23 17:30:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.07.28 19:27:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.20 17:19:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.20 17:19:17 | 000,000,000 | ---D | M]

[2010.01.20 16:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Mozilla\Extensions
[2009.04.07 23:30:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\zv\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.01.20 16:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Mozilla\Extensions\MediaCoder
[2010.10.26 13:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Mozilla\Firefox\Profiles\adhm3bpw.default\extensions
[2010.07.08 08:40:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\zv\Data aplikací\Mozilla\Firefox\Profiles\adhm3bpw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.21 18:01:30 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\zv\Data aplikací\Mozilla\Firefox\Profiles\adhm3bpw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.07.08 08:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Mozilla\Firefox\Profiles\adhm3bpw.default\extensions\tineye@ideeinc.com
[2010.10.26 13:51:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.10.20 17:19:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.02.15 15:12:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2009.07.28 19:27:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2010.03.12 18:04:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.08.01 01:58:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.20 17:19:13 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.10.20 17:19:13 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.07.31 14:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
[2010.10.20 17:19:14 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2007.05.10 22:52:00 | 000,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009.04.07 23:52:18 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009.04.07 23:52:18 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009.04.07 23:52:18 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009.04.07 23:52:18 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009.04.07 23:52:18 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009.04.07 23:52:18 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009.04.07 23:52:18 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.08.10 11:39:22 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010.02.05 01:24:39 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.02.05 01:24:39 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.05 01:24:39 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.05 01:24:39 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.05 01:24:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.05 01:24:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [TWCU] C:\Program Files\TP-LINK\TWCU\TWCU.exe ()
O4 - HKLM..\Run: [WService] C:\WINDOWS\System32\WService.exe (Tablet Driver)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = F3 FF FF 03 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 01 00 00 00 [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 9198194875 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.07 23:00:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{df5a7a0e-bea7-11df-ac23-000272177289}\Shell - "" = AutoRun
O33 - MountPoints2\{df5a7a0e-bea7-11df-ac23-000272177289}\Shell\AutoRun\command - "" = G:\Startme.exe -- File not found
O33 - MountPoints2\{f4ed4ae6-2dee-11df-ab18-001fd0a2e7d6}\Shell - "" = AutoRun
O33 - MountPoints2\{f4ed4ae6-2dee-11df-ab18-001fd0a2e7d6}\Shell\AutoRun\command - "" = G:\laucher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.10.26 22:26:34 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\zv\Recent
[2010.10.26 21:34:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.10.26 21:34:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.10.26 21:34:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.10.26 21:34:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.10.26 21:33:50 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.10.26 21:33:47 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\REGEDIT.COM
[2010.10.26 21:33:47 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2010.10.26 21:33:47 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TASKMGR.COM
[2010.10.26 21:33:47 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2010.10.26 21:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.10.26 21:33:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.10.26 21:04:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\zv\Plocha\OTL.exe
[2010.10.26 20:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010.10.26 19:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zv\DoctorWeb
[2010.10.26 17:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010.10.26 14:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zv\Data aplikací\Malwarebytes
[2010.10.26 14:16:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.10.26 14:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.10.26 14:16:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.10.26 14:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.10.24 14:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2010.10.09 14:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\PinholeDesigner
[2010.10.06 23:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Monitor Calibration Wizard
[2010.09.27 23:11:22 | 039,187,328 | ---- | C] (Macrovision Corporation) -- C:\Documents and Settings\zv\Dokumenty\GoogleSketchUpWCS.exe
[2009.05.14 22:02:10 | 003,392,872 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\Common Files\adlmint_libFNP.dll
[2009.05.14 22:02:10 | 003,298,152 | ---- | C] (Autodesk) -- C:\Program Files\Common Files\adlmint.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Data aplikací\*.tmp files -> C:\Documents and Settings\All Users\Data aplikací\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.10.26 22:41:37 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.26 22:29:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.26 22:28:10 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.26 22:28:04 | 000,045,668 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.10.26 22:28:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.26 22:28:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010.10.26 22:27:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010.10.26 22:09:46 | 000,002,429 | ---- | M] () -- C:\Documents and Settings\zv\Plocha\HiJackThis.lnk
[2010.10.26 22:07:42 | 000,214,792 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\pinfect.zip
[2010.10.26 21:34:03 | 000,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.10.26 21:33:49 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.10.26 21:04:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zv\Plocha\OTL.exe
[2010.10.25 16:04:42 | 000,138,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.10.25 16:04:25 | 000,234,576 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.10.24 15:30:29 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.24 15:22:17 | 008,101,888 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\sandra.mda
[2010.10.24 14:35:32 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\zv\Plocha\SpeedFan.lnk
[2010.10.24 14:35:10 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010.10.23 19:36:43 | 000,174,592 | ---- | M] () -- C:\Documents and Settings\zv\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.23 19:01:15 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\zv\Plocha\Vyberove_rizeni_-referent_ucetnictvi_MC_Brno-Kohoutovice.doc
[2010.10.19 14:20:30 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.19 14:20:30 | 000,432,278 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.10.19 14:20:30 | 000,079,242 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.10.19 14:20:30 | 000,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.17 20:19:47 | 001,661,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.10.11 03:58:54 | 000,116,612 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\pinhole2.skp
[2010.10.11 03:55:36 | 000,116,572 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\pinhole2.skb
[2010.10.11 03:28:14 | 000,177,118 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\krabica a kazeta2.jpg
[2010.10.11 03:26:55 | 000,182,528 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\krabica a kazeta.jpg
[2010.10.11 01:52:22 | 000,214,148 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\pinhole.skp
[2010.10.11 01:26:36 | 000,315,463 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\pinhole2.jpg
[2010.10.11 01:21:02 | 000,211,546 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\pinhole.skb
[2010.10.11 01:17:10 | 000,276,036 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\pinhole1.jpg
[2010.10.10 19:52:31 | 000,060,357 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\civka.png
[2010.10.10 18:28:42 | 000,000,953 | ---- | M] () -- C:\Documents and Settings\zv\Plocha\hhhhhhhhhh expo.xls
[2010.10.10 18:03:42 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\zv\Plocha\hhhhhhhhhhhhhh.pdf
[2010.10.06 23:58:10 | 000,000,007 | ---- | M] () -- C:\WINDOWS\INI2=No
[2010.10.06 23:58:10 | 000,000,007 | ---- | M] () -- C:\WINDOWS\INI1=No
[2010.10.05 23:27:11 | 000,010,806 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\Concrete_Form_4x8.jpg
[2010.10.03 04:55:04 | 000,111,988 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nadr2.jpg
[2010.10.03 04:54:07 | 000,133,697 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nadr1.jpg
[2010.10.01 14:18:19 | 001,206,648 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\model.rar
[2010.10.01 14:13:39 | 000,093,100 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1691.jpg
[2010.10.01 14:13:28 | 000,082,094 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1690.jpg
[2010.10.01 14:13:15 | 000,169,459 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1688.jpg
[2010.10.01 14:12:53 | 000,074,243 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1695.jpg
[2010.10.01 14:12:14 | 000,083,511 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1694.jpg
[2010.10.01 14:11:49 | 000,080,352 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1693.jpg
[2010.10.01 14:06:12 | 000,171,315 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\model4.jpg
[2010.10.01 14:04:37 | 000,145,507 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\model3.jpg
[2010.10.01 14:03:41 | 000,151,787 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\model2.jpg
[2010.09.30 23:23:09 | 005,440,943 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nasdum3skladacka.skp
[2010.09.30 23:22:56 | 005,440,943 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nasdum3sklad.skp
[2010.09.30 23:21:40 | 000,111,042 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\33.png
[2010.09.30 23:21:18 | 001,143,423 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\22.png
[2010.09.30 23:20:59 | 001,363,726 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\11.png
[2010.09.30 23:14:17 | 000,517,178 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\2.jpg
[2010.09.30 23:14:04 | 000,658,412 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\1.jpg
[2010.09.30 20:07:05 | 005,444,895 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nasdum3.skp
[2010.09.30 20:04:55 | 005,441,568 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nasdum3.skb
[2010.09.30 13:51:35 | 010,639,682 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nasdum2.skp
[2010.09.29 18:29:37 | 008,968,523 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\Automatické uložení_nasdum2.skp
[2010.09.29 04:45:39 | 009,855,160 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nasdum2.skb
[2010.09.28 20:26:23 | 002,146,198 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\nasdum.skp
[2010.09.27 23:12:20 | 000,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google SketchUp.lnk
[2010.09.27 23:11:48 | 039,187,328 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\zv\Dokumenty\GoogleSketchUpWCS.exe
[2010.09.27 20:39:21 | 000,114,726 | ---- | M] () -- C:\Documents and Settings\zv\Dokumenty\co to je....jpg
[2010.09.27 11:24:46 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\zv\Plocha\UTM & LatLon Conversions Lat50°12'11.18''N, Lon16°23'5.47''E (NAD83WGS84) (DMS).URL
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Data aplikací\*.tmp files -> C:\Documents and Settings\All Users\Data aplikací\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.10.26 22:07:42 | 000,214,792 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\pinfect.zip
[2010.10.26 21:34:03 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.10.26 20:38:51 | 000,002,429 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\HiJackThis.lnk
[2010.10.26 17:05:51 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.10.24 14:35:32 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\SpeedFan.lnk
[2010.10.24 14:35:04 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2010.10.23 19:01:15 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\Vyberove_rizeni_-referent_ucetnictvi_MC_Brno-Kohoutovice.doc
[2010.10.11 03:28:14 | 000,177,118 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\krabica a kazeta2.jpg
[2010.10.11 03:26:55 | 000,182,528 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\krabica a kazeta.jpg
[2010.10.11 03:10:06 | 000,116,572 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\pinhole2.skb
[2010.10.11 02:30:13 | 000,116,612 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\pinhole2.skp
[2010.10.11 01:26:36 | 000,315,463 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\pinhole2.jpg
[2010.10.11 01:17:10 | 000,276,036 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\pinhole1.jpg
[2010.10.10 19:19:44 | 000,060,357 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\civka.png
[2010.10.10 19:19:23 | 000,211,546 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\pinhole.skb
[2010.10.10 19:02:01 | 000,214,148 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\pinhole.skp
[2010.10.10 18:28:42 | 000,000,953 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\hhhhhhhhhh expo.xls
[2010.10.10 18:03:42 | 000,001,720 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\hhhhhhhhhhhhhh.pdf
[2010.10.06 23:58:10 | 000,000,007 | ---- | C] () -- C:\WINDOWS\INI2=No
[2010.10.06 23:58:10 | 000,000,007 | ---- | C] () -- C:\WINDOWS\INI1=No
[2010.10.05 23:27:11 | 000,010,806 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\Concrete_Form_4x8.jpg
[2010.10.03 04:55:04 | 000,111,988 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nadr2.jpg
[2010.10.03 04:54:07 | 000,133,697 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nadr1.jpg
[2010.10.01 14:18:18 | 001,206,648 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\model.rar
[2010.10.01 14:07:29 | 000,169,459 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1688.jpg
[2010.10.01 14:07:29 | 000,093,100 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1691.jpg
[2010.10.01 14:07:29 | 000,083,511 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1694.jpg
[2010.10.01 14:07:29 | 000,082,094 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1690.jpg
[2010.10.01 14:07:29 | 000,080,352 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1693.jpg
[2010.10.01 14:07:29 | 000,074,243 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\IMG_1695.jpg
[2010.10.01 14:06:11 | 000,171,315 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\model4.jpg
[2010.10.01 14:04:36 | 000,145,507 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\model3.jpg
[2010.10.01 14:03:41 | 000,151,787 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\model2.jpg
[2010.10.01 14:02:53 | 000,184,944 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\model1.jpg
[2010.09.30 23:22:56 | 005,440,943 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nasdum3skladacka.skp
[2010.09.30 23:21:40 | 000,111,042 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\33.png
[2010.09.30 23:21:18 | 001,143,423 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\22.png
[2010.09.30 23:20:58 | 001,363,726 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\11.png
[2010.09.30 23:14:17 | 000,517,178 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\2.jpg
[2010.09.30 23:13:28 | 000,658,412 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\1.jpg
[2010.09.30 22:37:08 | 005,440,943 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nasdum3sklad.skp
[2010.09.30 11:47:56 | 005,441,568 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nasdum3.skb
[2010.09.30 11:41:56 | 005,444,895 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nasdum3.skp
[2010.09.29 04:59:41 | 008,968,523 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\Automatické uložení_nasdum2.skp
[2010.09.28 22:14:19 | 009,855,160 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nasdum2.skb
[2010.09.28 21:40:21 | 010,639,682 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nasdum2.skp
[2010.09.28 20:26:23 | 002,146,198 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\nasdum.skp
[2010.09.27 23:12:20 | 000,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google SketchUp.lnk
[2010.09.27 20:39:21 | 000,114,726 | ---- | C] () -- C:\Documents and Settings\zv\Dokumenty\co to je....jpg
[2010.09.27 11:24:46 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\UTM & LatLon Conversions Lat50°12'11.18''N, Lon16°23'5.47''E (NAD83WGS84) (DMS).URL
[2010.09.27 11:24:28 | 000,001,925 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\Google Earth.lnk
[2010.09.27 11:24:15 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\WindPRO 2.5 (English).lnk
[2010.09.27 11:23:57 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\WindPRO 2.4 (English).lnk
[2010.09.27 11:23:48 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\zv\Plocha\WindPRO 2.4 (Deutsch).lnk
[2010.09.21 18:51:14 | 000,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2010.09.12 22:02:50 | 000,013,270 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson PC Software.ico
[2010.08.10 11:39:28 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010.06.24 21:56:43 | 000,000,736 | ---- | C] () -- C:\WINDOWS\SamsungMaster.INI
[2010.06.14 22:32:48 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010.04.20 17:10:04 | 000,138,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.20 17:10:04 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\zv\Data aplikací\PnkBstrK.sys
[2010.04.20 17:09:45 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.03.12 17:51:59 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010.02.08 21:52:31 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.01.25 13:10:04 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ucinst32.dll
[2010.01.25 00:09:17 | 000,000,640 | ---- | C] () -- C:\WINDOWS\PhotoBee.INI
[2009.12.09 22:29:23 | 008,101,888 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\sandra.mda
[2009.10.07 02:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009.10.07 02:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009.09.22 17:20:41 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2009.09.06 14:53:44 | 000,000,221 | ---- | C] () -- C:\WINDOWS\TVPaint Animation Pro.ini
[2009.08.02 21:49:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Licenses
[2009.08.01 01:20:02 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009.07.12 17:59:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdy.DAT
[2009.06.02 20:12:24 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009.05.24 23:56:50 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009.04.24 15:43:57 | 000,174,592 | ---- | C] () -- C:\Documents and Settings\zv\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.19 22:52:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\zv\Data aplikací\Spacious
[2009.04.19 22:50:00 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLbx.DAT
[2009.04.09 20:28:57 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\zv\Local Settings\Data aplikací\fusioncache.dat
[2009.04.08 19:40:47 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdw.DAT
[2009.04.08 19:39:57 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdu.DAT
[2009.04.08 19:39:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\zv\Data aplikací\Light Machine
[2009.04.08 18:02:13 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.08 15:22:03 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.04.08 15:19:41 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2009.04.08 00:47:33 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.04.07 23:29:42 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.11.01 16:53:34 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.11.01 16:43:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1997.06.25 15:24:16 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\RegObj.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009.09.23 18:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2010.01.29 19:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2009.04.08 19:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2009.04.08 15:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2010.10.26 21:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.02.08 21:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PhotoME
[2010.09.12 22:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.04.08 15:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2009.04.08 19:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2009.09.23 18:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Acronis
[2010.01.29 19:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Autodesk
[2010.01.20 16:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Broad Intelligence
[2010.06.24 22:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Canon
[2009.05.02 13:57:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Cisco
[2009.08.01 01:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\EPSON
[2009.05.07 15:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\ESRI
[2009.06.01 09:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\GARMIN
[2010.03.12 17:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Leadertech
[2010.09.12 22:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\MyPhoneExplorer
[2009.05.25 23:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Nikon
[2009.10.24 21:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Nvu
[2009.05.10 14:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Safe Software
[2009.09.24 22:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\Sony
[2009.09.06 14:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\tvpaint animation pro
[2010.10.23 21:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zv\Data aplikací\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8FF81EB0

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Program Files\Common Files\adlmint.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Tak zatim toto z otm.. na virus total jsme 360 v poradi.. tak asi zitra..

Diky a dobrou..

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
No active process named firefox.exe was found!
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df5a7a0e-bea7-11df-ac23-000272177289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df5a7a0e-bea7-11df-ac23-000272177289}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df5a7a0e-bea7-11df-ac23-000272177289}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df5a7a0e-bea7-11df-ac23-000272177289}\ not found.
File G:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4ed4ae6-2dee-11df-ab18-001fd0a2e7d6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4ed4ae6-2dee-11df-ab18-001fd0a2e7d6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4ed4ae6-2dee-11df-ab18-001fd0a2e7d6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4ed4ae6-2dee-11df-ab18-001fd0a2e7d6}\ not found.
File G:\laucher.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:8FF81EB0 deleted successfully.
File sethosts] not found.
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.17.1 log created on 10272010_010229

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

"Toto otestuj na Virustotal
C:\Program Files\Common Files\adlmint.dll"

Soubor cisty

Zkontrolovan cely komp Virus Removal tool s vysledkem jednoho trojana(smazano)

Koukal jsem ze tu je soubezne podobny problem, ze by woodoo?

možná..

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Ahoj, problem mi zustal u toho explorer.exe. Jak se pohrabu v oknech, rozjede to zas na 99% Asi mu zastavim vetracek a bude klid..