VIRY.CZ

Ahoj,
Mam uplne neprijemnej problem, kterej mk zabranuje pouzivat pc.
Pustim ho, je to chvili pohode, nez neco zapnu. Zapnu napr. Internet nebo itunes a bezi to v poradku, nicmene se to po chvili zacne ukrutne sekat. Aplikace bud prestane odpovidat (napr. Google Chrome, nebo iTunes) pripadne se pocitac prepne do xp vizualizace (tedy vypne aero)
Nebo napise:
Cfupdat.exe - application error
The instruction at 0x0045cff9 referenced memory .....
Click ok to terminate the program

A COMODO se to snazi isolovat a pise, ze se MpCmdRun.exe snazi modify program, nebo neco...
Pak dostanu BSOD s kernel internal errorem, pc se restartne a rekne, ze nemam vlozenej zadnej hdd. Tak ho vypnu, znova zapnu a je to cely odznova.
Ani nemam jak udelat nejakej log, cely to takhle blbne:/
Prosim pomozte, diky!

EDIT:
jsem v safe modu with networking a PC se nevypina!

prikladam RSIT log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by c at 2011-03-26 22:14:32
Microsoft Windows 7 Ultimate
System drive C: has 213 GB (70%) free of 302 GB
Total RAM: 3070 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:14:44, on 26.03.11
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c\Desktop\Apps\RSIT.exe
C:\Program Files\trend micro\c.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=102866&l=dis&gct=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: gs.apple.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MoRUN.net Sticker Lite] C:\Program Files\MoRUN.net\StickerLite\sticker.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{607F11ED-D6FF-4756-B2D7-19A9A30735D7}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3F8693E-5C1F-471A-A9FA-95E3647160C8}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{607F11ED-D6FF-4756-B2D7-19A9A30735D7}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{607F11ED-D6FF-4756-B2D7-19A9A30735D7}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 5871 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1250615672-1310049006-2949046049-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1250615672-1310049006-2949046049-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-10 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E9FAB13D-4600-49E1-90D1-EE961C859D39} - HopSurf toolbar - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll [2011-01-30 1331392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-01-27 1312848]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-02-08 2548552]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-03-07 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]
"MoRUN.net Sticker Lite"=C:\Program Files\MoRUN.net\StickerLite\sticker.exe [2010-07-26 451072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Club World Casinos]
C:\Program Files\Club World Casinos\casino.exe [2010-09-29 30720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2011-01-31 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-01-29 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-13 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-03-26 22:11:34 ----A---- C:\Windows\ntbtlog.txt
2011-03-26 20:34:45 ----D---- C:\Windows\system32\%LOCALAPPDATA%
2011-03-25 16:45:01 ----D---- C:\Program Files\iPod
2011-03-25 16:45:00 ----D---- C:\Program Files\iTunes
2011-03-25 16:41:29 ----SHD---- C:\Config.Msi
2011-03-11 18:55:29 ----D---- C:\Program Files\Mozilla Firefox
2011-03-11 12:26:34 ----D---- C:\Users\c\AppData\Roaming\TeamViewer
2011-03-11 12:24:54 ----D---- C:\Program Files\TeamViewer
2011-03-08 16:51:27 ----A---- C:\Windows\system32\FntCache.dll
2011-03-08 16:51:27 ----A---- C:\Windows\system32\DWrite.dll
2011-03-08 16:51:26 ----A---- C:\Windows\system32\d2d1.dll
2011-03-08 16:50:27 ----A---- C:\Windows\system32\EncDec.dll
2011-03-08 16:50:27 ----A---- C:\Windows\system32\CPFilters.dll
2011-03-08 16:50:26 ----A---- C:\Windows\system32\sbe.dll
2011-03-08 16:50:11 ----A---- C:\Windows\system32\mstscax.dll
2011-03-08 16:50:10 ----A---- C:\Windows\system32\mstsc.exe
2011-03-07 21:11:07 ----D---- C:\Users\c\AppData\Roaming\Trillian
2011-03-07 21:10:38 ----D---- C:\Program Files\Trillian
2011-03-07 19:09:50 ----D---- C:\Users\c\AppData\Roaming\FileZilla
2011-03-07 19:09:45 ----D---- C:\Program Files\FileZilla FTP Client
2011-03-06 23:41:50 ----A---- C:\Windows\UC.PIF
2011-03-06 23:41:50 ----A---- C:\Windows\RAR.PIF
2011-03-06 23:41:50 ----A---- C:\Windows\PKZIP.PIF
2011-03-06 23:41:50 ----A---- C:\Windows\PKUNZIP.PIF
2011-03-06 23:41:50 ----A---- C:\Windows\NOCLOSE.PIF
2011-03-06 23:41:50 ----A---- C:\Windows\LHA.PIF
2011-03-06 23:41:50 ----A---- C:\Windows\ARJ.PIF
2011-03-06 23:41:49 ----D---- C:\Users\c\AppData\Roaming\GHISLER
2011-03-06 23:41:49 ----D---- C:\totalcmd
2011-03-06 19:18:27 ----A---- C:\Windows\system32\tsccvid.dll
2011-03-06 19:18:24 ----D---- C:\Windows\system32\QuickTime
2011-03-06 19:17:06 ----D---- C:\Program Files\Common Files\TechSmith Shared
2011-03-06 19:17:04 ----D---- C:\ProgramData\TechSmith
2011-03-06 19:17:04 ----D---- C:\Program Files\TechSmith
2011-03-06 18:48:13 ----D---- C:\Program Files\Club World Casinos
2011-03-06 13:15:39 ----D---- C:\Program Files\WPF Toolkit
2011-03-06 13:14:45 ----D---- C:\Program Files\Microsoft SDKs
2011-03-06 13:14:24 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-03-06 13:12:24 ----D---- C:\Program Files\Microsoft Expression
2011-03-06 02:12:39 ----D---- C:\Program Files\FBP - Facebook Blaster Pro
2011-03-05 18:45:40 ----A---- C:\Windows\ODBC.INI
2011-03-03 18:24:33 ----D---- C:\Users\c\AppData\Roaming\PDF Writer
2011-03-03 18:24:33 ----D---- C:\ProgramData\PDF Writer
2011-03-03 17:50:09 ----D---- C:\Program Files\Common Files\Bullzip
2011-03-03 17:50:09 ----A---- C:\Windows\system32\bzDCT.dll
2011-03-03 17:50:08 ----A---- C:\Windows\system32\bzpdfc.dll
2011-03-03 17:50:08 ----A---- C:\Windows\system32\bzFlRdr.dll
2011-03-03 17:50:05 ----A---- C:\Windows\system32\bzpdf.dll
2011-03-03 17:49:56 ----D---- C:\Program Files\Bullzip

======List of files/folders modified in the last 1 months======

2011-03-26 22:14:36 ----D---- C:\Program Files\trend micro
2011-03-26 22:11:34 ----D---- C:\Windows
2011-03-26 22:09:03 ----D---- C:\Windows\Prefetch
2011-03-26 22:08:30 ----D---- C:\Windows\Temp
2011-03-26 22:05:19 ----D---- C:\ProgramData\NVIDIA
2011-03-26 21:48:54 ----D---- C:\Users\c\AppData\Roaming\Skype
2011-03-26 20:34:45 ----D---- C:\Windows\System32
2011-03-26 20:22:47 ----D---- C:\Windows\system32\config
2011-03-26 19:23:34 ----SHD---- C:\System Volume Information
2011-03-26 18:53:59 ----D---- C:\Users\c\AppData\Roaming\skypePM
2011-03-26 02:38:42 ----D---- C:\Users\c\AppData\Roaming\ICQ
2011-03-25 17:34:17 ----D---- C:\Windows\system32\catroot
2011-03-25 16:46:39 ----SHD---- C:\Windows\Installer
2011-03-25 16:45:01 ----RD---- C:\Program Files
2011-03-25 16:45:01 ----D---- C:\Program Files\Common Files\Apple
2011-03-25 16:43:43 ----D---- C:\Windows\inf
2011-03-25 16:42:25 ----D---- C:\Windows\system32\DriverStore
2011-03-25 16:42:12 ----D---- C:\Windows\system32\drivers
2011-03-25 10:48:22 ----SHD---- C:\Users\c\AppData\Roaming\.#
2011-03-25 10:48:13 ----D---- C:\Program Files\BetVoyager Online Casino
2011-03-20 03:38:46 ----D---- C:\Windows\system32\catroot2
2011-03-14 18:44:02 ----D---- C:\Windows\system32\NDF
2011-03-11 19:28:59 ----D---- C:\Program Files\Steam
2011-03-11 18:56:45 ----D---- C:\Users\c\AppData\Roaming\Mozilla
2011-03-11 13:43:34 ----D---- C:\Windows\debug
2011-03-11 13:42:30 ----D---- C:\Program Files\CCleaner
2011-03-10 16:17:35 ----D---- C:\Program Files\Internet Explorer
2011-03-08 22:48:33 ----D---- C:\Windows\winsxs
2011-03-08 20:55:40 ----A---- C:\Windows\system32\MRT.exe
2011-03-08 20:55:25 ----D---- C:\ProgramData\Microsoft Help
2011-03-08 12:19:29 ----D---- C:\Windows\Microsoft.NET
2011-03-08 12:19:28 ----RSD---- C:\Windows\assembly
2011-03-07 19:33:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-06 23:58:26 ----D---- C:\Program Files\Microsoft Works
2011-03-06 19:17:06 ----D---- C:\Program Files\Common Files
2011-03-06 19:17:04 ----D---- C:\ProgramData
2011-03-06 13:27:24 ----SD---- C:\Users\c\AppData\Roaming\Microsoft
2011-03-06 13:27:24 ----SD---- C:\ProgramData\Microsoft
2011-03-06 13:16:04 ----RSD---- C:\Windows\Fonts
2011-03-06 13:13:42 ----D---- C:\Windows\Logs
2011-03-06 12:59:34 ----D---- C:\Windows\SoftwareDistribution
2011-03-06 11:47:10 ----D---- C:\Program Files\Microsoft Silverlight
2011-03-06 02:46:21 ----D---- C:\Users\c\AppData\Roaming\DAEMON Tools Lite
2011-03-05 18:44:47 ----D---- C:\Program Files\Common Files\microsoft shared
2011-03-05 18:44:44 ----D---- C:\Windows\IME
2011-03-05 18:44:00 ----D---- C:\Program Files\Microsoft Office
2011-03-05 18:41:55 ----D---- C:\Windows\system

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-13 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2011-02-08 17256]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-02-08 35768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-02-08 80064]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-25 155136]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-11-10 35984]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-19 691696]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-02-08 236600]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-13 70720]
S3 ALSysIO;ALSysIO; \??\C:\Users\c\AppData\Local\Temp\ALSysIO.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-13 53312]
S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-01 44432]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-11-10 37392]
S3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-10 235648]
S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-03-05 7424]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-13 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-13 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-13 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-13 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-07 330240]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-13 28224]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-10-14 32000]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-13 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-13 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920]
S3 WinRing0_1_1_1;WinRing0_1_1_1; \??\C:\Users\c\Desktop\Apps\RealTemp_2.70\RealTemp_2.70\WinRing0.sys [2008-01-27 13904]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-13 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
S2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-08-29 73728]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-02-08 1803224]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
S2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-07 102400]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-01 2296696]
S2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-10 136120]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 820520]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-01-29 292944]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-03 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-19 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------


koukam, ze to ukazuje to pridani toho gs.apple.com, to jsem delal vcera (Stejne to bylo k nicemu).. zkusim to dat pryc, nevim jestli to s tim vsak ma souvislost..

Akorat co se mi podarilo je to procistit ccleanerem, nicmene to nic nevyresilo.
Taky jsem vyndal a zandal disk, vse procistil, profoukal stlacenym vzduchem a zadna zmena:(

Kernel data inlage error mi napise na BSOD

aaaargh, to je k zblazneni se.. Hlavne kdyz clovek nutne potrebuje pocitac...Zkusim safe mode

Mimochodem, mam dell laptop a win 7..
Comodo komplet a pravidelne pc cistim ccleanerem

Jinak beru to zpet, deje se to samy po chvilce i v tom safe modu..

ten gs.apple.com z
windows/system32/drivers/etc/hosts jsem uz smazal a neni to tam, nevim, jestli to s tim ma nejakou souvislost


Edit: Kdybyste nekdo vedel jak to vyresit az se rano probudim (nachazim se v los angeles, takze tu mam o 9h mene) tak bych byl vazne moc vdecny. Nemam totiz jinak kde napsat esej a to je celkem problem

na rychlo se mi podaril udelat MBAM log:


Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Database version: 6179

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

26.03.11 23:25:31
mbam-log-2011-03-26 (23-25-25).txt

Scan type: Quick scan
Objects scanned: 147168
Time elapsed: 16 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\c\downloads\clubworld.exe (PUP.Casino) -> No action taken.


to casino jsem smazal, tim to neni

Zdravím

Zazálohujte si data

Co našel mbam, smažte.

Zkoušel jste obnovu systému?

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V


Podívejte se, jestli se ve složce C:\WINDOWS\Minidump
nejsou nějaké soubory, pokud ano, dejte je do zipu a pošlete na http://www.leteckaposta.cz, link vložte zde.


Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript: - zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde


Budu tu večer

----------------------------------------------------------------------------
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition [6.1 Build 7600] (x86)
Date : 2011/03/27 2:18:35

-- Controller Map ----------------------------------------------------------
- Ricoh xD-Picture Card Controller [ATA]
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
- ATA Channel 0 (0)
- Ricoh Memory Stick Controller [ATA]
+ Standard AHCI 1.0 Serial ATA Controller [ATA]
+ ATA Channel 0 (0)
- SAMSUNG HM320JI ATA Device
- ATA Channel 2 (2)
- Ricoh MMC Host Controller [ATA]
+ ATA Channel 0 (0) [ATA]
- TSSTcorp DVD+-RW TS-L632H ATA Device

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HM320JI : 320.0 GB [0-1-0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HM320JI
----------------------------------------------------------------------------
Model : SAMSUNG HM320JI
Firmware : 2SS00_01
Serial Number : S19FJD0Q421974
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : SATA/150
Power On Hours : 84 hours
Power On Count : 3206 count
Temparature : 35 C (95 F)
Health Status : Caution
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : FE80h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 0000000048EE Read Error Rate
03 252 252 _25 0000000009C4 Spin-Up Time
04 _75 _75 __0 00000003EC3B Start/Stop Count
05 _86 _86 _10 000000000089 Reallocated Sectors Count
09 _81 _81 __0 000000002766 Power-On Hours
0C _97 _97 __0 000000000C86 Power Cycle Count
BF __2 __2 __0 0000000F423F G-Sense Error Rate
C0 100 100 __0 000000000116 Power-off Retract Count
C2 133 _67 __0 003900050023 Temperature
C4 100 100 __0 00000008C670 Reallocation Event Count
C5 100 100 __0 000000001AEA Current Pending Sector Count
C6 100 100 __0 0000000057E3 Uncorrectable Sector Count
C7 252 252 __0 000000000000 UltraDMA CRC Error Count
C8 252 252 __0 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 88 56 02 2A 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 53 31 39 46 4A 44
020: 30 51 34 32 31 39 37 34 00 03 40 00 00 04 32 53
030: 53 30 30 5F 30 31 53 41 4D 53 55 4E 47 20 48 4D
040: 33 32 30 4A 49 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 08 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 02 00 00 00 4C 00 40
0A0: 01 FE 00 1E 74 6B 7F 09 61 23 74 69 BE 01 61 23
0B0: 20 FF 00 3A 00 3A 00 80 FF FE 00 00 FE 80 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 F0 00 00 31 96 A4 01
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1E
0F0: 40 1E 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 FF FF 04 00 97 00 00 00
120: 00 00 9A 00 03 00 24 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0F 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 04 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AA A5


minidump:
http://leteckaposta.cz/644632604

OTL logfile created on: 27.03.11 02:29:08 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\c\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd.MM.yy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 75.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 295.04 Gb Total Space | 207.42 Gb Free Space | 70.30% Space Free | Partition Type: NTFS

Computer Name: C-PC | User Name: c | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.03.27 02:20:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\c\Desktop\OTL.exe
PRC - [2011.02.08 15:38:12 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010.12.31 10:40:26 | 001,002,456 | ---- | M] (Crystal Dew World) -- C:\Program Files\CrystalDiskInfo\DiskInfo.exe
PRC - [2010.02.19 17:00:24 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
PRC - [2009.10.30 21:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.13 17:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe


========== Modules (SafeList) ==========

MOD - [2011.03.27 02:20:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\c\Desktop\OTL.exe
MOD - [2010.08.20 21:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.03.01 06:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.02.08 15:37:55 | 001,803,224 | ---- | M] (COMODO) [Auto | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.12.19 20:16:49 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.10.16 02:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.08.24 01:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.02.19 17:00:24 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2010.01.29 13:17:14 | 000,292,944 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.07.16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.07.13 17:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.13 17:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.13 17:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.07 01:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007.08.29 04:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV - [2011.02.08 15:40:59 | 000,080,064 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.02.08 15:40:58 | 000,035,768 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.02.08 15:40:58 | 000,017,256 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2011.02.08 15:40:57 | 000,236,600 | ---- | M] (COMODO) [File_System | System | Stopped] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010.12.19 11:15:11 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.16 10:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.07.01 17:52:18 | 000,044,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2009.11.10 03:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.11.10 03:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.10.14 19:08:32 | 000,032,000 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009.07.13 17:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.13 17:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.13 17:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.13 15:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.13 15:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.13 15:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.13 14:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2008.01.27 23:02:40 | 000,013,904 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- C:\Users\c\Desktop\Apps\RealTemp_2.70\RealTemp_2.70\WinRing0.sys -- (WinRing0_1_1_1)
DRV - [2007.10.10 08:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007.09.07 01:26:04 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.06.25 09:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.03.05 01:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2006.11.14 15:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006.11.14 10:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.14 08:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.09.24 05:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [1996.04.03 11:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=102866&l=dis&gct=hp
IE - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 03 7A AF E8 AB 9F CB 01 [binary data]
IE - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.11 18:56:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.11 18:55:31 | 000,000,000 | ---D | M]

[2011.03.11 18:56:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\mozilla\Extensions
[2011.01.10 11:32:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.03.11 18:56:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\mozilla\Firefox\Profiles\k5vztrbn.default\extensions
[2011.03.11 18:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2011.03.26 22:26:41 | 000,000,025 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (HopSurf toolbar) - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\COMODO\HopSurfToolbar\HopSurfToolbar_IE.dll (Comodo Group, Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001..\Run: [MoRUN.net Sticker Lite] C:\Program Files\MoRUN.net\StickerLite\sticker.exe (MoRUN.net)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\COMODO\HopSurfToolbar\HopSurfToolbar_IE.dll (Comodo Group, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.03.27 02:20:02 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\c\Desktop\OTL.exe
[2011.03.27 02:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2011.03.27 02:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.03.27 02:17:34 | 002,774,960 | ---- | C] (Crystal Dew World ) -- C:\Users\c\Desktop\CrystalDiskInfo3_10_0.exe
[2011.03.26 22:56:13 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.03.26 20:42:56 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\School
[2011.03.26 20:34:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
[2011.03.25 16:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.03.25 16:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.03.25 16:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.03.25 16:41:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.03.25 16:40:17 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\1st day iphone pics
[2011.03.25 16:32:14 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\iphone 4
[2011.03.18 16:46:09 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\ipad
[2011.03.14 21:26:06 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\blackjack page
[2011.03.11 18:56:45 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Mozilla
[2011.03.11 18:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.03.11 18:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011.03.11 12:26:34 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\TeamViewer
[2011.03.11 12:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011.03.08 16:51:27 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.08 16:51:26 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.03.08 16:50:27 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011.03.08 16:50:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.03.08 16:50:26 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.03.08 16:50:26 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.03.07 21:11:07 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Trillian
[2011.03.07 21:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Trillian
[2011.03.07 19:09:50 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\FileZilla
[2011.03.07 19:09:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011.03.07 19:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011.03.06 23:41:52 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2011.03.06 23:41:49 | 000,000,000 | ---D | C] -- C:\totalcmd
[2011.03.06 23:41:49 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\GHISLER
[2011.03.06 20:50:44 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\recordings
[2011.03.06 20:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Club World Casinos
[2011.03.06 20:06:34 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\TechSmith
[2011.03.06 19:18:46 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\Camtasia Studio
[2011.03.06 19:18:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime
[2011.03.06 19:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2011.03.06 19:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2011.03.06 19:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2011.03.06 19:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2011.03.06 18:48:13 | 000,000,000 | ---D | C] -- C:\Program Files\Club World Casinos
[2011.03.06 15:21:49 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\school + RESUME
[2011.03.06 13:43:22 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\Page
[2011.03.06 13:24:59 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\Expression
[2011.03.06 13:24:11 | 000,000,000 | --SD | C] -- C:\Users\c\Documents\My Web Sites
[2011.03.06 13:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\WPF Toolkit
[2011.03.06 13:15:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK
[2011.03.06 13:15:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK
[2011.03.06 13:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2011.03.06 13:14:24 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011.03.06 13:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
[2011.03.06 13:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Expression
[2011.03.06 03:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBP - Facebook Blaster Pro
[2011.03.06 02:12:39 | 000,000,000 | ---D | C] -- C:\Program Files\FBP - Facebook Blaster Pro
[2011.03.05 18:48:29 | 000,000,000 | --SD | C] -- C:\Users\c\Documents\Weby
[2011.03.03 18:24:33 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\PDF Writer
[2011.03.03 18:24:33 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\PDF Writer
[2011.03.03 18:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Writer
[2011.03.03 17:50:09 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\System32\bzDCT.dll
[2011.03.03 17:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
[2011.03.03 17:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip
[2011.03.03 17:50:08 | 000,227,840 | ---- | C] (Bullzip) -- C:\Windows\System32\bzFlRdr.dll
[2011.03.03 17:50:08 | 000,135,168 | ---- | C] (Bullzip) -- C:\Windows\System32\bzpdfc.dll
[2011.03.03 17:50:05 | 000,196,096 | ---- | C] (Bullzip) -- C:\Windows\System32\bzpdf.dll
[2011.03.03 17:49:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bullzip
[2011.03.03 17:48:22 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\SCIS
[1 C:\Users\c\Desktop\*.tmp files -> C:\Users\c\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.03.27 02:20:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\c\Desktop\OTL.exe
[2011.03.27 02:19:12 | 000,043,474 | ---- | M] () -- C:\Users\c\Desktop\Minidump.zip
[2011.03.27 02:17:49 | 000,001,930 | ---- | M] () -- C:\Users\c\Desktop\CrystalDiskInfo.lnk
[2011.03.27 02:17:35 | 002,774,960 | ---- | M] (Crystal Dew World ) -- C:\Users\c\Desktop\CrystalDiskInfo3_10_0.exe
[2011.03.26 23:30:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.26 23:30:45 | 261,530,189 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.03.26 23:30:42 | 2414,379,008 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.26 22:44:13 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.26 22:44:13 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.26 21:56:55 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2011.03.26 21:48:03 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1250615672-1310049006-2949046049-1001UA.job
[2011.03.26 19:50:53 | 000,080,596 | ---- | M] () -- C:\Users\c\Desktop\psych.JPG
[2011.03.26 19:50:25 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1250615672-1310049006-2949046049-1001Core.job
[2011.03.26 19:39:21 | 000,003,800 | ---- | M] () -- C:\Users\c\Documents\cc_20110326_193914.reg
[2011.03.25 16:46:02 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.03.19 13:22:02 | 013,308,719 | ---- | M] () -- C:\Users\c\Desktop\Felguk feat. Sporty O - 2nite.mp3
[2011.03.12 15:26:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011.03.11 18:56:47 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011.03.11 18:55:34 | 000,001,913 | ---- | M] () -- C:\Users\c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011.03.11 13:45:30 | 000,029,444 | ---- | M] () -- C:\Users\c\Documents\cc_20110311_134527.reg
[2011.03.11 13:42:33 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.03.11 12:25:00 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.03.07 19:33:07 | 000,658,580 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.07 19:33:06 | 000,119,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.07 00:40:44 | 000,418,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.03.06 21:59:42 | 000,006,656 | ---- | M] () -- C:\Users\c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.06 03:09:31 | 000,002,603 | ---- | M] () -- C:\Users\Public\Desktop\FBP - Facebook Blaster Pro.lnk
[2011.03.05 18:45:41 | 000,000,384 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.02.27 22:53:42 | 000,000,017 | ---- | M] () -- C:\Users\c\AppData\Local\resmon.resmoncfg
[1 C:\Users\c\Desktop\*.tmp files -> C:\Users\c\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.03.27 02:19:12 | 000,043,474 | ---- | C] () -- C:\Users\c\Desktop\Minidump.zip
[2011.03.27 02:17:49 | 000,001,930 | ---- | C] () -- C:\Users\c\Desktop\CrystalDiskInfo.lnk
[2011.03.26 22:56:09 | 261,530,189 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.03.26 19:50:50 | 000,080,596 | ---- | C] () -- C:\Users\c\Desktop\psych.JPG
[2011.03.26 19:39:19 | 000,003,800 | ---- | C] () -- C:\Users\c\Documents\cc_20110326_193914.reg
[2011.03.25 16:46:02 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.03.19 13:16:21 | 013,308,719 | ---- | C] () -- C:\Users\c\Desktop\Felguk feat. Sporty O - 2nite.mp3
[2011.03.12 15:26:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011.03.11 18:56:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.03.11 18:55:34 | 000,001,913 | ---- | C] () -- C:\Users\c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011.03.11 13:45:28 | 000,029,444 | ---- | C] () -- C:\Users\c\Documents\cc_20110311_134527.reg
[2011.03.11 13:42:33 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.03.11 12:25:00 | 000,001,136 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.03.11 12:25:00 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.03.07 21:11:06 | 000,001,083 | ---- | C] () -- C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
[2011.03.06 23:41:50 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2011.03.06 23:41:50 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2011.03.06 23:41:50 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2011.03.06 23:41:50 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2011.03.06 23:41:50 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2011.03.06 23:41:50 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2011.03.06 23:41:50 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2011.03.06 20:36:09 | 000,006,656 | ---- | C] () -- C:\Users\c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.06 02:45:53 | 000,002,603 | ---- | C] () -- C:\Users\Public\Desktop\FBP - Facebook Blaster Pro.lnk
[2011.03.05 18:45:40 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.02.27 22:53:42 | 000,000,017 | ---- | C] () -- C:\Users\c\AppData\Local\resmon.resmoncfg
[2011.02.22 14:12:47 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\3f1d58cc
[2011.02.22 14:12:47 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\3e4db72c
[2011.02.22 14:12:37 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\69ca2b3c
[2011.02.22 14:12:37 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\69751c64
[2011.02.22 14:12:04 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\87faff48
[2011.02.22 14:12:04 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\87a7c344
[2011.02.22 14:11:59 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\dd138fc8
[2011.02.22 14:11:59 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\dcc3924c
[2011.02.22 14:11:54 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\ee82a9d0
[2011.02.22 14:11:54 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\ee281fdc
[2011.02.22 14:11:54 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\ed3db4e4
[2011.02.22 14:11:54 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\ecf7d78c
[2011.02.22 14:11:54 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\ec9539f0
[2011.02.22 14:11:54 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\e9c34b14
[2011.02.22 14:11:54 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\e90841a0
[2011.02.22 14:11:53 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\e5606078
[2011.02.22 14:11:53 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\e503cab0
[2011.02.22 14:11:53 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\df3a83fc
[2011.02.22 14:11:53 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\def4faec
[2011.02.22 14:11:53 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\deabad38
[2011.02.22 14:11:53 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\de655af8
[2011.02.22 14:11:53 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\de08c4a0
[2011.02.22 14:11:53 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\ddb89d84
[2011.02.22 14:11:49 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\940a7700
[2011.02.22 14:11:49 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\93a37d14
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f99ece30
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f95dc628
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f9145354
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f8d1fc84
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f892084c
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f84fa114
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f80a0600
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f7c15858
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f77d2d70
[2011.02.22 14:11:39 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\f72fde64
[2011.02.22 14:10:19 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\b0eb5fc4
[2011.02.22 14:10:19 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\b062a1d4
[2011.02.22 14:09:04 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\17cfaba0
[2011.02.22 14:09:04 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\17800d94
[2011.02.22 14:08:45 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\61f127d8
[2011.02.22 14:08:45 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\619e87f8
[2011.02.22 14:08:44 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\826fb828
[2011.02.22 14:08:44 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\81dade58
[2011.02.22 14:08:44 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\80ae1480
[2011.02.22 14:08:44 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\8066c04c
[2011.02.22 14:08:44 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\80163cf0
[2011.02.22 14:08:44 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\7d60c784
[2011.02.22 14:08:44 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\7d04264c
[2011.02.22 14:08:36 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\38ba2dbc
[2011.02.22 14:08:36 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\385c0024
[2011.02.22 14:08:36 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\3220e304
[2011.02.22 14:08:36 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\31db9660
[2011.02.22 14:08:36 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\318c871c
[2011.02.22 14:08:36 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\31385164
[2011.02.22 14:08:36 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\30b449b4
[2011.02.22 14:08:36 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\305428f0
[2011.02.22 14:08:06 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\4c64bddc
[2011.02.22 14:08:06 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\4c0bb970
[2011.02.22 14:08:06 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\448899b4
[2011.02.22 14:08:06 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\443f4768
[2011.02.22 14:08:06 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\43e827e8
[2011.02.22 14:08:06 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\439bfa80
[2011.02.22 14:08:06 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\4340d450
[2011.02.22 14:08:06 | 000,004,638 | ---- | C] () -- C:\Users\c\AppData\Roaming\42e9b8b0
[2011.02.12 20:39:53 | 000,000,600 | ---- | C] () -- C:\Users\c\AppData\Roaming\winscp.rnd
[2011.01.29 11:47:15 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2010.12.19 11:41:30 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.07.13 20:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.13 20:33:53 | 000,418,296 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.13 18:05:48 | 000,658,580 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.13 18:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.13 18:05:48 | 000,119,614 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.13 18:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.13 18:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.13 18:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.13 16:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.13 15:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.13 15:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.28 23:43:38 | 000,042,496 | ---- | C] () -- C:\Windows\System32\ALZZip.BIN
[2006.03.28 23:43:36 | 000,062,464 | ---- | C] () -- C:\Windows\System32\ALZALZ.BIN
[2005.05.06 10:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2003.07.16 04:09:32 | 000,202,752 | ---- | C] () -- C:\Windows\System32\xvid.dll
[1996.04.03 11:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2011.03.25 10:48:22 | 000,000,000 | -HSD | M] -- C:\Users\c\AppData\Roaming\.#
[2011.02.15 12:38:06 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Betraiser
[2011.02.22 14:08:02 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Boilsoft
[2010.12.20 08:07:34 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\COWON
[2011.03.06 02:46:21 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\DAEMON Tools Lite
[2011.03.08 23:00:23 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\FileZilla
[2011.03.06 23:42:48 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\GHISLER
[2011.03.26 02:38:42 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\ICQ
[2011.03.03 18:24:33 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\PDF Writer
[2011.03.11 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\TeamViewer
[2011.01.10 11:32:40 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\TomTom
[2011.03.07 21:39:59 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Trillian
[2011.03.26 22:39:56 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 27.03.11 02:29:08 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\c\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd.MM.yy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 75.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 295.04 Gb Total Space | 207.42 Gb Free Space | 70.30% Space Free | Partition Type: NTFS

Computer Name: C-PC | User Name: c | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07EF3970-F8E5-4A27-A5A3-230484D35026}" = Microsoft Expression Encoder 4
"{087C2584-FCE8-42E0-9613-3403BF52ABD8}_is1" = Xvid CZ
"{08D605B4-DCD1-451F-ABD7-52E6BB868E4E}" = Microsoft Expression Design 4
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1186f7f6-4dae-4071-8ea5-51a9dde833d7}" = Club World Casinos
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1" = Boilsoft Video Splitter 6.32
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4C6D5779-A766-45DF-9938-D6F595A66F2B}" = Microsoft Expression Blend 4
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4
"{620797B0-A022-4B57-A95E-CD7DD0325015}" = MoRUN.net Sticker Lite
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}" = Microsoft Silverlight 4 SDK
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A06FE62B-CEBC-4E94-AED8-92DCC33BC8EA}" = Microsoft Expression Studio 4
"{A31A5DFC-3439-48FC-99BB-5174168AE471}" = COMODO livePCsupport
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B400A641-5F10-4E10-BD40-C1C7F91A4A94}" = FBP - Facebook Blaster Pro
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D86B6C32-49BD-4A02-9C43-14E497018498}" = Windows 7 Manager
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic VX
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALZip_is1" = ALZip
"Betraiser Poker" = Betraiser Poker
"BetVoyager Online Casino" = BetVoyager Online Casino 1.0.1.8
"Blend_4.0.20525.0" = Microsoft Expression Blend 4
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1218
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"Comodo HopSurf Toolbar" = Comodo HopSurf
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"CrystalDiskInfo_is1" = CrystalDiskInfo 3.10.0
"Design_7.0.20516.0" = Microsoft Expression Design 4
"Encoder_4.0.1639.0" = Microsoft Expression Encoder 4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExpressionStudio_4.0.20525.0" = Microsoft Expression Studio 4
"FileZilla Client" = FileZilla Client 3.3.5.1
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"SP6" = Logitech SetPoint 6.0
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 320" = Half-Life 2: Deathmatch
"TeamViewer 6" = TeamViewer 6
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Totalcmd" = Total Commander (Remove or Repair)
"Trillian" = Trillian
"Web_4.0.1165.0" = Microsoft Expression Web 4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1250615672-1310049006-2949046049-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.03.11 02:39:32 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385,
time stamp: 0x4a5bc100 Faulting module name: wuaueng.dll, version: 7.3.7600.16385,
time stamp: 0x4a5bce0d Exception code: 0xc0000006 Fault offset: 0x00048790 Faulting
process id: 0x444 Faulting application start time: 0x01cbec4922785d43 Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: c:\windows\system32\wuaueng.dll
Report
Id: f8d16223-583c-11e0-9503-001ec9021be1

Error - 27.03.11 02:39:32 | Computer Name = c-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\System32\wuaueng.dll for
one of the following reasons: there is a problem with the network connection, the
disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Host Process for Windows Services
because of this error. Program: Host Process for Windows Services File: C:\Windows\System32\wuaueng.dll

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your
network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3

Error - 27.03.11 02:40:47 | Computer Name = c-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 27.03.11 02:40:47 | Computer Name = c-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 27.03.11 03:35:40 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_BFE, version: 6.1.7600.16385,
time stamp: 0x4a5bc100 Faulting module name: bfe.dll, version: 6.1.7600.16385, time
stamp: 0x4a5bd98d Exception code: 0xc0000006 Fault offset: 0x0004f91a Faulting process
id: 0x434 Faulting application start time: 0x01cbec50e7f29437 Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: c:\windows\system32\bfe.dll
Report
Id: d05caffa-5844-11e0-ac01-001ec9021be1

Error - 27.03.11 03:35:45 | Computer Name = c-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\System32\BFE.DLL for one
of the following reasons: there is a problem with the network connection, the disk
that the file is stored on, or the storage drivers installed on this computer; or
the disk is missing. Windows closed the program Host Process for Windows Services
because of this error. Program: Host Process for Windows Services File: C:\Windows\System32\BFE.DLL

The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your
network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3

Error - 27.03.11 03:42:02 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: cfpupdat.exe, version: 5.3.43550.1216,
time stamp: 0x4d1a8a2a Faulting module name: ntdll.dll, version: 6.1.7600.16695,
time stamp: 0x4cc7ab44 Exception code: 0xc0000006 Fault offset: 0x00033403 Faulting
process id: 0xa4 Faulting application start time: 0x01cbec525711abb4 Faulting application
path: C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: b3f05f4c-5845-11e0-ac01-001ec9021be1

Error - 27.03.11 03:42:02 | Computer Name = c-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Program Files\COMODO\COMODO Internet
Security\cfpupdat.exe for one of the following reasons: there is a problem with
the network connection, the disk that the file is stored on, or the storage drivers
installed on this computer; or the disk is missing. Windows closed the program COMODO
Internet Security because of this error. Program: COMODO Internet Security File:
C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe The error value is
listed in the Additional Data section. User Action 1. Open the file again. This situation
might be a temporary problem that corrects itself when the program runs again. 2.
If
the file still cannot be accessed and - It is on the network, your network administrator
should verify that there is not a problem with the network and that the server
can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM,
verify that the disk is fully inserted into the computer. 3. Check and repair the
file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD,
and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4.
If the problem persists, restore the file from a backup copy. 5. Determine whether
other files on the same disk can be opened. If not, the disk might be damaged.
If it is a hard disk, contact your administrator or computer hardware vendor for
further
assistance. Additional Data Error value: C0000185 Disk type: 3

Error - 27.03.11 03:42:43 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: gmer.exe, version: 1.0.15.15530, time stamp:
0x4cd7c3b7 Faulting module name: ntdll.dll, version: 6.1.7600.16695, time stamp:
0x4cc7ab44 Exception code: 0xc0000006 Fault offset: 0x0001a994 Faulting process id:
0x5b8 Faulting application start time: 0x01cbec5144975f7c Faulting application path:
C:\Users\c\Desktop\Apps\gmer\gmer.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: cc8d39c1-5845-11e0-ac01-001ec9021be1

Error - 27.03.11 03:42:43 | Computer Name = c-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\System32\mtxclu.dll for
one of the following reasons: there is a problem with the network connection, the
disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program gmer.exe because of this error.

Program:
gmer.exe File: C:\Windows\System32\mtxclu.dll The error value is listed in the Additional
Data section. User Action 1. Open the file again. This situation might be a temporary
problem that corrects itself when the program runs again. 2. If the file still cannot
be accessed and - It is on the network, your network administrator should verify
that there is not a problem with the network and that the server can be contacted.
-
It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the
disk is fully inserted into the computer. 3. Check and repair the file system by
running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click
OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem
persists, restore the file from a backup copy. 5. Determine whether other files
on the same disk can be opened. If not, the disk might be damaged. If it is a hard
disk, contact your administrator or computer hardware vendor for further assistance.

Additional
Data Error value: C0000185 Disk type: 3

[ OSession Events ]
Error - 13.03.11 22:55:39 | Computer Name = c-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13211
seconds with 2700 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 27.03.11 06:24:51 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:24:51 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:26:19 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:26:19 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:26:19 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:26:29 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:26:29 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:26:29 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:26:59 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 27.03.11 06:26:59 | Computer Name = c-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068


< End of report >

DIKY MOC, MOTJI!

Ted mi v normalnim modu dokonce ani nejde net.
Limited access mi to pise.
Windows explorer has stopped working mi to taky hodilo, pc pak nereaguje.
Comodem jsem zkusil zablokovat nejaky sluzby tusim, nepomohlo to (mel jsem ho v paranoia modu).
:/

Jinak jak rikam, hdd i vsechny otvory jsem profoukal plechovkou.

Mam v pc nejaky brutalni vir, nebo co se deje?
Jeste vcera fungovalo vsechno perfektne:/

Řekla bych že disk není zrovna v nejlepší kondici .

Stahněte HD tune http://www.slunecnice.cz/sw/hd-tune/
-zvolete poslední záložku Error scan
-dejte skenovat, trvá to kolem hodiny.
-pak napište jestli jste měl nějaká políčka červená


Spouštěl jste combofix nebo gmer? V minidumpu to vypadá že jeden pád způsobil soubor, který pravděpodobně patří právě ke gmeru.

Takze nezbyva nez poridit novy disk?
Nevim jestli se mi ten scan hodinovy vubec podari udelat...
Mohl bych ho alespon pouzit jako externi a koupit pro nej prozatim ten suplik a spojit ho s pc pres usb? Nemam totiz ani jak zazalohovat data.
Takze to tedy neni zadnym virem..
Gmer jsem zkousel spustit, ale nepodaril se mi ten scan.

Virem to může být, zkusíme ještě combofix, něco se mi v logu nelíbí.
Zkuste v nouzovém režimu HD tune.


Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
(pokud by se combofix nechtěl spustit, napište.)

ComboFix 11-03-26.02 - c 27.03.11 11:45:10.2.2 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.2604 [GMT -8:00]
Running from: c:\users\c\Desktop\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: COMODO Defense+ *Enabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\c\AppData\Roaming\.#
c:\users\c\AppData\Roaming\.#\MBX@10E0@1672910.###
c:\users\c\AppData\Roaming\.#\MBX@10E0@1672940.###
c:\users\c\AppData\Roaming\.#\MBX@10E0@1672970.###
c:\users\c\AppData\Roaming\.#\MBX@1100@18D2910.###
c:\users\c\AppData\Roaming\.#\MBX@1100@18D2940.###
c:\users\c\AppData\Roaming\.#\MBX@1100@18D2970.###
c:\users\c\AppData\Roaming\.#\MBX@115C@3A2910.###
c:\users\c\AppData\Roaming\.#\MBX@115C@3A2940.###
c:\users\c\AppData\Roaming\.#\MBX@115C@3A2970.###
c:\users\c\AppData\Roaming\.#\MBX@1190@1452910.###
c:\users\c\AppData\Roaming\.#\MBX@1190@1452940.###
c:\users\c\AppData\Roaming\.#\MBX@1190@1452970.###
c:\users\c\AppData\Roaming\.#\MBX@1330@1592910.###
c:\users\c\AppData\Roaming\.#\MBX@1330@1592940.###
c:\users\c\AppData\Roaming\.#\MBX@1330@1592970.###
c:\users\c\AppData\Roaming\.#\MBX@13C4@1502910.###
c:\users\c\AppData\Roaming\.#\MBX@13C4@1502940.###
c:\users\c\AppData\Roaming\.#\MBX@13C4@1502970.###
c:\users\c\AppData\Roaming\.#\MBX@145C@3C2910.###
c:\users\c\AppData\Roaming\.#\MBX@145C@3C2940.###
c:\users\c\AppData\Roaming\.#\MBX@145C@3C2970.###
c:\users\c\AppData\Roaming\.#\MBX@14F4@1552910.###
c:\users\c\AppData\Roaming\.#\MBX@14F4@1552940.###
c:\users\c\AppData\Roaming\.#\MBX@14F4@1552970.###
c:\users\c\AppData\Roaming\.#\MBX@1518@652910.###
c:\users\c\AppData\Roaming\.#\MBX@1518@652940.###
c:\users\c\AppData\Roaming\.#\MBX@1518@652970.###
c:\users\c\AppData\Roaming\.#\MBX@1534@14B2910.###
c:\users\c\AppData\Roaming\.#\MBX@1534@14B2940.###
c:\users\c\AppData\Roaming\.#\MBX@1534@14B2970.###
c:\users\c\AppData\Roaming\.#\MBX@1550@1452910.###
c:\users\c\AppData\Roaming\.#\MBX@1550@1452940.###
c:\users\c\AppData\Roaming\.#\MBX@1550@1452970.###
c:\users\c\AppData\Roaming\.#\MBX@16A0@1532910.###
c:\users\c\AppData\Roaming\.#\MBX@16A0@1532940.###
c:\users\c\AppData\Roaming\.#\MBX@16A0@1532970.###
c:\users\c\AppData\Roaming\.#\MBX@16A0@1592910.###
c:\users\c\AppData\Roaming\.#\MBX@16A0@1592940.###
c:\users\c\AppData\Roaming\.#\MBX@16A0@1592970.###
c:\users\c\AppData\Roaming\.#\MBX@1750@1772910.###
c:\users\c\AppData\Roaming\.#\MBX@1750@1772940.###
c:\users\c\AppData\Roaming\.#\MBX@1750@1772970.###
c:\users\c\AppData\Roaming\.#\MBX@1778@362910.###
c:\users\c\AppData\Roaming\.#\MBX@1778@362940.###
c:\users\c\AppData\Roaming\.#\MBX@1778@362970.###
c:\users\c\AppData\Roaming\.#\MBX@17A8@14D2910.###
c:\users\c\AppData\Roaming\.#\MBX@17A8@14D2940.###
c:\users\c\AppData\Roaming\.#\MBX@17A8@14D2970.###
c:\users\c\AppData\Roaming\.#\MBX@17C4@1582910.###
c:\users\c\AppData\Roaming\.#\MBX@17C4@1582940.###
c:\users\c\AppData\Roaming\.#\MBX@17C4@1582970.###
c:\users\c\AppData\Roaming\.#\MBX@7C8@1522910.###
c:\users\c\AppData\Roaming\.#\MBX@7C8@1522940.###
c:\users\c\AppData\Roaming\.#\MBX@7C8@1522970.###
c:\users\c\AppData\Roaming\.#\MBX@A8C@1542910.###
c:\users\c\AppData\Roaming\.#\MBX@A8C@1542940.###
c:\users\c\AppData\Roaming\.#\MBX@A8C@1542970.###
c:\users\c\AppData\Roaming\.#\MBX@AD4@382910.###
c:\users\c\AppData\Roaming\.#\MBX@AD4@382940.###
c:\users\c\AppData\Roaming\.#\MBX@AD4@382970.###
c:\users\c\AppData\Roaming\.#\MBX@C58@14E2910.###
c:\users\c\AppData\Roaming\.#\MBX@C58@14E2940.###
c:\users\c\AppData\Roaming\.#\MBX@C58@14E2970.###
c:\users\c\AppData\Roaming\.#\MBX@CD8@3A2910.###
c:\users\c\AppData\Roaming\.#\MBX@CD8@3A2940.###
c:\users\c\AppData\Roaming\.#\MBX@CD8@3A2970.###
c:\users\c\AppData\Roaming\.#\MBX@D38@1AA2910.###
c:\users\c\AppData\Roaming\.#\MBX@D38@1AA2940.###
c:\users\c\AppData\Roaming\.#\MBX@D38@1AA2970.###
c:\users\c\AppData\Roaming\.#\MBX@DA4@1812910.###
c:\users\c\AppData\Roaming\.#\MBX@DA4@1812940.###
c:\users\c\AppData\Roaming\.#\MBX@DA4@1812970.###
c:\users\c\AppData\Roaming\.#\MBX@DB4@19E2910.###
c:\users\c\AppData\Roaming\.#\MBX@DB4@19E2940.###
c:\users\c\AppData\Roaming\.#\MBX@DB4@19E2970.###
c:\users\c\AppData\Roaming\.#\MBX@E60@12F2910.###
c:\users\c\AppData\Roaming\.#\MBX@E60@12F2940.###
c:\users\c\AppData\Roaming\.#\MBX@E60@12F2970.###
c:\users\c\AppData\Roaming\.#\MBX@ED0@1432910.###
c:\users\c\AppData\Roaming\.#\MBX@ED0@1432940.###
c:\users\c\AppData\Roaming\.#\MBX@ED0@1432970.###
c:\users\c\AppData\Roaming\.#\MBX@EE8@1852910.###
c:\users\c\AppData\Roaming\.#\MBX@EE8@1852940.###
c:\users\c\AppData\Roaming\.#\MBX@EE8@1852970.###
c:\users\c\AppData\Roaming\.#\MBX@F20@1B02910.###
c:\users\c\AppData\Roaming\.#\MBX@F20@1B02940.###
c:\users\c\AppData\Roaming\.#\MBX@F20@1B02970.###
c:\windows\system32\drivers\etc\lmhosts
.
.
((((((((((((((((((((((((( Files Created from 2011-02-27 to 2011-03-27 )))))))))))))))))))))))))))))))
.
.
2011-03-27 19:50 . 2011-03-27 19:50 -------- d-----w- c:\users\c\AppData\Local\temp
2011-03-27 19:50 . 2011-03-27 19:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-27 19:42 . 2011-03-27 19:42 -------- d-----w- C:\32788R22FWJFW
2011-03-27 10:17 . 2011-03-27 10:17 -------- d-----w- c:\program files\CrystalDiskInfo
2011-03-27 07:32 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5A8FEA09-E2CB-42F9-BE14-4439F301C961}\mpengine.dll
2011-03-27 04:34 . 2011-03-27 04:34 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2011-03-26 00:45 . 2011-03-26 00:45 -------- d-----w- c:\program files\iPod
2011-03-26 00:45 . 2011-03-26 00:46 -------- d-----w- c:\program files\iTunes
2011-03-12 02:56 . 2011-03-12 02:56 -------- d-----w- c:\users\c\AppData\Local\Mozilla
2011-03-11 20:26 . 2011-03-11 20:52 -------- d-----w- c:\users\c\AppData\Roaming\TeamViewer
2011-03-11 20:24 . 2011-03-11 20:24 -------- d-----w- c:\program files\TeamViewer
2011-03-09 00:51 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 00:51 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 00:51 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 00:50 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 00:50 . 2010-12-23 05:28 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 00:50 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 00:50 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 00:50 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 00:50 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe
2011-03-08 05:11 . 2011-03-08 05:39 -------- d-----w- c:\users\c\AppData\Roaming\Trillian
2011-03-08 05:10 . 2011-03-08 05:52 -------- d-----w- c:\program files\Trillian
2011-03-08 03:09 . 2011-03-09 07:00 -------- d-----w- c:\users\c\AppData\Roaming\FileZilla
2011-03-08 03:09 . 2011-03-08 03:09 -------- d-----w- c:\program files\FileZilla FTP Client
2011-03-07 07:41 . 2010-12-17 15:56 545 ----a-w- c:\windows\UC.PIF
2011-03-07 07:41 . 2010-12-17 15:56 545 ----a-w- c:\windows\RAR.PIF
2011-03-07 07:41 . 2010-12-17 15:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-03-07 07:41 . 2010-12-17 15:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-03-07 07:41 . 2010-12-17 15:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-03-07 07:41 . 2010-12-17 15:56 545 ----a-w- c:\windows\LHA.PIF
2011-03-07 07:41 . 2010-12-17 15:56 545 ----a-w- c:\windows\ARJ.PIF
2011-03-07 07:41 . 2011-03-07 07:42 -------- d-----w- c:\users\c\AppData\Roaming\GHISLER
2011-03-07 07:41 . 2011-03-07 07:42 -------- d-----w- C:\totalcmd
2011-03-07 04:06 . 2011-03-07 04:06 -------- d-----w- c:\users\c\AppData\Local\TechSmith
2011-03-07 03:18 . 2010-03-05 01:27 411480 ----a-w- c:\windows\system32\tsccvid.dll
2011-03-07 03:18 . 2011-03-07 03:18 -------- d-----w- c:\windows\system32\QuickTime
2011-03-07 03:17 . 2011-03-07 03:17 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2011-03-07 03:17 . 2011-03-07 03:17 -------- d-----w- c:\programdata\TechSmith
2011-03-07 03:17 . 2011-03-07 03:17 -------- d-----w- c:\program files\TechSmith
2011-03-07 02:48 . 2011-03-15 05:36 -------- d-----w- c:\program files\Club World Casinos
2011-03-07 01:53 . 2010-04-15 20:40 22188 ----a-w- c:\users\c\AppData\Roaming\Microsoft\Expression\Web 4\Behaviors\Actions\STRINGS.JS
2011-03-07 01:53 . 2010-04-15 20:40 18866 ----a-w- c:\users\c\AppData\Roaming\Microsoft\Expression\Web 4\Behaviors\Actions\PRELOAD.JS
2011-03-07 01:53 . 2010-04-15 20:40 18466 ----a-w- c:\users\c\AppData\Roaming\Microsoft\Expression\Web 4\Behaviors\Actions\SETTEXT.JS
2011-03-07 01:53 . 2010-04-15 20:40 15579 ----a-w- c:\users\c\AppData\Roaming\Microsoft\Expression\Web 4\Behaviors\Actions\_PRELOAD.JS
2011-03-07 01:53 . 2010-04-15 20:40 14643 ----a-w- c:\users\c\AppData\Roaming\Microsoft\Expression\Web 4\Behaviors\Actions\FPLIB.JS
2011-03-07 01:53 . 2010-04-15 20:40 14008 ----a-w- c:\users\c\AppData\Roaming\Microsoft\Expression\Web 4\Behaviors\Actions\DOM.JS
2011-03-07 01:53 . 2010-04-15 20:40 12235 ----a-w- c:\users\c\AppData\Roaming\Microsoft\Expression\Web 4\Behaviors\Actions\GETOBJ.JS
2011-03-07 01:53 . 2010-04-15 20:40 11964 ----a-w- c:\users\c\AppData\Roaming\Microsoft\Expression\Web 4\Behaviors\Actions\_JMPMENU.JS
2011-03-06 21:15 . 2011-03-06 21:15 -------- d-----w- c:\program files\WPF Toolkit
2011-03-06 21:14 . 2011-03-06 21:15 -------- d-----w- c:\program files\Microsoft SDKs
2011-03-06 21:14 . 2008-07-12 16:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-03-06 21:12 . 2011-03-06 21:18 -------- d-----w- c:\program files\Microsoft Expression
2011-03-06 10:12 . 2011-03-06 11:09 -------- d-----w- c:\program files\FBP - Facebook Blaster Pro
2011-03-04 02:24 . 2011-03-04 02:24 -------- d-----w- c:\users\c\AppData\Roaming\PDF Writer
2011-03-04 02:24 . 2011-03-04 02:24 -------- d-----w- c:\users\c\AppData\Local\PDF Writer
2011-03-04 02:24 . 2011-03-04 02:24 -------- d-----w- c:\programdata\PDF Writer
2011-03-04 02:21 . 2009-07-14 01:15 90624 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPWN7.DLL
2011-03-04 01:50 . 2011-03-04 01:50 -------- d-----w- c:\program files\Common Files\Bullzip
2011-03-04 01:50 . 2008-07-10 08:19 103424 ----a-w- c:\windows\system32\bzDCT.dll
2011-03-04 01:50 . 2010-09-27 23:27 135168 ----a-w- c:\windows\system32\bzpdfc.dll
2011-03-04 01:50 . 2008-10-31 07:15 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
2011-03-04 01:50 . 2010-09-27 23:28 196096 ----a-w- c:\windows\system32\bzpdf.dll
2011-03-04 01:49 . 2011-03-04 01:49 -------- d-----w- c:\program files\Bullzip
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-19 00:36 . 2011-02-19 00:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-19 00:36 . 2011-02-19 00:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-08 23:41 . 2010-04-09 09:26 285480 ----a-w- c:\windows\system32\guard32.dll
2011-02-08 23:40 . 2010-04-09 09:25 80064 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-02-08 23:40 . 2010-04-09 09:25 35768 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-02-08 23:40 . 2010-04-09 09:25 17256 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-02-08 23:40 . 2010-04-09 09:25 236600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-02-03 05:45 . 2011-02-08 23:31 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-03 02:11 . 2010-12-19 18:53 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-29 19:45 . 2011-01-29 19:45 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-01-29 19:45 . 2011-01-29 19:45 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-01-29 18:14 . 2010-12-19 19:12 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-01-10 23:00 . 2011-01-10 23:00 203576 ----a-w- c:\windows\system32\richtx32.ocx
2011-01-10 23:00 . 2011-01-10 23:00 140288 ----a-w- c:\windows\system32\comdlg32.ocx
2011-01-10 23:00 . 2011-01-10 23:00 124688 ----a-w- c:\windows\system32\mswinsck.ocx
2011-01-10 17:17 . 2011-01-10 17:17 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-01-07 07:31 . 2011-02-22 19:12 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-07 07:31 . 2011-02-22 19:12 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-07 07:27 . 2011-02-08 23:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 05:33 . 2011-02-08 23:31 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-01-05 05:37 . 2011-02-08 23:32 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 03:37 . 2011-02-08 23:32 2329088 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-27 15026056]
"MoRUN.net Sticker Lite"="c:\program files\MoRUN.net\StickerLite\sticker.exe" [2010-07-26 451072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-02-08 2548552]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-01-29 21:17 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Club World Casinos]
2010-09-30 07:28 30720 ----a-w- c:\program files\Club World Casinos\casino.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-02-01 07:30 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" silent loginmode=4
"Google Update"="c:\users\c\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"COMODO"=c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe
"OEM02Mon.exe"=c:\windows\OEM02Mon.exe
"NVHotkey"=rundll32.exe c:\windows\system32\nvHotkey.dll,Start
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-19 691696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-02-08 236600]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-08-29 73728]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-20 148744]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-01 2296696]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R3 ALSysIO;ALSysIO;c:\users\c\AppData\Local\Temp\ALSysIO.sys [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2010-07-02 44432]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-20 1343400]
R3 WinRing0_1_1_1;WinRing0_1_1_1;c:\users\c\Desktop\Apps\RealTemp_2.70\RealTemp_2.70\WinRing0.sys [2008-01-28 13904]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2011-02-08 17256]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-02-08 35768]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1250615672-1310049006-2949046049-1001Core.job
- c:\users\c\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-19 18:43]
.
2011-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1250615672-1310049006-2949046049-1001UA.job
- c:\users\c\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-19 18:43]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://eu.ask.com?o=102866&l=dis&gct=hp
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {607F11ED-D6FF-4756-B2D7-19A9A30735D7} = 156.154.70.22,156.154.71.22
TCP: 34F6D60757475627A5F6E656230383 = 156.154.70.22,156.154.71.22
TCP: 368696E67616024757020757471602D616462756 = 156.154.70.22,156.154.71.22
TCP: 564786F63747275616D6 = 156.154.70.22,156.154.71.22
TCP: {C3F8693E-5C1F-471A-A9FA-95E3647160C8} = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\c\AppData\Roaming\Mozilla\Firefox\Profiles\k5vztrbn.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-RunOnce-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-27 11:51:55
ComboFix-quarantined-files.txt 2011-03-27 19:51
.
Pre-Run: 222,672,801,792 bytes free
Post-Run: 222,628,442,112 bytes free
.
- - End Of File - - 595CDBBE1160CD997DB42E7550AE4621

co se tyce HD tune, tak mam zacit proskenovano 70gb z 300gb disku, cervena policka jsou 3, tvori to zatim 0.1%

quick scan nenasel cervena zadna..

jeste me napada, ze zkusim odinstalovat COMODO, jestli to neni to, co mi to blbnuti zpusobuje.. a dam tam prozatim napr., avast