HJT log; padají programy, hry Vyřešeno

[memphisto]

Několikrát restartuj a bude vše ok. Případně obnov zástupce prohlížečů na ploše. Měls to řádně zavšivené

Opět vypni rezidentní ochrany antiviru a firewallu a dále:
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\users\Martin\AppData\Local\BIT127A.tmp

Driver::
GGSAFERDriver
cpuz133

File::
c:\windows\system32\drivers\cpuz133_x32.sys

Folder::
c:\program files\Garena


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Reklama]

[Rejtharik]

Pokusím se, ale nevím jestli PC vůbec zapnu, včera po pár restartech jsem dostal BSoD s hláškou PAGE_FAULT_IN_NONPAGED_AREA, následoval restart a pak už se nedostanu dál než přes POST , ani do biosu prostě PC zamrzne. Až přijdu domů restartuju CMOS a uvidíme

[Rejtharik]

Měl jsi pravdu memphisto, moc vám děkuju PC jsem zapl na poprvé a o mnoho rychleji než dříve i FF jde, teď jsem doma, ale za chvilku valím zpět do školy takže ten další LOG pošlu asi za 2 hodinky
Garenu mi tam prosím nechte , není to sice nejpoužívanější program v PC, ale když je nuda tak ji využiju, nebo je jiný důvod k jejímu smáznutí ?

[Žbeky]

Pokud ji používáš, tak použíj tento skript:

Kód: Vybrat vše

KillAll::

File::
c:\users\Martin\AppData\Local\BIT127A.tmp
c:\windows\system32\drivers\cpuz133_x32.sys

Driver::
cpuz133

[Rejtharik]

ComboFix 11-05-13.02 - Martin 18.05.2011 16:29:26.5.1 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.1984.1442 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Martin\AppData\Local\BIT127A.tmp"
"c:\windows\system32\drivers\cpuz133_x32.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\cpuz133_x32.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ133
-------\Service_cpuz133
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-18 do 2011-05-18 )))))))))))))))))))))))))))))))
.
.
2011-05-18 14:42 . 2011-05-18 14:42 0 ---ha-w- c:\users\Martin\AppData\Local\BITC21.tmp
2011-05-18 14:39 . 2011-05-18 14:42 -------- d-----w- c:\users\Martin\AppData\Local\temp
2011-05-18 14:39 . 2011-05-18 14:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 18:14 . 2011-04-15 14:39 4400520 -c----w- c:\programdata\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_e848a5844933f933c9e091117efce631d12ff7b_cab_066c3fa0\SkypePnr.dll
2011-05-17 18:13 . 2011-04-18 07:15 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{704F3DE9-BF69-410C-9688-D0A01075631B}\mpengine.dll
2011-05-17 18:09 . 2004-07-08 14:04 8208 ----a-w- c:\windows\system32\drivers\SPKLPT.SYS
2011-05-17 18:09 . 2002-11-18 08:41 12320 ----a-w- c:\windows\system32\drivers\SPARKEY.SYS
2011-05-17 18:08 . 2011-05-17 18:08 -------- d-----w- c:\program files\DesignSoft
2011-05-17 16:45 . 2011-05-17 16:45 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-16 17:50 . 2011-05-16 17:51 -------- d-----w- c:\programdata\Skype Extras
2011-05-16 17:50 . 2011-05-16 17:50 -------- d-----w- c:\program files\Common Files\Skype
2011-05-13 18:46 . 2011-05-13 18:46 -------- d-----w- c:\program files\Celestia
2011-05-12 18:34 . 2011-05-12 18:34 -------- d-----w- c:\windows\Sun
2011-05-10 18:20 . 2011-05-10 18:20 -------- d-----w- c:\program files\Common Files\Java
2011-05-10 18:19 . 2011-05-10 18:19 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-05-10 18:19 . 2011-05-10 18:19 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-10 18:19 . 2011-05-10 18:19 -------- d-----w- c:\program files\Java
2011-05-08 08:44 . 2011-05-08 09:14 -------- d-----w- c:\program files\2K Games
2011-05-04 19:06 . 2011-05-04 19:06 -------- d-----w- c:\program files\XviD
2011-05-04 19:03 . 2011-05-04 19:14 -------- d-----w- c:\program files\Growler Guncam
2011-05-04 19:02 . 2011-05-04 19:03 -------- d-----w- c:\program files\Common Files\GC Install
2011-05-03 13:40 . 2007-03-01 00:54 109248 ----a-w- c:\windows\system32\MSWINSCK.OCX
2011-05-03 13:35 . 2011-05-17 12:55 -------- d-----w- c:\program files\DaemonicMU Season IV
2011-04-30 14:29 . 2011-04-30 14:30 -------- d-----w- c:\program files\OpenTTD
2011-04-23 06:48 . 2011-04-23 06:48 -------- d-----w- c:\users\Martin\AppData\Roaming\RedEyePilot
2011-04-22 16:54 . 2011-04-22 16:54 -------- d-----w- c:\users\Martin\AppData\Roaming\URSE Games
2011-04-22 07:17 . 2011-05-13 16:44 -------- d-----w- c:\program files\Ledova kralovna 3 - Vrani carodejka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-30 18:07 . 2011-02-15 17:10 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-30 18:07 . 2011-01-28 09:45 234768 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-04-30 13:53 . 2011-01-28 09:46 138264 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-20 14:47 . 2011-01-28 09:46 138056 ----a-w- c:\users\Martin\AppData\Roaming\PnkBstrK.sys
2011-04-20 14:47 . 2011-01-28 09:45 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-04-08 11:28 . 2011-04-08 11:28 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-03-15 13:14 . 2011-03-15 13:09 2829 ----a-w- c:\windows\War3Unin.pif
2011-03-15 13:14 . 2011-03-15 13:09 139264 ----a-w- c:\windows\War3Unin.exe
2011-02-24 13:05 . 2011-02-24 13:05 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2011-02-24 13:05 . 2011-02-24 13:05 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2011-02-23 15:04 . 2011-01-09 18:16 40648 ----a-w- c:\windows\avastSS.scr
2011-02-23 15:04 . 2011-01-09 18:16 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-23 14:56 . 2011-02-24 15:47 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-02-23 14:56 . 2011-01-09 18:16 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2011-01-09 18:16 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2011-01-09 18:16 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2011-01-09 18:16 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2011-01-09 18:16 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-21 14:26 . 2011-02-21 14:26 388096 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-01 17:04 . 2005-12-31 14:08 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
.
[-] 2009-07-14 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"SoundMan"="SOUNDMAN.EXE" [2009-03-10 604704]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-02-23 3451496]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 11:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-10 11:49 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-05 09:09 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
R2 AODService;AODService;c:\program files\AMD\OverDrive\AODAssist.exe [2010-04-23 136616]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-10 136176]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-10 136176]
R3 NetHook_ControlCenter;ArtOfPing ControlCenter;c:\program files\AutoTunnel GG\ControlCenter.sys [x]
R3 NetHook_Interceptor;ArtOfPing TDI Interceptor;c:\program files\AutoTunnel GG\Interceptor.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
.
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {90DB1A98-7E0C-4DF8-B97E-D851EA3E556E} = 62.240.187.250,10.0.0.1
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0ujgpmbg.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedie (cs)
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-872976068-2092966973-4185235829-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:94,9e,e3,9f,77,2e,40,e3,b0,6d,c2,46,e8,6d,0c,c4,dd,2c,1e,ea,84,ec,7f,
32,aa,f0,b0,c6,34,d9,5d,3f,2b,c5,8d,0c,f2,32,3e,fc,aa,3a,73,1d,73,e6,4b,13,\
"??"=hex:d6,ff,49,4e,02,4a,38,47,02,cf,5d,fd,b2,87,1b,54
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-05-18 16:47:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-18 14:47
ComboFix2.txt 2011-05-17 17:39
ComboFix3.txt 2011-05-14 09:08
.
Před spuštěním: 9 482 461 184
Po spuštění: 9 174 736 896
.
- - End Of File - - 7FD7D2A524E8DCAF988B235252DDB46A

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Stáhni si CrystalDiskInfo

Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Rejtharik]

CrystalDiskInfo
----------------------------------------------------------------------------
CrystalDiskInfo 4.0.0 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition [6.1 Build 7600] (x86)
Date : 2011/05/19 13:53:06

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- Maxtor 6Y080P0 ATA Device
+ ATA Channel 1 (1)
- HL-DT-ST DVDRAM GSA-4167B ATA Device
- Řadič NVIDIA nForce s rozhraním Serial ATA [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Maxtor 6Y080P0 : 81.9 GB [0-0-0, pd1]
(2) TOSHIBA MK5059GSX : 500.1 GB [1-X-X, sa1] (V=125F, P=A94A)

----------------------------------------------------------------------------
(1) Maxtor 6Y080P0
----------------------------------------------------------------------------
Model : Maxtor 6Y080P0
Firmware : YAR41BW0
Serial Number : Y2E2HXLE
Disk Size : 81.9 GB (8.4/81.9/----)
Buffer Size : 7936 KB
Queue Depth : 1
# of Sectors : 160086528
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : Ultra DMA/133
Power On Hours : 726 hod. (?)
Power On Count : 963 krát
Temparature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 225 225 _63 0000000022D9 Čas na roztočení ploten
04 253 253 __0 0000000003D0 Počet spuštění/zastavení
05 253 253 _63 000000000000 Počet přemapovaných sektorů
06 253 253 100 000000000000 Počet dosáhnutí konce při čtení
07 253 252 __0 000000000000 Počet chybných hledání
08 249 241 187 00000000A72C Čas potřebný na vyhledání
09 144 144 __0 00000000AA2A Hodin v činnosti
0A 253 252 157 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 252 223 000000000000 Počet pokusů o překalibrování
0C 251 251 __0 0000000003C3 Počet cyklů zapnutí zařízení
C0 253 253 __0 000000000000 Počet vypnutí disku
C1 253 253 __0 000000000000 Počet cyklů načítání/vymazání
C2 253 253 __0 000000000027 Teplota
C3 253 252 __0 0000000004A4 Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 199 199 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 253 252 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 252 __0 000000000002 Počet chyb při čtení programů z disku
CA 253 252 __0 000000000000 Počet chyb při směrování údajů
CB 253 252 180 000000000000 Počet chyb v kódech na opravu chyb
CC 253 252 __0 000000000000 Počet softvérově opravených chyb v opravných kódech
CD 253 252 __0 000000000000 Počet chyb způsobených vysokou teplotou
CF 253 252 __0 000000000000 Množství napětí potřebného na roztočení disku
D0 253 252 __0 000000000000 Počet vyslaných impulzů na roztočení disku při nedostatečném napájení
D1 194 188 __0 000000000000 Výkon při vyhledávaní na disku při interních testech disku
63 253 253 __0 000000000000 Neznámý
64 253 253 __0 000000000000 Neznámý
65 253 253 __0 000000000000 Neznámý

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 40 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 59 32 45 32 48 58 4C 45 20 20 20 20
020: 20 20 20 20 20 20 20 20 00 03 3E 00 00 39 59 41
030: 52 34 31 42 57 30 4D 61 78 74 6F 72 20 36 59 30
040: 38 30 50 30 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 BA 00 09 8A 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 FE 00 1E 7C 6B 7B 09 40 03 7C 69 3A 01 40 03
0B0: 40 7F 00 00 00 00 00 00 FF FE 60 0B C0 FE 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C6 A5

----------------------------------------------------------------------------
(2) TOSHIBA MK5059GSX
----------------------------------------------------------------------------
Enclosure : ADATA HDD CH94 USB Device (V=125F, P=A94A, sa1)
Model : TOSHIBA MK5059GSX
Firmware : GK003A
Serial Number : Y06EF3B4S
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : Neznámy údaj
Power On Count : Neznámy údaj
Temparature : Neznámy údaj
Health Status : Neznámý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 40 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 59
020: 30 36 45 46 33 42 34 53 00 00 40 00 00 00 47 4B
030: 30 30 33 41 20 20 54 4F 53 48 49 42 41 20 4D 4B
040: 35 30 35 39 47 53 58 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 07 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 0F 06 00 02 00 4C 00 40
0A0: 01 F8 00 00 74 6B 7D 09 61 63 74 68 BC 09 61 63
0B0: 20 3F 00 5C 00 5C 00 80 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 60 03 00 00 50 00 03 92 E6 E0 0D 7D
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 18
0F0: 40 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3D 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 1F 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 00 80 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8D A5

[Rejtharik]

OTL
OTL logfile created on: 19.5.2011 14:06:13 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Martin\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,24 Gb Total Space | 10,04 Gb Free Space | 13,18% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 116,10 Gb Free Space | 24,93% Space Free | Partition Type: NTFS

Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Martin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)


========== Modules (SafeList) ==========

MOD - C:\Users\Martin\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Ati External Event Utility) -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AODService) -- C:\Program Files\AMD\OverDrive\AODAssist.exe ()
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (cmuda3) -- C:\Windows\System32\drivers\cmudax3.sys (C-Media Inc)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\Windows\System32\drivers\RTKVAC.SYS (Realtek Semiconductor Corp.)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Wikipedie (cs)"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.11

FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011.02.24 17:47:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.01 19:04:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.10 20:19:49 | 000,000,000 | ---D | M]

[2011.01.09 19:01:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions
[2011.01.09 19:01:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.05.15 12:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0ujgpmbg.default\extensions
[2011.05.15 12:14:08 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0ujgpmbg.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.04.19 20:27:41 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0ujgpmbg.default\extensions\battlefieldplay4free@ea.com
[2011.01.10 16:13:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\vwn3oqad.default\extensions
[2011.05.10 20:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.05.01 19:04:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.05.10 20:19:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2005.12.31 16:08:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2005.12.31 16:08:43 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) --
[2011.02.24 17:47:38 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0UJGPMBG.DEFAULT\EXTENSIONS\PAGEHACKER-NICO@NC.XPI
[2011.05.01 19:04:47 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2007.04.10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2011.05.10 20:19:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2010.11.10 13:49:36 | 000,135,568 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.11.30 15:20:46 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010.01.01 10:00:00 | 000,002,364 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.05.18 16:41:47 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[Rejtharik]

Pokračování
========== Files/Folders - Created Within 30 Days ==========

[2011.05.19 13:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2011.05.19 13:52:37 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.05.19 13:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.05.19 13:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.05.18 16:47:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.05.18 16:46:20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.05.18 16:39:59 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\temp
[2011.05.17 20:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edison 5
[2011.05.17 20:09:18 | 000,012,320 | ---- | C] (Spark Technologies co., Ltd.) -- C:\Windows\System32\drivers\SPARKEY.SYS
[2011.05.17 20:09:18 | 000,008,208 | ---- | C] (Spark Tech Co.,Ltd) -- C:\Windows\System32\drivers\SPKLPT.SYS
[2011.05.17 20:08:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\DesignSoft
[2011.05.17 20:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\DesignSoft
[2011.05.17 18:45:41 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.16 19:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.16 19:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.16 19:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.05.13 20:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celestia
[2011.05.13 20:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\Celestia
[2011.05.12 20:34:08 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.05.10 20:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.05.10 20:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.05.10 20:19:49 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.05.10 20:19:49 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.05.10 20:19:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.05.10 20:19:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.05.10 20:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.05.08 10:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\2K Games
[2011.05.07 16:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultr@Pack
[2011.05.04 21:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
[2011.05.04 21:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\XviD
[2011.05.04 21:03:15 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Growler Software
[2011.05.04 21:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\Growler Guncam
[2011.05.04 21:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\GC Install
[2011.05.03 15:40:54 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSWINSCK.OCX
[2011.05.03 15:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DaemonicMU Season IV
[2011.05.03 15:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\DaemonicMU Season IV
[2011.04.30 16:30:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\OpenTTD
[2011.04.30 16:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
[2011.04.30 16:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\OpenTTD
[2011.04.23 08:48:59 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\RedEyePilot
[2011.04.22 18:54:16 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\URSE Games
[2011.04.22 09:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ledová královna 3 - Vraní čarodějka
[2011.04.22 09:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Ledova kralovna 3 - Vrani carodejka
[2011.04.20 16:48:52 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Battlefield Play4Free
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.05.19 13:52:40 | 000,001,926 | ---- | M] () -- C:\Users\Martin\Desktop\CrystalDiskInfo.lnk
[2011.05.19 13:00:03 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.19 12:57:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.19 12:57:16 | 1559,928,832 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.18 21:38:55 | 000,022,336 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.18 21:38:55 | 000,022,336 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.18 19:45:51 | 000,007,659 | ---- | M] () -- C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
[2011.05.18 16:41:47 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.05.17 18:45:41 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.15 19:20:01 | 003,763,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.05.10 20:19:31 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.05.10 20:19:31 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.05.10 20:19:31 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.05.10 20:19:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.05.07 18:08:37 | 000,001,091 | ---- | M] () -- C:\Users\Martin\Desktop\IL-2 Mody.lnk
[2011.05.07 16:43:53 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\Ultr@Pack Update & Restore.lnk
[2011.05.07 16:43:53 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Ultr@Pack Switcher.lnk
[2011.05.07 16:43:53 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\JSGME.lnk
[2011.05.06 19:57:42 | 000,625,676 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.05.06 19:57:42 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.06 19:57:42 | 000,119,794 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.05.06 19:57:42 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.04 19:34:52 | 000,001,145 | ---- | M] () -- C:\Users\Martin\Desktop\IL2 1946.lnk
[2011.05.04 15:47:57 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.05.04 15:47:41 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.05.03 15:40:54 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\DaeMU Season IV.lnk
[2011.04.30 20:07:39 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.04.30 19:04:35 | 000,000,866 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
[2011.04.30 17:01:01 | 000,046,742 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\room.dat
[2011.04.30 15:53:42 | 000,138,264 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.04.28 17:53:33 | 000,121,940 | ---- | M] () -- C:\Users\Martin\Documents\hry 2.JPG
[2011.04.28 17:51:41 | 000,122,644 | ---- | M] () -- C:\Users\Martin\Documents\hra.JPG
[2011.04.28 17:36:52 | 000,136,752 | ---- | M] () -- C:\Users\Martin\Documents\internet.JPG
[2011.04.28 17:14:36 | 000,147,594 | ---- | M] () -- C:\Users\Martin\Documents\pc.JPG
[2011.04.28 17:14:21 | 000,151,411 | ---- | M] () -- C:\Users\Martin\Documents\pc2.JPG
[2011.04.28 16:59:56 | 002,359,350 | ---- | M] () -- C:\Users\Martin\Documents\ta.bmp
[2011.04.25 20:13:30 | 001,780,298 | ---- | M] () -- C:\Users\Martin\Documents\via pc.bmp
[2011.04.20 16:47:52 | 000,138,056 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\PnkBstrK.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.05.19 13:52:40 | 000,001,926 | ---- | C] () -- C:\Users\Martin\Desktop\CrystalDiskInfo.lnk
[2011.05.19 13:00:03 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.07 18:08:37 | 000,001,091 | ---- | C] () -- C:\Users\Martin\Desktop\IL-2 Mody.lnk
[2011.05.07 16:43:53 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\Ultr@Pack Update & Restore.lnk
[2011.05.07 16:43:53 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Ultr@Pack Switcher.lnk
[2011.05.07 16:43:53 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\JSGME.lnk
[2011.05.04 19:55:10 | 001,049,652 | ---- | C] () -- C:\Users\Martin\Desktop\RRG_176 GvIAP.bmp
[2011.05.04 19:34:52 | 000,001,145 | ---- | C] () -- C:\Users\Martin\Desktop\IL2 1946.lnk
[2011.05.03 15:40:54 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\DaeMU Season IV.lnk
[2011.04.28 17:53:27 | 000,121,940 | ---- | C] () -- C:\Users\Martin\Documents\hry 2.JPG
[2011.04.28 17:51:38 | 000,122,644 | ---- | C] () -- C:\Users\Martin\Documents\hra.JPG
[2011.04.28 17:36:45 | 000,136,752 | ---- | C] () -- C:\Users\Martin\Documents\internet.JPG
[2011.04.28 17:14:14 | 000,147,594 | ---- | C] () -- C:\Users\Martin\Documents\pc.JPG
[2011.04.28 17:09:55 | 000,151,411 | ---- | C] () -- C:\Users\Martin\Documents\pc2.JPG
[2011.04.28 16:58:03 | 002,359,350 | ---- | C] () -- C:\Users\Martin\Documents\ta.bmp
[2011.04.25 20:13:18 | 001,780,298 | ---- | C] () -- C:\Users\Martin\Documents\via pc.bmp
[2011.04.15 18:29:39 | 000,046,742 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\room.dat
[2011.04.08 13:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011.03.15 15:09:44 | 000,105,368 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.03.02 14:05:31 | 000,000,980 | ---- | C] () -- C:\Windows\eReg.dat
[2011.03.02 14:01:47 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2011.02.28 16:52:59 | 000,552,960 | R--- | C] () -- C:\Windows\System32\Cmeaupci.exe
[2011.02.28 16:52:59 | 000,000,082 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2011.02.28 16:52:12 | 000,303,104 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2011.02.28 16:52:12 | 000,002,123 | R--- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2011.02.28 16:52:12 | 000,000,866 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2011.01.28 11:46:11 | 000,138,264 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.01.28 11:46:11 | 000,138,056 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\PnkBstrK.sys
[2011.01.28 11:45:38 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.01.28 11:45:29 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.01.17 12:32:01 | 000,007,659 | ---- | C] () -- C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
[2011.01.11 17:04:41 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2011.01.10 16:07:08 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.01.10 16:00:41 | 000,154,144 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
[2011.01.09 18:37:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.02.11 07:30:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.09.21 16:23:14 | 000,625,676 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.09.21 16:23:14 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.09.21 16:23:14 | 000,119,794 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.09.21 16:23:14 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 003,763,232 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,609,896 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,104,214 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:37 | 000,000,000 | ---- | C] () -- C:\Windows\System32\upnp.dll
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\System32\winver.exe
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.05.07 06:05:52 | 000,002,641 | R--- | C] () -- C:\Windows\cmudax3.ini
[2009.04.24 00:29:16 | 000,189,051 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.02.20 14:59:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.02.20 14:59:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.02.20 13:24:46 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2004.12.20 11:08:28 | 000,155,648 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2004.12.20 11:03:26 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2011.03.18 12:44:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ArtOfPing
[2011.01.28 10:10:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ashampoo
[2011.03.28 17:00:50 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Audacity
[2011.01.10 14:11:24 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2011.01.12 19:56:45 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Gold Casual Games
[2006.01.01 10:04:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\HyperLobby
[2011.01.12 20:00:04 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Meridian93
[2011.01.31 19:06:44 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Need for Speed World
[2011.04.23 08:48:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\RedEyePilot
[2011.02.10 20:06:04 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Shape games
[2011.02.21 19:17:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TeamViewer
[2011.01.28 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Trio
[2011.03.09 17:07:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ubisoft
[2011.04.22 18:54:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\URSE Games
[2011.05.19 13:42:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent
[2011.05.19 12:58:26 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

[Rejtharik]

a teď ten Extras
OTL Extras logfile created on: 19.5.2011 14:06:13 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Martin\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,24 Gb Total Space | 10,04 Gb Free Space | 13,18% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 116,10 Gb Free Space | 24,93% Space Free | Partition Type: NTFS

Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07BE4679-4318-4413-9701-B3D92354F11D}" = Heroes of Might and Magic V - Tribes of the East
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{333F3B34-0374-4B2C-9A23-EA6294D82772}" = HyperLobby client
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{69FB248E-690D-434F-94A7-248D5F1ECD70}" = AMD OverDrive
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{82D8304F-73D7-4EE6-8472-D0684BAA2865}" = AGEIA PhysX v7.05.06
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9B743536-28E5-4A48-A1CC-8600A18386C3}" = Growler Guncam
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{9DD1E180-64EE-4595-A97F-33FA51E4588B}_is1" = DaemonicMU Season IV 1.50
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{ACABB9C0-19BB-4DBB-BAD0-EAF31E6795EB}" = Edison 5
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}" = Vietcong & Vietcong: Fist Alpha
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{Dobrodruzny mahjongg - Kapitola 2}_is1" = Dobrodružný mahjongg - Kapitola 2 1.0
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{Ledova kralovna 3 - Vrani carodejka}_is1" = Ledová královna 3 - Vraní čarodějka 1.1
"{Nadherna zahrada}_is1" = Nádherná zahrada 1.0
"{Smajlici}_is1" = Smajlíci 1.0
"{Utajený svět umění}_is1" = Utajený svět umění 1.0
"{Záhadné město Zlatá Praha}_is1" = Záhadné město Zlatá Praha 1.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Celestia_is1" = Celestia 1.6.0
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Counter-Strike 1.6" = Counter-Strike 1.6
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.16
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"GameParkClient_is1" = GamePark
"Garena" = Garena 2010
"Hamachi" = Hamachi 1.0.1.5
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"Kouzelné dárky" = Kouzelné dárky
"Kyodai Mahjongg_is1" = Kyodai Mahjongg
"Ledové Drahokamy" = Ledové Drahokamy
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mobility" = Mobility
"Mozilla Firefox 4.0.1 (x86 cs)" = Mozilla Firefox 4.0.1 (x86 cs)
"OCCT_is1" = OCCT Perestroika 3.1.0
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.1.0
"Phun_is1" = Algodoo Phun edition v5.28
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"SvetlogradCZ_is1" = SvetlogradCZ verze 1.0
"TeamViewer 6" = TeamViewer 6
"Two Worlds" = Two Worlds
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.7
"Výprava do Květinové země" = Výprava do Květinové země
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"XviD_is1" = XviD MPEG-4 Video Codec
"Ztracené štěňátko" = Ztracené štěňátko

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[2011.01.09 19:01:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions
[2011.01.09 19:01:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.05.15 12:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\0ujgpmbg.default\extensions
[2011.05.10 20:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2005.12.31 16:08:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
[2011.05.06 19:57:42 | 000,625,676 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.05.06 19:57:42 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.06 19:57:42 | 000,119,794 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.05.06 19:57:42 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009.09.21 16:23:14 | 000,625,676 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.09.21 16:23:14 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.09.21 16:23:14 | 000,119,794 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.09.21 16:23:14 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 04:05:48 | 000,609,896 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,104,214 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
c:\users\Martin\AppData\Local\BIT*.tmp

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Garena" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Users\Martin\AppData\Roaming\room.dat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Aktualizuj javu:
http://java.com/en/download/windows_man ... ?locale=en
Vyber OS
Vyber:
Windows Offline Installation
Ostatní javy odeber v přidat/odebrat programy.

[Rejtharik]

Zatím ten VT
http://www.virustotal.com/file-scan/rep ... 1305829884