prosím o kontrolu logu po zapnutí pc resetování

[Pistas]

Zdravím poslední dobou mám problémy s počítačem je pomalejší a když ho poprvé zapnu nebo zrestartuju tak u okna s přihlašovacím systémem do winů se mě zresetuje pc sám od sebe podruhé už najede normálně.Tady je log poprosil bych o kontrolu jestli by to bylo možné.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-12-20 00:23:56
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 14 GB (6%) free of 230 GB
Total RAM: 2047 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:24:04, on 20.12.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\AASP\1.00.59\aaCenter.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\program files\valve\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Logitech\SetPointP\LU\LULnchr.exe
C:\Program Files\Logitech\SetPointP\LU\LogitechUpdate.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Plocha\DOWNLOAD\RSIT(4).exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1098640
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [ASUS Energy Saving] "C:\Program Files\ASUS\AI Suite\EnergySaving\PwSave.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Logitech . Registrace produktu.lnk = C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Logitech . Registrace produktu.lnk = C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (User 'Default user')
O4 - .DEFAULT Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: Logitech . Registrace produktu.lnk = C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SbPF.Launcher - Unknown owner - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10404 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1757981266-839522115-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1757981266-839522115-500UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-10 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-01-28 1413120]
"CPU Power Monitor"=C:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe [2008-01-09 627200]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"ASUS Energy Saving"=C:\Program Files\ASUS\AI Suite\EnergySaving\PwSave.exe [2008-01-28 1352704]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-03-21 1953792]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-04 102400]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-06-29 74752]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-08-09 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-06-26 1311312]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-09-10 2500552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"RoccatKone+"=C:\Program Files\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [2010-10-29 552960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"Steam"=c:\program files\valve\steam\steam.exe [2010-11-17 1242448]
"Google Update"=C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-05-07 136176]
"AdobeBridge"= []
"PlayNC Launcher"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe silent []
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
Logitech . Registrace produktu.lnk - C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-05-05 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\FlatOut2\FlatOut2.exe"="C:\Program Files\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2"
"C:\Program Files\Valve\Steam\SteamApps\common\r.u.s.e. beta\Ruse.exe"="C:\Program Files\Valve\Steam\SteamApps\common\r.u.s.e. beta\Ruse.exe:*:Enabled:R.U.S.E. Beta"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe"="C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2"
"C:\Program Files\WoW 332\World of Warcraft\Repair.exe"="C:\Program Files\WoW 332\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\Program Files\WoW 332\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\WoW 332\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\WoW 332\World of Warcraft\Launcher.exe"="C:\Program Files\WoW 332\World of Warcraft\Launcher.exe:*:Enabled:Launcher"
"C:\Program Files\WoW 322\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\WoW 322\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\WoW 322\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="C:\Program Files\WoW 322\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\WoW 322\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="C:\Program Files\WoW 322\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\WoW 332\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\WoW 332\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\WoW 332\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="C:\Program Files\WoW 332\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\WoW 332\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="C:\Program Files\WoW 332\World of Warcraft\www.vendetta-online.eu_-_WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Turbine\DDO Unlimited\dndclient.exe"="C:\Program Files\Turbine\DDO Unlimited\dndclient.exe:*:Enabled:dndclient"
"C:\Program Files\Cenega Czech\VIETCONG\vietcong.exe"="C:\Program Files\Cenega Czech\VIETCONG\vietcong.exe:*:Enabled:vietcong"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Valve\Steam\SteamApps\paulik83\team fortress 2\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\paulik83\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Valve\Steam\SteamApps\common\alien swarm\srcds.exe"="C:\Program Files\Valve\Steam\SteamApps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Documents and Settings\Administrator\Plocha\Di & AD's Repack V2\Core\TrinityRealm.exe"="C:\Documents and Settings\Administrator\Plocha\Di & AD's Repack V2\Core\TrinityRealm.exe:*:Enabled:TrinityRealm"
"C:\Documents and Settings\Administrator\Plocha\Di & AD's Repack V2\Core\TrinityCore.exe"="C:\Documents and Settings\Administrator\Plocha\Di & AD's Repack V2\Core\TrinityCore.exe:*:Enabled:TrinityCore"
"C:\Program Files\Valve\Steam\Steam.exe"="C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\League of Legends\Air\LolClient.exe"="C:\Program Files\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Program Files\League of Legends\Game\League of Legends.exe"="C:\Program Files\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"E:\Valve\hl.exe"="E:\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\common\stalker call of pripyat\bin\xrEngine.exe"="C:\Program Files\Valve\Steam\SteamApps\common\stalker call of pripyat\bin\xrEngine.exe:*:Enabled:X-Ray 1.6 Engine"
"C:\Documents and Settings\Administrator\Local Settings\Temp\7ZipSfx.000\CF_Downloader.exe"="C:\Documents and Settings\Administrator\Local Settings\Temp\7ZipSfx.000\CF_Downloader.exe:*:Enabled:PT2Downloader"
"C:\Program Files\Electronic Arts\Medal of Honor MP Open Beta\MoHMPUpdater.exe"="C:\Program Files\Electronic Arts\Medal of Honor MP Open Beta\MoHMPUpdater.exe:*:Enabled:Medal of Honor™ MP Open Beta"
"C:\Program Files\Electronic Arts\Medal of Honor MP Open Beta\MoHMPGame.exe"="C:\Program Files\Electronic Arts\Medal of Honor MP Open Beta\MoHMPGame.exe:*:Enabled:Medal of Honor: Multiplayer"
"C:\Program Files\Valve\Steam\SteamApps\paulik83\counter-strike source\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\paulik83\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Program Files\Valve\Steam\SteamApps\paulik83\day of defeat source\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\paulik83\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source"
"C:\Program Files\Electronic Arts\Medal of Honor\MP\mohmpgame.exe"="C:\Program Files\Electronic Arts\Medal of Honor\MP\mohmpgame.exe:*:Enabled:Medal of Honor: Multiplayer"
"E:\SMrt XP\313 WOW\World of Warcraft\Launcher.exe"="E:\SMrt XP\313 WOW\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"E:\SMrt XP\313 WOW\World of Warcraft\Launcher.patch.exe"="E:\SMrt XP\313 WOW\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe"="C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World"
"C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe"="C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient"
"C:\Program Files\StarCraft II\StarCraft II.exe"="C:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\StarCraft II\Versions\Base16755\SC2.exe"="C:\Program Files\StarCraft II\Versions\Base16755\SC2.exe:*:Enabled:StarCraft II"
"E:\SMrt XP\313 WOW\WoW 4.x.x\Launcher.exe"="E:\SMrt XP\313 WOW\WoW 4.x.x\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Documents and Settings\Administrator\Local Settings\Temp\FJ_Downloader.exe"="C:\Documents and Settings\Administrator\Local Settings\Temp\FJ_Downloader.exe:*:Enabled:FreeJack_Downloader"
"C:\Program Files\Valve\Steam\SteamApps\common\stalker call of pripyat\Stalker-COP.exe"="C:\Program Files\Valve\Steam\SteamApps\common\stalker call of pripyat\Stalker-COP.exe:*:Enabled:S.T.A.L.K.E.R.: Call of Pripyat"
"C:\Program Files\StarCraft II\Versions\Base16939\SC2.exe"="C:\Program Files\StarCraft II\Versions\Base16939\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe"="C:\Program Files\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\Program Files\Valve\Steam\SteamApps\common\poker night at the inventory\CelebrityPoker.exe"="C:\Program Files\Valve\Steam\SteamApps\common\poker night at the inventory\CelebrityPoker.exe:*:Enabled:Poker Night at the Inventory"
"E:\SMrt XP\313 WOW\WoW 4.x.x\Launcher.patch.exe"="E:\SMrt XP\313 WOW\WoW 4.x.x\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Valve\Steam\SteamApps\common\alien swarm\swarm.exe"="C:\Program Files\Valve\Steam\SteamApps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm"
"C:\Program Files\Valve\Steam\SteamApps\common\commandos behind enemy lines\Comandos.exe"="C:\Program Files\Valve\Steam\SteamApps\common\commandos behind enemy lines\Comandos.exe:*:Enabled:Commandos: Behind Enemy Lines"
"C:\Program Files\Valve\Steam\SteamApps\common\commandos behind enemy lines\readme.doc"="C:\Program Files\Valve\Steam\SteamApps\common\commandos behind enemy lines\readme.doc:*:Enabled:Commandos: Behind Enemy Lines"
"C:\Program Files\Valve\Steam\SteamApps\common\commandos 2 men of courage\comm2.exe"="C:\Program Files\Valve\Steam\SteamApps\common\commandos 2 men of courage\comm2.exe:*:Enabled:Commandos 2: Men of Courage"
"C:\Program Files\Valve\Steam\SteamApps\common\commandos 2 men of courage\Readme.rtf"="C:\Program Files\Valve\Steam\SteamApps\common\commandos 2 men of courage\Readme.rtf:*:Enabled:Commandos 2: Men of Courage"
"C:\Program Files\Valve\Steam\SteamApps\common\commandos 3 destination berlin\commandos3.exe"="C:\Program Files\Valve\Steam\SteamApps\common\commandos 3 destination berlin\commandos3.exe:*:Enabled:Commandos 3: Destination Berlin"
"C:\Program Files\Valve\Steam\SteamApps\common\commandos 3 destination berlin\readme.rtf"="C:\Program Files\Valve\Steam\SteamApps\common\commandos 3 destination berlin\readme.rtf:*:Enabled:Commandos 3: Destination Berlin"
"E:\WOWKA\safasfa\WoW-3.3.5.12340-x86-Win-enGB-BKGND-downloader.exe"="E:\WOWKA\safasfa\WoW-3.3.5.12340-x86-Win-enGB-BKGND-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\Launcher.patch.exe"="C:\Program Files\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Valve\Steam\SteamApps\common\commandos beyond the call of duty\coman_mp.exe"="C:\Program Files\Valve\Steam\SteamApps\common\commandos beyond the call of duty\coman_mp.exe:*:Enabled:Commandos: Beyond the Call of Duty"
"C:\Program Files\Valve\Steam\SteamApps\common\commandos beyond the call of duty\Tutorial.exe"="C:\Program Files\Valve\Steam\SteamApps\common\commandos beyond the call of duty\Tutorial.exe:*:Enabled:Commandos: Beyond the Call of Duty"
"C:\Program Files\Valve\Steam\SteamApps\common\dotp demo\DotP.exe"="C:\Program Files\Valve\Steam\SteamApps\common\dotp demo\DotP.exe:*:Enabled:Magic: The Gathering - Duels of the Planeswalkers Demo"
"C:\Program Files\Valve\Steam\SteamApps\common\beat hazard\BeatHazard.exe"="C:\Program Files\Valve\Steam\SteamApps\common\beat hazard\BeatHazard.exe:*:Enabled:Beat Hazard"
"C:\Program Files\Valve\Steam\SteamApps\common\killingfloor\System\KillingFloor.exe"="C:\Program Files\Valve\Steam\SteamApps\common\killingfloor\System\KillingFloor.exe:*:Enabled:Killing Floor"
"C:\Program Files\Valve\Steam\SteamApps\paulik83\garrysmod\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\paulik83\garrysmod\hl2.exe:*:Enabled:Garry's Mod"
"C:\Program Files\Valve\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe"="C:\Program Files\Valve\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2010-12-19 23:55:41 ----D---- C:\Program Files\free-downloads.net
2010-12-19 23:54:58 ----D---- C:\Program Files\Alcohol Soft
2010-12-19 23:25:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-12-19 02:31:50 ----D---- C:\Program Files\uTorrent
2010-12-19 02:30:36 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2010-12-14 21:31:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Beat Hazard
2010-12-10 04:39:03 ----D---- C:\Program Files\World of Warcraft
2010-12-08 18:17:49 ----D---- C:\Program Files\Commandos
2010-12-03 21:07:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\ROCCAT
2010-12-03 21:06:37 ----D---- C:\Program Files\ROCCAT
2010-12-03 18:23:52 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2010-12-03 18:23:48 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-12-03 15:09:34 ----RHD---- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
2010-12-03 14:31:27 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\SecuROM
2010-12-03 14:19:58 ----D---- C:\Program Files\2K Games
2010-12-03 14:18:37 ----D---- C:\Program Files\DIFX
2010-12-03 14:18:32 ----D---- C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2010-12-02 17:23:43 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2010-12-02 17:23:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-12-02 17:23:37 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-12-02 17:23:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-02 17:23:34 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-12-02 16:34:13 ----SD---- C:\ComboFix
2010-12-02 14:46:42 ----A---- C:\WINDOWS\zip.exe
2010-12-02 14:46:42 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-12-02 14:46:42 ----A---- C:\WINDOWS\SWSC.exe
2010-12-02 14:46:42 ----A---- C:\WINDOWS\SWREG.exe
2010-12-02 14:46:42 ----A---- C:\WINDOWS\sed.exe
2010-12-02 14:46:42 ----A---- C:\WINDOWS\PEV.exe
2010-12-02 14:46:42 ----A---- C:\WINDOWS\NIRCMD.exe
2010-12-02 14:46:42 ----A---- C:\WINDOWS\MBR.exe
2010-12-02 14:46:42 ----A---- C:\WINDOWS\grep.exe
2010-12-02 14:45:58 ----D---- C:\WINDOWS\ERDNT
2010-12-02 14:44:14 ----D---- C:\Qoobox
2010-12-02 00:36:12 ----D---- C:\Program Files\COMODO
2010-12-02 00:26:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2010-12-02 00:20:44 ----RA---- C:\WINDOWS\system32\drivers\SbFw.sys
2010-12-02 00:20:44 ----A---- C:\WINDOWS\system32\drivers\SbFwIm.sys
2010-12-02 00:11:05 ----D---- C:\Program Files\Zone Labs
2010-12-02 00:10:53 ----D---- C:\WINDOWS\Internet Logs
2010-12-01 22:18:03 ----D---- C:\Program Files\trend micro
2010-12-01 22:18:02 ----D---- C:\rsit
2010-12-01 22:02:23 ----D---- C:\Program Files\CCleaner
2010-12-01 15:30:10 ----D---- C:\Documents and Settings\Administrator\Data aplikací\XRay Engine

======List of files/folders modified in the last 1 months======

2010-12-20 00:24:03 ----D---- C:\WINDOWS\Prefetch
2010-12-20 00:21:01 ----D---- C:\WINDOWS\Temp
2010-12-20 00:20:13 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2010-12-20 00:19:57 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2010-12-20 00:18:47 ----D---- C:\Program Files\Common Files\Akamai
2010-12-20 00:18:31 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-20 00:18:22 ----SHD---- C:\WINDOWS\CSC
2010-12-20 00:18:19 ----D---- C:\WINDOWS
2010-12-20 00:17:08 ----RD---- C:\Program Files
2010-12-20 00:14:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-19 23:55:37 ----D---- C:\WINDOWS\system32
2010-12-19 19:22:43 ----D---- C:\Program Files\League of Legends
2010-12-15 10:54:56 ----D---- C:\WINDOWS\system32\config
2010-12-15 10:50:52 ----D---- C:\WINDOWS\Minidump
2010-12-12 16:46:41 ----HD---- C:\WINDOWS\msdownld.tmp
2010-12-12 16:41:17 ----HD---- C:\WINDOWS\inf
2010-12-11 04:00:39 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-12-10 04:43:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
2010-12-10 03:13:37 ----D---- C:\Program Files\Mozilla Firefox
2010-12-07 01:34:58 ----A---- C:\WINDOWS\AviSplitter.INI
2010-12-04 18:07:39 ----SHD---- C:\WINDOWS\Installer
2010-12-04 18:07:39 ----HD---- C:\Config.Msi
2010-12-04 18:07:25 ----D---- C:\WINDOWS\system32\DirectX
2010-12-04 18:06:51 ----RSD---- C:\WINDOWS\assembly
2010-12-03 21:06:37 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-03 18:23:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-03 18:23:53 ----D---- C:\WINDOWS\system32\drivers
2010-12-03 14:18:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-12-03 14:18:34 ----RSH---- C:\boot.ini
2010-12-03 14:18:27 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-03 14:18:20 ----D---- C:\WINDOWS\WinSxS
2010-12-02 16:45:48 ----D---- C:\WINDOWS\AppPatch
2010-12-02 16:45:46 ----D---- C:\Program Files\Common Files
2010-12-02 05:10:53 ----D---- C:\Program Files\Common Files\Adobe
2010-12-02 05:10:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-12-02 05:10:40 ----D---- C:\Program Files\Adobe
2010-11-27 08:31:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ
2010-11-27 02:44:55 ----D---- C:\Program Files\ICQ7.2
2010-11-26 12:55:32 ----D---- C:\Program Files\StarCraft II

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2010-09-10 91560]
R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2007-03-24 46208]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-18 12400]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-09-10 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-09-10 25240]
R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2010-03-18 10448]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-05-05 4807680]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-27 4395008]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-18 31616]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-07-12 12416]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2007-07-19 22296]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-08-05 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-24 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-24 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-24 21568]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2007-07-19 1920920]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-07-19 41752]
S3 LVUVC;Logitech QuickCam Pro 5000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-07-19 3599000]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-05-05 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-09-10 1901056]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-10 153376]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-10-12 75064]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 293456]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Nic nebezpečného nevidím. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[Pistas]

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 5317

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

21.12.2010 0:29:59
mbam-log-2010-12-21 (00-29-56).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 370180
Uplynulý čas: 2 hodin, 32 minut, 25 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\administrator\Plocha\DOWNLOAD\ventrilo-2.1.4-windows-i386.exe (Trojan.Dropper) -> No action taken.

Asi smazat že?A zajímalo by mě co ten Trojan.Dropper dělá ?

[Rudy]

Zkuste ten soubor otestovat online na www.virustotal.com. Možná jde o falešnou detekci.

[Pistas]

Tak já nevím .. File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:
MD5: 08e6b7d81e5faf8cb9d69e7931de66d5
Date first seen: 2007-06-16 17:04:03 (UTC)
Date last seen: 2010-12-21 14:36:27 (UTC)
Detection ratio: 0/42


stejne ten program je myslím instalacka ventrilla tak je to jedno jestli to smaznu nebo ne?

[Rudy]

stejne ten program je myslím instalacka ventrilla....

Tak jest. Jen jsem si chtěl být jistý. MBAM je solidní skener, občas ale mívá falešné detekce. Zkuste obnovu systému k datu, kdy korektně fungoval.

[Pistas]

To jsem zkoušel ale furt mě to hazí na první spuštění ten restart?Může být chyba i v hardwaru?Protože jinak mě nic nenapadá vlastně neco možná jo je to tak 2 tydny z5 spuštel jsem combofix kterej nejak zamrzl a proste nechtel jet musel sem po 11 hodinach uz ten pocitac vypnout a od te doby se mi zda ze to začlo delat.

[Rudy]

.....je to tak 2 tydny z5 spuštel jsem combofix kterej nejak zamrzl a proste nechtel jet musel sem po 11 hodinach uz ten pocitac vypnout.....

Tohle by mohlo být vysvětlení. Takto se s CF nezachází, mohl vám při tvrdém resetu "nakopnout" systém. Zkuste opravu z instal. CD.

[Pistas]

Jo to je mě jasný ale to jako nebyl umysl zapnul jsem ho podle pokynu a vsecko ale u nejakej te sekce 43 nebo co se me to seklo, myslel jsem si že to je třeba na dýl ale po 10 hodinách se to ani nepohlo a to uz sem pocitac musel vypnout.

[Rudy]

To ano. Záleží na tom, v které fázi se sken "kousne". Pokud CF něco v ten moment nedokončil, může se systém poškodit. To je zkrátka riziko. Nicméně je dobré dát sem na fórum sken RSIT, podle kterého rádce pozná, co použít jako další prostředek. Tak se lze někdy vyvarovat nepředvídatelným následkům.

[Pistas]

JO však po poradě s vaším kolegou jsem spustil podle pokynů combofix a je mě jasný že on za to nemůže ale prostě od té doby mě dělá ten počítač větši bordel než předtím..tak aspon že jsme bez virů aspon myslím.Zítra to zkusim opravit

[Rudy]

Njn, stane se. Přeji hodně úspěchů!

[MiliNess]

Dobrý večer, omlouvám se za vstup.
Koukal jsem výpisy paměti a chybu způsobí kombinace
Avast (aswTdi.sys), Comodo Firewall (cmdhlp.sys) a Sunbelt Personal Firewall (SbFw.sys).
Každý z těchto programů používá ovladače filtru, které jsou pod sebou zavěšeny na ovladač afd.sys a filtrují síťový provoz.
Tato kombinace prostě dělá problémy.
Ovladače se dorozumívají tak, že si předávají tzv. IRP pakety (vstupně/výstupní požadavky)
Ovladač afd.sys vytváří IRP pakety, které odesílá ovladačům protokolů (např. tcp.sys).
Mezi ovladačem afd.sys a ovladačem protokolu máte ale nainstalovány další tři ovladače filtru (aswTdi.sys, cmdhlp.sys, SbFw.sys) kterými ten paket musí projít.
S tím ale ovladač afd.sys nepočítá a vytvoří paket který není dostatečně velký pro průchod třemi filtry.
Jedná se o podobnou chybu, kterou dělal ve Windows XP ovladač mup.sys, pokud byly v systému nainstalovány tři filtry souborového systému (např. antiviry)
Mělo by vám pomoci odinstalování jedenoho z těch tří programů.
Osobně vám radím - nepoužívejte dva firewally.
Kromě problémů, dvěma firewally nemůžete nic získat.

[Pistas]

Díky , ale pokud vím sunbelt už jsem oddinstaloval par tydnu z5
Ale možna tam v jednu chvílu byly oba naráz ale ted je odinstalovaný

[MiliNess]

Nevím jak jste to odinstalovával, nicméně v době posledního pádu 26. prosince 2010 ve 14:56:48.031 byl ovladač Sunbeltu (SbFw.sys) zavedený a spuštěný. Tady vám 100% garantuji, že alespoň jeho část je ještě v systému.
Můžete ho vidět zavedený a spuštěný i ve svém logu z 20.12.2010:
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]

K chybě pak došlo z důvodů, které jsem vám napsal.