prosim o pomoc-divne chovani pc

Zpráva

JudgeDeath · #1 Příspěvek od **JudgeDeath** » 07 led 2012 06:46

prosim o check logu jestli tam neni nic zavadnyho
po startupu mi to zacalo hazet divny chyby(nespousteli se programy a kdyz jsem chtel nainstalovat antivir,tak to neslo)

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dzadzded at 2012-01-07 06:44:58
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (11%) free of 10 GB
Total RAM: 3583 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:45:02, on 7.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
F:\Utils\totalcmd\TOTALCMD.EXE
D:\Download\RSIT.exe
C:\Program Files\trend micro\Dzadzded.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=17284
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F3 - REG:win.ini: run=
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-796845957-1993962763-1417001333-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-796845957-1993962763-1417001333-1008\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'UpdatusUser')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IObit Toolbar Service (IObitBarService) - Unknown owner - C:\PROGRA~1\IObitBar\toolbar\1.bin\i0barsvc.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6131 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RegInOut Scheduled Scan - Dzadzded.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Dzadzded\Data aplikací\Mozilla\Firefox\Profiles\lfeon9cu.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/firefox?client=fir ... s:official"
prefs.js - "extensions.enabledItems" - "{DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1, {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.227.0, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.90, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.1, bkmrksync@nokia.com:1.0.0.736, wrc@avast.com:20110101, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://www.crawler.com/search/dispatche ... 60347&qkw="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"bkmrksync@nokia.com"=F:\Utils\Nokia\Nokia PC Suite 7\bkmrksync\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IObitBar.com/Plugin]
"Description"=IObit Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.90]
"Description"=getPlus+(R)
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browser.xpt
browsercomps.dll
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
np_gp.dll

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Dzadzded\Data aplikací\Mozilla\Firefox\Profiles\lfeon9cu.default\extensions\
ffxtlbr@babylon.com
nostmp
{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}

C:\Documents and Settings\Dzadzded\Data aplikací\Mozilla\Firefox\Profiles\lfeon9cu.default\searchplugins\
conduit.xml
daemon-search.xml
IObitBar.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZon1.dll [2010-08-29 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZon1.dll [2010-08-29 2734688]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1387288]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-10-08 16744256]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2011-10-08 1632360]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"C-Media Mixer"=Mixer.exe /startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-05-20 724536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
F:\Utils\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2011-09-21 641400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dzadzded^Nabídka Start^Programy^Po spuštění^CurseClientStartup.ccip]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoInstrumentation"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"F:\Utils\MIranda\miranda32.exe"="F:\Utils\MIranda\miranda32.exe:*:Enabled:Miranda IM"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"F:\Utils\Miranda IM new\miranda32.exe"="F:\Utils\Miranda IM new\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\BlastShark\hellgate\BlastShark.exe"="C:\Program Files\BlastShark\hellgate\BlastShark.exe:*:Enabled:hellgate"
"C:\Program Files\ODEON\JAF\JCOP.EXE"="C:\Program Files\ODEON\JAF\JCOP.EXE:*:Enabled:JCOP"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Download\WoW-BurningCrusade-enGB-Installer-downloader.exe"="D:\Download\WoW-BurningCrusade-enGB-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\Games\StarCraft II\StarCraft II.exe"="F:\Games\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"F:\Games\StarCraft II\Versions\Base19679\SC2.exe"="F:\Games\StarCraft II\Versions\Base19679\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-01-07 06:44:58 ----D---- C:\rsit
2012-01-07 06:44:58 ----D---- C:\Program Files\trend micro
2011-12-27 01:45:14 ----A---- C:\WINDOWS\system32\Cmeaupci.exe
2011-12-27 01:45:02 ----A---- C:\WINDOWS\system32\CmiInstallResAll.dll
2011-12-27 01:45:01 ----A---- C:\WINDOWS\difxapi.dll
2011-12-27 01:45:01 ----A---- C:\WINDOWS\cmudax3.ini
2011-12-27 01:44:58 ----A---- C:\WINDOWS\system32\drivers\cmudax3.sys
2011-12-27 01:44:58 ----A---- C:\WINDOWS\system32\cmudax3.DLL
2011-12-26 02:36:06 ----N---- C:\WINDOWS\cmijack.ini
2011-12-26 02:36:06 ----A---- C:\WINDOWS\CMISETUP.INI
2011-12-26 02:36:06 ----A---- C:\WINDOWS\CMCDPLAY.INI
2011-12-24 03:00:22 ----A---- C:\WINDOWS\ipuninst.exe
2011-12-24 01:37:12 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\BabylonToolbar
2011-12-24 01:18:37 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2011-12-24 01:18:29 ----D---- C:\Program Files\Babylon
2011-12-24 01:14:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrszht.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrstr.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsth.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrssv.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrssl.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrssk.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsru.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrspt.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrspl.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsno.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsko.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsja.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsit.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrshu.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrshe.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrses.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrseng.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsel.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsde.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsda.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrscs.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsar.dll
2011-12-24 00:54:51 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2011-12-24 00:50:34 ----SHD---- C:\Config.Msi
2011-12-24 00:49:48 ----D---- C:\Program Files\WhoCrashed
2011-12-24 00:32:30 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-12-24 00:22:20 ----A---- C:\WINDOWS\system32\nvunrm.exe
2011-12-24 00:22:19 ----A---- C:\WINDOWS\system32\nvusmb.exe
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoZht.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoZhc.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoTr.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoTh.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoSv.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoSl.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoSk.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoRu.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoPtb.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoPt.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoPl.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoNo.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoNl.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoKo.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoJa.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoIt.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoHu.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoHe.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoFr.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoFi.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoEsm.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoEs.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoENU.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoEng.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoEl.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoDe.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoDa.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoCs.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoAr.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\nvraiins.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\nvraidco.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\drivers\nvgts.sys
2011-12-24 00:21:54 ----A---- C:\WINDOWS\system32\nvconrm.dll
2011-12-24 00:21:54 ----A---- C:\WINDOWS\system32\drivers\nvnrm.sys
2011-12-24 00:21:54 ----A---- C:\WINDOWS\system32\drivers\nvnetbus.sys
2011-12-24 00:21:54 ----A---- C:\WINDOWS\system32\drivers\NVENETFD.sys
2011-12-24 00:21:49 ----A---- C:\WINDOWS\system32\fdco1.dll
2011-12-24 00:21:49 ----A---- C:\WINDOWS\system32\bdco1.dll
2011-12-24 00:11:23 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-12-24 00:11:22 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2011-12-24 00:11:22 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2011-12-24 00:11:21 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2011-12-23 23:46:27 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-12-23 23:35:00 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-12-23 23:06:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Backup
2011-12-23 22:49:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\RegInOut
2011-12-23 22:49:44 ----D---- C:\WINDOWS\RegInOut System Utilities
2011-12-23 22:49:30 ----D---- C:\Program Files\RegInOut
2011-12-22 19:10:12 ----D---- C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP
2011-12-22 17:16:30 ----D---- C:\Program Files\Microsoft.NET
2011-12-21 18:41:51 ----D---- C:\Program Files\GeMM
2011-12-20 18:19:45 ----A---- C:\WINDOWS\system32\drivers\LNonPnP.sys
2011-12-20 18:19:17 ----A---- C:\WINDOWS\system32\drivers\LBeepKE.sys
2011-12-20 18:18:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Logishrd
2011-12-20 18:18:52 ----D---- C:\Program Files\Logitech
2011-12-20 18:18:39 ----D---- C:\Program Files\Common Files\Logishrd
2011-12-20 18:17:40 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Logitech
2011-12-20 18:17:40 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Logishrd

======List of files/folders modified in the last 1 month======

2012-01-07 06:44:58 ----RD---- C:\Program Files
2012-01-07 06:44:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-01-07 06:43:27 ----D---- C:\WINDOWS\Prefetch
2012-01-07 06:41:03 ----SHD---- C:\System Volume Information
2012-01-07 06:39:36 ----A---- C:\WINDOWS\WINCMD.INI
2012-01-07 06:37:59 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Skype
2012-01-07 06:16:19 ----D---- C:\Program Files\Mozilla Firefox
2012-01-07 06:14:41 ----D---- C:\WINDOWS\temp
2012-01-07 01:18:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-04 19:14:34 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Mumble
2011-12-31 22:49:55 ----A---- C:\WINDOWS\mixerdef.ini
2011-12-31 22:49:51 ----D---- C:\WINDOWS
2011-12-31 22:48:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-31 22:48:12 ----D---- C:\WINDOWS\system32
2011-12-31 22:48:11 ----D---- C:\WINDOWS\system32\drivers
2011-12-31 22:48:07 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-31 22:48:05 ----D---- C:\WINDOWS\system
2011-12-31 22:42:35 ----HD---- C:\WINDOWS\inf
2011-12-31 22:42:09 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-31 22:27:28 ----SH---- C:\boot.ini
2011-12-31 22:27:28 ----A---- C:\WINDOWS\win.ini
2011-12-31 22:27:28 ----A---- C:\WINDOWS\system.ini
2011-12-31 16:27:20 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\uTorrent
2011-12-27 00:43:50 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Ventrilo
2011-12-27 00:43:32 ----SHD---- C:\WINDOWS\Installer
2011-12-27 00:43:21 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-12-27 00:41:39 ----D---- C:\Program Files\VideoLAN
2011-12-27 00:39:33 ----D---- C:\Program Files\Pando Networks
2011-12-27 00:33:00 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-12-27 00:28:25 ----D---- C:\WINDOWS\Help
2011-12-27 00:27:02 ----D---- C:\Program Files\Common Files
2011-12-27 00:10:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-27 00:07:53 ----D---- C:\Program Files\MultiRes
2011-12-26 22:44:38 ----D---- C:\WINDOWS\system32\DirectX
2011-12-26 22:44:15 ----D---- C:\WINDOWS\WinSxS
2011-12-24 23:16:21 ----D---- C:\WINDOWS\Minidump
2011-12-24 22:51:04 ----D---- C:\Program Files\NVIDIA Corporation
2011-12-24 16:36:28 ----RSD---- C:\WINDOWS\assembly
2011-12-24 16:36:28 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-24 01:20:14 ----SD---- C:\WINDOWS\Tasks
2011-12-24 00:55:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-12-24 00:55:22 ----D---- C:\Documents and Settings
2011-12-23 23:44:20 ----A---- C:\WINDOWS\ntbtlog.txt
2011-12-23 23:24:22 ----D---- C:\WINDOWS\system32\config
2011-12-23 06:49:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-22 18:59:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2011-12-22 17:25:33 ----D---- C:\WINDOWS\system32\cs-cz
2011-12-22 17:16:43 ----D---- C:\WINDOWS\system32\en-us
2011-12-22 17:09:18 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Adobe
2011-12-21 20:17:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-12-14 21:57:29 ----D---- C:\Program Files\Internet Explorer
2011-12-14 21:57:16 ----D---- C:\WINDOWS\ie7updates
2011-12-14 21:57:04 ----A---- C:\WINDOWS\imsins.BAK
2011-12-14 21:51:32 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-10 21:15:30 ----D---- C:\WINDOWS\Logs
2011-12-10 15:07:55 ----D---- C:\WINDOWS\system32\Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-06 691696]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-17 26024]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2011-09-02 12184]
R3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-11-02 1872320]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2011-09-02 30360]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-10-08 12791488]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-25 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-25 22016]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2008-07-23 15264]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 AsrCDDrv;AsrCDDrv; \??\C:\WINDOWS\system32\Drivers\AsrCDDrv.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Dzadzded\LOCALS~1\Temp\catchme.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Dzadzded\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-12-02 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-10-01 47360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2008-07-23 47744]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-04-27 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-10-08 298304]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-08 2253120]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 IObitBarService;IObit Toolbar Service; C:\PROGRA~1\IObitBar\toolbar\1.bin\i0barsvc.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 295192]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 07 led 2012 07:39

Zdravím.

Máš zoufale málo místa na systémovém disku C:\, tak se nediv, že je systém pomalý a nic tam nenainstaluješ.

Proč jsi nedokončil poslední prohlídku s kolegou vyosek?

Napřed jsi byl šíleně netrpělivý a pak mu ani neodpovíš a nepokračuješ v prohlídce?

Čí je tohle počítač? Posledně jsi tu byl s Vistami.

A nevkládej logy do Code, špatně se to čte a bolí z toho oči. Copak nevidíš, že Ti to Moderátoři musí pořád editovat?!

JudgeDeath · #3 Příspěvek od **JudgeDeath** » 07 led 2012 07:54

pc s vistama nebyl muj a nakonec jsem to vyresil instalaci xp...visty jsou fakt crap .Se omlouvam.

Tenhle pc je muj.Ted mi to pro jistotu zacalo po startupu hlasit obnoveni systemu po zavazne chybe a semtam bsod.

edit:tu whocrashed ohledne tech bsod,ale myslim ze to nepomuze protoze to nikdy neni duvod proc spousti bsod.Ovladacema to nebude protoze jsem zadny neinstaloval

Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

On Sat 7.1.2012 6:48:13 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini010712-05.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0x22F43)
Bugcheck code: 0x1A (0x41284, 0x59AF5001, 0x7BA, 0xFFFFFFFFC0883000)
Error: MEMORY_MANAGEMENT
file path: C:\WINDOWS\system32\ntkrnlpa.exe
product: Operační systém Microsoft® Windows®
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

On Sat 7.1.2012 6:48:13 GMT your computer crashed
crash dump file: C:\WINDOWS\memory.dmp
This was probably caused by the following module: ntkrpamp.exe (nt!KeBugCheckEx+0x1B)
Bugcheck code: 0x1A (0x41284, 0x59AF5001, 0x7BA, 0xFFFFFFFFC0883000)
Error: MEMORY_MANAGEMENT
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: ntkrpamp.exe .
Google query: ntkrpamp.exe MEMORY_MANAGEMENT

On Sat 7.1.2012 6:44:36 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini010712-04.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0x22F43)
Bugcheck code: 0x50 (0xFFFFFFFFA1050C30, 0x1, 0xFFFFFFFF8054B10D, 0x0)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\WINDOWS\system32\ntkrnlpa.exe
product: Operační systém Microsoft® Windows®
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

On Sat 7.1.2012 6:41:14 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini010712-03.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0x22F43)
Bugcheck code: 0x50 (0xFFFFFFFFA2DB23E0, 0x1, 0xFFFFFFFF8054B10D, 0x0)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\WINDOWS\system32\ntkrnlpa.exe
product: Operační systém Microsoft® Windows®
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

On Sat 7.1.2012 6:04:51 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini010712-02.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0x22F43)
Bugcheck code: 0x50 (0xFFFFFFFFA2F53410, 0x1, 0xFFFFFFFF8054B168, 0x0)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\WINDOWS\system32\ntkrnlpa.exe
product: Operační systém Microsoft® Windows®
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

On Sat 7.1.2012 6:00:42 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini010712-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0x22F43)
Bugcheck code: 0x50 (0xFFFFFFFFA1096320, 0x1, 0xFFFFFFFFB7D292DA, 0x0)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\WINDOWS\system32\ntkrnlpa.exe
product: Operační systém Microsoft® Windows®
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

#4 Příspěvek od **Mc_Murphy** » 07 led 2012 09:50

OK. Minidumpy moc neumím, vydrž, pošlu sem kolegu. Obrázek

JudgeDeath · #5 Příspěvek od **JudgeDeath** » 07 led 2012 09:58

jo dik
tady je na edisku crashdump totalcmd,kterej mi nejde spustit a nevim proc.jiny aplikace jako Miranda,wow,mumble mi jedou.
http://www.edisk.cz/stahni/68453/b2bd_a ... .06KB.html

JudgeDeath · #6 Příspěvek od **JudgeDeath** » 07 led 2012 11:03

v nouzaku se mi povedlo nainstalovat aviru,ale uz ne update.Zase to hodilo error.Taky jsem zkusil shareware novej totalcmd a hlasi mi to ze totalcmd se chce ukoncit,protoze zjistil ze spousteci soubor je poskozenej a nejspis se jedna o virus...

JudgeDeath · #7 Příspěvek od **JudgeDeath** » 07 led 2012 13:30

povedlo se mi v nouzaku nainstalovat+aktualizovat aviru.Naslo to nejaky viry,ale moc to nepomohlo.Porad to hlasi ruzny errory

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dzadzded at 2012-01-07 13:28:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 844 MB (8%) free of 10 GB
Total RAM: 3583 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:58, on 7.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
C:\totalcmd\TOTALCMD.EXE
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Dzadzded\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Dzadzded.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=17284
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F3 - REG:win.ini: run=
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon0.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon0.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-796845957-1993962763-1417001333-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-796845957-1993962763-1417001333-1008\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'UpdatusUser')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IObit Toolbar Service (IObitBarService) - Unknown owner - C:\PROGRA~1\IObitBar\toolbar\1.bin\i0barsvc.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6391 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RegInOut Scheduled Scan - Dzadzded.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Dzadzded\Data aplikací\Mozilla\Firefox\Profiles\dvlcbgop.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IObitBar.com/Plugin]
"Description"=IObit Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.90]
"Description"=getPlus+(R)
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
np_gp.dll

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZon0.dll [2012-01-07 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZon0.dll [2012-01-07 2735200]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-10-08 16744256]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2011-10-08 1632360]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-09-23 258512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-05-20 724536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
F:\Utils\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dzadzded^Nabídka Start^Programy^Po spuštění^CurseClientStartup.ccip]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoInstrumentation"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"F:\Utils\MIranda\miranda32.exe"="F:\Utils\MIranda\miranda32.exe:*:Enabled:Miranda IM"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"F:\Utils\Miranda IM new\miranda32.exe"="F:\Utils\Miranda IM new\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\BlastShark\hellgate\BlastShark.exe"="C:\Program Files\BlastShark\hellgate\BlastShark.exe:*:Enabled:hellgate"
"C:\Program Files\ODEON\JAF\JCOP.EXE"="C:\Program Files\ODEON\JAF\JCOP.EXE:*:Enabled:JCOP"
"D:\Download\WoW-BurningCrusade-enGB-Installer-downloader.exe"="D:\Download\WoW-BurningCrusade-enGB-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"F:\Games\StarCraft II\StarCraft II.exe"="F:\Games\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"F:\Games\StarCraft II\Versions\Base19679\SC2.exe"="F:\Games\StarCraft II\Versions\Base19679\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-01-07 10:46:07 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Avira
2012-01-07 10:45:29 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2012-01-07 10:45:25 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2012-01-07 10:45:25 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2012-01-07 10:45:25 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2012-01-07 10:45:24 ----D---- C:\Program Files\Avira
2012-01-07 10:45:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2012-01-07 10:07:52 ----D---- C:\totalcmd
2012-01-07 10:07:52 ----A---- C:\WINDOWS\UC.PIF
2012-01-07 10:07:52 ----A---- C:\WINDOWS\RAR.PIF
2012-01-07 10:07:52 ----A---- C:\WINDOWS\PKZIP.PIF
2012-01-07 10:07:52 ----A---- C:\WINDOWS\PKUNZIP.PIF
2012-01-07 10:07:52 ----A---- C:\WINDOWS\NOCLOSE.PIF
2012-01-07 10:07:52 ----A---- C:\WINDOWS\LHA.PIF
2012-01-07 10:07:52 ----A---- C:\WINDOWS\ARJ.PIF
2012-01-07 07:50:04 ----SHD---- C:\WINDOWS\CSC
2012-01-07 06:44:58 ----D---- C:\rsit
2012-01-07 06:44:58 ----D---- C:\Program Files\trend micro
2011-12-27 01:45:02 ----A---- C:\WINDOWS\system32\CmiInstallResAll.dll
2011-12-27 01:45:01 ----A---- C:\WINDOWS\difxapi.dll
2011-12-26 02:36:06 ----N---- C:\WINDOWS\cmijack.ini
2011-12-26 02:36:06 ----A---- C:\WINDOWS\CMISETUP.INI
2011-12-26 02:36:06 ----A---- C:\WINDOWS\CMCDPLAY.INI
2011-12-24 03:00:22 ----A---- C:\WINDOWS\ipuninst.exe
2011-12-24 01:37:12 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\BabylonToolbar
2011-12-24 01:18:37 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2011-12-24 01:18:29 ----D---- C:\Program Files\Babylon
2011-12-24 01:14:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrszht.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrstr.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsth.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrssv.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrssl.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrssk.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsru.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrspt.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrspl.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsno.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsko.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsja.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsit.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrshu.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrshe.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrses.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrseng.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsel.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsde.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsda.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrscs.dll
2011-12-24 00:55:05 ----A---- C:\WINDOWS\system32\nvrsar.dll
2011-12-24 00:54:51 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2011-12-24 00:50:34 ----SHD---- C:\Config.Msi
2011-12-24 00:49:48 ----D---- C:\Program Files\WhoCrashed
2011-12-24 00:32:30 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-12-24 00:22:20 ----A---- C:\WINDOWS\system32\nvunrm.exe
2011-12-24 00:22:19 ----A---- C:\WINDOWS\system32\nvusmb.exe
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoZht.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoZhc.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoTr.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoTh.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoSv.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoSl.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoSk.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoRu.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoPtb.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoPt.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoPl.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoNo.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoNl.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoKo.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoJa.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoIt.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoHu.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoHe.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoFr.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoFi.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoEsm.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoEs.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoENU.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoEng.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoEl.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoDe.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoDa.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoCs.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\NvRCoAr.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\nvraiins.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\nvraidco.dll
2011-12-24 00:21:56 ----A---- C:\WINDOWS\system32\drivers\nvgts.sys
2011-12-24 00:21:54 ----A---- C:\WINDOWS\system32\nvconrm.dll
2011-12-24 00:21:54 ----A---- C:\WINDOWS\system32\drivers\nvnrm.sys
2011-12-24 00:21:54 ----A---- C:\WINDOWS\system32\drivers\nvnetbus.sys
2011-12-24 00:21:54 ----A---- C:\WINDOWS\system32\drivers\NVENETFD.sys
2011-12-24 00:21:49 ----A---- C:\WINDOWS\system32\fdco1.dll
2011-12-24 00:21:49 ----A---- C:\WINDOWS\system32\bdco1.dll
2011-12-24 00:11:23 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-12-24 00:11:22 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2011-12-24 00:11:22 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2011-12-24 00:11:21 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2011-12-23 23:46:27 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-12-23 23:35:00 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-12-23 23:06:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Backup
2011-12-23 22:49:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\RegInOut
2011-12-23 22:49:44 ----D---- C:\WINDOWS\RegInOut System Utilities
2011-12-23 22:49:30 ----D---- C:\Program Files\RegInOut
2011-12-22 19:10:12 ----D---- C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP
2011-12-22 17:16:30 ----D---- C:\Program Files\Microsoft.NET
2011-12-21 18:41:51 ----D---- C:\Program Files\GeMM
2011-12-20 18:19:45 ----A---- C:\WINDOWS\system32\drivers\LNonPnP.sys
2011-12-20 18:19:17 ----A---- C:\WINDOWS\system32\drivers\LBeepKE.sys
2011-12-20 18:18:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Logishrd
2011-12-20 18:18:39 ----D---- C:\Program Files\Common Files\Logishrd
2011-12-20 18:17:40 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Logitech
2011-12-20 18:17:40 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Logishrd

======List of files/folders modified in the last 1 month======

2012-01-07 13:28:56 ----D---- C:\WINDOWS\temp
2012-01-07 13:28:54 ----D---- C:\WINDOWS\system32\NtmsData
2012-01-07 13:13:02 ----A---- C:\WINDOWS\WINCMD.INI
2012-01-07 13:12:40 ----D---- C:\WINDOWS\Registration
2012-01-07 13:09:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-07 12:55:47 ----D---- C:\WINDOWS
2012-01-07 12:52:25 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-07 12:49:08 ----D---- C:\WINDOWS\Minidump
2012-01-07 10:53:29 ----D---- C:\Program Files\ODEON
2012-01-07 10:45:29 ----D---- C:\WINDOWS\system32\drivers
2012-01-07 10:45:24 ----RD---- C:\Program Files
2012-01-07 10:44:58 ----SHD---- C:\WINDOWS\Installer
2012-01-07 10:44:58 ----D---- C:\WINDOWS\system32
2012-01-07 10:40:50 ----D---- C:\Program Files\Mozilla Firefox
2012-01-07 10:40:17 ----D---- C:\Program Files\ZoneAlarm
2012-01-07 10:31:54 ----D---- C:\WINDOWS\system
2012-01-07 10:31:52 ----HD---- C:\WINDOWS\inf
2012-01-07 10:31:23 ----A---- C:\WINDOWS\mixerdef.ini
2012-01-07 10:29:14 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Skype
2012-01-07 10:27:37 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\uTorrent
2012-01-07 10:24:49 ----D---- C:\WINDOWS\Prefetch
2012-01-07 09:56:36 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Mumble
2012-01-07 08:35:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-01-07 08:35:07 ----A---- C:\WINDOWS\ntbtlog.txt
2012-01-07 08:20:34 ----SHD---- C:\System Volume Information
2012-01-07 08:20:34 ----D---- C:\WINDOWS\system32\Restore
2012-01-07 07:00:00 ----D---- C:\WINDOWS\WinSxS
2011-12-31 22:48:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-31 22:42:09 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-31 22:27:28 ----SH---- C:\boot.ini
2011-12-31 22:27:28 ----A---- C:\WINDOWS\win.ini
2011-12-31 22:27:28 ----A---- C:\WINDOWS\system.ini
2011-12-27 00:43:50 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Ventrilo
2011-12-27 00:43:21 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-12-27 00:41:39 ----D---- C:\Program Files\VideoLAN
2011-12-27 00:39:33 ----D---- C:\Program Files\Pando Networks
2011-12-27 00:33:00 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-12-27 00:28:25 ----D---- C:\WINDOWS\Help
2011-12-27 00:27:02 ----D---- C:\Program Files\Common Files
2011-12-27 00:10:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-27 00:07:53 ----D---- C:\Program Files\MultiRes
2011-12-26 22:44:38 ----D---- C:\WINDOWS\system32\DirectX
2011-12-24 22:51:04 ----D---- C:\Program Files\NVIDIA Corporation
2011-12-24 16:36:28 ----RSD---- C:\WINDOWS\assembly
2011-12-24 16:36:28 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-24 01:20:14 ----SD---- C:\WINDOWS\Tasks
2011-12-24 00:55:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-12-24 00:55:22 ----D---- C:\Documents and Settings
2011-12-23 23:24:22 ----D---- C:\WINDOWS\system32\config
2011-12-23 06:49:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-22 18:59:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2011-12-22 17:25:33 ----D---- C:\WINDOWS\system32\cs-cz
2011-12-22 17:16:43 ----D---- C:\WINDOWS\system32\en-us
2011-12-22 17:09:18 ----D---- C:\Documents and Settings\Dzadzded\Data aplikací\Adobe
2011-12-21 20:17:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-12-14 21:57:29 ----D---- C:\Program Files\Internet Explorer
2011-12-14 21:57:16 ----D---- C:\WINDOWS\ie7updates
2011-12-14 21:57:04 ----A---- C:\WINDOWS\imsins.BAK
2011-12-14 21:51:32 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-10 21:15:30 ----D---- C:\WINDOWS\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-06 691696]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-01-07 134856]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-17 26024]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-09-15 74640]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2011-09-02 12184]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-10-08 12791488]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-25 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-25 22016]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2008-07-23 15264]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 AsrCDDrv;AsrCDDrv; \??\C:\WINDOWS\system32\Drivers\AsrCDDrv.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Dzadzded\LOCALS~1\Temp\catchme.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys []
S3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys []
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Dzadzded\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2011-09-02 41240]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2011-09-02 39192]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2011-09-02 30360]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-12-02 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-10-01 47360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2008-07-23 47744]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-04-27 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-09-23 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-10-08 298304]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-08 2253120]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 IObitBarService;IObit Toolbar Service; C:\PROGRA~1\IObitBar\toolbar\1.bin\i0barsvc.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

#8 Příspěvek od **Roli** » 07 led 2012 22:19

Zdravím, nejdříve trochu uklidíme, protože bordelu je tam požehnaně.

Tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=17284
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F3 - REG:win.ini: run=
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon0.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon0.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O4 - HKUS\S-1-5-21-796845957-1993962763-1417001333-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-796845957-1993962763-1417001333-1008\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'UpdatusUser')
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)

HJT najdeš zde :

C:\Program Files\trend micro\Dzadzded.exe

Fix znamená že spustíš HJT Obrázek

jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Služba Google Update (gupdate)

IObit Toolbar Service

NVIDIA Update Service Daemon

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj vše od IObit, Pando Media Booster, Babylon

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

P.S. v mezičase stáhni MEMTEST

soubor rozbal a obraz (ISO) vypal jako z image CD, nikoliv jako data.

V Bios Setup do kterého se dostaneš při restartu mačkáním klávesy :

* DEL
* F2
* F1
* F10

záleží na PC, ale vždy je to na monitoru napsáno,

otevři nabídku ADVANCED BIOS FEATURES a vyhledej Boot Devices 0 až 4 nebo Boot Sequence.

Na první místo nastav CD-ROM,

na druhé pevný disk HDD, u obou položek bývá napsán i výrobce.

Stisknutím Save většinou je to F10 a potvrzením Entrem uložíš nastavení,

pak ještě stisknutím Save and Exit se dostaneš z Biosu.

Vlož CD z Memetestem do mechaniky a po restartu z něj PC nabootuje.

Test nech projet minimálně jednou, ideálně však několikrát třeba přes noc a s každým RAM modulem zvlášť.

Pak dej vědět jak to dopadlo

JudgeDeath · #9 Příspěvek od **JudgeDeath** » 07 led 2012 23:00

Nakonec mi PC spadl uplne(nenajel jsem ani do boot menu abych spustil nouzak).Nastesti jsem dulezity data zachranil predem...a ano bordelu tam bylo za cca 2.5 roku provozu toho systemu opravdu pozehnane

.
Dik za pomoc no po reinstalu PC to jede nadherne

#10 Příspěvek od **Roli** » 07 led 2012 23:06

I za kolegu není vůbec zač.

VIRY.CZ

prosim o pomoc-divne chovani pc

prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc

Re: prosim o pomoc-divne chovani pc