Kontrola logu Vyřešeno

[Jaros]

Dobrý den,

prosím o kontrolu logu. Včera od odpoledních hodin jsem zápasil s pc. Pokusím se vše popsat. Během relativně normální činnosti (stahování souborů, serfování po facebooku, info stránkách) se mně zhroutil pc - jakoby se roztrhal obraz v efektu sépie, blikaly některé jeho části, pc zamrznul. Potom se restartoval, byla tam modrá obrazovka hláška o nějaké kolizi hardwaru se softwarem (obraz byl stále poničený). Paradox je ten, že se po restartu stabilizoval, ale třeba po 5 minutách se opět "znetvořil". Bylo to jako na kolotoči. Projel okamžitě jsem PC CCleanerem, ATF Cleanerem a MBamem. Vypadal takhle několikrát i ve stavu nouze. Zkusil jsem spustit Combofix v normálním režimu, ale po znetvoření obrazu jsem se nedočkal nějaké činnosti. Musel jsem restartovat. V nouzovém režimu už fungoval a provedl nějaké činnosti. Aktuálně se to drží, ale "nevěřím" tomu.

Přikládám logy.

HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:15:32, on 7.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAC8SWK.EXE
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gKbStatus.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Jarda\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Open FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D44} - C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D41} - C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search - res://C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll/IECONTEXT.DLL.HTM
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

--
End of file - 9212 bytes

Log z MBAM:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verze databáze: 7038

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

7.7.2011 8:13:00
mbam-log-2011-07-07 (08-13-00).txt

Typ: Rychlá kontrola
Kontrolované objekty: 186283
Uplynulý čas: 5 minut, 2 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[Reklama]

[jaro3]

Odinstaluj:
Open FVD Suite Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Open FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D44} - C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole můzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si CrystalDiskInfo

Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Jaros]

Úkony provedeny. Dr. Web Curelt ohlásil nějaké infikované soubory, sedm kusů (jednalo se o soubory redakčního systému phpRS resp. staré zálohy webu) a pak něco v common files. Akorát nevím jestli je někde z toho log...

Přikládám log z CrystalDiskInfo:

----------------------------------------------------------------------------
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2011/07/07 15:39:30

-- Controller Map ----------------------------------------------------------
+ Řadiče úložiště Intel(R) 82801G (řada ICH7) v režimu Ultra ATA - 27DF [ATA]
- Kanál IDE (0)
- Kanál IDE (1)
+ Řadič úložiště Intel(R) 82801GB/GR/GH (řada ICH7) s rozhraním Serial ATA - 27C0 [ATA]
+ Kanál IDE (0)
- TSSTcorp CDDVDW SH-S223F ATA Device
- WDC WD5000AACS-00G8B1 ATA Device
- Kanál IDE (1)
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AACS-00G8B1 : 500.1 GB [0-2-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000AACS-00G8B1
----------------------------------------------------------------------------
Model : WDC WD5000AACS-00G8B1
Firmware : 05.04C05
Serial Number : WD-WCAUK0177939
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 7168 hod.
Power On Count : 1748 krát
Temparature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 134 133 _21 00000000188B Čas na roztočení ploten
04 _99 _99 __0 0000000006EE Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001C00 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000006D4 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000009 Počet vypnutí disku
C1 200 200 __0 0000000006EE Počet cyklů načítání/vymazání
C2 105 102 __0 00000000002A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 55
020: 4B 30 31 37 37 39 33 39 00 00 80 00 00 32 30 35
030: 2E 30 34 43 30 35 57 44 43 20 57 44 35 30 30 30
040: 41 41 43 53 2D 30 30 47 38 42 31 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7F 61 41 23 74 69 BC 41 41 23
0B0: 20 7F 00 38 00 38 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 56 EF 85 D8
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 BA 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7B A5

Logy z OTL:

OTL.txt
OTL logfile created on: 7.7.2011 15:42:57 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jarda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 68,28% Memory free
7,18 Gb Paging File | 6,17 Gb Available in Paging File | 85,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 109,72 Gb Free Space | 23,56% Space Free | Partition Type: NTFS

Computer Name: JARDA-PC | User Name: Jarda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jarda\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Genius\ioCentre\gMouseTask.exe ()
PRC - C:\Genius\ioCentre\gKbdTask.exe ()
PRC - C:\Genius\ioCentre\gKbStatus.exe ()
PRC - C:\Genius\ioCentre\gIMMgm.exe ()
PRC - C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
PRC - C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\CNAC8SWK.EXE (CANON INC.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\CNAP2RPK.EXE (CANON INC.)
PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - C:\Genius\ioCentre\gDeskMgm.exe ()
PRC - C:\Genius\ioCentre\gTaskBar.exe ()
PRC - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE (CANON INC.)
PRC - C:\Genius\ioCentre\gTaskSwitch.exe ()
PRC - C:\Genius\ioCentre\gZoom.exe ()
PRC - C:\Genius\ioCentre\gAutoPan.exe ()
PRC - C:\Genius\ioCentre\gAutoScroll.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Jarda\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nlsX86cc) -- C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ATKFUSService) -- C:\Windows\System32\ATKFUSService.exe (ASUSTeK COMPUTER INC.)


========== Driver Services (SafeList) ==========

DRV - (eamonm) -- C:\Windows\System32\drivers\eamonm.sys (ESET)
DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (epfwwfp) -- C:\Windows\System32\drivers\epfwwfp.sys (ESET)
DRV - (Epfwndis) -- C:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (EIO) -- C:\Windows\System32\drivers\EIO.sys (ASUSTeK Computer Inc.)
DRV - (atkdisplf) -- C:\Windows\System32\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.)
DRV - (asusgsb) -- C:\Windows\System32\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV - (Axtmvprt) -- C:\Windows\System32\drivers\Axtmvprt.sys (Axesstel)
DRV - (Axtmvmdm) -- C:\Windows\System32\drivers\Axtmvmdm.sys (Axesstel)
DRV - (Axtmvflt) -- C:\Windows\System32\drivers\Axtmvflt.sys (Axesstel)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (gMouPS2) -- C:\Windows\System32\drivers\gMouPS2.sys ( Mouse Upfilter Driver )
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 B8 D5 A9 72 61 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google Custom Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: foxdie_ext_ocelot@foxdie.us:3.6.4
FF - prefs.js..extensions.enabledItems: refspoof@mozdev.org:0.9.5
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - prefs.js..extensions.enabledItems: Foxdie@tanjihay.com:3.6.4
FF - prefs.js..extensions.enabledItems: FoxdieGraphite@tanjihay.com:3.6.4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.28 21:27:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.31 13:33:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.31 13:33:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.06 22:16:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.06 19:13:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.10.29 23:48:23 | 000,000,000 | ---D | M]

[2009.08.28 14:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions
[2009.08.28 14:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions
[2011.07.06 19:22:38 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011.07.06 19:22:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.06.15 14:03:46 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.07.06 19:22:40 | 000,000,000 | ---D | M] ("Flash Video Downloader - CENZURA") -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com
[2011.07.06 19:22:39 | 000,000,000 | ---D | M] (AutoProxy) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\Foxdie@tanjihay.com
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\foxdie_ext_ocelot@foxdie.us
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\FoxdieGraphite@tanjihay.com
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\refspoof@mozdev.org
[2011.07.06 19:22:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis
[2010.02.03 15:35:06 | 000,002,057 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\firmycz.xml
[2011.06.29 20:04:23 | 000,000,950 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin-1.xml
[2011.03.05 12:31:20 | 000,000,950 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin-2.xml
[2011.03.05 12:56:14 | 000,000,950 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin-3.xml
[2011.03.23 10:28:42 | 000,000,950 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin-4.xml
[2011.02.27 19:26:37 | 000,001,056 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin.xml
[2010.02.03 15:35:06 | 000,002,052 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\mapycz.xml
[2010.02.03 15:35:07 | 000,002,195 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\zbocz.xml
[2011.07.06 19:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.06 19:13:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) --
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\{317B5128-0B0B-49B2-B2DB-1E7560E16C74}.XPI
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\AUTOPROXY@AUTOPROXY.ORG.XPI
[2009.08.28 21:27:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.25 16:01:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.04.10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2011.06.06 12:55:30 | 000,183,696 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2011.06.15 09:52:38 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2011.06.15 09:52:38 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2011.06.15 09:52:38 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2011.06.15 09:52:38 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2011.06.15 09:52:38 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011.06.15 09:52:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2011.06.15 09:52:38 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2011.03.21 02:38:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No CLSID value found.
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [CNAP2 Launcher] C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE (CANON INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011.07.07 15:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2011.07.07 15:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.07.07 15:29:49 | 000,000,000 | R--D | C] -- C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
[2011.07.07 13:28:53 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\backups
[2011.07.07 13:26:04 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Jarda\Desktop\OTL.exe
[2011.07.07 00:12:47 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\ElevatedDiagnostics
[2011.07.06 23:38:35 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.07.06 23:38:27 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.07.06 23:34:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.07.06 23:32:46 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\temp
[2011.07.06 23:31:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.07.06 22:29:09 | 004,132,805 | R--- | C] (Swearware) -- C:\Users\Jarda\Desktop\ComboFix.exe
[2011.07.06 22:11:47 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\Adobe
[2011.06.27 10:47:03 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Documents\web spolupráce
[2011.06.27 10:36:24 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\Sport - fotoškola
[2011.06.26 22:47:29 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\literatura foto sken
[2011.06.25 12:26:24 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\Zdroje info foto handouty
[2011.06.17 08:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.06.14 23:07:50 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.06.14 23:07:49 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.06.14 23:07:49 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.06.14 23:07:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.06.13 14:22:38 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\{C42875C7-BFFF-4FAD-BAB2-DB36FD85263E}
[2011.06.13 14:22:38 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\{117FAD5C-92A1-4EAB-8305-9004B13E8B7B}
[2011.06.08 09:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaimaRadio
[2011.06.08 09:35:16 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\RaimaRadio
[2011.06.08 09:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\RaimaRadio
[2011.06.08 09:20:15 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\COWON
[2011.06.08 09:17:01 | 000,000,000 | ---D | C] -- C:\WMP3E_Temp
[2009.11.08 16:42:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jarda\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.07 15:39:14 | 000,001,765 | ---- | M] () -- C:\Users\Jarda\Desktop\CrystalDiskInfo.lnk
[2011.07.07 15:29:52 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.07.07 15:29:52 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.07.07 15:29:19 | 000,004,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.07 15:29:19 | 000,004,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.07 15:29:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.07 15:28:59 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.07 15:28:58 | 459,668,592 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.07.07 13:26:07 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Jarda\Desktop\OTL.exe
[2011.07.07 13:25:56 | 000,040,138 | ---- | M] () -- C:\Users\Jarda\Desktop\crystaldiskinfo.htm
[2011.07.07 13:25:25 | 070,143,712 | ---- | M] () -- C:\Users\Jarda\Desktop\launch.exe
[2011.07.07 00:36:51 | 000,000,134 | ---- | M] () -- C:\Users\Jarda\Desktop\Microsoft Fix it.url
[2011.07.06 22:36:44 | 000,607,226 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.07.06 22:36:44 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.07.06 22:36:44 | 000,117,890 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.07.06 22:36:44 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.07.06 22:24:24 | 004,132,805 | R--- | M] (Swearware) -- C:\Users\Jarda\Desktop\ComboFix.exe
[2011.07.05 13:03:56 | 001,606,351 | ---- | M] () -- C:\Users\Jarda\Desktop\FF_studijni_plany_prezencni_2011-12.pdf
[2011.07.05 11:19:10 | 000,379,946 | ---- | M] () -- C:\Users\Jarda\Desktop\FF_studijni_plany_kombinovane_2011-12.pdf
[2011.07.04 14:34:46 | 000,199,680 | ---- | M] () -- C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.03 19:33:00 | 000,155,735 | ---- | M] () -- C:\Users\Jarda\Desktop\Prava_a_povinnosti_uchazecu_o_ECDL_Certifikat_01.pdf
[2011.07.03 19:02:12 | 004,878,195 | ---- | M] () -- C:\Users\Jarda\Desktop\zppc.pdf
[2011.07.03 18:17:53 | 000,002,675 | ---- | M] () -- C:\Users\Jarda\Desktop\Microsoft Office Word 2007.lnk
[2011.07.03 17:45:10 | 005,935,883 | ---- | M] () -- C:\Users\Jarda\Desktop\manual new modem.pdf
[2011.07.03 17:19:59 | 000,129,176 | ---- | M] () -- C:\Users\Jarda\Desktop\metodikabp2010.pdf
[2011.07.03 17:09:10 | 000,393,209 | ---- | M] () -- C:\Users\Jarda\Desktop\diplomky_TULvB.pdf
[2011.07.03 13:25:52 | 000,116,051 | ---- | M] () -- C:\Users\Jarda\Desktop\2010_11_Temata_diplomovych_praci_KZ.pdf
[2011.06.29 07:44:27 | 000,393,856 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.26 08:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe
[2011.06.20 20:49:46 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.17 08:07:20 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.06.08 09:35:19 | 000,000,772 | ---- | M] () -- C:\Users\Jarda\Desktop\RaimaRadio.lnk
[2011.06.07 18:27:21 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.07 15:39:14 | 000,001,765 | ---- | C] () -- C:\Users\Jarda\Desktop\CrystalDiskInfo.lnk
[2011.07.07 13:25:55 | 000,040,138 | ---- | C] () -- C:\Users\Jarda\Desktop\crystaldiskinfo.htm
[2011.07.07 13:23:50 | 070,143,712 | ---- | C] () -- C:\Users\Jarda\Desktop\launch.exe
[2011.07.07 00:35:49 | 000,000,134 | ---- | C] () -- C:\Users\Jarda\Desktop\Microsoft Fix it.url
[2011.07.07 00:03:58 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys
[2011.07.06 22:30:57 | 459,668,592 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.07.05 13:03:55 | 001,606,351 | ---- | C] () -- C:\Users\Jarda\Desktop\FF_studijni_plany_prezencni_2011-12.pdf
[2011.07.05 11:19:09 | 000,379,946 | ---- | C] () -- C:\Users\Jarda\Desktop\FF_studijni_plany_kombinovane_2011-12.pdf
[2011.07.03 19:32:59 | 000,155,735 | ---- | C] () -- C:\Users\Jarda\Desktop\Prava_a_povinnosti_uchazecu_o_ECDL_Certifikat_01.pdf
[2011.07.03 19:02:11 | 004,878,195 | ---- | C] () -- C:\Users\Jarda\Desktop\zppc.pdf
[2011.07.03 17:45:09 | 005,935,883 | ---- | C] () -- C:\Users\Jarda\Desktop\manual new modem.pdf
[2011.07.03 17:19:59 | 000,129,176 | ---- | C] () -- C:\Users\Jarda\Desktop\metodikabp2010.pdf
[2011.07.03 17:09:08 | 000,393,209 | ---- | C] () -- C:\Users\Jarda\Desktop\diplomky_TULvB.pdf
[2011.07.03 13:25:52 | 000,116,051 | ---- | C] () -- C:\Users\Jarda\Desktop\2010_11_Temata_diplomovych_praci_KZ.pdf
[2011.06.17 08:07:20 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.06.17 08:07:20 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.06.08 09:35:19 | 000,000,772 | ---- | C] () -- C:\Users\Jarda\Desktop\RaimaRadio.lnk
[2011.05.10 21:50:24 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011.05.10 21:50:23 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.03.20 23:31:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.20 23:31:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.20 23:31:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.20 23:31:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.20 23:31:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.01.30 17:51:11 | 000,000,058 | ---- | C] () -- C:\Users\Jarda\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2010.12.16 18:48:48 | 000,130,048 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2010.07.29 21:04:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.15 18:18:16 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.03.05 01:39:30 | 000,000,033 | ---- | C] () -- C:\Windows\Multimedia manager.INI
[2010.03.04 23:47:25 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010.03.04 23:39:59 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.11.16 18:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.11.08 16:43:28 | 000,001,041 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\vso_ts_preview.xml
[2009.11.08 16:42:30 | 000,007,887 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\pcouffin.cat
[2009.11.08 16:42:30 | 000,001,144 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\pcouffin.inf
[2009.09.22 21:05:01 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.09.22 21:04:59 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.09.22 21:04:55 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.09.16 17:27:58 | 000,508,224 | ---- | C] () -- C:\Windows\System32\ICCProfiles.dll
[2009.09.01 23:54:26 | 000,004,096 | -H-- | C] () -- C:\Users\Jarda\AppData\Local\keyfile3.drm
[2009.08.30 11:06:22 | 000,024,206 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\UserTile.png
[2009.08.28 21:47:52 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.28 21:47:51 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.28 16:13:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.08.28 14:17:16 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009.08.28 14:17:14 | 000,014,654 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.08.28 14:10:54 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.08.28 14:10:54 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.08.28 13:45:26 | 000,199,680 | ---- | C] () -- C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.21 08:46:38 | 000,607,226 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2008.01.21 08:46:38 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2008.01.21 08:46:38 | 000,117,890 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2008.01.21 08:46:38 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2007.08.01 05:39:28 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,393,856 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2001.01.12 11:49:38 | 000,021,504 | ---- | C] () -- C:\Windows\System32\zlib.dll

========== LOP Check ==========

[2009.08.29 13:03:50 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Acronis
[2011.07.06 22:16:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\AIMP
[2009.08.30 14:20:50 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Ashampoo
[2010.12.16 18:40:57 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Audacity
[2010.09.01 08:41:07 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\CoSoSys
[2011.06.08 09:32:00 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\COWON
[2011.01.30 17:51:11 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\DonationCoder
[2010.10.12 14:11:12 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Downloaded Installations
[2010.09.24 15:20:17 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\ESET
[2011.05.25 19:26:36 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\FileZilla
[2011.07.06 22:16:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\GHISLER
[2011.02.15 10:26:15 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\ICQ
[2010.12.22 18:57:01 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\IrfanView
[2010.12.25 23:14:48 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Leadertech
[2011.05.18 23:45:48 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Live Downloader
[2010.10.12 14:58:02 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Nitro PDF
[2010.03.10 09:59:22 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Opera
[2009.08.30 11:06:22 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\PeerNetworking
[2009.08.28 23:42:05 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\QIP
[2011.06.08 09:35:44 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\RaimaRadio
[2010.12.03 15:21:03 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Samsung
[2011.05.18 15:34:39 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\SpinTop
[2011.05.24 22:37:49 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\uTorrent
[2009.11.08 16:52:08 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Vso
[2010.08.08 21:55:58 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Western Digital
[2010.12.16 22:04:47 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\XMedia Recode
[2011.03.26 03:42:08 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Zoner
[2011.07.07 09:42:46 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2F4A0A6B

< End of report >

[Jaros]

Druhý log z OTL - Extras.txt

OTL Extras logfile created on: 7.7.2011 15:42:57 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jarda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 68,28% Memory free
7,18 Gb Paging File | 6,17 Gb Available in Paging File | 85,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 109,72 Gb Free Space | 23,56% Space Free | Partition Type: NTFS

Computer Name: JARDA-PC | User Name: Jarda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19CB7C5E-5D66-40C9-AD98-50172431EEAF}" = lport=445 | protocol=6 | dir=in | app=system |
"{4179408B-A825-4C75-BD84-1D6E90941EE8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{49C627B9-78E0-42A3-A549-8B6E6B819D94}" = rport=138 | protocol=17 | dir=out | app=system |
"{5E0DC380-CBD8-4ACB-996F-4785B670BCC8}" = lport=137 | protocol=17 | dir=in | app=system |
"{60AF3456-D6E1-462E-A25D-B60A73BF3684}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=sdílení souborů a tiskáren (služba zařazování tisku – rpc-epmap) |
"{6ADBC1F6-9BBB-4BF1-8474-FAAFBC522694}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{933D2109-A773-494D-9C69-CDED16C53FFB}" = lport=138 | protocol=17 | dir=in | app=system |
"{ACE4EDEF-CA45-4986-A21D-0EA719EC9618}" = rport=139 | protocol=6 | dir=out | app=system |
"{B0821B3C-6544-4EAB-A458-4324D9FD99AD}" = rport=137 | protocol=17 | dir=out | app=system |
"{B19E3831-9AF3-4FB2-978F-2E3E0923A096}" = lport=139 | protocol=6 | dir=in | app=system |
"{DB2D35C4-183B-4D11-85E7-C943A6DFBA79}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E2823914-6B3D-43F6-8F1C-465EA35EB793}" = rport=445 | protocol=6 | dir=out | app=system |
"{E539B9B1-EADB-486A-AE34-E0C5631B555E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0202D93B-73CA-4C9D-9CD6-A0094E3FF071}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{024DAA00-F28D-40C5-A3D7-0A43F8564602}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{0E32162B-437A-4581-95E9-8C0D6D0B4720}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2ADD77E7-0CDC-4A7E-8124-88578C6C4214}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2ED9041B-98BB-4552-B83F-B49419D6A0AB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{56190E63-0744-4E65-A90A-C350BEFE052F}" = protocol=1 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-out) |
"{58F2E443-923F-446A-A4CF-A46415CCA533}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{69EB669D-67A4-4F58-B677-E7C4929F7069}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{7D36517A-DB8E-497D-AD02-FBBCF941B5D8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{8413E463-4360-4539-BC23-846A3E6BC5A2}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{845E5376-D228-4ABD-86A9-843F5B12CBCF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{91B79E7A-9A03-4C32-9675-89211F9B5271}" = protocol=58 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-in) |
"{A4E4A183-1447-4C81-B75E-36891A7F377C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{AD945B17-8E37-4B95-9209-957EF3BC35F9}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BBE8AEAB-6068-4896-974A-D037676F0C36}" = protocol=58 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-out) |
"{BE1E0DD1-01F9-41FA-9173-9D9C40A327A3}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{E6B1D90D-9DEA-4B53-8F39-FF7D705C1868}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EF177839-7F0F-4794-9180-F5CD419F6612}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F3CD4F07-84FA-4017-B74F-148D5B9970C7}" = protocol=1 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-in) |
"{F7F73000-0B4C-4A32-BA4A-AE46429D226E}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{FC25D181-91D9-4333-8C4C-0567F5FB3A29}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{FD940A89-E5F8-4A25-B0A2-2B71E6B21AEE}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{0108853C-6C3E-4D27-9FA6-2031F4A36B02}C:\program files\qip 2010\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2010\qip.exe |
"TCP Query User{0661FF82-20F2-47FE-9375-42330E62F16E}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{7F9C66C9-F50C-48CA-BB34-BD49E31ED05C}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{AB9B5B08-1269-4E75-A156-E98BA550B94B}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{CF70E8A8-BF50-4AC1-AA70-E96BA1F9C3FC}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DD5DA4EB-DEFD-41F6-A35C-5EB4B75C5847}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"TCP Query User{E5E32FCC-AE35-42A5-8304-4B63545CBC9C}C:\program files\qip infium\infium.exe" = protocol=6 | dir=in | app=c:\program files\qip infium\infium.exe |
"UDP Query User{3E975347-D52C-4D0F-8197-B0AE8AF27E8C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{94BBE0AA-FEE5-4BA4-A085-EF3296730727}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{B11D884A-030D-415D-BF69-D00277E7D845}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{BFD2BCFC-7311-4F82-9042-DE73439CB6A9}C:\program files\qip infium\infium.exe" = protocol=17 | dir=in | app=c:\program files\qip infium\infium.exe |
"UDP Query User{EF26FD5B-70B3-42E1-AD58-52B1F48E58A6}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"UDP Query User{F1890DFC-489F-4110-8D6C-82581FBB4960}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{FB714B78-A6F5-4CE9-9A3D-B95132F15B3F}C:\program files\qip 2010\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2010\qip.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Panel nástrojů Bing
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{38A193BE-8A8C-4EC9-8E1C-CA5006B17FD6}" = FotoMix Free Edition
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{539F9408-904B-4302-A975-F1C781D7D076}" = ESET Smart Security
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A30D5C0-BD4A-4E65-AADF-20A457DE6D38}" = Windows Live Family Safety
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9CD9CD94-76CC-4524-8617-DEB9C2D7C389}" = FIFA 10 - Demo
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B547CB8D-549A-436E-97B5-E79F911B11E2}" = SDP Downloader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CCF6C317-6428-4407-B52F-DD11B266EDC4}" = Visual C++ 8.0 Runtime Setup Package
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.3.313
"{DBBCF7F1-2AD2-48A3-8408-A9279857D832}" = Samsung PC Studio 3
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0207194-35B9-4476-B02E-395EE52B5960}" = ASUS nVidia Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"aTube Catcher" = aTube Catcher
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Bejeweled 31.0" = Bejeweled 3
"Canon LBP5050" = Canon LBP5050
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"CloneDVD2" = CloneDVD2
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.2
"Czech Soccer Manager 2002 FE" = Czech Soccer Manager 2002 FE
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"EADM" = EA Download Manager
"Efficient WMA MP3 Converter_is1" = Efficient WMA MP3 Converter v0.99
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FIFA MANAGER 10" = FIFA MANAGER 10
"FileZilla Client" = FileZilla Client 3.4.0
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.1
"GetASFStream" = GetASFStream
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"Opera 11.11.2109" = Opera 11.11
"PhotoFiltre" = PhotoFiltre
"PSPad editor_is1" = PSPad editor
"RaimaRadio_is1" = RaimaRadio 1.4
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ScreenshotCaptor_is1" = Screenshot Captor 2.88.01
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"UnderCoverXP_is1" = UnderCoverXP 1.21
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"Warcraft II (modification Wargus for engine Stratagus)" = Warcraft II (modification Wargus for engine Stratagus)
"WinLiveSuite" = Windows Live Essentials
"Winmail Opener" = Winmail Opener 1.4
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 2.2.9.3
"xvid" = XviD MPEG-4 Video Codec
"ZonerPhotoStudio11_CZ_is1" = Zoner Photo Studio 11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 3.0.9042

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24.7.2010 15:46:56 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 25.7.2010 5:16:14 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 25.7.2010 15:40:45 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 25.7.2010 19:33:49 | Computer Name = Jarda-PC | Source = ESENT | ID = 467
Description = Windows (2160) Windows: Databáze C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemTypeText405 tabulky SystemIndex_0A je poškozen (0).

Error - 25.7.2010 19:34:04 | Computer Name = Jarda-PC | Source = ESENT | ID = 467
Description = Windows (2160) Windows: Databáze C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemTypeText405 tabulky SystemIndex_0A je poškozen (0).

Error - 26.7.2010 1:58:35 | Computer Name = Jarda-PC | Source = Windows Search Service | ID = 3024
Description =

Error - 26.7.2010 1:58:54 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 26.7.2010 4:04:52 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ZPS.EXE, verze 11.0.1.1, časové razítko 0x48d68681,
chybující modul ippiv8-5.3.dll, verze 5.3.85.499, časové razítko 0x473fd8b8, kód
výjimky 0xc0000005, posun chyby 0x0060512e, ID procesu 0x13ac, čas spuštění aplikace
0x01cb2c99365af2ff.

Error - 26.7.2010 15:33:26 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 27.7.2010 3:09:41 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 16.5.2011 10:21:01 | Computer Name = Jarda-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6.7.2011 17:44:11 | Computer Name = Jarda-PC | Source = DCOM | ID = 10005
Description =

Error - 6.7.2011 17:44:14 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 6.7.2011 18:02:39 | Computer Name = Jarda-PC | Source = DCOM | ID = 10005
Description =

Error - 6.7.2011 18:05:44 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 7.7.2011 1:54:17 | Computer Name = Jarda-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (2:19:00, 7.7.2011) bylo neočekávané.

Error - 7.7.2011 1:55:58 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 7.7.2011 7:15:15 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 7.7.2011 9:29:05 | Computer Name = Jarda-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:27:29, 7.7.2011) bylo neočekávané.

Error - 7.7.2011 9:29:17 | Computer Name = JARDA-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.35 pro síťovou kartu s adresou 002354A2BF1A
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 7.7.2011 9:30:43 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description =


< End of report >

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner

http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Pokud budou problémy s odinstalací Combofixu , ponech , mažu v OTL..


Odinstaluj:
Dr.Web CureIt (launch.exe)

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google Custom Search"
FF - prefs.js..extensions.enabledItems: Foxdie@tanjihay.com:3.6.4
FF - prefs.js..extensions.enabledItems: FoxdieGraphite@tanjihay.com:3.6.4
[2009.08.28 14:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions
[2009.08.28 14:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\Foxdie@tanjihay.com
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\foxdie_ext_ocelot@foxdie.us
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\FoxdieGraphite@tanjihay.com
[2011.07.06 19:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2011.03.21 02:38:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
[2011.07.06 22:36:44 | 000,607,226 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.07.06 22:36:44 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.07.06 22:36:44 | 000,117,890 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.07.06 22:36:44 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2008.01.21 08:46:38 | 000,607,226 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2008.01.21 08:46:38 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2008.01.21 08:46:38 | 000,117,890 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2008.01.21 08:46:38 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2F4A0A6B

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\ComboFix
C:\32788R22FWJFW
C:\Users\Jarda\Desktop\ComboFix.exe
C:\Users\Jarda\AppData\Local\{C42875C7-BFFF-4FAD-BAB2-DB36FD85263E}
C:\Users\Jarda\AppData\Local\{117FAD5C-92A1-4EAB-8305-9004B13E8B7B}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
C:\ProgramData\nvModes.dat
C:\ProgramData\nvModes.001
C:\Users\Jarda\Desktop\ComboFix.exe
C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\PEV.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\ProgramData\ezsidmv.dat
C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Jaros]

Hmm, tak po zapnutí opět kolaps. Špatný obraz, blikající linky, to samé co předtím. Normální start bez úspěchu. Musím využít nouzový režim.

[Jaros]

Příkaz jsem tedy vykonal v nouzovém režimu. Proběhl restart a pc naběhl se stabilizovaným obrazem. Naběhl log, který jsem bohužel nestihl uložit. Lépe řečeno jsem spustil internet a chtěl jeho obsah zkopírovat na fórum. Bohužel vzápětí starý známý kolaps. Sekaný pohyb kurzoru, blikající linky v narušeném obrazu, čímž moje činnost skončila. Předtím jsem si všiml, že NOD32 nahlásil nějakou infiltraci. Musel jsem restartovat a jít opět do nouzového režimu. (píšu opět tedy z druhého pc)

[Jaros]

Dodatečně přikládám log. Našel jsem jeho umístění v C:\

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
No active process named firefox.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Google Custom Search" removed from browser.search.selectedEngine
Prefs.js: Foxdie@tanjihay.com:3.6.4 removed from extensions.enabledItems
Prefs.js: FoxdieGraphite@tanjihay.com:3.6.4 removed from extensions.enabledItems
C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\META-INF folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\defaults\presets folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\defaults folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\locale\en-US folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\locale folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\wizard folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\semrush folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\related folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\pageinfo folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\density folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\prefpanes folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins\toolbar folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins\pageinfo folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins\linkinfo folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins\density folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\dialogs folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis\FoxdieGraphite@tanjihay.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis\Foxdie@tanjihay.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\refspoof@mozdev.org folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\foxdie_ext_ocelot@foxdie.us folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\FoxdieGraphite@tanjihay.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\Foxdie@tanjihay.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\skin folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\zh-CN folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\sv-SE folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\sq-AL folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\pt-BR folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\fr folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\es-ES folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\en-US folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\de folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\content\ui folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\content folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\components folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\skin folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\locale\en-US folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\locale folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\content\data folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\content folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions folder moved successfully.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\ not found.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\Foxdie@tanjihay.com\ not found.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\foxdie_ext_ocelot@foxdie.us\ not found.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\FoxdieGraphite@tanjihay.com\ not found.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
File 5D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx not found.
Starting removal of ActiveX control {149E45D8-163E-4189-86FC-45022AB2B6C9}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{149E45D8-163E-4189-86FC-45022AB2B6C9}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{149E45D8-163E-4189-86FC-45022AB2B6C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{149E45D8-163E-4189-86FC-45022AB2B6C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{149E45D8-163E-4189-86FC-45022AB2B6C9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{149E45D8-163E-4189-86FC-45022AB2B6C9}\ not found.
Starting removal of ActiveX control {233C1507-6A77-46A4-9443-F871F945D258}
C:\Windows\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
File D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx not found.
Starting removal of ActiveX control {CC450D71-CC90-424C-8638-1F2DBAC87A54}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\Windows\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
File C:\Windows\System32\perfh005.dat not found.
C:\Windows\System32\perfi005.dat moved successfully.
File C:\Windows\System32\perfc005.dat not found.
C:\Windows\System32\perfd005.dat moved successfully.
File C:\Windows\System32\perfh009.dat not found.
C:\Windows\System32\perfi009.dat moved successfully.
File C:\Windows\System32\perfc009.dat not found.
C:\Windows\System32\perfd009.dat moved successfully.
ADS C:\ProgramData\Temp:2F4A0A6B deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\ComboFix not found.
File\Folder C:\32788R22FWJFW not found.
File\Folder C:\Users\Jarda\Desktop\ComboFix.exe not found.
C:\Users\Jarda\AppData\Local\{C42875C7-BFFF-4FAD-BAB2-DB36FD85263E} folder moved successfully.
C:\Users\Jarda\AppData\Local\{117FAD5C-92A1-4EAB-8305-9004B13E8B7B} folder moved successfully.
File\Folder [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] not found.
C:\ProgramData\nvModes.dat moved successfully.
C:\ProgramData\nvModes.001 moved successfully.
File\Folder C:\Users\Jarda\Desktop\ComboFix.exe not found.
C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File\Folder C:\Windows\PEV.exe not found.
File\Folder C:\Windows\sed.exe not found.
File\Folder C:\Windows\grep.exe not found.
File\Folder C:\Windows\zip.exe not found.
C:\ProgramData\ezsidmv.dat moved successfully.
File\Folder C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
->FireFox cache emptied: 111338242 bytes
->Flash cache emptied: 1496 bytes

User: Jarda
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6946927 bytes
->FireFox cache emptied: 55025092 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 11845 bytes

User: Jaros
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Opera cache emptied: 21429607 bytes
->Flash cache emptied: 1197 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 186,00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 07072011_204203

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[jaro3]

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

To bude problém s HW , nedostatečný zdroj ( zkus vyměnit) , grafická karta ( výměna + instalace jiných ovladačů.

[Jaros]

Nemůže dělat problémy třeba i nějaký ovladač? Třeba ten na grafickou kartu? V aplikaci Window Update jsem viděl nějakou volitelnou aktualizaci právě tu mou grafickou kartu, ale když jsem chtěl, aby došlo k aktualizaci, tak to napsalo, že se to nezdařilo.

[jaro3]

Přesně tak , píši přeci instalace jiných ovladačů ke grafice. Zkus dát nejprve ovladače , které máš na CD ke GK , pak můžeš ze stránek výrobce zkusit novější ovladače.

[Jaros]

Zkusím vše možné. Velmi Vám děkuji za dosavadní pomoc. Diskuzi přesouvám do sekce - hardware - viewtopic.php?f=7&t=69892