PC-HELP.CZ

Dobrý den,

prosím o kontrolu logu. Včera od odpoledních hodin jsem zápasil s pc. Pokusím se vše popsat. Během relativně normální činnosti (stahování souborů, serfování po facebooku, info stránkách) se mně zhroutil pc - jakoby se roztrhal obraz v efektu sépie, blikaly některé jeho části, pc zamrznul. Potom se restartoval, byla tam modrá obrazovka hláška o nějaké kolizi hardwaru se softwarem (obraz byl stále poničený). Paradox je ten, že se po restartu stabilizoval, ale třeba po 5 minutách se opět "znetvořil". Bylo to jako na kolotoči. Projel okamžitě jsem PC CCleanerem, ATF Cleanerem a MBamem. Vypadal takhle několikrát i ve stavu nouze. Zkusil jsem spustit Combofix v normálním režimu, ale po znetvoření obrazu jsem se nedočkal nějaké činnosti. Musel jsem restartovat. V nouzovém režimu už fungoval a provedl nějaké činnosti. Aktuálně se to drží, ale "nevěřím" tomu.

Přikládám logy.

HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:15:32, on 7.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAC8SWK.EXE
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gKbStatus.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Jarda\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Open FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D44} - C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D41} - C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search - res://C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll/IECONTEXT.DLL.HTM
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

--
End of file - 9212 bytes

Log z MBAM:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verze databáze: 7038

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

7.7.2011 8:13:00
mbam-log-2011-07-07 (08-13-00).txt

Typ: Rychlá kontrola
Kontrolované objekty: 186283
Uplynulý čas: 5 minut, 2 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Odinstaluj:
Open FVD Suite Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole můzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si CrystalDiskInfo

Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Úkony provedeny. Dr. Web Curelt ohlásil nějaké infikované soubory, sedm kusů (jednalo se o soubory redakčního systému phpRS resp. staré zálohy webu) a pak něco v common files. Akorát nevím jestli je někde z toho log...

Přikládám log z CrystalDiskInfo:

----------------------------------------------------------------------------
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2011/07/07 15:39:30

-- Controller Map ----------------------------------------------------------
+ Řadiče úložiště Intel(R) 82801G (řada ICH7) v režimu Ultra ATA - 27DF [ATA]
- Kanál IDE (0)
- Kanál IDE (1)
+ Řadič úložiště Intel(R) 82801GB/GR/GH (řada ICH7) s rozhraním Serial ATA - 27C0 [ATA]
+ Kanál IDE (0)
- TSSTcorp CDDVDW SH-S223F ATA Device
- WDC WD5000AACS-00G8B1 ATA Device
- Kanál IDE (1)
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AACS-00G8B1 : 500.1 GB [0-2-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000AACS-00G8B1
----------------------------------------------------------------------------
Model : WDC WD5000AACS-00G8B1
Firmware : 05.04C05
Serial Number : WD-WCAUK0177939
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 7168 hod.
Power On Count : 1748 krát
Temparature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 134 133 _21 00000000188B Čas na roztočení ploten
04 _99 _99 __0 0000000006EE Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001C00 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000006D4 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000009 Počet vypnutí disku
C1 200 200 __0 0000000006EE Počet cyklů načítání/vymazání
C2 105 102 __0 00000000002A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 55
020: 4B 30 31 37 37 39 33 39 00 00 80 00 00 32 30 35
030: 2E 30 34 43 30 35 57 44 43 20 57 44 35 30 30 30
040: 41 41 43 53 2D 30 30 47 38 42 31 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7F 61 41 23 74 69 BC 41 41 23
0B0: 20 7F 00 38 00 38 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 56 EF 85 D8
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 BA 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7B A5

Logy z OTL:

OTL.txt
OTL logfile created on: 7.7.2011 15:42:57 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jarda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 68,28% Memory free
7,18 Gb Paging File | 6,17 Gb Available in Paging File | 85,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 109,72 Gb Free Space | 23,56% Space Free | Partition Type: NTFS

Computer Name: JARDA-PC | User Name: Jarda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jarda\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Genius\ioCentre\gMouseTask.exe ()
PRC - C:\Genius\ioCentre\gKbdTask.exe ()
PRC - C:\Genius\ioCentre\gKbStatus.exe ()
PRC - C:\Genius\ioCentre\gIMMgm.exe ()
PRC - C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
PRC - C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\CNAC8SWK.EXE (CANON INC.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\CNAP2RPK.EXE (CANON INC.)
PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - C:\Genius\ioCentre\gDeskMgm.exe ()
PRC - C:\Genius\ioCentre\gTaskBar.exe ()
PRC - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE (CANON INC.)
PRC - C:\Genius\ioCentre\gTaskSwitch.exe ()
PRC - C:\Genius\ioCentre\gZoom.exe ()
PRC - C:\Genius\ioCentre\gAutoPan.exe ()
PRC - C:\Genius\ioCentre\gAutoScroll.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Jarda\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nlsX86cc) -- C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ATKFUSService) -- C:\Windows\System32\ATKFUSService.exe (ASUSTeK COMPUTER INC.)


========== Driver Services (SafeList) ==========

DRV - (eamonm) -- C:\Windows\System32\drivers\eamonm.sys (ESET)
DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (epfwwfp) -- C:\Windows\System32\drivers\epfwwfp.sys (ESET)
DRV - (Epfwndis) -- C:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (EIO) -- C:\Windows\System32\drivers\EIO.sys (ASUSTeK Computer Inc.)
DRV - (atkdisplf) -- C:\Windows\System32\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.)
DRV - (asusgsb) -- C:\Windows\System32\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV - (Axtmvprt) -- C:\Windows\System32\drivers\Axtmvprt.sys (Axesstel)
DRV - (Axtmvmdm) -- C:\Windows\System32\drivers\Axtmvmdm.sys (Axesstel)
DRV - (Axtmvflt) -- C:\Windows\System32\drivers\Axtmvflt.sys (Axesstel)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (gMouPS2) -- C:\Windows\System32\drivers\gMouPS2.sys ( Mouse Upfilter Driver )
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 B8 D5 A9 72 61 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google Custom Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: foxdie_ext_ocelot@foxdie.us:3.6.4
FF - prefs.js..extensions.enabledItems: refspoof@mozdev.org:0.9.5
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - prefs.js..extensions.enabledItems: Foxdie@tanjihay.com:3.6.4
FF - prefs.js..extensions.enabledItems: FoxdieGraphite@tanjihay.com:3.6.4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.28 21:27:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.31 13:33:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.31 13:33:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.06 22:16:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.06 19:13:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.10.29 23:48:23 | 000,000,000 | ---D | M]

[2009.08.28 14:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions
[2009.08.28 14:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions
[2011.07.06 19:22:38 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011.07.06 19:22:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.06.15 14:03:46 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.07.06 19:22:40 | 000,000,000 | ---D | M] ("Flash Video Downloader - CENZURA") -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com
[2011.07.06 19:22:39 | 000,000,000 | ---D | M] (AutoProxy) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\Foxdie@tanjihay.com
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\foxdie_ext_ocelot@foxdie.us
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\FoxdieGraphite@tanjihay.com
[2011.07.06 19:22:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\refspoof@mozdev.org
[2011.07.06 19:22:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis
[2010.02.03 15:35:06 | 000,002,057 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\firmycz.xml
[2011.06.29 20:04:23 | 000,000,950 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin-1.xml
[2011.03.05 12:31:20 | 000,000,950 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin-2.xml
[2011.03.05 12:56:14 | 000,000,950 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin-3.xml
[2011.03.23 10:28:42 | 000,000,950 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin-4.xml
[2011.02.27 19:26:37 | 000,001,056 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\icqplugin.xml
[2010.02.03 15:35:06 | 000,002,052 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\mapycz.xml
[2010.02.03 15:35:07 | 000,002,195 | ---- | M] () -- C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\searchplugins\zbocz.xml
[2011.07.06 19:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.06 19:13:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) --
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\{317B5128-0B0B-49B2-B2DB-1E7560E16C74}.XPI
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
File not found (No name found) -- C:\USERS\JARDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AMKIKK3H.DEFAULT\EXTENSIONS\AUTOPROXY@AUTOPROXY.ORG.XPI
[2009.08.28 21:27:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.25 16:01:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.04.10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2011.06.06 12:55:30 | 000,183,696 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2011.06.15 09:52:38 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2011.06.15 09:52:38 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2011.06.15 09:52:38 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2011.06.15 09:52:38 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2011.06.15 09:52:38 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011.06.15 09:52:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2011.06.15 09:52:38 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2011.03.21 02:38:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No CLSID value found.
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [CNAP2 Launcher] C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE (CANON INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011.07.07 15:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2011.07.07 15:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.07.07 15:29:49 | 000,000,000 | R--D | C] -- C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
[2011.07.07 13:28:53 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\backups
[2011.07.07 13:26:04 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Jarda\Desktop\OTL.exe
[2011.07.07 00:12:47 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\ElevatedDiagnostics
[2011.07.06 23:38:35 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.07.06 23:38:27 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.07.06 23:34:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.07.06 23:32:46 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\temp
[2011.07.06 23:31:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.07.06 22:29:09 | 004,132,805 | R--- | C] (Swearware) -- C:\Users\Jarda\Desktop\ComboFix.exe
[2011.07.06 22:11:47 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\Adobe
[2011.06.27 10:47:03 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Documents\web spolupráce
[2011.06.27 10:36:24 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\Sport - fotoškola
[2011.06.26 22:47:29 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\literatura foto sken
[2011.06.25 12:26:24 | 000,000,000 | ---D | C] -- C:\Users\Jarda\Desktop\Zdroje info foto handouty
[2011.06.17 08:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.06.14 23:07:50 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.06.14 23:07:49 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.06.14 23:07:49 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.06.14 23:07:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.06.13 14:22:38 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\{C42875C7-BFFF-4FAD-BAB2-DB36FD85263E}
[2011.06.13 14:22:38 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Local\{117FAD5C-92A1-4EAB-8305-9004B13E8B7B}
[2011.06.08 09:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaimaRadio
[2011.06.08 09:35:16 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\RaimaRadio
[2011.06.08 09:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\RaimaRadio
[2011.06.08 09:20:15 | 000,000,000 | ---D | C] -- C:\Users\Jarda\AppData\Roaming\COWON
[2011.06.08 09:17:01 | 000,000,000 | ---D | C] -- C:\WMP3E_Temp
[2009.11.08 16:42:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jarda\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.07 15:39:14 | 000,001,765 | ---- | M] () -- C:\Users\Jarda\Desktop\CrystalDiskInfo.lnk
[2011.07.07 15:29:52 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.07.07 15:29:52 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.07.07 15:29:19 | 000,004,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.07 15:29:19 | 000,004,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.07 15:29:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.07 15:28:59 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.07 15:28:58 | 459,668,592 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.07.07 13:26:07 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Jarda\Desktop\OTL.exe
[2011.07.07 13:25:56 | 000,040,138 | ---- | M] () -- C:\Users\Jarda\Desktop\crystaldiskinfo.htm
[2011.07.07 13:25:25 | 070,143,712 | ---- | M] () -- C:\Users\Jarda\Desktop\launch.exe
[2011.07.07 00:36:51 | 000,000,134 | ---- | M] () -- C:\Users\Jarda\Desktop\Microsoft Fix it.url
[2011.07.06 22:36:44 | 000,607,226 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.07.06 22:36:44 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.07.06 22:36:44 | 000,117,890 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.07.06 22:36:44 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.07.06 22:24:24 | 004,132,805 | R--- | M] (Swearware) -- C:\Users\Jarda\Desktop\ComboFix.exe
[2011.07.05 13:03:56 | 001,606,351 | ---- | M] () -- C:\Users\Jarda\Desktop\FF_studijni_plany_prezencni_2011-12.pdf
[2011.07.05 11:19:10 | 000,379,946 | ---- | M] () -- C:\Users\Jarda\Desktop\FF_studijni_plany_kombinovane_2011-12.pdf
[2011.07.04 14:34:46 | 000,199,680 | ---- | M] () -- C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.03 19:33:00 | 000,155,735 | ---- | M] () -- C:\Users\Jarda\Desktop\Prava_a_povinnosti_uchazecu_o_ECDL_Certifikat_01.pdf
[2011.07.03 19:02:12 | 004,878,195 | ---- | M] () -- C:\Users\Jarda\Desktop\zppc.pdf
[2011.07.03 18:17:53 | 000,002,675 | ---- | M] () -- C:\Users\Jarda\Desktop\Microsoft Office Word 2007.lnk
[2011.07.03 17:45:10 | 005,935,883 | ---- | M] () -- C:\Users\Jarda\Desktop\manual new modem.pdf
[2011.07.03 17:19:59 | 000,129,176 | ---- | M] () -- C:\Users\Jarda\Desktop\metodikabp2010.pdf
[2011.07.03 17:09:10 | 000,393,209 | ---- | M] () -- C:\Users\Jarda\Desktop\diplomky_TULvB.pdf
[2011.07.03 13:25:52 | 000,116,051 | ---- | M] () -- C:\Users\Jarda\Desktop\2010_11_Temata_diplomovych_praci_KZ.pdf
[2011.06.29 07:44:27 | 000,393,856 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.26 08:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe
[2011.06.20 20:49:46 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.17 08:07:20 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.06.08 09:35:19 | 000,000,772 | ---- | M] () -- C:\Users\Jarda\Desktop\RaimaRadio.lnk
[2011.06.07 18:27:21 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.07 15:39:14 | 000,001,765 | ---- | C] () -- C:\Users\Jarda\Desktop\CrystalDiskInfo.lnk
[2011.07.07 13:25:55 | 000,040,138 | ---- | C] () -- C:\Users\Jarda\Desktop\crystaldiskinfo.htm
[2011.07.07 13:23:50 | 070,143,712 | ---- | C] () -- C:\Users\Jarda\Desktop\launch.exe
[2011.07.07 00:35:49 | 000,000,134 | ---- | C] () -- C:\Users\Jarda\Desktop\Microsoft Fix it.url
[2011.07.07 00:03:58 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys
[2011.07.06 22:30:57 | 459,668,592 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.07.05 13:03:55 | 001,606,351 | ---- | C] () -- C:\Users\Jarda\Desktop\FF_studijni_plany_prezencni_2011-12.pdf
[2011.07.05 11:19:09 | 000,379,946 | ---- | C] () -- C:\Users\Jarda\Desktop\FF_studijni_plany_kombinovane_2011-12.pdf
[2011.07.03 19:32:59 | 000,155,735 | ---- | C] () -- C:\Users\Jarda\Desktop\Prava_a_povinnosti_uchazecu_o_ECDL_Certifikat_01.pdf
[2011.07.03 19:02:11 | 004,878,195 | ---- | C] () -- C:\Users\Jarda\Desktop\zppc.pdf
[2011.07.03 17:45:09 | 005,935,883 | ---- | C] () -- C:\Users\Jarda\Desktop\manual new modem.pdf
[2011.07.03 17:19:59 | 000,129,176 | ---- | C] () -- C:\Users\Jarda\Desktop\metodikabp2010.pdf
[2011.07.03 17:09:08 | 000,393,209 | ---- | C] () -- C:\Users\Jarda\Desktop\diplomky_TULvB.pdf
[2011.07.03 13:25:52 | 000,116,051 | ---- | C] () -- C:\Users\Jarda\Desktop\2010_11_Temata_diplomovych_praci_KZ.pdf
[2011.06.17 08:07:20 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.06.17 08:07:20 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.06.08 09:35:19 | 000,000,772 | ---- | C] () -- C:\Users\Jarda\Desktop\RaimaRadio.lnk
[2011.05.10 21:50:24 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011.05.10 21:50:23 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.03.20 23:31:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.20 23:31:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.20 23:31:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.20 23:31:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.20 23:31:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.01.30 17:51:11 | 000,000,058 | ---- | C] () -- C:\Users\Jarda\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2010.12.16 18:48:48 | 000,130,048 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2010.07.29 21:04:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.15 18:18:16 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.03.05 01:39:30 | 000,000,033 | ---- | C] () -- C:\Windows\Multimedia manager.INI
[2010.03.04 23:47:25 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010.03.04 23:39:59 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.11.16 18:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.11.08 16:43:28 | 000,001,041 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\vso_ts_preview.xml
[2009.11.08 16:42:30 | 000,007,887 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\pcouffin.cat
[2009.11.08 16:42:30 | 000,001,144 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\pcouffin.inf
[2009.09.22 21:05:01 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.09.22 21:04:59 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.09.22 21:04:55 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.09.16 17:27:58 | 000,508,224 | ---- | C] () -- C:\Windows\System32\ICCProfiles.dll
[2009.09.01 23:54:26 | 000,004,096 | -H-- | C] () -- C:\Users\Jarda\AppData\Local\keyfile3.drm
[2009.08.30 11:06:22 | 000,024,206 | ---- | C] () -- C:\Users\Jarda\AppData\Roaming\UserTile.png
[2009.08.28 21:47:52 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.28 21:47:51 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.28 16:13:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.08.28 14:17:16 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009.08.28 14:17:14 | 000,014,654 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.08.28 14:10:54 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.08.28 14:10:54 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.08.28 13:45:26 | 000,199,680 | ---- | C] () -- C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.21 08:46:38 | 000,607,226 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2008.01.21 08:46:38 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2008.01.21 08:46:38 | 000,117,890 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2008.01.21 08:46:38 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2007.08.01 05:39:28 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,393,856 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2001.01.12 11:49:38 | 000,021,504 | ---- | C] () -- C:\Windows\System32\zlib.dll

========== LOP Check ==========

[2009.08.29 13:03:50 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Acronis
[2011.07.06 22:16:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\AIMP
[2009.08.30 14:20:50 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Ashampoo
[2010.12.16 18:40:57 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Audacity
[2010.09.01 08:41:07 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\CoSoSys
[2011.06.08 09:32:00 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\COWON
[2011.01.30 17:51:11 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\DonationCoder
[2010.10.12 14:11:12 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Downloaded Installations
[2010.09.24 15:20:17 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\ESET
[2011.05.25 19:26:36 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\FileZilla
[2011.07.06 22:16:37 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\GHISLER
[2011.02.15 10:26:15 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\ICQ
[2010.12.22 18:57:01 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\IrfanView
[2010.12.25 23:14:48 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Leadertech
[2011.05.18 23:45:48 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Live Downloader
[2010.10.12 14:58:02 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Nitro PDF
[2010.03.10 09:59:22 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Opera
[2009.08.30 11:06:22 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\PeerNetworking
[2009.08.28 23:42:05 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\QIP
[2011.06.08 09:35:44 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\RaimaRadio
[2010.12.03 15:21:03 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Samsung
[2011.05.18 15:34:39 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\SpinTop
[2011.05.24 22:37:49 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\uTorrent
[2009.11.08 16:52:08 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Vso
[2010.08.08 21:55:58 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Western Digital
[2010.12.16 22:04:47 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\XMedia Recode
[2011.03.26 03:42:08 | 000,000,000 | ---D | M] -- C:\Users\Jarda\AppData\Roaming\Zoner
[2011.07.07 09:42:46 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2F4A0A6B

< End of report >

Druhý log z OTL - Extras.txt

OTL Extras logfile created on: 7.7.2011 15:42:57 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jarda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 68,28% Memory free
7,18 Gb Paging File | 6,17 Gb Available in Paging File | 85,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 109,72 Gb Free Space | 23,56% Space Free | Partition Type: NTFS

Computer Name: JARDA-PC | User Name: Jarda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19CB7C5E-5D66-40C9-AD98-50172431EEAF}" = lport=445 | protocol=6 | dir=in | app=system |
"{4179408B-A825-4C75-BD84-1D6E90941EE8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{49C627B9-78E0-42A3-A549-8B6E6B819D94}" = rport=138 | protocol=17 | dir=out | app=system |
"{5E0DC380-CBD8-4ACB-996F-4785B670BCC8}" = lport=137 | protocol=17 | dir=in | app=system |
"{60AF3456-D6E1-462E-A25D-B60A73BF3684}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=sdílení souborů a tiskáren (služba zařazování tisku – rpc-epmap) |
"{6ADBC1F6-9BBB-4BF1-8474-FAAFBC522694}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{933D2109-A773-494D-9C69-CDED16C53FFB}" = lport=138 | protocol=17 | dir=in | app=system |
"{ACE4EDEF-CA45-4986-A21D-0EA719EC9618}" = rport=139 | protocol=6 | dir=out | app=system |
"{B0821B3C-6544-4EAB-A458-4324D9FD99AD}" = rport=137 | protocol=17 | dir=out | app=system |
"{B19E3831-9AF3-4FB2-978F-2E3E0923A096}" = lport=139 | protocol=6 | dir=in | app=system |
"{DB2D35C4-183B-4D11-85E7-C943A6DFBA79}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E2823914-6B3D-43F6-8F1C-465EA35EB793}" = rport=445 | protocol=6 | dir=out | app=system |
"{E539B9B1-EADB-486A-AE34-E0C5631B555E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0202D93B-73CA-4C9D-9CD6-A0094E3FF071}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{024DAA00-F28D-40C5-A3D7-0A43F8564602}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{0E32162B-437A-4581-95E9-8C0D6D0B4720}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2ADD77E7-0CDC-4A7E-8124-88578C6C4214}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2ED9041B-98BB-4552-B83F-B49419D6A0AB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{56190E63-0744-4E65-A90A-C350BEFE052F}" = protocol=1 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-out) |
"{58F2E443-923F-446A-A4CF-A46415CCA533}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{69EB669D-67A4-4F58-B677-E7C4929F7069}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{7D36517A-DB8E-497D-AD02-FBBCF941B5D8}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{8413E463-4360-4539-BC23-846A3E6BC5A2}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{845E5376-D228-4ABD-86A9-843F5B12CBCF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{91B79E7A-9A03-4C32-9675-89211F9B5271}" = protocol=58 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-in) |
"{A4E4A183-1447-4C81-B75E-36891A7F377C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{AD945B17-8E37-4B95-9209-957EF3BC35F9}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BBE8AEAB-6068-4896-974A-D037676F0C36}" = protocol=58 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-out) |
"{BE1E0DD1-01F9-41FA-9173-9D9C40A327A3}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{E6B1D90D-9DEA-4B53-8F39-FF7D705C1868}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EF177839-7F0F-4794-9180-F5CD419F6612}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F3CD4F07-84FA-4017-B74F-148D5B9970C7}" = protocol=1 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-in) |
"{F7F73000-0B4C-4A32-BA4A-AE46429D226E}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{FC25D181-91D9-4333-8C4C-0567F5FB3A29}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{FD940A89-E5F8-4A25-B0A2-2B71E6B21AEE}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{0108853C-6C3E-4D27-9FA6-2031F4A36B02}C:\program files\qip 2010\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2010\qip.exe |
"TCP Query User{0661FF82-20F2-47FE-9375-42330E62F16E}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{7F9C66C9-F50C-48CA-BB34-BD49E31ED05C}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{AB9B5B08-1269-4E75-A156-E98BA550B94B}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{CF70E8A8-BF50-4AC1-AA70-E96BA1F9C3FC}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DD5DA4EB-DEFD-41F6-A35C-5EB4B75C5847}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"TCP Query User{E5E32FCC-AE35-42A5-8304-4B63545CBC9C}C:\program files\qip infium\infium.exe" = protocol=6 | dir=in | app=c:\program files\qip infium\infium.exe |
"UDP Query User{3E975347-D52C-4D0F-8197-B0AE8AF27E8C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{94BBE0AA-FEE5-4BA4-A085-EF3296730727}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{B11D884A-030D-415D-BF69-D00277E7D845}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{BFD2BCFC-7311-4F82-9042-DE73439CB6A9}C:\program files\qip infium\infium.exe" = protocol=17 | dir=in | app=c:\program files\qip infium\infium.exe |
"UDP Query User{EF26FD5B-70B3-42E1-AD58-52B1F48E58A6}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"UDP Query User{F1890DFC-489F-4110-8D6C-82581FBB4960}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{FB714B78-A6F5-4CE9-9A3D-B95132F15B3F}C:\program files\qip 2010\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2010\qip.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Panel nástrojů Bing
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{38A193BE-8A8C-4EC9-8E1C-CA5006B17FD6}" = FotoMix Free Edition
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{539F9408-904B-4302-A975-F1C781D7D076}" = ESET Smart Security
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A30D5C0-BD4A-4E65-AADF-20A457DE6D38}" = Windows Live Family Safety
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9CD9CD94-76CC-4524-8617-DEB9C2D7C389}" = FIFA 10 - Demo
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B547CB8D-549A-436E-97B5-E79F911B11E2}" = SDP Downloader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CCF6C317-6428-4407-B52F-DD11B266EDC4}" = Visual C++ 8.0 Runtime Setup Package
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.3.313
"{DBBCF7F1-2AD2-48A3-8408-A9279857D832}" = Samsung PC Studio 3
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0207194-35B9-4476-B02E-395EE52B5960}" = ASUS nVidia Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"aTube Catcher" = aTube Catcher
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Bejeweled 31.0" = Bejeweled 3
"Canon LBP5050" = Canon LBP5050
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"CloneDVD2" = CloneDVD2
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.2
"Czech Soccer Manager 2002 FE" = Czech Soccer Manager 2002 FE
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"EADM" = EA Download Manager
"Efficient WMA MP3 Converter_is1" = Efficient WMA MP3 Converter v0.99
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FIFA MANAGER 10" = FIFA MANAGER 10
"FileZilla Client" = FileZilla Client 3.4.0
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.1
"GetASFStream" = GetASFStream
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"Opera 11.11.2109" = Opera 11.11
"PhotoFiltre" = PhotoFiltre
"PSPad editor_is1" = PSPad editor
"RaimaRadio_is1" = RaimaRadio 1.4
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ScreenshotCaptor_is1" = Screenshot Captor 2.88.01
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"UnderCoverXP_is1" = UnderCoverXP 1.21
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"Warcraft II (modification Wargus for engine Stratagus)" = Warcraft II (modification Wargus for engine Stratagus)
"WinLiveSuite" = Windows Live Essentials
"Winmail Opener" = Winmail Opener 1.4
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 2.2.9.3
"xvid" = XviD MPEG-4 Video Codec
"ZonerPhotoStudio11_CZ_is1" = Zoner Photo Studio 11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 3.0.9042

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24.7.2010 15:46:56 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 25.7.2010 5:16:14 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 25.7.2010 15:40:45 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 25.7.2010 19:33:49 | Computer Name = Jarda-PC | Source = ESENT | ID = 467
Description = Windows (2160) Windows: Databáze C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemTypeText405 tabulky SystemIndex_0A je poškozen (0).

Error - 25.7.2010 19:34:04 | Computer Name = Jarda-PC | Source = ESENT | ID = 467
Description = Windows (2160) Windows: Databáze C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb:
Index System_ItemTypeText405 tabulky SystemIndex_0A je poškozen (0).

Error - 26.7.2010 1:58:35 | Computer Name = Jarda-PC | Source = Windows Search Service | ID = 3024
Description =

Error - 26.7.2010 1:58:54 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 26.7.2010 4:04:52 | Computer Name = Jarda-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ZPS.EXE, verze 11.0.1.1, časové razítko 0x48d68681,
chybující modul ippiv8-5.3.dll, verze 5.3.85.499, časové razítko 0x473fd8b8, kód
výjimky 0xc0000005, posun chyby 0x0060512e, ID procesu 0x13ac, čas spuštění aplikace
0x01cb2c99365af2ff.

Error - 26.7.2010 15:33:26 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

Error - 27.7.2010 3:09:41 | Computer Name = Jarda-PC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 16.5.2011 10:21:01 | Computer Name = Jarda-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6.7.2011 17:44:11 | Computer Name = Jarda-PC | Source = DCOM | ID = 10005
Description =

Error - 6.7.2011 17:44:14 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 6.7.2011 18:02:39 | Computer Name = Jarda-PC | Source = DCOM | ID = 10005
Description =

Error - 6.7.2011 18:05:44 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 7.7.2011 1:54:17 | Computer Name = Jarda-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (2:19:00, 7.7.2011) bylo neočekávané.

Error - 7.7.2011 1:55:58 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 7.7.2011 7:15:15 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 7.7.2011 9:29:05 | Computer Name = Jarda-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:27:29, 7.7.2011) bylo neočekávané.

Error - 7.7.2011 9:29:17 | Computer Name = JARDA-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.35 pro síťovou kartu s adresou 002354A2BF1A
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 7.7.2011 9:30:43 | Computer Name = Jarda-PC | Source = Service Control Manager | ID = 7034
Description =


< End of report >

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner

http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Pokud budou problémy s odinstalací Combofixu , ponech , mažu v OTL..


Odinstaluj:
Dr.Web CureIt (launch.exe)

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Hmm, tak po zapnutí opět kolaps. Špatný obraz, blikající linky, to samé co předtím. Normální start bez úspěchu. Musím využít nouzový režim.

Příkaz jsem tedy vykonal v nouzovém režimu. Proběhl restart a pc naběhl se stabilizovaným obrazem. Naběhl log, který jsem bohužel nestihl uložit. Lépe řečeno jsem spustil internet a chtěl jeho obsah zkopírovat na fórum. Bohužel vzápětí starý známý kolaps. Sekaný pohyb kurzoru, blikající linky v narušeném obrazu, čímž moje činnost skončila. Předtím jsem si všiml, že NOD32 nahlásil nějakou infiltraci. Musel jsem restartovat a jít opět do nouzového režimu. (píšu opět tedy z druhého pc)

Dodatečně přikládám log. Našel jsem jeho umístění v C:\

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
No active process named firefox.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Google Custom Search" removed from browser.search.selectedEngine
Prefs.js: Foxdie@tanjihay.com:3.6.4 removed from extensions.enabledItems
Prefs.js: FoxdieGraphite@tanjihay.com:3.6.4 removed from extensions.enabledItems
C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\META-INF folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\defaults\presets folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\defaults folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\locale\en-US folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\locale folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\wizard folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\semrush folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\related folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\pageinfo folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin\density folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\skin folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\prefpanes folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins\toolbar folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins\pageinfo folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins\linkinfo folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins\density folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\plugins folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content\dialogs folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome\content folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis\FoxdieGraphite@tanjihay.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis\Foxdie@tanjihay.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\staged-xpis folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\refspoof@mozdev.org folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\foxdie_ext_ocelot@foxdie.us folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\FoxdieGraphite@tanjihay.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\Foxdie@tanjihay.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\skin folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\zh-CN folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\sv-SE folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\sq-AL folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\pt-BR folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\fr folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\es-ES folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\en-US folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale\de folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\locale folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\content\ui folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome\content folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\autoproxy@autoproxy.org folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\components folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\skin folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\locale\en-US folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\locale folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\content\data folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome\content folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com\chrome folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\artur.dubovoy@gmail.com folder moved successfully.
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions folder moved successfully.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\ not found.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\Foxdie@tanjihay.com\ not found.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\foxdie_ext_ocelot@foxdie.us\ not found.
Folder C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\amkikk3h.default\extensions\FoxdieGraphite@tanjihay.com\ not found.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
File 5D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx not found.
Starting removal of ActiveX control {149E45D8-163E-4189-86FC-45022AB2B6C9}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{149E45D8-163E-4189-86FC-45022AB2B6C9}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{149E45D8-163E-4189-86FC-45022AB2B6C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{149E45D8-163E-4189-86FC-45022AB2B6C9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{149E45D8-163E-4189-86FC-45022AB2B6C9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{149E45D8-163E-4189-86FC-45022AB2B6C9}\ not found.
Starting removal of ActiveX control {233C1507-6A77-46A4-9443-F871F945D258}
C:\Windows\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
File D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx not found.
Starting removal of ActiveX control {CC450D71-CC90-424C-8638-1F2DBAC87A54}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC450D71-CC90-424C-8638-1F2DBAC87A54}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\Windows\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
File C:\Windows\System32\perfh005.dat not found.
C:\Windows\System32\perfi005.dat moved successfully.
File C:\Windows\System32\perfc005.dat not found.
C:\Windows\System32\perfd005.dat moved successfully.
File C:\Windows\System32\perfh009.dat not found.
C:\Windows\System32\perfi009.dat moved successfully.
File C:\Windows\System32\perfc009.dat not found.
C:\Windows\System32\perfd009.dat moved successfully.
ADS C:\ProgramData\Temp:2F4A0A6B deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\ComboFix not found.
File\Folder C:\32788R22FWJFW not found.
File\Folder C:\Users\Jarda\Desktop\ComboFix.exe not found.
C:\Users\Jarda\AppData\Local\{C42875C7-BFFF-4FAD-BAB2-DB36FD85263E} folder moved successfully.
C:\Users\Jarda\AppData\Local\{117FAD5C-92A1-4EAB-8305-9004B13E8B7B} folder moved successfully.
File\Folder [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] not found.
C:\ProgramData\nvModes.dat moved successfully.
C:\ProgramData\nvModes.001 moved successfully.
File\Folder C:\Users\Jarda\Desktop\ComboFix.exe not found.
C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File\Folder C:\Windows\PEV.exe not found.
File\Folder C:\Windows\sed.exe not found.
File\Folder C:\Windows\grep.exe not found.
File\Folder C:\Windows\zip.exe not found.
C:\ProgramData\ezsidmv.dat moved successfully.
File\Folder C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
->FireFox cache emptied: 111338242 bytes
->Flash cache emptied: 1496 bytes

User: Jarda
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6946927 bytes
->FireFox cache emptied: 55025092 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 11845 bytes

User: Jaros
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Opera cache emptied: 21429607 bytes
->Flash cache emptied: 1197 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 186,00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 07072011_204203

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

To bude problém s HW , nedostatečný zdroj ( zkus vyměnit) , grafická karta ( výměna + instalace jiných ovladačů.

Nemůže dělat problémy třeba i nějaký ovladač? Třeba ten na grafickou kartu? V aplikaci Window Update jsem viděl nějakou volitelnou aktualizaci právě tu mou grafickou kartu, ale když jsem chtěl, aby došlo k aktualizaci, tak to napsalo, že se to nezdařilo.

Přesně tak , píši přeci instalace jiných ovladačů ke grafice. Zkus dát nejprve ovladače , které máš na CD ke GK , pak můžeš ze stránek výrobce zkusit novější ovladače.

Zkusím vše možné. Velmi Vám děkuji za dosavadní pomoc. Diskuzi přesouvám do sekce - hardware - viewtopic.php?f=7&t=69892