Počítač se sám od sebe restartuje

tempus · Příspěvekod **tempus** » 20 pro 2009 12:07

Ahoj,
mám problém s tím, že se mně občas sám od sebe restaruje počítač, maximálně 1-2x za den a pak třeba celý týden nic. Dělá to od té doby co jsem mu pořídil novou základní desku (4CoreDual-SATA2 R2.2), paměti (Kingston DIMM 2048MB DDR II 667MHz KVR667D2N5K2/2G) a processor(INTEL Pentium Dual-Core E6300 - 2.80GHz, 1066MHz FSB, 2MB cache, socket 775, EM64T BOX (Wolfdale-2M)). Zpočátku tam před restartem na chviliku problikla i modrá smrt (opravdu jen problikla) a hned restart a teď už se s modrou obrazovkou ani neobtěžuje a rovnou restartuje.
Zkusil jsem přes noc nechat běžet i nějaký analyzer pamětí, ale žádná chyba na mě nevyskočila.
Tady posílám i log třebas pomůže:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 11:21:00, on 20.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 11699 bytes

//přesunuto ze sekce HW

//mmm

Reklama

Damned · Příspěvekod **Damned** » 22 pro 2009 11:08

Odinstaluj si:
Winamp Toolbar
BS_Player
pdfforge Toolbar
AskBarDis

Až to budeš mít, vlož sem nový log z HJT.

tempus · Příspěvekod **tempus** » 23 pro 2009 16:15

Vkládám log po odinstalaci výše zmíněných programů

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 16:05:35, on 23.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 9874 bytes

Damned · Příspěvekod **Damned** » 23 pro 2009 16:51

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

tempus · Příspěvekod **tempus** » 23 pro 2009 17:28

log z Malwarebytes

Malwarebytes' Anti-Malware 1.42
Verze databáze: 3415
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

23.12.2009 17:25:48
mbam-log-2009-12-23 (17-25-41).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 113514
Uplynulý čas: 3 minute(s), 54 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 3
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

Damned · Příspěvekod **Damned** » 23 pro 2009 17:31

Takže spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Konec

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

tempus · Příspěvekod **tempus** » 23 pro 2009 17:42

Zatím MbAM

Malwarebytes' Anti-Malware 1.42
Verze databáze: 3415
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

23.12.2009 17:40:05
mbam-log-2009-12-23 (17-40-05).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 113678
Uplynulý čas: 4 minute(s), 7 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 3
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

Damned · Příspěvekod **Damned** » 23 pro 2009 17:56

Výborně, pokračuj.

tempus · Příspěvekod **tempus** » 23 pro 2009 17:56

ComboFix 09-12-22.09 - Ichigo 23.12.2009 17:51:55.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1596 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ichigo\Plocha\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\LOG.TXT

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-23 do 2009-12-23 )))))))))))))))))))))))))))))))
.

2009-12-23 16:19 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-23 16:19 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-23 16:19 . 2009-12-23 16:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-20 10:20 . 2009-12-20 10:20 -------- d-----w- c:\program files\TrendMicro
2009-12-13 17:54 . 2009-12-13 17:54 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-13 01:28 . 2009-12-13 01:28 -------- d-----w- c:\documents and settings\Ichigo\Saved Games
2009-12-13 01:26 . 2009-12-13 01:26 -------- d-----w- c:\program files\Jewel Quest 2
2009-12-12 21:24 . 2009-12-12 21:24 -------- d-----w- c:\program files\MP Software
2009-12-05 17:34 . 2009-12-23 15:02 -------- d-----w- c:\program files\FreeRapid-0.83u1
2009-12-01 17:38 . 2009-12-01 17:59 -------- d-----w- c:\program files\Runtime Software
2009-12-01 17:24 . 2008-04-13 22:16 18944 -c--a-w- c:\windows\system32\dllcache\bthusb.sys
2009-12-01 17:24 . 2008-04-13 22:16 18944 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2009-11-29 23:34 . 2008-10-27 09:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2009-11-29 22:17 . 2009-11-29 22:17 -------- d-----w- c:\windows\system\RegistryBooster
2009-11-29 18:12 . 2007-10-18 13:25 41856 ----a-w- c:\windows\system32\drivers\tosrfusb.sys
2009-11-29 18:12 . 2008-03-25 15:24 131712 ----a-w- c:\windows\system32\drivers\tosrfbd.sys
2009-11-29 18:12 . 2008-03-19 10:38 74112 ----a-w- c:\windows\system32\drivers\Tosrfhid.sys
2009-11-29 18:12 . 2008-01-22 19:57 54144 ----a-w- c:\windows\system32\drivers\TosRfSnd.sys
2009-11-29 18:12 . 2007-11-29 08:45 36608 ----a-w- c:\windows\system32\drivers\tosrfbnp.sys
2009-11-29 18:12 . 2005-01-07 04:42 18612 ----a-w- c:\windows\system32\drivers\tosrfnds.sys
2009-11-29 18:12 . 2007-10-02 10:43 64128 ----a-w- c:\windows\system32\drivers\tosrfcom.sys
2009-11-29 18:12 . 2008-03-25 12:54 41472 ----a-w- c:\windows\system32\drivers\tosporte.sys
2009-11-29 18:11 . 2009-11-29 18:11 -------- d-----w- c:\program files\Toshiba

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-20 16:19 . 2009-11-01 12:01 -------- d-----w- c:\program files\RightMark Memory Analyzer
2009-12-13 19:55 . 2009-09-20 14:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-05 18:49 . 2009-09-20 15:15 -------- d-----w- c:\program files\FreeRapid-0.82
2009-12-02 18:09 . 2009-09-20 14:52 -------- d-----w- c:\program files\Java
2009-11-14 20:55 . 2009-11-14 20:55 1832 ----a-w- c:\windows\unins000.dat
2009-11-14 20:55 . 2009-11-14 20:55 692821 ----a-w- c:\windows\unins000.exe
2009-11-10 19:24 . 2009-11-10 19:24 -------- d-----w- c:\program files\MSECache
2009-11-10 17:34 . 2009-11-10 17:33 -------- d-----w- c:\program files\PDFCreator
2009-11-10 17:24 . 2009-11-10 17:13 -------- d-----w- c:\program files\Total PDF Converter
2009-11-08 22:25 . 2009-09-20 14:40 -------- d-----w- c:\program files\The KMPlayer
2009-11-01 12:53 . 2009-11-01 12:48 -------- d-----w- c:\program files\Common Files\Ahead
2009-11-01 12:48 . 2009-11-01 12:48 -------- d-----w- c:\program files\Nero
2009-11-01 12:45 . 2009-09-20 14:54 -------- d-----w- c:\program files\Common Files\Nero
2009-11-01 11:57 . 2009-11-01 11:40 -------- d-----w- c:\program files\GM test pamětí
2009-10-31 17:16 . 2001-10-25 13:00 84026 ----a-w- c:\windows\system32\perfc005.dat
2009-10-31 17:16 . 2001-10-25 13:00 441542 ----a-w- c:\windows\system32\perfh005.dat
2009-10-18 08:52 . 2009-10-18 08:52 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2009-10-18 08:52 . 2009-10-18 08:52 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2009-10-11 03:17 . 2009-09-20 14:52 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-26 06:48 . 2009-09-20 14:22 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-26 06:48 . 2009-09-20 14:22 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-26 06:47 . 2009-09-20 14:22 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-09-25 21:22 . 2009-09-25 21:22 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-04 17:00 . 2009-09-04 17:00 916430 ----a-w- c:\program files\Apr2006_MDX1_x86.cab
.

------- Sigcheck -------

[-] 2008-12-19 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-12-19 . 97BF1C54DAF9FF61E897846DC7329CEF . 647680 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2008-12-19 . 5B2A55CFE0BD48D0C3322AFAA2F038A3 . 2307584 . . [5.1.2600.5657] . . c:\windows\system32\ntoskrnl.exe

[-] 2008-12-19 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2008-12-19 . D39127310CBAD1485EC5001A4ED1D853 . 1486336 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[-] 2008-12-26 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

[-] 2008-12-19 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

[-] 2008-12-26 . 277F450A2B1541C8E59F5148CAE1F7E8 . 2186240 . . [5.1.2600.5657] . . c:\windows\system32\ntkrnlpa.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-11 1276416]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-08-30 139264]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2008-12-26 77312]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-12-19 40960]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]

c:\documents and settings\Ichigo\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-8-24 101784]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"f:\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=

R0 VIBUS;VIBUS;c:\windows\system32\drivers\VIBUS.sys [29.12.2008 14:52 16896]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.7.2008 6:23 468224]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 15:49 13592]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25.9.2009 22:22 721904]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2008-08-26 07:26 124928 ----a-w- c:\windows\system32\advpack.dll
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ichigo\Data aplikací\Mozilla\Firefox\Profiles\jz4g7k6g.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - component: c:\documents and settings\Ichigo\Data aplikací\Mozilla\Firefox\Profiles\jz4g7k6g.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-NWEReboot - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-23 17:53
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1532)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll

- - - - - - - > 'lsass.exe'(1588)
c:\windows\system32\setupapi.dll
.
Celkový čas: 2009-12-23 17:54:28
ComboFix-quarantined-files.txt 2009-12-23 16:54

Před spuštěním: Volných bajtů: 24 586 862 592
Po spuštění: Volných bajtů: 26 162 880 512

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - ABB98A0CFED1B847F7091556BF1FD689

Damned · Příspěvekod **Damned** » 23 pro 2009 18:05

Odinstaluj si RegistryBooster.

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/u

Pokud nepůjde a ComboFix je na Ploše, tak Start-->Spustit a do řádku zkopíruj:

Kód: Vybrat vše

"%userprofile%\Plocha\combofix" /uninstall

Pokud ti nepůjde ani to tak najdi a smaž:
C:\327882R2FWJFW
C:\ComboFix
C:\Qoobox
C:\Combofix.txt
a Combofix.exe
Pak si stáhni OTCleanIt.
- Připoj se k internetu a dvojklikem spusť program
- Klikni na tlačítko CleanUp
- Po dokončení povol restart PC
- Po restartu tento nástroj smaž - není určen pro běžné používání

Vyčisti systém CCleanerem a použij i T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

tempus · Příspěvekod **tempus** » 23 pro 2009 18:45

OTL Extras logfile created on: 23.12.2009 18:33:45 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Ichigo\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 27,47 Gb Free Space | 56,27% Space Free | Partition Type: NTFS
Drive D: | 184,06 Gb Total Space | 26,52 Gb Free Space | 14,41% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 18,64 Gb Total Space | 0,73 Gb Free Space | 3,92% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1,92 Gb Total Space | 1,91 Gb Free Space | 99,47% Space Free | Partition Type: FAT

Computer Name: ASROCK
Current User Name: Ichigo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"F:\Sins of a Solar Empire\Sins of a Solar Empire.exe" = F:\Sins of a Solar Empire\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire -- (Ironclad Games)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
"{0648B1F4-A7CF-68ED-EDED-BA0A8038CD5B}" = Catalyst Control Center Core Implementation
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{07B5FCA5-2B1F-E26C-95FF-57EBEF4C1989}" = Catalyst Control Center Localization All
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0EB5340D-F940-3252-317B-478A1B953ADA}" = CCC Help Hungarian
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}" = Canon MF Toolbox 4.9.1.1.mf05
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2EBEEB88-BAA0-4E11-7D39-5B8AFB1E4904}" = Catalyst Control Center Graphics Full New
"{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36AD13A4-AEE0-24F6-AA8F-0C6E681DECC1}" = Catalyst Control Center HydraVision Full
"{3BDDF462-8A95-4C50-86DA-4D41F3483EA5}" = Canon MF Toolbox 4.9.1.1.mf05
"{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer
"{41B60BE2-2AD5-4407-82A3-CAC011722891}" = CCC Help English
"{4620539C-8EB4-2AFE-1C27-BF9C4BA946CC}" = CCC Help Greek
"{54EA9D81-706B-F010-532A-0BD955CF00FD}" = Catalyst Control Center Localization All
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A254EF7-3E09-038C-F9FC-1A8435E03CE0}" = ccc-core-static
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6428883D-64B5-A88F-7A53-355E7DD2D904}" = ccc-utility
"{6498CADD-7981-1575-0078-BB9861079B38}" = Catalyst Control Center Graphics Previews Common
"{6523912B-1853-8E2F-E7E7-BC81D4035B96}" = ccc-core-preinstall
"{667A316D-2841-4A37-8930-D358CCBAE3BA}" = ESET Smart Security
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BAE9543-A8E1-2C9D-5FFA-7B51706C52C3}" = Catalyst Control Center HydraVision Full
"{6E60D77A-206D-EB9D-CFE4-1CDC12EBFC11}" = Catalyst Control Center Graphics Light
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{8758AEEF-B285-FC70-7266-68B0C1E4427B}" = CCC Help English
"{8B184BEE-318C-E789-D988-1BB0708D99FE}" = Catalyst Control Center Graphics Full Existing
"{8F4B3D43-7A0A-6DAC-A4BF-42865B2E9EF4}" = Catalyst Control Center Graphics Full Existing
"{900A29A0-52BA-4a78-8E6C-5F4F821397CE}" = Canon MF4010 Series
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{3C3813E1-C370-4F32-9639-8B43C7C780CD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{F67648A4-713E-4298-BBAD-A83D8283B0F3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB9CEADA-E008-4219-B665-B7B4B8317A61}" =
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{2659571A-3405-4486-B7D8-2F125BC0E3B2}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{943D534F-B17D-4D52-9AC4-AE8DE38D3BF4}" = Canon MF Toolbox 4.9.1.1.mf05
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{AA4469D9-F78A-AD5E-857E-0083E183DC3C}" = Catalyst Control Center Graphics Full New
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{AF280B6D-7C2E-156C-E416-33E880233D77}" = CCC Help Spanish
"{B0020634-3C3E-A66A-1CB3-DD73B441C21C}" = Catalyst Control Center Core Implementation
"{B123EBD8-89B7-4834-B06D-F758815E1029}" = Nero 7 Premium
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B5DE553F-E158-2468-1927-A7F6B255823D}" = ccc-core-static
"{B6C16142-FD10-9698-9237-9603B09D90EE}" = CCC Help Italian
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C3533E6A-5C16-489A-9CB1-F190439F071B}_is1" = Sins of a Solar Empire
"{C87C1929-A569-A5CF-B423-6F6245B65A68}" = ccc-core-preinstall
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DD929BD3-5D41-4407-BE04-119B4A631869}" = Canon MF Toolbox 4.9.1.1.mf05
"{E02F11FF-DE47-7D17-2DAF-C914A4EF7935}" = Catalyst Control Center Graphics Light
"{E05DB37A-ED2A-A026-73E0-4C1855914EC4}" = CCC Help Portuguese
"{EF1F9A01-578D-6324-A490-BF9C8DDE421A}" = CCC Help Polish
"{F01B7EF4-F487-4948-AA18-5332FE5495C9}" = Medieval - Total War - Gold Edition
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F39FBC8B-FBC2-FDBB-1D32-9D5BCB5ACE3C}" = CCC Help French
"{F5046F9F-D0B8-05D4-6FB4-FF8314B0862D}" = ccc-utility
"{FD93D7F1-9631-7477-F88D-FF53976D83C3}" = Catalyst Control Center Graphics Previews Common
"{FFDEBCEC-2CC5-6AB0-260A-22EA03E9895E}" = CCC Help German
"7-Zip" = 7-Zip 4.57
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"Combined Community Codec Pack BETA_is1" = Combined Community Codec Pack BETA 2009-09-19
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Gish" = Gish
"InstallShield_{F01B7EF4-F487-4948-AA18-5332FE5495C9}" = Medieval - Total War - Gold Edition
"Jewel Quest 2_is1" = Jewel Quest 2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"Rapidshare Search Tool_is1" = Rapidshare Search Tool
"Star Wars The Force Unleashed_is1" = Star Wars The Force Unleashed
"The KMPlayer" = The KMPlayer (remove only)
"Undelete Plus_is1" = Undelete Plus 2.93
"Warlords Battlecry III Demo" = Warlords Battlecry III Demo
"Windows Sidebar" = Postranní panel systému Windows
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.12.2009 14:43:35 | Computer Name = ASROCK | Source = WinDefendRtp | ID = 3002
Description = Agent ochrany v reálném čase programu %%827 zjistil chybu a nepodařilo
se jej spustit. Uživatel: ASROCK\Ichigo Agent: AutoStartAgent Kód chyby: 0x8007139f

Popis
chyby: Skupina nebo prostředek nejsou ve správném stavu, aby mohly uskutečnit požadovanou
operaci.

Error - 10.12.2009 15:10:04 | Computer Name = ASROCK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ICQ.exe, verze 6.5.0.1042, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.12.2009 11:52:07 | Computer Name = ASROCK | Source = WinDefendRtp | ID = 3002
Description = Agent ochrany v reálném čase programu %%827 zjistil chybu a nepodařilo
se jej spustit. Uživatel: ASROCK\Ichigo Agent: AutoStartAgent Kód chyby: 0x8007139f

Popis
chyby: Skupina nebo prostředek nejsou ve správném stavu, aby mohly uskutečnit požadovanou
operaci.

Error - 12.12.2009 11:40:19 | Computer Name = ASROCK | Source = WinDefendRtp | ID = 3002
Description = Agent ochrany v reálném čase programu %%827 zjistil chybu a nepodařilo
se jej spustit. Uživatel: ASROCK\Ichigo Agent: AutoStartAgent Kód chyby: 0x8007139f

Popis
chyby: Skupina nebo prostředek nejsou ve správném stavu, aby mohly uskutečnit požadovanou
operaci.

Error - 12.12.2009 15:00:31 | Computer Name = ASROCK | Source = WinDefendRtp | ID = 3002
Description = Agent ochrany v reálném čase programu %%827 zjistil chybu a nepodařilo
se jej spustit. Uživatel: ASROCK\Ichigo Agent: AutoStartAgent Kód chyby: 0x8007139f

Popis
chyby: Skupina nebo prostředek nejsou ve správném stavu, aby mohly uskutečnit požadovanou
operaci.

Error - 12.12.2009 15:30:19 | Computer Name = ASROCK | Source = WinDefendRtp | ID = 3002
Description = Agent ochrany v reálném čase programu %%827 zjistil chybu a nepodařilo
se jej spustit. Uživatel: ASROCK\Ichigo Agent: AutoStartAgent Kód chyby: 0x8007139f

Popis
chyby: Skupina nebo prostředek nejsou ve správném stavu, aby mohly uskutečnit požadovanou
operaci.

Error - 12.12.2009 18:07:11 | Computer Name = ASROCK | Source = WinDefendRtp | ID = 3002
Description = Agent ochrany v reálném čase programu %%827 zjistil chybu a nepodařilo
se jej spustit. Uživatel: ASROCK\Ichigo Agent: AutoStartAgent Kód chyby: 0x8007139f

Popis
chyby: Skupina nebo prostředek nejsou ve správném stavu, aby mohly uskutečnit požadovanou
operaci.

Error - 13.12.2009 12:29:59 | Computer Name = ASROCK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace TOTALCMD.EXE, verze 7.0.4.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.12.2009 14:14:51 | Computer Name = ASROCK | Source = WinDefendRtp | ID = 3002
Description = Agent ochrany v reálném čase programu %%827 zjistil chybu a nepodařilo
se jej spustit. Uživatel: ASROCK\Ichigo Agent: AutoStartAgent Kód chyby: 0x8007139f

Popis
chyby: Skupina nebo prostředek nejsou ve správném stavu, aby mohly uskutečnit požadovanou
operaci.

Error - 15.12.2009 14:19:08 | Computer Name = ASROCK | Source = WinDefendRtp | ID = 3002
Description = Agent ochrany v reálném čase programu %%827 zjistil chybu a nepodařilo
se jej spustit. Uživatel: ASROCK\Ichigo Agent: AutoStartAgent Kód chyby: 0x8007139f

Popis
chyby: Skupina nebo prostředek nejsou ve správném stavu, aby mohly uskutečnit požadovanou
operaci.

[ System Events ]
Error - 21.12.2009 11:26:58 | Computer Name = ASROCK | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 001966D63533
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 22.12.2009 14:10:29 | Computer Name = ASROCK | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 001966D63533
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 23.12.2009 10:39:28 | Computer Name = ASROCK | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 001966D63533
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 23.12.2009 12:17:56 | Computer Name = ASROCK | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 001966D63533
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

tempus · Příspěvekod **tempus** » 23 pro 2009 18:47

OTL má příliš mnoho znaků, takže tady je první polovina..

OTL logfile created on: 23.12.2009 18:33:45 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\Ichigo\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 27,47 Gb Free Space | 56,27% Space Free | Partition Type: NTFS
Drive D: | 184,06 Gb Total Space | 26,52 Gb Free Space | 14,41% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 18,64 Gb Total Space | 0,73 Gb Free Space | 3,92% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1,92 Gb Total Space | 1,91 Gb Free Space | 99,47% Space Free | Partition Type: FAT

Computer Name: ASROCK
Current User Name: Ichigo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ichigo\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe ()
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Ichigo\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll (ScanSoft, Inc.)

========== Win32 Services (SafeList) ==========

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (NBService) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)

========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (GEARAspiWDM) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (VIBUS) -- C:\WINDOWS\system32\drivers\VIBUS.sys (VIA Technologies, Inc.)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (epfwtdi) -- C:\WINDOWS\system32\drivers\epfwtdi.sys (ESET)
DRV - (Epfwndis) -- C:\WINDOWS\system32\drivers\epfwndis.sys (ESET)
DRV - (epfw) -- C:\WINDOWS\system32\drivers\epfw.sys (ESET)
DRV - (easdrv) -- C:\WINDOWS\system32\drivers\easdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (TosRfSnd) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (nvport) -- C:\WINDOWS\system32\drivers\nvport.sys (NVIDIA Corporation.)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ROOTMODEM) -- C:\WINDOWS\system32\drivers\rootmdm.sys (Microsoft Corporation)
DRV - (FETNDIS) -- C:\WINDOWS\system32\drivers\fetnd5.sys (VIA Technologies, Inc. )

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.4.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.6
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.09.20 15:52:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.12.18 17:49:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.12.18 17:49:24 | 00,000,000 | ---D | M]

[2009.09.20 16:42:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ichigo\Data aplikací\Mozilla\Extensions
[2009.09.20 16:42:29 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ichigo\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.12.23 16:01:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ichigo\Data aplikací\Mozilla\Firefox\Profiles\jz4g7k6g.default\extensions
[2009.11.28 22:05:48 | 00,000,000 | ---D | M] (BS Player Toolbar) -- C:\Documents and Settings\Ichigo\Data aplikací\Mozilla\Firefox\Profiles\jz4g7k6g.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.12.23 15:59:12 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.12.18 17:49:19 | 00,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.09.20 15:52:59 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.09.20 18:08:29 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.02 19:09:48 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2009.12.18 17:49:18 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009.12.18 17:49:18 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.10.11 04:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.12.18 17:49:19 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006.10.26 16:42:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009.02.27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2008.08.08 04:00:00 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008.08.08 04:00:00 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009.10.16 19:15:30 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009.10.16 19:15:30 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.10.16 19:15:30 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.10.16 19:15:30 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.10.16 19:15:30 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.10.16 19:15:30 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
[2009.11.10 18:34:29 | 00,000,808 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (737 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ichigo\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles (Guliwer Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.10 20:18:14 | 00,000,000 | ---D | M] - D:\Autodesk AutoCAD 2009 -- [ NTFS ]
O32 - AutoRun File - [2009.06.26 19:13:35 | 00,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2005.12.06 11:01:58 | 00,000,000 | -H-- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.26 19:13:36 | 00,000,000 | R--D | M] - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009.12.23 18:32:08 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ichigo\Plocha\OTL.exe
[2009.12.23 18:26:37 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Ichigo\Recent
[2009.12.23 18:26:27 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009.12.23 17:51:16 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009.12.23 17:19:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Data aplikací\Malwarebytes
[2009.12.23 17:19:45 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.12.23 17:19:43 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.12.23 17:19:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.12.23 17:19:42 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.12.22 19:20:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Plocha\2009-12-22
[2009.12.20 11:20:30 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2009.12.13 19:53:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Data aplikací\InstallShield
[2009.12.13 18:54:31 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009.12.13 18:54:31 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Ichigo\Data aplikací\SecuROM
[2009.12.13 02:28:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Saved Games
[2009.12.13 02:27:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Data aplikací\iWin
[2009.12.13 02:27:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.12.13 02:26:51 | 00,000,000 | ---D | C] -- C:\Program Files\Jewel Quest 2
[2009.12.12 22:24:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Rapidshare Search Tool
[2009.12.12 22:24:46 | 00,000,000 | ---D | C] -- C:\Program Files\MP Software
[2009.12.12 16:57:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Plocha\2009-12-12
[2009.12.06 11:47:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Dokumenty\NeroVision
[2009.12.05 18:34:41 | 00,000,000 | ---D | C] -- C:\Program Files\FreeRapid-0.83u1
[2009.12.02 19:09:47 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009.12.02 19:09:47 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009.12.02 19:09:47 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009.12.02 15:54:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Data aplikací\TOSHIBA
[2009.12.01 19:09:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Local Settings\Data aplikací\ESET
[2009.12.01 18:38:25 | 00,000,000 | ---D | C] -- C:\Program Files\Runtime Software
[2009.12.01 18:24:36 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2009.11.30 00:35:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Dokumenty\Aspyr
[2009.11.30 00:35:08 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009.11.30 00:35:07 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009.11.30 00:35:07 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009.11.30 00:35:06 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009.11.30 00:35:06 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009.11.30 00:35:05 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009.11.30 00:35:05 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009.11.30 00:35:04 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009.11.30 00:35:04 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009.11.30 00:35:03 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009.11.30 00:35:03 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009.11.30 00:35:03 | 00,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009.11.30 00:35:02 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009.11.30 00:35:01 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009.11.30 00:35:01 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009.11.30 00:35:01 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009.11.30 00:35:00 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009.11.30 00:35:00 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009.11.30 00:35:00 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009.11.30 00:34:59 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009.11.30 00:34:59 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009.11.30 00:34:58 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009.11.30 00:34:58 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009.11.30 00:34:57 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009.11.30 00:34:57 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009.11.30 00:34:57 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009.11.30 00:34:56 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009.11.30 00:34:55 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009.11.30 00:34:55 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009.11.30 00:34:55 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009.11.30 00:34:54 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009.11.30 00:34:54 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009.11.30 00:34:54 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009.11.30 00:34:53 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009.11.30 00:34:53 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009.11.30 00:34:52 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009.11.30 00:34:52 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009.11.30 00:34:51 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009.11.30 00:34:51 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009.11.30 00:34:50 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009.11.30 00:34:50 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009.11.30 00:34:49 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009.11.30 00:34:49 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009.11.30 00:34:48 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009.11.30 00:34:47 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009.11.30 00:34:47 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009.11.30 00:34:47 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009.11.30 00:34:46 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009.11.30 00:34:46 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009.11.30 00:34:46 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009.11.30 00:34:45 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009.11.30 00:34:45 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009.11.30 00:34:44 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009.11.30 00:34:44 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009.11.30 00:34:43 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009.11.30 00:34:42 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009.11.30 00:34:42 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009.11.30 00:34:40 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009.11.30 00:34:40 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009.11.30 00:34:40 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009.11.30 00:34:40 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009.11.30 00:34:39 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009.11.30 00:34:39 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009.11.30 00:34:39 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009.11.30 00:34:39 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009.11.30 00:34:39 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009.11.30 00:34:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009.11.29 23:17:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Data aplikací\Uniblue
[2009.11.29 19:26:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Dokumenty\Bluetooth
[2009.11.29 19:25:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Local Settings\Data aplikací\Toshiba
[2009.11.29 19:12:36 | 00,041,856 | ---- | C] (TOSHIBA CORPORATION) -- C:\WINDOWS\System32\drivers\tosrfusb.sys
[2009.11.29 19:12:35 | 00,131,712 | ---- | C] (TOSHIBA CORPORATION) -- C:\WINDOWS\System32\drivers\tosrfbd.sys
[2009.11.29 19:12:35 | 00,074,112 | ---- | C] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\drivers\Tosrfhid.sys
[2009.11.29 19:12:33 | 00,054,144 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\drivers\TosRfSnd.sys
[2009.11.29 19:12:33 | 00,036,608 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\drivers\tosrfbnp.sys
[2009.11.29 19:12:33 | 00,018,612 | ---- | C] (TOSHIBA Corporation.) -- C:\WINDOWS\System32\drivers\tosrfnds.sys
[2009.11.29 19:12:32 | 00,064,128 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\drivers\tosrfcom.sys
[2009.11.29 19:12:28 | 00,041,472 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\drivers\tosporte.sys
[2009.11.29 19:11:59 | 00,000,000 | ---D | C] -- C:\Program Files\Toshiba
[2009.11.29 17:54:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ichigo\Local Settings\Data aplikací\Aspyr
[2009.09.25 13:12:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.09.20 15:33:42 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.09.20 15:33:28 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.09.20 15:33:15 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.09.20 15:24:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.09.04 18:01:10 | 00,525,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2009.09.04 18:01:08 | 01,691,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2009.09.04 18:01:08 | 00,094,024 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

Počítač se sám od sebe restartuje Vyřešeno

Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Re: Počítač se sám od sebe restartuje

Kdo je online