problem s diskem?

[piti]

ano do nouzoveho rezimu se dostanu

[motji]

V nouzovém režimu zkuste dát obnovu systému.
Ještě počkám jestli Vám půjde dát.

[piti]

tak obnova nejde...vyhodi se hlaska:"Nastroj obnoveni systemu nemuze zajistit ochranu pocitace. Restartujte pocitac a znovu spustte nastroj Obnoveni systemu."
po restartu porad stejna hlaska

[motji]

V nouzovém režimu :

Start -spustit
-do okénka napište:

C:\Windows\ERDNT\Hiv-backup\erdnt.exe

ok

-Ujistěte se, že v nově otevřeném okně jsou zaškrtnuty všechny možnosti a stiskněte OK
- bude zahájeno obnovení registru.
- Po dokončení procesu stiskněte OK a váš počítač se restartuje.


Pokud by ani tohle nepomohlo, máte instalační cd na opravu?

[piti]

tak tohle bohuzel taky nepomohlo...instalacni CD mam

[motji]

Tak už jedině tu opravu systému
http://www.viry.cz/forum/viewtopic.php?f=46&t=41036

[MiliNess]

Mrkni ještě jednou do té složky Windows\Minidump. Teď už by se měl výpis paměti vygenerovat. Jestli ne, je to průšvuh, jelikož nevíme, co to shazuje.

[Vrtule]

Zdravím,

v nouzovém režimu běžte do Ovládací panely | Systém | Upřesnit | Spouštění a zotavení systému. Zde odškrtněte políčko "Automaticky restartovat". Až se zase systému zachce náhlého restartu (modré obrazovky) měl by zůstat viset v modré obrazzovce. Pokud se to podaří (kdyžtak po aplikaci tohoto nastavení zkuste nabootovat do normálního režimu) a objeví se modrá obrazovka, zkuste najít následující údaje:
* V horní části se můžže nacházet nápis tvořený velkými tiskacími písmeny a podtržítky. Ten by nás zajímal...
+ v dolní části je řádek ve tvaru:

STOP: 0xXXXXXXXX (0xXXXXXXXX, 0xXXXXXXXX, 0xXXXXXXXX, 0xXXXXXXXX)

kde X jsou buď číslice, nebo písmena od A do F (čísla v hexadecimální soustavě). Tato čísla by mohla pomoci určit, co je přesně špatně.

Pod nápisem STOP někdy bývá i název ovladače, který chybu způsobil. Kdybyste ho tam našel, tak ho sem také napište. Názvy ovladačů mají přípomnu .sys.

[piti]

tak to hodi chybu 0x0000008E
ctsfm2k.sys - Address AC0D70A0 base at AC0D4000 datestamp 3d377df5

dalsi podrobnosti jsem si bohuzel nenapsal pac jsem netusil co vsechno bude potreba, ale muzu je pripadne doplnit...

[Vrtule]

ctsfm2k.sys se zdá býti ovladač zvukové karty. Kdyžtak ho v nouzovém režimu zkuste přesunout na nějaké bezpečné místo (třeba do nějaká vámi vytvořené složky). Bude se nacházet asi v adresáři C:\windows\system32, nebo c:\windows\system32\drivers. Když ho systém nenajde, neměl by ho načíst a možná se pak dostanete i v normálním režimu na plochu. Pravděpodobně to způsobí nefunkčnost zvukovky, ale to si myslím vyřešíme nějak potom.

[MiliNess]

Tak jsem na to ještě koukal a bude to tak, jak jsem psal v SZ. K pádu teď sice dochází v ovladači ctsfm2k.sys, což je ovladač zvukovky, ale řekl bych, že ten problém bude v nějakém filtru souborového systému, který je pověšený na ovladači souborového systému. Dneska jdu spát, zítra se na to ještě mrknu

[piti]

tak po presunuti toho souboru jsem skutecne nabootoval normalne...
taky si na to jdu odpocinout kazdopadne zatim diky

[motji]

Já to ted nechám na kolegovi, pak spolu pc ještě dočistíme

Jen poprosím o log ze Rsitu.
domluvte se s kolegou, jestli bude ještě chtít ten výpis z gmeru

[piti]

log z RSITu:

Logfile of random's system information tool 1.06 (written by random/random)
Run by piticko at 2010-01-03 13:13:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (5%) free of 30 GB
Total RAM: 1279 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:56, on 3.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Launchy\Launchy.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Trillian\trillian.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\piticko\Plocha\RSIT.exe
C:\Program Files\trend micro\piticko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7900 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{ECF1EBEC-AEEA-49B2-A651-44B14DF6B1D2}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}]
Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll [2006-07-09 278528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"UpdReg"=C:\WINDOWS\Updreg.exe [2000-05-11 90112]
"AHQInit"=C:\Program Files\Creative\SBLive\Program\AHQInit.exe [2001-05-10 102400]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\piticko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-07-01 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe -lang 1033 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-10-22 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe [2009-03-12 1347584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-03-20 1312256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-12-08 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe [2008-11-21 1359941]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
[]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Launchy.lnk - C:\Program Files\Launchy\Launchy.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Documents and Settings\piticko\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Trillian.lnk - C:\Program Files\Trillian\trillian.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-02-18 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Java\jdk1.6.0_02\jre\bin\java.exe"="C:\Program Files\Java\jdk1.6.0_02\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\games\bulanci\!new\bulanci.exe"="D:\games\bulanci\!new\bulanci.exe:*:Enabled:bulanci"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Bit Che\Bit_Che.exe"="C:\Program Files\Bit Che\Bit_Che.exe:*:Enabled:Bit Che"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe:*:Enabled:Nokia Launch Application"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Quake III Arena\quake3.exe"="C:\Program Files\Quake III Arena\quake3.exe:*:Enabled:quake3"
"C:\Program Files\Altap Salamander 2.5\SALAMAND.exe"="C:\Program Files\Altap Salamander 2.5\SALAMAND.exe:*:Enabled:Altap Salamander, File Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - edit -

======List of files/folders created in the last 3 months======

2010-01-03 01:55:28 ----A---- C:\WINDOWS\{00000003-00000000-00000002-00001102-00000002-80641102}.BAK
2010-01-02 23:45:51 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-02 21:54:06 ----SHD---- C:\RECYCLER
2010-01-02 21:48:59 ----A---- C:\ComboFix.txt
2010-01-02 21:33:41 ----A---- C:\WINDOWS\PEV.exe
2010-01-02 21:33:41 ----A---- C:\WINDOWS\MBR.exe
2010-01-02 20:53:35 ----D---- C:\Program Files\trend micro
2010-01-02 20:53:34 ----D---- C:\rsit
2010-01-02 20:36:44 ----D---- C:\Program Files\HD Tune
2009-12-10 22:49:40 ----D---- C:\Documents and Settings\piticko\Data aplikací\vlc
2009-12-08 20:50:34 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-08 20:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-08 20:47:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-08 20:47:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-08 20:46:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 12:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 12:46:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-25 00:10:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\id Software
2009-11-11 11:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-09 21:50:00 ----D---- C:\Documents and Settings\piticko\Data aplikací\BSplayer PRO
2009-11-09 21:48:52 ----D---- C:\Program Files\Webteh
2009-11-04 14:09:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-04 14:09:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-04 14:09:55 ----A---- C:\WINDOWS\system32\java.exe
2009-11-03 19:41:13 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-11-02 23:43:29 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-11-02 23:42:35 ----D---- C:\Program Files\iPod
2009-11-02 23:41:43 ----D---- C:\Program Files\Bonjour
2009-11-02 22:53:02 ----D---- C:\Program Files\iTunes
2009-10-23 20:37:24 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-14 13:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-14 09:55:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 09:35:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 09:34:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 09:34:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 09:34:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 09:33:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 09:23:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 09:22:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-13 10:17:01 ----D---- C:\Program Files\Avira
2009-10-12 20:09:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-11 20:49:26 ----D---- C:\Program Files\Aiseesoft Studio
2009-10-11 13:18:29 ----D---- C:\Documents and Settings\piticko\Data aplikací\Photo! Web Album
2009-10-06 16:28:51 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-10-06 16:28:47 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-10-06 13:39:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-06 13:39:14 ----A---- C:\WINDOWS\system32\usbaaplrc.dll

======List of files/folders modified in the last 3 months======

2010-01-03 13:11:59 ----D---- C:\WINDOWS\temp
2010-01-03 13:09:42 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-03 13:08:06 ----D---- C:\WINDOWS
2010-01-03 12:20:42 ----SHD---- C:\System Volume Information
2010-01-03 12:20:42 ----D---- C:\WINDOWS\system32\Restore
2010-01-03 12:20:14 ----AD---- C:\Program Files
2010-01-03 12:19:42 ----D---- C:\WINDOWS\system32\drivers
2010-01-03 12:19:10 ----SHD---- C:\WINDOWS\Installer
2010-01-03 12:18:49 ----D---- C:\WINDOWS\system32
2010-01-03 02:03:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-03 02:00:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-03 01:10:24 ----RD---- C:\install
2010-01-03 01:08:24 ----D---- C:\WINDOWS\Minidump
2010-01-03 00:23:11 ----D---- C:\WINDOWS\system32\config
2010-01-03 00:04:24 ----SD---- C:\WINDOWS\Tasks
2010-01-02 23:46:02 ----SHD---- C:\WINDOWS\CSC
2010-01-02 21:49:02 ----D---- C:\Qoobox
2010-01-02 21:46:36 ----D---- C:\WINDOWS\ERDNT
2010-01-02 21:44:53 ----A---- C:\WINDOWS\system.ini
2010-01-02 21:41:01 ----D---- C:\WINDOWS\AppPatch
2010-01-02 21:40:57 ----D---- C:\Program Files\Common Files
2010-01-02 21:30:58 ----D---- C:\WINDOWS\Prefetch
2010-01-02 21:26:10 ----D---- C:\WINDOWS\Debug
2010-01-02 21:23:41 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-01-02 19:43:24 ----D---- C:\Program Files\Mozilla Firefox
2010-01-01 22:29:37 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-26 23:24:41 ----D---- C:\Documents and Settings\piticko\Data aplikací\dvdcss
2009-12-26 22:14:35 ----HD---- C:\WINDOWS\inf
2009-12-08 20:50:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-08 20:49:17 ----D---- C:\Program Files\Internet Explorer
2009-12-08 20:49:08 ----D---- C:\WINDOWS\ie8updates
2009-12-08 20:48:51 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-01 18:58:15 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-11-30 11:36:31 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-29 21:21:54 ----D---- C:\Program Files\Counter-Strike 1.6
2009-11-28 14:17:19 ----D---- C:\Program Files\Trillian
2009-11-25 12:46:24 ----D---- C:\WINDOWS\WinSxS
2009-11-25 00:10:51 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-11-25 00:10:51 ----A---- C:\WINDOWS\system32\pbsvc.exe
2009-11-24 01:06:56 ----D---- C:\Documents and Settings\piticko\Data aplikací\HLSW
2009-11-21 21:48:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\JetFlash220
2009-11-20 17:39:04 ----D---- C:\Documents and Settings\piticko\Data aplikací\uTorrent
2009-11-04 14:09:51 ----D---- C:\Program Files\Java
2009-11-04 14:07:46 ----ASH---- C:\boot.ini
2009-11-04 14:07:46 ----A---- C:\WINDOWS\win.ini
2009-11-02 23:43:29 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-02 23:42:33 ----D---- C:\Program Files\Common Files\Apple
2009-11-02 21:39:24 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-10-29 08:43:54 ----N---- C:\WINDOWS\system32\wininet.dll
2009-10-29 08:43:54 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 08:43:53 ----A---- C:\WINDOWS\system32\occache.dll
2009-10-29 08:43:52 ----N---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 08:43:48 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-10-29 08:43:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-10-29 08:43:48 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 08:43:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-10-29 08:43:47 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 08:43:46 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-10-29 08:43:43 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-28 15:40:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-10-21 06:40:39 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 06:40:39 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-10-20 14:15:48 ----D---- C:\WINDOWS\Help
2009-10-14 12:47:28 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-14 12:47:14 ----RSD---- C:\WINDOWS\assembly
2009-10-13 11:34:22 ----A---- C:\WINDOWS\system32\oakley.dll
2009-10-13 10:17:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2009-10-12 14:40:19 ----A---- C:\WINDOWS\system32\rastls.dll
2009-10-12 14:40:19 ----A---- C:\WINDOWS\system32\raschap.dll
2009-10-11 04:17:27 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-10-07 12:59:32 ----D---- C:\Documents and Settings\piticko\Data aplikací\IObit
2009-10-07 12:59:27 ----D---- C:\Program Files\IObit
2009-10-06 16:39:48 ----D---- C:\Documents and Settings\piticko\Data aplikací\Apple Computer
2009-10-06 13:45:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2009-10-06 13:39:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-29 25280]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys []
S3 emu10k;Creative SB Live! series(WDM); C:\WINDOWS\system32\drivers\emu10k1f.sys [2001-08-14 775296]
S3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlface.sys [2001-07-11 6912]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-04-01 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2008-04-01 20520]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 kxwdmdrv;kX WDM Driver Service; C:\WINDOWS\system32\drivers\kx.sys []
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys []
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RT61;Gigabyte RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys []
S3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfman.sys [2001-08-31 36992]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2007-10-16 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2007-10-16 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2007-10-16 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2007-10-16 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2007-10-16 83344]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-08-21 721904]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-12-05 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTSVCCDA.EXE [1999-12-13 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-21 1181328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-25 75064]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S2 .EsetTrialReset;Eset Trial Reset; C:\WINDOWS\system32\regedt32.exe [2002-12-05 3584]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-02-18 121360]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Po těch zkušenostech ze včerejška už raději combofix používat nebudeme, i když si myslím, že je v tom nevinně.

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir


Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)


Z mého podpisu stahněte Ccleaner
-nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
-klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy udělat zálohu registrů - nemusíte
-kliknete opravit všechny problémy ok zavřít

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.



Dejte soubor otestovat na http://www.virustotal.com
c:\windows\xobglu16.dll
c:\windows\system32\Data\CTPDXW.DAT
c:\windows\system32\Data\CTPM002W.DAT
Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
Sem vložte link s výsledky.

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

 

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.