nejde stav nouze - prosím o kontrolu logu Vyřešeno

[r.kuda]

txt opraveno, ve vlastnostech jsem přiřadil otevřít v programu.

Pořád nejede NR.

Pořád mám na disku D viditelné skryté složky.

[Reklama]

[Damned]

Stáhni si System Repair Engineer - přes tlačítko Local Download
- Vytvoř si na disku adresář, a vybal do něj obsah archivu sreng2.zip
- Spusť program (SREngLdr.EXE), zvol System Repair
- Na záložce File Associations zatrhni čtvereček před položkou .txt a pak klikni dole na tlačítko Repair
Pokud by nešel spustit tak přejmenuj soubor SREngLdr.exe na SREngLdr.com a spusť ho a proveď opravu.
Pak by měl jít otevřít dvojklikem.
*****************************************************************************************************************************************
Máš Daemon Tools?

Start-spustit-napiš: notepad a dej OK. Do něho vlož tento celý (bledě zelený) text:

Kód: Vybrat vše

dir \spdt.sys /a h /s > File.txt

uložit na plochu s názvem: find.bat (typ souboru- všechny soubory)
Najdi ho na ploše, poklepej na něj a počkej až se okno zavře a objeví se soubor.txt
Vlož sem potom celý text z tohoto souboru.

[r.kuda]

Dobrý den,

txt jede.

Zde je text z find.bat

Svazek v jednotce C nem  § dnou jmenovku.
S‚riov‚ źˇslo svazku je 407C-17C8.

Daemon Tools mám, vím, že nějakým způsobem pracuje přes spdt.sys stejně jako alkohol, budu přemýšlet o virtual cd 9. Je to zdroj problému?

Díky

[Damned]

Stáhni si:
Registry Search Tady: Registry Search

Rozbal si soubor do složky a potom poklepej na regsearch.exe ke startu programu.
Do volné linky(linek) nad Enter search string case independent zkopíruj a vlož:

Kód: Vybrat vše

 sptd

A klikni na OK.Otevře se notepad s textem a celý text z něho sem vlož.

[r.kuda]

Ahoj, dle instrukcí, je to poměrně dlouhé.



Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.6.0

; Results at 30.9.2009 15:18:53 for strings:
; 'sptd'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SOFTWARE\ATI Technologies\CDS\Device\0]
"DeviceItem0095"="[Ovladače nepodporující technologii Plug and Play] -> [sptd] (0x00000000)"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SPTD]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SPTD\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SPTD\0000]
"Service"="sptd"
"DeviceDesc"="sptd"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SPTD\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SPTD\0000\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SPTD\0000\Control]
"ActiveService"="sptd"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System]
; Contents of value:
; WZCSVC
; Workstation
; Windows Update Agent
; Windows Script Host
; Windows Installer 3.1
; Windows File Protection
; Win32k
; W32Time
; VolSnap
; viaide
; VgaSave
; vdrv9000
; USER32
; ultra
; udfs
; toside
; TermServSessDir
; TermService
; TermServDevices
; TermDD
; tdi
; TCPMon
; Tcpip
; System Error
; sym_u3
; sym_hi
; symc8xx
; symc810
; StillImage
; SSDPSRV
; Srv
; srservice
; sr
; sptd
; sparrow
; sndblst
; SMSvcHost 3.0.0.0
; Simbad
; SideBySide
; sfloppy
; Setup
; Service Control Manager
; Server
; serial
; scsiport
; Schedule
; Schannel
; SCardSvr
; Save Dump
; SAM
; RTLVLAN
; RTL8023xp
; RSVP
; RemoteAccess
; redbook
; Rdbss
; RasMan
; RasAuto
; ql1280
; ql1240
; ql12160
; ql10wnt
; ql1080
; PSched
; Processor
; PrintFilterPipelineSvc
; Print
; PptpMiniport
; PolicyAgent
; PlugPlayManager
; perc2
; pcmcia
; pciide
; pci
; parvdm
; partmgr
; parport
; OSPFMib
; OSPF
; nvata
; null
; NtServicePack
; ntfs
; npfs
; Nla
; Netlogon
; NetDDE
; NetBT
; NetBIOS
; NdisWan
; NdisIP
; ndis
; napipsecenf
; napagent
; Mup
; msfs
; MSDTC WS-AT Protocol
; MSDTC Gateway
; msadlib
; MrxSmb
; MRxDAV
; mraid35x
; mouhid
; mouclass
; Modem
; LsaSrv
; LmHosts
; LDMS
; LDM
; lbrtfdc
; Kerberos
; kbdhid
; kbdclass
; isapnp
; IPXSAP
; IPXRouterManager
; IPXRIP
; IPXCP
; IPSec
; IPRouterManager
; IPRIP2
; IPNATHLP
; IPMGM
; IPBOOTP
; intelide
; ini910u
; IGMPv2
; i2omp
; i2omgmt
; Http
; hpn
; Hardlock
; ftdisk
; fs_rec
; flpydisk
; Fips
; fdc
; fastfat
; eventlog
; efs
; dpti2o
; Dnscache
; Dnsapi
; dmio
; dmboot
; Distributed Link Tracking Client
; disk
; DhcpQec
; Dhcp
; DfsSvc
; DfsDriver
; DCOM
; dac960nt
; dac2w2k
; cryptsvc
; cpqarray
; cmdide
; changer
; cdrom
; Cdm
; cdfs
; cdaudio
; cd20xrnt
; cbidf2k
; Browser
; BITS
; beep
; Atmarpc
; ati2mtag
; Ati HotKey Poller
; atdisk
; atapi
; AsyncMac
; asc3550
; asc3350p
; asc
; Application Popup
; appdrv01
; amsint
; ami0nt
; AmdLLD
; AmdK8
; aliide
; aic78xx
; aic78u2
; aha154x
; adpu160m
; acpiec
; acpi
; abp480n5
; abiosdsk
; System
;
"Sources"=hex(7):57,00,5a,00,43,00,53,00,56,00,43,00,00,00,57,00,6f,00,72,00,\
6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,\
00,6f,00,77,00,73,00,20,00,55,00,70,00,64,00,61,00,74,00,65,00,20,00,41,00,\
67,00,65,00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,\
00,53,00,63,00,72,00,69,00,70,00,74,00,20,00,48,00,6f,00,73,00,74,00,00,00,\
57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,49,00,6e,00,73,00,74,00,61,\
00,6c,00,6c,00,65,00,72,00,20,00,33,00,2e,00,31,00,00,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,20,00,46,00,69,00,6c,00,65,00,20,00,50,00,72,00,6f,\
00,74,00,65,00,63,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,33,00,\
32,00,6b,00,00,00,57,00,33,00,32,00,54,00,69,00,6d,00,65,00,00,00,56,00,6f,\
00,6c,00,53,00,6e,00,61,00,70,00,00,00,76,00,69,00,61,00,69,00,64,00,65,00,\
00,00,56,00,67,00,61,00,53,00,61,00,76,00,65,00,00,00,76,00,64,00,72,00,76,\
00,39,00,30,00,30,00,30,00,00,00,55,00,53,00,45,00,52,00,33,00,32,00,00,00,\
75,00,6c,00,74,00,72,00,61,00,00,00,75,00,64,00,66,00,73,00,00,00,74,00,6f,\
00,73,00,69,00,64,00,65,00,00,00,54,00,65,00,72,00,6d,00,53,00,65,00,72,00,\
76,00,53,00,65,00,73,00,73,00,44,00,69,00,72,00,00,00,54,00,65,00,72,00,6d,\
00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,54,00,65,00,72,00,6d,00,\
53,00,65,00,72,00,76,00,44,00,65,00,76,00,69,00,63,00,65,00,73,00,00,00,54,\
00,65,00,72,00,6d,00,44,00,44,00,00,00,74,00,64,00,69,00,00,00,54,00,43,00,\
50,00,4d,00,6f,00,6e,00,00,00,54,00,63,00,70,00,69,00,70,00,00,00,53,00,79,\
00,73,00,74,00,65,00,6d,00,20,00,45,00,72,00,72,00,6f,00,72,00,00,00,73,00,\
79,00,6d,00,5f,00,75,00,33,00,00,00,73,00,79,00,6d,00,5f,00,68,00,69,00,00,\
00,73,00,79,00,6d,00,63,00,38,00,78,00,78,00,00,00,73,00,79,00,6d,00,63,00,\
38,00,31,00,30,00,00,00,53,00,74,00,69,00,6c,00,6c,00,49,00,6d,00,61,00,67,\
00,65,00,00,00,53,00,53,00,44,00,50,00,53,00,52,00,56,00,00,00,53,00,72,00,\
76,00,00,00,73,00,72,00,73,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,73,\
00,72,00,00,00,73,00,70,00,74,00,64,00,00,00,73,00,70,00,61,00,72,00,72,00,\
6f,00,77,00,00,00,73,00,6e,00,64,00,62,00,6c,00,73,00,74,00,00,00,53,00,4d,\
00,53,00,76,00,63,00,48,00,6f,00,73,00,74,00,20,00,33,00,2e,00,30,00,2e,00,\
30,00,2e,00,30,00,00,00,53,00,69,00,6d,00,62,00,61,00,64,00,00,00,53,00,69,\
00,64,00,65,00,42,00,79,00,53,00,69,00,64,00,65,00,00,00,73,00,66,00,6c,00,\
6f,00,70,00,70,00,79,00,00,00,53,00,65,00,74,00,75,00,70,00,00,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,20,00,43,00,6f,00,6e,00,74,00,72,00,6f,00,\
6c,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,00,00,53,00,65,00,72,\
00,76,00,65,00,72,00,00,00,73,00,65,00,72,00,69,00,61,00,6c,00,00,00,73,00,\
63,00,73,00,69,00,70,00,6f,00,72,00,74,00,00,00,53,00,63,00,68,00,65,00,64,\
00,75,00,6c,00,65,00,00,00,53,00,63,00,68,00,61,00,6e,00,6e,00,65,00,6c,00,\
00,00,53,00,43,00,61,00,72,00,64,00,53,00,76,00,72,00,00,00,53,00,61,00,76,\
00,65,00,20,00,44,00,75,00,6d,00,70,00,00,00,53,00,41,00,4d,00,00,00,52,00,\
54,00,4c,00,56,00,4c,00,41,00,4e,00,00,00,52,00,54,00,4c,00,38,00,30,00,32,\
00,33,00,78,00,70,00,00,00,52,00,53,00,56,00,50,00,00,00,52,00,65,00,6d,00,\
6f,00,74,00,65,00,41,00,63,00,63,00,65,00,73,00,73,00,00,00,72,00,65,00,64,\
00,62,00,6f,00,6f,00,6b,00,00,00,52,00,64,00,62,00,73,00,73,00,00,00,52,00,\
61,00,73,00,4d,00,61,00,6e,00,00,00,52,00,61,00,73,00,41,00,75,00,74,00,6f,\
00,00,00,71,00,6c,00,31,00,32,00,38,00,30,00,00,00,71,00,6c,00,31,00,32,00,\
34,00,30,00,00,00,71,00,6c,00,31,00,32,00,31,00,36,00,30,00,00,00,71,00,6c,\
00,31,00,30,00,77,00,6e,00,74,00,00,00,71,00,6c,00,31,00,30,00,38,00,30,00,\
00,00,50,00,53,00,63,00,68,00,65,00,64,00,00,00,50,00,72,00,6f,00,63,00,65,\
00,73,00,73,00,6f,00,72,00,00,00,50,00,72,00,69,00,6e,00,74,00,46,00,69,00,\
6c,00,74,00,65,00,72,00,50,00,69,00,70,00,65,00,6c,00,69,00,6e,00,65,00,53,\
00,76,00,63,00,00,00,50,00,72,00,69,00,6e,00,74,00,00,00,50,00,70,00,74,00,\
70,00,4d,00,69,00,6e,00,69,00,70,00,6f,00,72,00,74,00,00,00,50,00,6f,00,6c,\
00,69,00,63,00,79,00,41,00,67,00,65,00,6e,00,74,00,00,00,50,00,6c,00,75,00,\
67,00,50,00,6c,00,61,00,79,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,00,\
00,70,00,65,00,72,00,63,00,32,00,00,00,70,00,63,00,6d,00,63,00,69,00,61,00,\
00,00,70,00,63,00,69,00,69,00,64,00,65,00,00,00,70,00,63,00,69,00,00,00,70,\
00,61,00,72,00,76,00,64,00,6d,00,00,00,70,00,61,00,72,00,74,00,6d,00,67,00,\
72,00,00,00,70,00,61,00,72,00,70,00,6f,00,72,00,74,00,00,00,4f,00,53,00,50,\
00,46,00,4d,00,69,00,62,00,00,00,4f,00,53,00,50,00,46,00,00,00,6e,00,76,00,\
61,00,74,00,61,00,00,00,6e,00,75,00,6c,00,6c,00,00,00,4e,00,74,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,50,00,61,00,63,00,6b,00,00,00,6e,00,74,00,\
66,00,73,00,00,00,6e,00,70,00,66,00,73,00,00,00,4e,00,6c,00,61,00,00,00,4e,\
00,65,00,74,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,4e,00,65,00,74,00,44,00,\
44,00,45,00,00,00,4e,00,65,00,74,00,42,00,54,00,00,00,4e,00,65,00,74,00,42,\
00,49,00,4f,00,53,00,00,00,4e,00,64,00,69,00,73,00,57,00,61,00,6e,00,00,00,\
4e,00,64,00,69,00,73,00,49,00,50,00,00,00,6e,00,64,00,69,00,73,00,00,00,6e,\
00,61,00,70,00,69,00,70,00,73,00,65,00,63,00,65,00,6e,00,66,00,00,00,6e,00,\
61,00,70,00,61,00,67,00,65,00,6e,00,74,00,00,00,4d,00,75,00,70,00,00,00,6d,\
00,73,00,66,00,73,00,00,00,4d,00,53,00,44,00,54,00,43,00,20,00,57,00,53,00,\
2d,00,41,00,54,00,20,00,50,00,72,00,6f,00,74,00,6f,00,63,00,6f,00,6c,00,00,\
00,4d,00,53,00,44,00,54,00,43,00,20,00,47,00,61,00,74,00,65,00,77,00,61,00,\
79,00,00,00,6d,00,73,00,61,00,64,00,6c,00,69,00,62,00,00,00,4d,00,72,00,78,\
00,53,00,6d,00,62,00,00,00,4d,00,52,00,78,00,44,00,41,00,56,00,00,00,6d,00,\
72,00,61,00,69,00,64,00,33,00,35,00,78,00,00,00,6d,00,6f,00,75,00,68,00,69,\
00,64,00,00,00,6d,00,6f,00,75,00,63,00,6c,00,61,00,73,00,73,00,00,00,4d,00,\
6f,00,64,00,65,00,6d,00,00,00,4c,00,73,00,61,00,53,00,72,00,76,00,00,00,4c,\
00,6d,00,48,00,6f,00,73,00,74,00,73,00,00,00,4c,00,44,00,4d,00,53,00,00,00,\
4c,00,44,00,4d,00,00,00,6c,00,62,00,72,00,74,00,66,00,64,00,63,00,00,00,4b,\
00,65,00,72,00,62,00,65,00,72,00,6f,00,73,00,00,00,6b,00,62,00,64,00,68,00,\
69,00,64,00,00,00,6b,00,62,00,64,00,63,00,6c,00,61,00,73,00,73,00,00,00,69,\
00,73,00,61,00,70,00,6e,00,70,00,00,00,49,00,50,00,58,00,53,00,41,00,50,00,\
00,00,49,00,50,00,58,00,52,00,6f,00,75,00,74,00,65,00,72,00,4d,00,61,00,6e,\
00,61,00,67,00,65,00,72,00,00,00,49,00,50,00,58,00,52,00,49,00,50,00,00,00,\
49,00,50,00,58,00,43,00,50,00,00,00,49,00,50,00,53,00,65,00,63,00,00,00,49,\
00,50,00,52,00,6f,00,75,00,74,00,65,00,72,00,4d,00,61,00,6e,00,61,00,67,00,\
65,00,72,00,00,00,49,00,50,00,52,00,49,00,50,00,32,00,00,00,49,00,50,00,4e,\
00,41,00,54,00,48,00,4c,00,50,00,00,00,49,00,50,00,4d,00,47,00,4d,00,00,00,\
49,00,50,00,42,00,4f,00,4f,00,54,00,50,00,00,00,69,00,6e,00,74,00,65,00,6c,\
00,69,00,64,00,65,00,00,00,69,00,6e,00,69,00,39,00,31,00,30,00,75,00,00,00,\
49,00,47,00,4d,00,50,00,76,00,32,00,00,00,69,00,32,00,6f,00,6d,00,70,00,00,\
00,69,00,32,00,6f,00,6d,00,67,00,6d,00,74,00,00,00,48,00,74,00,74,00,70,00,\
00,00,68,00,70,00,6e,00,00,00,48,00,61,00,72,00,64,00,6c,00,6f,00,63,00,6b,\
00,00,00,66,00,74,00,64,00,69,00,73,00,6b,00,00,00,66,00,73,00,5f,00,72,00,\
65,00,63,00,00,00,66,00,6c,00,70,00,79,00,64,00,69,00,73,00,6b,00,00,00,46,\
00,69,00,70,00,73,00,00,00,66,00,64,00,63,00,00,00,66,00,61,00,73,00,74,00,\
66,00,61,00,74,00,00,00,65,00,76,00,65,00,6e,00,74,00,6c,00,6f,00,67,00,00,\
00,65,00,66,00,73,00,00,00,64,00,70,00,74,00,69,00,32,00,6f,00,00,00,44,00,\
6e,00,73,00,63,00,61,00,63,00,68,00,65,00,00,00,44,00,6e,00,73,00,61,00,70,\
00,69,00,00,00,64,00,6d,00,69,00,6f,00,00,00,64,00,6d,00,62,00,6f,00,6f,00,\
74,00,00,00,44,00,69,00,73,00,74,00,72,00,69,00,62,00,75,00,74,00,65,00,64,\
00,20,00,4c,00,69,00,6e,00,6b,00,20,00,54,00,72,00,61,00,63,00,6b,00,69,00,\
6e,00,67,00,20,00,43,00,6c,00,69,00,65,00,6e,00,74,00,00,00,64,00,69,00,73,\
00,6b,00,00,00,44,00,68,00,63,00,70,00,51,00,65,00,63,00,00,00,44,00,68,00,\
63,00,70,00,00,00,44,00,66,00,73,00,53,00,76,00,63,00,00,00,44,00,66,00,73,\
00,44,00,72,00,69,00,76,00,65,00,72,00,00,00,44,00,43,00,4f,00,4d,00,00,00,\
64,00,61,00,63,00,39,00,36,00,30,00,6e,00,74,00,00,00,64,00,61,00,63,00,32,\
00,77,00,32,00,6b,00,00,00,63,00,72,00,79,00,70,00,74,00,73,00,76,00,63,00,\
00,00,63,00,70,00,71,00,61,00,72,00,72,00,61,00,79,00,00,00,63,00,6d,00,64,\
00,69,00,64,00,65,00,00,00,63,00,68,00,61,00,6e,00,67,00,65,00,72,00,00,00,\
63,00,64,00,72,00,6f,00,6d,00,00,00,43,00,64,00,6d,00,00,00,63,00,64,00,66,\
00,73,00,00,00,63,00,64,00,61,00,75,00,64,00,69,00,6f,00,00,00,63,00,64,00,\
32,00,30,00,78,00,72,00,6e,00,74,00,00,00,63,00,62,00,69,00,64,00,66,00,32,\
00,6b,00,00,00,42,00,72,00,6f,00,77,00,73,00,65,00,72,00,00,00,42,00,49,00,\
54,00,53,00,00,00,62,00,65,00,65,00,70,00,00,00,41,00,74,00,6d,00,61,00,72,\
00,70,00,63,00,00,00,61,00,74,00,69,00,32,00,6d,00,74,00,61,00,67,00,00,00,\
41,00,74,00,69,00,20,00,48,00,6f,00,74,00,4b,00,65,00,79,00,20,00,50,00,6f,\
00,6c,00,6c,00,65,00,72,00,00,00,61,00,74,00,64,00,69,00,73,00,6b,00,00,00,\
61,00,74,00,61,00,70,00,69,00,00,00,41,00,73,00,79,00,6e,00,63,00,4d,00,61,\
00,63,00,00,00,61,00,73,00,63,00,33,00,35,00,35,00,30,00,00,00,61,00,73,00,\
63,00,33,00,33,00,35,00,30,00,70,00,00,00,61,00,73,00,63,00,00,00,41,00,70,\
00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,50,00,6f,00,\
70,00,75,00,70,00,00,00,61,00,70,00,70,00,64,00,72,00,76,00,30,00,31,00,00,\
00,61,00,6d,00,73,00,69,00,6e,00,74,00,00,00,61,00,6d,00,69,00,30,00,6e,00,\
74,00,00,00,41,00,6d,00,64,00,4c,00,4c,00,44,00,00,00,41,00,6d,00,64,00,4b,\
00,38,00,00,00,61,00,6c,00,69,00,69,00,64,00,65,00,00,00,61,00,69,00,63,00,\
37,00,38,00,78,00,78,00,00,00,61,00,69,00,63,00,37,00,38,00,75,00,32,00,00,\
00,61,00,68,00,61,00,31,00,35,00,34,00,78,00,00,00,61,00,64,00,70,00,75,00,\
31,00,36,00,30,00,6d,00,00,00,61,00,63,00,70,00,69,00,65,00,63,00,00,00,61,\
00,63,00,70,00,69,00,00,00,61,00,62,00,70,00,34,00,38,00,30,00,6e,00,35,00,\
00,00,61,00,62,00,69,00,6f,00,73,00,64,00,73,00,6b,00,00,00,53,00,79,00,73,\
00,74,00,65,00,6d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\sptd]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd]
; Contents of value:
; System32\Drivers\sptd.sys
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,73,00,70,00,74,00,64,00,2e,00,73,\
00,79,00,73,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Enum]
"0"="Root\\LEGACY_SPTD\\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd]
; Contents of value:
; System32\Drivers\sptd.sys
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,73,00,70,00,74,00,64,00,2e,00,73,\
00,79,00,73,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SPTD]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SPTD\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SPTD\0000]
"Service"="sptd"
"DeviceDesc"="sptd"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SPTD\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\System]
; Contents of value:
; WZCSVC
; Workstation
; Windows Update Agent
; Windows Script Host
; Windows Installer 3.1
; Windows File Protection
; Win32k
; W32Time
; VolSnap
; viaide
; VgaSave
; vdrv9000
; USER32
; ultra
; udfs
; toside
; TermServSessDir
; TermService
; TermServDevices
; TermDD
; tdi
; TCPMon
; Tcpip
; System Error
; sym_u3
; sym_hi
; symc8xx
; symc810
; StillImage
; SSDPSRV
; Srv
; srservice
; sr
; sptd
; sparrow
; sndblst
; SMSvcHost 3.0.0.0
; Simbad
; SideBySide
; sfloppy
; Setup
; Service Control Manager
; Server
; serial
; scsiport
; Schedule
; Schannel
; SCardSvr
; Save Dump
; SAM
; RTLVLAN
; RTL8023xp
; RSVP
; RemoteAccess
; redbook
; Rdbss
; RasMan
; RasAuto
; ql1280
; ql1240
; ql12160
; ql10wnt
; ql1080
; PSched
; Processor
; PrintFilterPipelineSvc
; Print
; PptpMiniport
; PolicyAgent
; PlugPlayManager
; perc2
; pcmcia
; pciide
; pci
; parvdm
; partmgr
; parport
; OSPFMib
; OSPF
; nvata
; null
; NtServicePack
; ntfs
; npfs
; Nla
; Netlogon
; NetDDE
; NetBT
; NetBIOS
; NdisWan
; NdisIP
; ndis
; napipsecenf
; napagent
; Mup
; msfs
; MSDTC WS-AT Protocol
; MSDTC Gateway
; msadlib
; MrxSmb
; MRxDAV
; mraid35x
; mouhid
; mouclass
; Modem
; LsaSrv
; LmHosts
; LDMS
; LDM
; lbrtfdc
; Kerberos
; kbdhid
; kbdclass
; isapnp
; IPXSAP
; IPXRouterManager
; IPXRIP
; IPXCP
; IPSec
; IPRouterManager
; IPRIP2
; IPNATHLP
; IPMGM
; IPBOOTP
; intelide
; ini910u
; IGMPv2
; i2omp
; i2omgmt
; Http
; hpn
; Hardlock
; ftdisk
; fs_rec
; flpydisk
; Fips
; fdc
; fastfat
; eventlog
; efs
; dpti2o
; Dnscache
; Dnsapi
; dmio
; dmboot
; Distributed Link Tracking Client
; disk
; DhcpQec
; Dhcp
; DfsSvc
; DfsDriver
; DCOM
; dac960nt
; dac2w2k
; cryptsvc
; cpqarray
; cmdide
; changer
; cdrom
; Cdm
; cdfs
; cdaudio
; cd20xrnt
; cbidf2k
; Browser
; BITS
; beep
; Atmarpc
; ati2mtag
; Ati HotKey Poller
; atdisk
; atapi
; AsyncMac
; asc3550
; asc3350p
; asc
; Application Popup
; appdrv01
; amsint
; ami0nt
; AmdLLD
; AmdK8
; aliide
; aic78xx
; aic78u2
; aha154x
; adpu160m
; acpiec
; acpi
; abp480n5
; abiosdsk
; System
;
"Sources"=hex(7):57,00,5a,00,43,00,53,00,56,00,43,00,00,00,57,00,6f,00,72,00,\
6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,\
00,6f,00,77,00,73,00,20,00,55,00,70,00,64,00,61,00,74,00,65,00,20,00,41,00,\
67,00,65,00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,\
00,53,00,63,00,72,00,69,00,70,00,74,00,20,00,48,00,6f,00,73,00,74,00,00,00,\
57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,49,00,6e,00,73,00,74,00,61,\
00,6c,00,6c,00,65,00,72,00,20,00,33,00,2e,00,31,00,00,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,20,00,46,00,69,00,6c,00,65,00,20,00,50,00,72,00,6f,\
00,74,00,65,00,63,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,33,00,\
32,00,6b,00,00,00,57,00,33,00,32,00,54,00,69,00,6d,00,65,00,00,00,56,00,6f,\
00,6c,00,53,00,6e,00,61,00,70,00,00,00,76,00,69,00,61,00,69,00,64,00,65,00,\
00,00,56,00,67,00,61,00,53,00,61,00,76,00,65,00,00,00,76,00,64,00,72,00,76,\
00,39,00,30,00,30,00,30,00,00,00,55,00,53,00,45,00,52,00,33,00,32,00,00,00,\
75,00,6c,00,74,00,72,00,61,00,00,00,75,00,64,00,66,00,73,00,00,00,74,00,6f,\
00,73,00,69,00,64,00,65,00,00,00,54,00,65,00,72,00,6d,00,53,00,65,00,72,00,\
76,00,53,00,65,00,73,00,73,00,44,00,69,00,72,00,00,00,54,00,65,00,72,00,6d,\
00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,54,00,65,00,72,00,6d,00,\
53,00,65,00,72,00,76,00,44,00,65,00,76,00,69,00,63,00,65,00,73,00,00,00,54,\
00,65,00,72,00,6d,00,44,00,44,00,00,00,74,00,64,00,69,00,00,00,54,00,43,00,\
50,00,4d,00,6f,00,6e,00,00,00,54,00,63,00,70,00,69,00,70,00,00,00,53,00,79,\
00,73,00,74,00,65,00,6d,00,20,00,45,00,72,00,72,00,6f,00,72,00,00,00,73,00,\
79,00,6d,00,5f,00,75,00,33,00,00,00,73,00,79,00,6d,00,5f,00,68,00,69,00,00,\
00,73,00,79,00,6d,00,63,00,38,00,78,00,78,00,00,00,73,00,79,00,6d,00,63,00,\
38,00,31,00,30,00,00,00,53,00,74,00,69,00,6c,00,6c,00,49,00,6d,00,61,00,67,\
00,65,00,00,00,53,00,53,00,44,00,50,00,53,00,52,00,56,00,00,00,53,00,72,00,\
76,00,00,00,73,00,72,00,73,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,73,\
00,72,00,00,00,73,00,70,00,74,00,64,00,00,00,73,00,70,00,61,00,72,00,72,00,\
6f,00,77,00,00,00,73,00,6e,00,64,00,62,00,6c,00,73,00,74,00,00,00,53,00,4d,\
00,53,00,76,00,63,00,48,00,6f,00,73,00,74,00,20,00,33,00,2e,00,30,00,2e,00,\
30,00,2e,00,30,00,00,00,53,00,69,00,6d,00,62,00,61,00,64,00,00,00,53,00,69,\
00,64,00,65,00,42,00,79,00,53,00,69,00,64,00,65,00,00,00,73,00,66,00,6c,00,\
6f,00,70,00,70,00,79,00,00,00,53,00,65,00,74,00,75,00,70,00,00,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,20,00,43,00,6f,00,6e,00,74,00,72,00,6f,00,\
6c,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,00,00,53,00,65,00,72,\
00,76,00,65,00,72,00,00,00,73,00,65,00,72,00,69,00,61,00,6c,00,00,00,73,00,\
63,00,73,00,69,00,70,00,6f,00,72,00,74,00,00,00,53,00,63,00,68,00,65,00,64,\
00,75,00,6c,00,65,00,00,00,53,00,63,00,68,00,61,00,6e,00,6e,00,65,00,6c,00,\
00,00,53,00,43,00,61,00,72,00,64,00,53,00,76,00,72,00,00,00,53,00,61,00,76,\
00,65,00,20,00,44,00,75,00,6d,00,70,00,00,00,53,00,41,00,4d,00,00,00,52,00,\
54,00,4c,00,56,00,4c,00,41,00,4e,00,00,00,52,00,54,00,4c,00,38,00,30,00,32,\
00,33,00,78,00,70,00,00,00,52,00,53,00,56,00,50,00,00,00,52,00,65,00,6d,00,\
6f,00,74,00,65,00,41,00,63,00,63,00,65,00,73,00,73,00,00,00,72,00,65,00,64,\
00,62,00,6f,00,6f,00,6b,00,00,00,52,00,64,00,62,00,73,00,73,00,00,00,52,00,\
61,00,73,00,4d,00,61,00,6e,00,00,00,52,00,61,00,73,00,41,00,75,00,74,00,6f,\
00,00,00,71,00,6c,00,31,00,32,00,38,00,30,00,00,00,71,00,6c,00,31,00,32,00,\
34,00,30,00,00,00,71,00,6c,00,31,00,32,00,31,00,36,00,30,00,00,00,71,00,6c,\
00,31,00,30,00,77,00,6e,00,74,00,00,00,71,00,6c,00,31,00,30,00,38,00,30,00,\
00,00,50,00,53,00,63,00,68,00,65,00,64,00,00,00,50,00,72,00,6f,00,63,00,65,\
00,73,00,73,00,6f,00,72,00,00,00,50,00,72,00,69,00,6e,00,74,00,46,00,69,00,\
6c,00,74,00,65,00,72,00,50,00,69,00,70,00,65,00,6c,00,69,00,6e,00,65,00,53,\
00,76,00,63,00,00,00,50,00,72,00,69,00,6e,00,74,00,00,00,50,00,70,00,74,00,\
70,00,4d,00,69,00,6e,00,69,00,70,00,6f,00,72,00,74,00,00,00,50,00,6f,00,6c,\
00,69,00,63,00,79,00,41,00,67,00,65,00,6e,00,74,00,00,00,50,00,6c,00,75,00,\
67,00,50,00,6c,00,61,00,79,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,00,\
00,70,00,65,00,72,00,63,00,32,00,00,00,70,00,63,00,6d,00,63,00,69,00,61,00,\
00,00,70,00,63,00,69,00,69,00,64,00,65,00,00,00,70,00,63,00,69,00,00,00,70,\
00,61,00,72,00,76,00,64,00,6d,00,00,00,70,00,61,00,72,00,74,00,6d,00,67,00,\
72,00,00,00,70,00,61,00,72,00,70,00,6f,00,72,00,74,00,00,00,4f,00,53,00,50,\
00,46,00,4d,00,69,00,62,00,00,00,4f,00,53,00,50,00,46,00,00,00,6e,00,76,00,\
61,00,74,00,61,00,00,00,6e,00,75,00,6c,00,6c,00,00,00,4e,00,74,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,50,00,61,00,63,00,6b,00,00,00,6e,00,74,00,\
66,00,73,00,00,00,6e,00,70,00,66,00,73,00,00,00,4e,00,6c,00,61,00,00,00,4e,\
00,65,00,74,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,4e,00,65,00,74,00,44,00,\
44,00,45,00,00,00,4e,00,65,00,74,00,42,00,54,00,00,00,4e,00,65,00,74,00,42,\
00,49,00,4f,00,53,00,00,00,4e,00,64,00,69,00,73,00,57,00,61,00,6e,00,00,00,\
4e,00,64,00,69,00,73,00,49,00,50,00,00,00,6e,00,64,00,69,00,73,00,00,00,6e,\
00,61,00,70,00,69,00,70,00,73,00,65,00,63,00,65,00,6e,00,66,00,00,00,6e,00,\
61,00,70,00,61,00,67,00,65,00,6e,00,74,00,00,00,4d,00,75,00,70,00,00,00,6d,\
00,73,00,66,00,73,00,00,00,4d,00,53,00,44,00,54,00,43,00,20,00,57,00,53,00,\
2d,00,41,00,54,00,20,00,50,00,72,00,6f,00,74,00,6f,00,63,00,6f,00,6c,00,00,\
00,4d,00,53,00,44,00,54,00,43,00,20,00,47,00,61,00,74,00,65,00,77,00,61,00,\
79,00,00,00,6d,00,73,00,61,00,64,00,6c,00,69,00,62,00,00,00,4d,00,72,00,78,\
00,53,00,6d,00,62,00,00,00,4d,00,52,00,78,00,44,00,41,00,56,00,00,00,6d,00,\
72,00,61,00,69,00,64,00,33,00,35,00,78,00,00,00,6d,00,6f,00,75,00,68,00,69,\
00,64,00,00,00,6d,00,6f,00,75,00,63,00,6c,00,61,00,73,00,73,00,00,00,4d,00,\
6f,00,64,00,65,00,6d,00,00,00,4c,00,73,00,61,00,53,00,72,00,76,00,00,00,4c,\
00,6d,00,48,00,6f,00,73,00,74,00,73,00,00,00,4c,00,44,00,4d,00,53,00,00,00,\
4c,00,44,00,4d,00,00,00,6c,00,62,00,72,00,74,00,66,00,64,00,63,00,00,00,4b,\
00,65,00,72,00,62,00,65,00,72,00,6f,00,73,00,00,00,6b,00,62,00,64,00,68,00,\
69,00,64,00,00,00,6b,00,62,00,64,00,63,00,6c,00,61,00,73,00,73,00,00,00,69,\
00,73,00,61,00,70,00,6e,00,70,00,00,00,49,00,50,00,58,00,53,00,41,00,50,00,\
00,00,49,00,50,00,58,00,52,00,6f,00,75,00,74,00,65,00,72,00,4d,00,61,00,6e,\
00,61,00,67,00,65,00,72,00,00,00,49,00,50,00,58,00,52,00,49,00,50,00,00,00,\
49,00,50,00,58,00,43,00,50,00,00,00,49,00,50,00,53,00,65,00,63,00,00,00,49,\
00,50,00,52,00,6f,00,75,00,74,00,65,00,72,00,4d,00,61,00,6e,00,61,00,67,00,\
65,00,72,00,00,00,49,00,50,00,52,00,49,00,50,00,32,00,00,00,49,00,50,00,4e,\
00,41,00,54,00,48,00,4c,00,50,00,00,00,49,00,50,00,4d,00,47,00,4d,00,00,00,\
49,00,50,00,42,00,4f,00,4f,00,54,00,50,00,00,00,69,00,6e,00,74,00,65,00,6c,\
00,69,00,64,00,65,00,00,00,69,00,6e,00,69,00,39,00,31,00,30,00,75,00,00,00,\
49,00,47,00,4d,00,50,00,76,00,32,00,00,00,69,00,32,00,6f,00,6d,00,70,00,00,\
00,69,00,32,00,6f,00,6d,00,67,00,6d,00,74,00,00,00,48,00,74,00,74,00,70,00,\
00,00,68,00,70,00,6e,00,00,00,48,00,61,00,72,00,64,00,6c,00,6f,00,63,00,6b,\
00,00,00,66,00,74,00,64,00,69,00,73,00,6b,00,00,00,66,00,73,00,5f,00,72,00,\
65,00,63,00,00,00,66,00,6c,00,70,00,79,00,64,00,69,00,73,00,6b,00,00,00,46,\
00,69,00,70,00,73,00,00,00,66,00,64,00,63,00,00,00,66,00,61,00,73,00,74,00,\
66,00,61,00,74,00,00,00,65,00,76,00,65,00,6e,00,74,00,6c,00,6f,00,67,00,00,\
00,65,00,66,00,73,00,00,00,64,00,70,00,74,00,69,00,32,00,6f,00,00,00,44,00,\
6e,00,73,00,63,00,61,00,63,00,68,00,65,00,00,00,44,00,6e,00,73,00,61,00,70,\
00,69,00,00,00,64,00,6d,00,69,00,6f,00,00,00,64,00,6d,00,62,00,6f,00,6f,00,\
74,00,00,00,44,00,69,00,73,00,74,00,72,00,69,00,62,00,75,00,74,00,65,00,64,\
00,20,00,4c,00,69,00,6e,00,6b,00,20,00,54,00,72,00,61,00,63,00,6b,00,69,00,\
6e,00,67,00,20,00,43,00,6c,00,69,00,65,00,6e,00,74,00,00,00,64,00,69,00,73,\
00,6b,00,00,00,44,00,68,00,63,00,70,00,51,00,65,00,63,00,00,00,44,00,68,00,\
63,00,70,00,00,00,44,00,66,00,73,00,53,00,76,00,63,00,00,00,44,00,66,00,73,\
00,44,00,72,00,69,00,76,00,65,00,72,00,00,00,44,00,43,00,4f,00,4d,00,00,00,\
64,00,61,00,63,00,39,00,36,00,30,00,6e,00,74,00,00,00,64,00,61,00,63,00,32,\
00,77,00,32,00,6b,00,00,00,63,00,72,00,79,00,70,00,74,00,73,00,76,00,63,00,\
00,00,63,00,70,00,71,00,61,00,72,00,72,00,61,00,79,00,00,00,63,00,6d,00,64,\
00,69,00,64,00,65,00,00,00,63,00,68,00,61,00,6e,00,67,00,65,00,72,00,00,00,\
63,00,64,00,72,00,6f,00,6d,00,00,00,43,00,64,00,6d,00,00,00,63,00,64,00,66,\
00,73,00,00,00,63,00,64,00,61,00,75,00,64,00,69,00,6f,00,00,00,63,00,64,00,\
32,00,30,00,78,00,72,00,6e,00,74,00,00,00,63,00,62,00,69,00,64,00,66,00,32,\
00,6b,00,00,00,42,00,72,00,6f,00,77,00,73,00,65,00,72,00,00,00,42,00,49,00,\
54,00,53,00,00,00,62,00,65,00,65,00,70,00,00,00,41,00,74,00,6d,00,61,00,72,\
00,70,00,63,00,00,00,61,00,74,00,69,00,32,00,6d,00,74,00,61,00,67,00,00,00,\
41,00,74,00,69,00,20,00,48,00,6f,00,74,00,4b,00,65,00,79,00,20,00,50,00,6f,\
00,6c,00,6c,00,65,00,72,00,00,00,61,00,74,00,64,00,69,00,73,00,6b,00,00,00,\
61,00,74,00,61,00,70,00,69,00,00,00,41,00,73,00,79,00,6e,00,63,00,4d,00,61,\
00,63,00,00,00,61,00,73,00,63,00,33,00,35,00,35,00,30,00,00,00,61,00,73,00,\
63,00,33,00,33,00,35,00,30,00,70,00,00,00,61,00,73,00,63,00,00,00,41,00,70,\
00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,50,00,6f,00,\
70,00,75,00,70,00,00,00,61,00,70,00,70,00,64,00,72,00,76,00,30,00,31,00,00,\
00,61,00,6d,00,73,00,69,00,6e,00,74,00,00,00,61,00,6d,00,69,00,30,00,6e,00,\
74,00,00,00,41,00,6d,00,64,00,4c,00,4c,00,44,00,00,00,41,00,6d,00,64,00,4b,\
00,38,00,00,00,61,00,6c,00,69,00,69,00,64,00,65,00,00,00,61,00,69,00,63,00,\
37,00,38,00,78,00,78,00,00,00,61,00,69,00,63,00,37,00,38,00,75,00,32,00,00,\
00,61,00,68,00,61,00,31,00,35,00,34,00,78,00,00,00,61,00,64,00,70,00,75,00,\
31,00,36,00,30,00,6d,00,00,00,61,00,63,00,70,00,69,00,65,00,63,00,00,00,61,\
00,63,00,70,00,69,00,00,00,61,00,62,00,70,00,34,00,38,00,30,00,6e,00,35,00,\
00,00,61,00,62,00,69,00,6f,00,73,00,64,00,73,00,6b,00,00,00,53,00,79,00,73,\
00,74,00,65,00,6d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\System\sptd]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd]
; Contents of value:
; System32\Drivers\sptd.sys
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,73,00,70,00,74,00,64,00,2e,00,73,\
00,79,00,73,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPTD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPTD\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPTD\0000]
"Service"="sptd"
"DeviceDesc"="sptd"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPTD\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPTD\0000\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPTD\0000\Control]
"ActiveService"="sptd"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System]
; Contents of value:
; WZCSVC
; Workstation
; Windows Update Agent
; Windows Script Host
; Windows Installer 3.1
; Windows File Protection
; Win32k
; W32Time
; VolSnap
; viaide
; VgaSave
; vdrv9000
; USER32
; ultra
; udfs
; toside
; TermServSessDir
; TermService
; TermServDevices
; TermDD
; tdi
; TCPMon
; Tcpip
; System Error
; sym_u3
; sym_hi
; symc8xx
; symc810
; StillImage
; SSDPSRV
; Srv
; srservice
; sr
; sptd
; sparrow
; sndblst
; SMSvcHost 3.0.0.0
; Simbad
; SideBySide
; sfloppy
; Setup
; Service Control Manager
; Server
; serial
; scsiport
; Schedule
; Schannel
; SCardSvr
; Save Dump
; SAM
; RTLVLAN
; RTL8023xp
; RSVP
; RemoteAccess
; redbook
; Rdbss
; RasMan
; RasAuto
; ql1280
; ql1240
; ql12160
; ql10wnt
; ql1080
; PSched
; Processor
; PrintFilterPipelineSvc
; Print
; PptpMiniport
; PolicyAgent
; PlugPlayManager
; perc2
; pcmcia
; pciide
; pci
; parvdm
; partmgr
; parport
; OSPFMib
; OSPF
; nvata
; null
; NtServicePack
; ntfs
; npfs
; Nla
; Netlogon
; NetDDE
; NetBT
; NetBIOS
; NdisWan
; NdisIP
; ndis
; napipsecenf
; napagent
; Mup
; msfs
; MSDTC WS-AT Protocol
; MSDTC Gateway
; msadlib
; MrxSmb
; MRxDAV
; mraid35x
; mouhid
; mouclass
; Modem
; LsaSrv
; LmHosts
; LDMS
; LDM
; lbrtfdc
; Kerberos
; kbdhid
; kbdclass
; isapnp
; IPXSAP
; IPXRouterManager
; IPXRIP
; IPXCP
; IPSec
; IPRouterManager
; IPRIP2
; IPNATHLP
; IPMGM
; IPBOOTP
; intelide
; ini910u
; IGMPv2
; i2omp
; i2omgmt
; Http
; hpn
; Hardlock
; ftdisk
; fs_rec
; flpydisk
; Fips
; fdc
; fastfat
; eventlog
; efs
; dpti2o
; Dnscache
; Dnsapi
; dmio
; dmboot
; Distributed Link Tracking Client
; disk
; DhcpQec
; Dhcp
; DfsSvc
; DfsDriver
; DCOM
; dac960nt
; dac2w2k
; cryptsvc
; cpqarray
; cmdide
; changer
; cdrom
; Cdm
; cdfs
; cdaudio
; cd20xrnt
; cbidf2k
; Browser
; BITS
; beep
; Atmarpc
; ati2mtag
; Ati HotKey Poller
; atdisk
; atapi
; AsyncMac
; asc3550
; asc3350p
; asc
; Application Popup
; appdrv01
; amsint
; ami0nt
; AmdLLD
; AmdK8
; aliide
; aic78xx
; aic78u2
; aha154x
; adpu160m
; acpiec
; acpi
; abp480n5
; abiosdsk
; System
;
"Sources"=hex(7):57,00,5a,00,43,00,53,00,56,00,43,00,00,00,57,00,6f,00,72,00,\
6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,\
00,6f,00,77,00,73,00,20,00,55,00,70,00,64,00,61,00,74,00,65,00,20,00,41,00,\
67,00,65,00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,\
00,53,00,63,00,72,00,69,00,70,00,74,00,20,00,48,00,6f,00,73,00,74,00,00,00,\
57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,49,00,6e,00,73,00,74,00,61,\
00,6c,00,6c,00,65,00,72,00,20,00,33,00,2e,00,31,00,00,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,20,00,46,00,69,00,6c,00,65,00,20,00,50,00,72,00,6f,\
00,74,00,65,00,63,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,33,00,\
32,00,6b,00,00,00,57,00,33,00,32,00,54,00,69,00,6d,00,65,00,00,00,56,00,6f,\
00,6c,00,53,00,6e,00,61,00,70,00,00,00,76,00,69,00,61,00,69,00,64,00,65,00,\
00,00,56,00,67,00,61,00,53,00,61,00,76,00,65,00,00,00,76,00,64,00,72,00,76,\
00,39,00,30,00,30,00,30,00,00,00,55,00,53,00,45,00,52,00,33,00,32,00,00,00,\
75,00,6c,00,74,00,72,00,61,00,00,00,75,00,64,00,66,00,73,00,00,00,74,00,6f,\
00,73,00,69,00,64,00,65,00,00,00,54,00,65,00,72,00,6d,00,53,00,65,00,72,00,\
76,00,53,00,65,00,73,00,73,00,44,00,69,00,72,00,00,00,54,00,65,00,72,00,6d,\
00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,54,00,65,00,72,00,6d,00,\
53,00,65,00,72,00,76,00,44,00,65,00,76,00,69,00,63,00,65,00,73,00,00,00,54,\
00,65,00,72,00,6d,00,44,00,44,00,00,00,74,00,64,00,69,00,00,00,54,00,43,00,\
50,00,4d,00,6f,00,6e,00,00,00,54,00,63,00,70,00,69,00,70,00,00,00,53,00,79,\
00,73,00,74,00,65,00,6d,00,20,00,45,00,72,00,72,00,6f,00,72,00,00,00,73,00,\
79,00,6d,00,5f,00,75,00,33,00,00,00,73,00,79,00,6d,00,5f,00,68,00,69,00,00,\
00,73,00,79,00,6d,00,63,00,38,00,78,00,78,00,00,00,73,00,79,00,6d,00,63,00,\
38,00,31,00,30,00,00,00,53,00,74,00,69,00,6c,00,6c,00,49,00,6d,00,61,00,67,\
00,65,00,00,00,53,00,53,00,44,00,50,00,53,00,52,00,56,00,00,00,53,00,72,00,\
76,00,00,00,73,00,72,00,73,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,73,\
00,72,00,00,00,73,00,70,00,74,00,64,00,00,00,73,00,70,00,61,00,72,00,72,00,\
6f,00,77,00,00,00,73,00,6e,00,64,00,62,00,6c,00,73,00,74,00,00,00,53,00,4d,\
00,53,00,76,00,63,00,48,00,6f,00,73,00,74,00,20,00,33,00,2e,00,30,00,2e,00,\
30,00,2e,00,30,00,00,00,53,00,69,00,6d,00,62,00,61,00,64,00,00,00,53,00,69,\
00,64,00,65,00,42,00,79,00,53,00,69,00,64,00,65,00,00,00,73,00,66,00,6c,00,\
6f,00,70,00,70,00,79,00,00,00,53,00,65,00,74,00,75,00,70,00,00,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,20,00,43,00,6f,00,6e,00,74,00,72,00,6f,00,\
6c,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,00,00,53,00,65,00,72,\
00,76,00,65,00,72,00,00,00,73,00,65,00,72,00,69,00,61,00,6c,00,00,00,73,00,\
63,00,73,00,69,00,70,00,6f,00,72,00,74,00,00,00,53,00,63,00,68,00,65,00,64,\
00,75,00,6c,00,65,00,00,00,53,00,63,00,68,00,61,00,6e,00,6e,00,65,00,6c,00,\
00,00,53,00,43,00,61,00,72,00,64,00,53,00,76,00,72,00,00,00,53,00,61,00,76,\
00,65,00,20,00,44,00,75,00,6d,00,70,00,00,00,53,00,41,00,4d,00,00,00,52,00,\
54,00,4c,00,56,00,4c,00,41,00,4e,00,00,00,52,00,54,00,4c,00,38,00,30,00,32,\
00,33,00,78,00,70,00,00,00,52,00,53,00,56,00,50,00,00,00,52,00,65,00,6d,00,\
6f,00,74,00,65,00,41,00,63,00,63,00,65,00,73,00,73,00,00,00,72,00,65,00,64,\
00,62,00,6f,00,6f,00,6b,00,00,00,52,00,64,00,62,00,73,00,73,00,00,00,52,00,\
61,00,73,00,4d,00,61,00,6e,00,00,00,52,00,61,00,73,00,41,00,75,00,74,00,6f,\
00,00,00,71,00,6c,00,31,00,32,00,38,00,30,00,00,00,71,00,6c,00,31,00,32,00,\
34,00,30,00,00,00,71,00,6c,00,31,00,32,00,31,00,36,00,30,00,00,00,71,00,6c,\
00,31,00,30,00,77,00,6e,00,74,00,00,00,71,00,6c,00,31,00,30,00,38,00,30,00,\
00,00,50,00,53,00,63,00,68,00,65,00,64,00,00,00,50,00,72,00,6f,00,63,00,65,\
00,73,00,73,00,6f,00,72,00,00,00,50,00,72,00,69,00,6e,00,74,00,46,00,69,00,\
6c,00,74,00,65,00,72,00,50,00,69,00,70,00,65,00,6c,00,69,00,6e,00,65,00,53,\
00,76,00,63,00,00,00,50,00,72,00,69,00,6e,00,74,00,00,00,50,00,70,00,74,00,\
70,00,4d,00,69,00,6e,00,69,00,70,00,6f,00,72,00,74,00,00,00,50,00,6f,00,6c,\
00,69,00,63,00,79,00,41,00,67,00,65,00,6e,00,74,00,00,00,50,00,6c,00,75,00,\
67,00,50,00,6c,00,61,00,79,00,4d,00,61,00,6e,00,61,00,67,00,65,00,72,00,00,\
00,70,00,65,00,72,00,63,00,32,00,00,00,70,00,63,00,6d,00,63,00,69,00,61,00,\
00,00,70,00,63,00,69,00,69,00,64,00,65,00,00,00,70,00,63,00,69,00,00,00,70,\
00,61,00,72,00,76,00,64,00,6d,00,00,00,70,00,61,00,72,00,74,00,6d,00,67,00,\
72,00,00,00,70,00,61,00,72,00,70,00,6f,00,72,00,74,00,00,00,4f,00,53,00,50,\
00,46,00,4d,00,69,00,62,00,00,00,4f,00,53,00,50,00,46,00,00,00,6e,00,76,00,\
61,00,74,00,61,00,00,00,6e,00,75,00,6c,00,6c,00,00,00,4e,00,74,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,50,00,61,00,63,00,6b,00,00,00,6e,00,74,00,\
66,00,73,00,00,00,6e,00,70,00,66,00,73,00,00,00,4e,00,6c,00,61,00,00,00,4e,\
00,65,00,74,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,4e,00,65,00,74,00,44,00,\
44,00,45,00,00,00,4e,00,65,00,74,00,42,00,54,00,00,00,4e,00,65,00,74,00,42,\
00,49,00,4f,00,53,00,00,00,4e,00,64,00,69,00,73,00,57,00,61,00,6e,00,00,00,\
4e,00,64,00,69,00,73,00,49,00,50,00,00,00,6e,00,64,00,69,00,73,00,00,00,6e,\
00,61,00,70,00,69,00,70,00,73,00,65,00,63,00,65,00,6e,00,66,00,00,00,6e,00,\
61,00,70,00,61,00,67,00,65,00,6e,00,74,00,00,00,4d,00,75,00,70,00,00,00,6d,\
00,73,00,66,00,73,00,00,00,4d,00,53,00,44,00,54,00,43,00,20,00,57,00,53,00,\
2d,00,41,00,54,00,20,00,50,00,72,00,6f,00,74,00,6f,00,63,00,6f,00,6c,00,00,\
00,4d,00,53,00,44,00,54,00,43,00,20,00,47,00,61,00,74,00,65,00,77,00,61,00,\
79,00,00,00,6d,00,73,00,61,00,64,00,6c,00,69,00,62,00,00,00,4d,00,72,00,78,\
00,53,00,6d,00,62,00,00,00,4d,00,52,00,78,00,44,00,41,00,56,00,00,00,6d,00,\
72,00,61,00,69,00,64,00,33,00,35,00,78,00,00,00,6d,00,6f,00,75,00,68,00,69,\
00,64,00,00,00,6d,00,6f,00,75,00,63,00,6c,00,61,00,73,00,73,00,00,00,4d,00,\
6f,00,64,00,65,00,6d,00,00,00,4c,00,73,00,61,00,53,00,72,00,76,00,00,00,4c,\
00,6d,00,48,00,6f,00,73,00,74,00,73,00,00,00,4c,00,44,00,4d,00,53,00,00,00,\
4c,00,44,00,4d,00,00,00,6c,00,62,00,72,00,74,00,66,00,64,00,63,00,00,00,4b,\
00,65,00,72,00,62,00,65,00,72,00,6f,00,73,00,00,00,6b,00,62,00,64,00,68,00,\
69,00,64,00,00,00,6b,00,62,00,64,00,63,00,6c,00,61,00,73,00,73,00,00,00,69,\
00,73,00,61,00,70,00,6e,00,70,00,00,00,49,00,50,00,58,00,53,00,41,00,50,00,\
00,00,49,00,50,00,58,00,52,00,6f,00,75,00,74,00,65,00,72,00,4d,00,61,00,6e,\
00,61,00,67,00,65,00,72,00,00,00,49,00,50,00,58,00,52,00,49,00,50,00,00,00,\
49,00,50,00,58,00,43,00,50,00,00,00,49,00,50,00,53,00,65,00,63,00,00,00,49,\
00,50,00,52,00,6f,00,75,00,74,00,65,00,72,00,4d,00,61,00,6e,00,61,00,67,00,\
65,00,72,00,00,00,49,00,50,00,52,00,49,00,50,00,32,00,00,00,49,00,50,00,4e,\
00,41,00,54,00,48,00,4c,00,50,00,00,00,49,00,50,00,4d,00,47,00,4d,00,00,00,\
49,00,50,00,42,00,4f,00,4f,00,54,00,50,00,00,00,69,00,6e,00,74,00,65,00,6c,\
00,69,00,64,00,65,00,00,00,69,00,6e,00,69,00,39,00,31,00,30,00,75,00,00,00,\
49,00,47,00,4d,00,50,00,76,00,32,00,00,00,69,00,32,00,6f,00,6d,00,70,00,00,\
00,69,00,32,00,6f,00,6d,00,67,00,6d,00,74,00,00,00,48,00,74,00,74,00,70,00,\
00,00,68,00,70,00,6e,00,00,00,48,00,61,00,72,00,64,00,6c,00,6f,00,63,00,6b,\
00,00,00,66,00,74,00,64,00,69,00,73,00,6b,00,00,00,66,00,73,00,5f,00,72,00,\
65,00,63,00,00,00,66,00,6c,00,70,00,79,00,64,00,69,00,73,00,6b,00,00,00,46,\
00,69,00,70,00,73,00,00,00,66,00,64,00,63,00,00,00,66,00,61,00,73,00,74,00,\
66,00,61,00,74,00,00,00,65,00,76,00,65,00,6e,00,74,00,6c,00,6f,00,67,00,00,\
00,65,00,66,00,73,00,00,00,64,00,70,00,74,00,69,00,32,00,6f,00,00,00,44,00,\
6e,00,73,00,63,00,61,00,63,00,68,00,65,00,00,00,44,00,6e,00,73,00,61,00,70,\
00,69,00,00,00,64,00,6d,00,69,00,6f,00,00,00,64,00,6d,00,62,00,6f,00,6f,00,\
74,00,00,00,44,00,69,00,73,00,74,00,72,00,69,00,62,00,75,00,74,00,65,00,64,\
00,20,00,4c,00,69,00,6e,00,6b,00,20,00,54,00,72,00,61,00,63,00,6b,00,69,00,\
6e,00,67,00,20,00,43,00,6c,00,69,00,65,00,6e,00,74,00,00,00,64,00,69,00,73,\
00,6b,00,00,00,44,00,68,00,63,00,70,00,51,00,65,00,63,00,00,00,44,00,68,00,\
63,00,70,00,00,00,44,00,66,00,73,00,53,00,76,00,63,00,00,00,44,00,66,00,73,\
00,44,00,72,00,69,00,76,00,65,00,72,00,00,00,44,00,43,00,4f,00,4d,00,00,00,\
64,00,61,00,63,00,39,00,36,00,30,00,6e,00,74,00,00,00,64,00,61,00,63,00,32,\
00,77,00,32,00,6b,00,00,00,63,00,72,00,79,00,70,00,74,00,73,00,76,00,63,00,\
00,00,63,00,70,00,71,00,61,00,72,00,72,00,61,00,79,00,00,00,63,00,6d,00,64,\
00,69,00,64,00,65,00,00,00,63,00,68,00,61,00,6e,00,67,00,65,00,72,00,00,00,\
63,00,64,00,72,00,6f,00,6d,00,00,00,43,00,64,00,6d,00,00,00,63,00,64,00,66,\
00,73,00,00,00,63,00,64,00,61,00,75,00,64,00,69,00,6f,00,00,00,63,00,64,00,\
32,00,30,00,78,00,72,00,6e,00,74,00,00,00,63,00,62,00,69,00,64,00,66,00,32,\
00,6b,00,00,00,42,00,72,00,6f,00,77,00,73,00,65,00,72,00,00,00,42,00,49,00,\
54,00,53,00,00,00,62,00,65,00,65,00,70,00,00,00,41,00,74,00,6d,00,61,00,72,\
00,70,00,63,00,00,00,61,00,74,00,69,00,32,00,6d,00,74,00,61,00,67,00,00,00,\
41,00,74,00,69,00,20,00,48,00,6f,00,74,00,4b,00,65,00,79,00,20,00,50,00,6f,\
00,6c,00,6c,00,65,00,72,00,00,00,61,00,74,00,64,00,69,00,73,00,6b,00,00,00,\
61,00,74,00,61,00,70,00,69,00,00,00,41,00,73,00,79,00,6e,00,63,00,4d,00,61,\
00,63,00,00,00,61,00,73,00,63,00,33,00,35,00,35,00,30,00,00,00,61,00,73,00,\
63,00,33,00,33,00,35,00,30,00,70,00,00,00,61,00,73,00,63,00,00,00,41,00,70,\
00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,50,00,6f,00,\
70,00,75,00,70,00,00,00,61,00,70,00,70,00,64,00,72,00,76,00,30,00,31,00,00,\
00,61,00,6d,00,73,00,69,00,6e,00,74,00,00,00,61,00,6d,00,69,00,30,00,6e,00,\
74,00,00,00,41,00,6d,00,64,00,4c,00,4c,00,44,00,00,00,41,00,6d,00,64,00,4b,\
00,38,00,00,00,61,00,6c,00,69,00,69,00,64,00,65,00,00,00,61,00,69,00,63,00,\
37,00,38,00,78,00,78,00,00,00,61,00,69,00,63,00,37,00,38,00,75,00,32,00,00,\
00,61,00,68,00,61,00,31,00,35,00,34,00,78,00,00,00,61,00,64,00,70,00,75,00,\
31,00,36,00,30,00,6d,00,00,00,61,00,63,00,70,00,69,00,65,00,63,00,00,00,61,\
00,63,00,70,00,69,00,00,00,61,00,62,00,70,00,34,00,38,00,30,00,6e,00,35,00,\
00,00,61,00,62,00,69,00,6f,00,73,00,64,00,73,00,6b,00,00,00,53,00,79,00,73,\
00,74,00,65,00,6d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\sptd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd]
; Contents of value:
; System32\Drivers\sptd.sys
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,73,00,70,00,74,00,64,00,2e,00,73,\
00,79,00,73,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Enum]
"0"="Root\\LEGACY_SPTD\\0000"

; End Of The Log...

[Damned]

Nemáš nastaveno v msconfig spouštění přes Daemon? Protože hodnotu SafeBoot nebo SMHelp tu nevidím.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.)
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

sc config sptd start= disabled
sc stop sptd
sc delete sptd

ulož si ho na plochu jako-název remove.bat a ulož ho jako typ všechny soubory , najdi na ploše tento soubor , spusť ho poklepáním.
Otevře se Dosovské okno a zavře. Zkus spustit do NR.

[r.kuda]

Marné, marné, marné, NR nejede a nejede.

Vše ostatní je OK, skryté složky jsem vyřešil, ale toto nevím.

[Damned]

Stáhni si RSIT, klikni na "Continue" a nech ho provést sken.
Za chvíli se vygeneruje log se jménem log.txt (pokud nebude log vygenerován, najdeš jej v C:\rsit\log.txt); jeho obsah mi sem zkopíruj.
Zkopíruj sem (nebo přilož) i druhý log s názvem info.txt

[r.kuda]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Vesely at 2009-09-30 16:16:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (38%) free of 15 GB
Total RAM: 3070 MB (84% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
Solid Converter PDF - D:\Programy\Solid Converter PDF Pro 3.1.41\SCPDF\ExploreExtPDF.dll [2006-08-25 259592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-07-15 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - D:\Programy\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-07-15 520192]
{259F616C-A300-44F5-B04A-ED001A26C85C} - Solid Converter PDF - D:\Programy\Solid Converter PDF Pro 3.1.41\SCPDF\ExploreExtPDF.dll [2006-08-25 259592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=D:\Programy\Eset Smart Security\egui.exe [2007-12-21 1443072]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-08-14 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"ForceStartMenuLogoff"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\a-TimeSync\TimeSync.exe"="C:\Program Files\a-TimeSync\TimeSync.exe:*:Enabled:Atomic Time Synchronizer"

======List of files/folders created in the last 1 months======

2009-09-30 16:16:45 ----D---- C:\rsit
2009-09-30 16:09:40 ----D---- C:\WINDOWS\pss
2009-09-30 16:05:40 ----A---- C:\WINDOWS\ntbtlog.txt
2009-09-29 22:03:03 ----SHD---- C:\RECYCLER
2009-09-29 21:41:24 ----D---- C:\WINDOWS\temp
2009-09-29 21:39:47 ----N---- C:\WINDOWS\system32\regsvc.dll
2009-09-29 19:46:08 ----D---- C:\Documents and Settings\Vesely\Data aplikací\Malwarebytes
2009-09-29 19:46:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-09-29 19:22:27 ----D---- C:\Program Files\Trend Micro
2009-09-29 18:40:14 ----HD---- C:\WINDOWS\Icons
2009-09-29 18:00:14 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-09-29 18:00:13 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-09-29 18:00:13 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-09-29 18:00:12 ----D---- C:\Documents and Settings\Vesely\Data aplikací\TuneUp Software
2009-09-29 17:59:58 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-09-29 17:59:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2009-09-29 17:59:51 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-28 20:44:17 ----A---- C:\WINDOWS\system32\pbsvc.exe
2009-09-14 19:57:46 ----A---- C:\WINDOWS\Marsu-Fix 2.5 Uninstaller.exe
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-09-09 13:51:03 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-09-09 13:51:02 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll

======List of files/folders modified in the last 1 months======

2009-09-30 16:16:46 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-30 16:09:40 ----D---- C:\WINDOWS
2009-09-30 10:39:46 ----D---- C:\WINDOWS\system32
2009-09-30 10:39:42 ----D---- C:\WINDOWS\system32\drivers
2009-09-30 10:34:23 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-30 10:34:21 ----SHD---- C:\WINDOWS\Installer
2009-09-30 10:31:00 ----D---- C:\Documents and Settings\Vesely\Data aplikací\SolidDocuments
2009-09-30 06:32:17 ----HD---- C:\WINDOWS\inf
2009-09-30 05:40:41 ----D---- C:\TRANSLAT
2009-09-30 05:35:24 ----D---- C:\Program Files
2009-09-30 05:35:13 ----D---- C:\WINDOWS\ShellNew
2009-09-30 05:35:13 ----D---- C:\WINDOWS\ASUSInstAll
2009-09-30 05:35:13 ----D---- C:\Program Files\Combined Community Codec Pack
2009-09-30 05:06:24 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-09-30 05:06:24 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-09-30 05:06:24 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-09-30 04:46:59 ----SHD---- C:\System Volume Information
2009-09-30 04:46:59 ----D---- C:\WINDOWS\system32\Restore
2009-09-30 04:45:51 ----D---- C:\WINDOWS\system32\config
2009-09-30 04:33:36 ----D---- C:\WINDOWS\WinSxS
2009-09-30 04:30:48 ----D---- C:\Program Files\Common Files\Nero
2009-09-30 04:30:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2009-09-30 04:25:11 ----A---- C:\WINDOWS\Irremote.ini
2009-09-30 04:15:00 ----D---- C:\WINDOWS\ERDNT
2009-09-29 22:29:41 ----D---- C:\WINDOWS\Prefetch
2009-09-29 21:41:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-29 21:40:54 ----A---- C:\WINDOWS\system.ini
2009-09-29 21:40:25 ----D---- C:\WINDOWS\AppPatch
2009-09-29 21:40:25 ----D---- C:\Program Files\Common Files
2009-09-29 19:14:42 ----D---- C:\WINDOWS\repair
2009-09-29 18:19:46 ----SD---- C:\WINDOWS\Tasks
2009-09-28 21:25:48 ----D---- C:\WINDOWS\Web
2009-09-28 20:55:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-28 20:44:27 ----A---- C:\Documents and Settings\Vesely\Data aplikací\PnkBstrB.exe
2009-09-28 20:42:43 ----D---- C:\Documents and Settings\Vesely\Data aplikací\HLSW
2009-09-28 20:35:09 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-09-28 20:34:49 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-09-20 15:33:04 ----A---- C:\WINDOWS\TRNCOM.INI
2009-09-12 21:20:06 ----D---- C:\Documents and Settings\Vesely\Data aplikací\Skype
2009-09-09 13:50:33 ----D---- C:\WINDOWS\system32\DirectX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2009-04-27 2915944]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2009-03-22 13567]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-24 278984]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 LANPkt;Realtek LANPkt Protocol Driver; C:\WINDOWS\system32\DRIVERS\LANPkt.sys [2006-07-18 8399]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-24 25416]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-08-14 4485632]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-07-16 379726]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-10-29 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 PAC207;VideoCAM GF112; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-06-18 3692288]
R3 RTL8023xp;D-Link DGE-528T Gigabit Ethernet Adapter NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\DLKRTXP.SYS [2006-07-31 83456]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
S3 catchme;catchme; \??\C:\DOCUME~1\Vesely\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Diag69xp;Diag69xp; C:\WINDOWS\System32\Drivers\Diag69xp.sys [2006-07-11 11003]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi_oem;PlayLinc Adapter; C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-08-28 10664]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RTLVLAN;D-Link VLAN Intermediate Driver; C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS [2006-06-01 16384]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-03-16 685816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-08-14 602112]
R2 ekrn;Eset Service; D:\Programy\Eset Smart Security\ekrn.exe [2007-12-21 468224]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-15 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; D:\Programy\Eset Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-21 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-09-28 189768]
S3 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-29 360192]
S3 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-09-29 603904]
S3 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2009-04-27 304528]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
S4 ScReadSpool;SolidPDFConverterReadSpool; D:\Programy\Solid Converter PDF Pro 3.1.41\SCPDF\SolidPdfService.exe [2006-08-25 184320]

-----------------EOF-----------------



info.txt logfile of random's system information tool 1.06 2009-09-30 16:16:47

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\4977c84bcdc298c444ccfbdcccb660d\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}
Adobe Reader 9 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A90000000001}
Adobe Setup-->MsiExec.exe /I{0901FCE8-5415-4499-BBC8-1AA106DD66E2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{149464D9-B06F-4505-9968-FD1206F67AD3}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM)-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x040c
Call of Duty(R) 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Canon MP150-->"C:\WINDOWS\system32\CanonMP Uninstaller Information\{CA9A3609-3ECC-4574-8824-A8161A71A603}\DelDrv.exe" /U:{CA9A3609-3ECC-4574-8824-A8161A71A603} /L0x0009
Canopus Codec Option-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{772E9146-D676-4869-A298-047FF2A2B92D}\setup.exe" -l0x9
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"D:\Programy\Ccleaner\uninst.exe"
Combined Community Codec Pack 2008-01-24-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
CoreAVC Professional Edition (remove only)-->"C:\Program Files\CoreCodec\CoreAVC Professional Edition\CoreAVC Professional Edition-uninstall.exe"
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
DebugMode FrameServer-->"D:\Programy\Sony Vegas 8\Frameserver\fsuninst.exe"
Diagnostics Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7236672F-6430-439E-9B27-27EDEAF1D676}\Setup.exe" -l0x9
Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
Easy-WebPrint-->C:\WINDOWS\IsUn0405.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
ESET Smart Security-->MsiExec.exe /I{49B6C667-BADF-4CBB-81A5-62053B02240A}
Chameleon-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Hry\Chameleon\Chameleon - hra\Uninstall\setup.exe" -l0x5
Marsu-Fix 2.5-->"C:\WINDOWS\Marsu-Fix 2.5 Uninstaller.exe"
MediaInfo 0.7.7.8-->D:\Programy\MediaInfo\uninst.exe
Microsoft .NET Framework 2.0 Language Pack - CSY-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - CSY\install.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0 Czech Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Czech Language Pack\setup.exe
Microsoft .NET Framework 3.0 Czech Language Pack-->MsiExec.exe /X{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}
Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.5.3)-->D:\Programy\Mozilla Firefox\uninstall\helper.exe
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)-->"D:\Programy\Eset Smart Security\unins000.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI
PCI Audio Applications-->C:\Program Files\PCI Audio Applications\Bin\Uninstall.exe
PCI Audio Driver-->cmuninst.exe
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
ProCoder 3-->C:\Program Files\InstallShield Installation Information\{07D97136-A219-41FE-9FF9-E18C8A312A7E}\setup.exe -runfromtemp -l0x0009 -removeonly
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek High Definition Audio Driver-->RtkUpd.exe -r -m
SolidConverterPDF-->MsiExec.exe /I{9BC76CCE-A9EC-4A3A-9B51-D823805E1D1F}
Sony DVD Architect 4.0-->MsiExec.exe /X{1AC38EA5-454C-4443-834F-6B34106581E1}
Sony Vegas Pro 8.0-->MsiExec.exe /X{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}
The KMPlayer (remove only)-->"D:\Programy\KMPlayer\The KMPlayer\uninstall.exe"
Tom Clancy's Ghost Recon Advanced Warfighter® 2-->"C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x0005 -removeonly
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VideoCAM GF112-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{088B7BF8-AC95-4348-B77B-619AEB3A74A5} /l1029
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Workflow Foundation CS Language Pack-->MsiExec.exe /I{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wolfenstein-->C:\Program Files\InstallShield Installation Information\{F9B37992-968C-4264-8449-489032FC28DE}\setup.exe -runfromtemp -l0x0409
xp-AntiSpy 3.94-->C:\Program Files\xp-AntiSpy\uninst.exe
Zoner Photo Studio 11-->"D:\Programy\Zoner Photo studio 11\Photo Studio 11\unins000.exe" /SILENT

======Security center information======

AV: ESET Smart Security 3.0
FW: ESET personal firewall

======System event log======

Computer Name: VESELY
Event Code: 9
Message: RegisterTscDrift()

Node[ 0 ] Core[ 0 ] Cpu[ 0 ] Affinity[ 0x1 ]

Thread registered succesfully: SamplingRate(ms)[ 1000 ]

Record Number: 11137
Source Name: AmdLLD
Time Written: 20090923170222.000000+120
Event Type: Informace
User:

Computer Name: VESELY
Event Code: 2
Message: Device identified.

Record Number: 11136
Source Name: nvata
Time Written: 20090923170222.000000+120
Event Type: Informace
User:

Computer Name: VESELY
Event Code: 10005
Message: Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby StiSvc s argumenty
za účelem spuštění serveru:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Record Number: 11135
Source Name: DCOM
Time Written: 20090923170210.000000+120
Event Type: Chyba
User: VESELY\Vesely

Computer Name: VESELY
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 11134
Source Name: EventLog
Time Written: 20090923170206.000000+120
Event Type: Informace
User:

Computer Name: VESELY
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 11133
Source Name: EventLog
Time Written: 20090923170206.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: VESELY
Event Code: 1517
Message: Systém Windows uložil registr uživatele VESELY\Vesely, ale některá z aplikací nebo služeb během odhlášení registr nadále používala. Paměť používaná registrem uživatele nebyla uvolněna. Registr bude uvolněn, jakmile již nebude používán.


To je často způsobeno tím, že jsou služby spuštěny pomocí uživatelského účtu. Zkuste služby konfigurovat pro spuštění pomocí účtu místní nebo síťové služby.

Record Number: 5
Source Name: Userenv
Time Written: 20090715130458.000000+120
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: VESELY
Event Code: 105
Message: The service was started.

Record Number: 4
Source Name: ATI Smart
Time Written: 20090715122524.000000+120
Event Type: Informace
User:

Computer Name: VESELY
Event Code: 105
Message: The service was started.

Record Number: 3
Source Name: ATI Smart
Time Written: 20090715081756.000000+120
Event Type: Informace
User:

Computer Name: VESELY
Event Code: 105
Message: The service was started.

Record Number: 2
Source Name: ATI Smart
Time Written: 20090715071345.000000+120
Event Type: Informace
User:

Computer Name: VESELY
Event Code: 105
Message: The service was started.

Record Number: 1
Source Name: ATI Smart
Time Written: 20090714221844.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Devmgr_show_nonpresent_devices"=1
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;D:\Programy\QuickTime\QTSystem;C:\Program Files\Smart Projects\IsoBuster
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=6b02
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"CLASSPATH"=.;D:\Programy\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=D:\Programy\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
C:\DOCUME~1\Vesely\LOCALS~1\Temp\catchme.sys
C:\WINDOWS\system32\DRIVERS\ENTECH.sys

Driver::
catchme;catchme
catchme
ENTECH;ENTECH
ENTECH



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu
****************************************************************************************************************************************
Start--> > Spustit a do řádku vlož celý tento řádek:

Kód: Vybrat vše

regedit /e "c:\regla.txt" "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal"

Klikni na OK.
V "C:\" se ti objeví texťák "regla.txt", zkopíruj mi ho sem.

[r.kuda]

ComboFix 09-09-29.04 - Vesely 30.09.2009 16:59.4.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2580 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vesely\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Vesely\Plocha\CFScript.txt
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
"c:\docume~1\Vesely\LOCALS~1\Temp\catchme.sys"
"c:\windows\system32\DRIVERS\ENTECH.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\DRIVERS\ENTECH.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CATCHME
-------\Legacy_ENTECH
-------\Service_catchme
-------\Service_ENTECH


((((((((((((((((((((((((( Soubory vytvořené od 2009-08-28 do 2009-09-30 )))))))))))))))))))))))))))))))
.

2009-09-30 14:16 . 2009-09-30 14:16 -------- d-----w- C:\rsit
2009-09-29 19:39 . 2008-04-14 07:51 59904 -c--a-w- c:\windows\system32\dllcache\regsvc.dll
2009-09-29 19:39 . 2008-04-14 07:51 59904 ------w- c:\windows\system32\regsvc.dll
2009-09-29 17:22 . 2009-09-29 17:22 -------- d-----w- c:\program files\Trend Micro
2009-09-29 16:40 . 2009-09-30 03:16 -------- d--h--w- c:\windows\Icons
2009-09-29 16:00 . 2009-09-29 16:00 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-09-29 16:00 . 2009-09-29 16:00 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-09-29 16:00 . 2008-12-11 11:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-09-29 15:59 . 2009-09-29 16:00 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-09-28 18:44 . 2009-09-28 18:44 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-09-14 17:57 . 2009-09-14 17:57 159578 ----a-w- c:\windows\Marsu-Fix 2.5 Uninstaller.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-30 08:34 . 2009-03-15 22:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-30 03:35 . 2009-03-16 05:51 -------- d-----w- c:\program files\Combined Community Codec Pack
2009-09-30 02:30 . 2009-07-30 12:23 -------- d-----w- c:\program files\Common Files\Nero
2009-09-28 18:35 . 2009-03-16 15:56 137928 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-28 18:35 . 2009-03-16 15:56 189768 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-09-28 18:34 . 2009-03-16 15:55 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-14 04:27 . 2008-08-06 05:41 4485632 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-08-14 02:28 . 2009-05-16 03:39 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-08-14 02:27 . 2008-08-06 04:19 345600 ----a-w- c:\windows\system32\ati2dvag.dll
2009-08-14 02:10 . 2009-05-16 03:18 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-08-14 02:10 . 2009-05-16 03:17 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-08-14 02:09 . 2009-05-16 03:17 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-08-14 02:09 . 2009-05-16 03:17 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-08-14 02:09 . 2009-05-16 03:17 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-08-14 02:08 . 2009-05-16 03:15 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-08-14 02:06 . 2009-05-16 03:14 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-08-14 02:00 . 2009-05-16 02:51 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-08-14 01:58 . 2008-08-06 03:57 3492576 ----a-w- c:\windows\system32\ati3duag.dll
2009-08-14 01:47 . 2009-05-16 02:55 12959744 ----a-w- c:\windows\system32\atioglxx.dll
2009-08-14 01:42 . 2008-08-06 03:40 2081920 ----a-w- c:\windows\system32\ativvaxx.dll
2009-08-14 01:42 . 2009-05-16 02:54 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-08-14 01:42 . 2009-05-16 02:54 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-08-14 01:25 . 2009-05-16 02:38 49664 ----a-w- c:\windows\system32\atimpc32.dll
2009-08-14 01:25 . 2009-05-16 02:38 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-08-14 01:21 . 2009-05-16 02:33 561152 ----a-w- c:\windows\system32\atikvmag.dll
2009-08-14 01:21 . 2009-05-16 01:35 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-08-14 01:20 . 2009-05-16 01:34 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-08-14 01:19 . 2009-05-16 01:33 3469312 ----a-w- c:\windows\system32\aticaldd.dll
2009-08-14 01:19 . 2009-05-16 02:31 163840 ----a-w- c:\windows\system32\atiadlxx.dll
2009-08-14 01:18 . 2009-05-16 02:31 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-08-14 01:17 . 2009-05-16 02:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-08-14 01:17 . 2009-05-16 02:26 376832 ----a-w- c:\windows\system32\atiok3x2.dll
2009-08-14 01:12 . 2008-08-06 03:13 614400 ----a-w- c:\windows\system32\ati2cqag.dll
2009-08-07 14:15 . 2001-10-25 13:00 76516 ----a-w- c:\windows\system32\perfc005.dat
2009-08-07 14:15 . 2001-10-25 13:00 424082 ----a-w- c:\windows\system32\perfh005.dat
2009-07-14 15:09 . 2009-04-23 19:04 197654 ----a-w- c:\windows\system32\atiicdxx.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="d:\programy\Eset Smart Security\egui.exe" [2007-12-21 1443072]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2008-04-14 100352]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /k:C *

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Flashget"=d:\programy\FlashGet\flashget.exe /min

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [27.4.2009 14:45 2915944]
R2 ekrn;Eset Service;d:\programy\Eset Smart Security\ekrn.exe [21.12.2007 9:21 468224]
R2 LANPkt;Realtek LANPkt Protocol Driver;c:\windows\system32\drivers\LANPkt.sys [16.3.2009 9:15 8399]
R3 PAC207;VideoCAM GF112;c:\windows\system32\drivers\PFC027.sys [8.4.2005 11:46 162176]
S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [16.3.2009 9:15 11003]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [28.8.2006 23:54 10664]
S3 RTLVLAN;D-Link VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [16.3.2009 9:15 16384]
S3 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [29.9.2009 18:00 603904]
S4 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-09-29 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]

2009-09-29 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: &Stáhnout FlashGetem - d:\programy\FlashGet\jc_link.htm
IE: &Stáhnout všechny FlashGetem - d:\programy\FlashGet\jc_all.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\Vesely\Data aplikací\Mozilla\Firefox\Profiles\rx92ygcu.default\
FF - prefs.js: browser.startup.homepage - google.cz
FF - plugin: d:\programy\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin7.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
d:\programy\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-30 17:02
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Celkový čas: 2009-09-30 17:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-09-30 15:04

Před spuštěním: 5 887 672 320
Po spuštění: 5 793 603 584

178



Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"BootExecute"=hex(7):61,00,75,00,74,00,6f,00,63,00,68,00,65,00,63,00,6b,00,20,\
00,61,00,75,00,74,00,6f,00,63,00,68,00,6b,00,20,00,2a,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"


Ulož si ho jako na Plochu jako fix.reg a jako typ všechny soubory , najdi tento soubor na Ploše a poklepáním ho spusť. Budeš dotázán na přidání hodnoty do registru. Schval.
*****************************************************************************************************************************************

Start--> > Spustit a do řádku vlož celý tento řádek:

Kód: Vybrat vše

regedit /e "c:\reglb.txt" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal"

Klikni na OK.
V "C:\" se ti objeví texťák "reglb.txt", zkopíruj mi ho sem.