Desktop security 2010

Zpráva

hacuc · #16 Příspěvek od **hacuc** » 19 dub 2010 14:08

Zatím se toho moc nezměnilo, ta potvora se furt drží jak helvétská víra. Ale avast už provedl a odstranil 2 další detekce nějaké havěti. Až z dostaneme i Desktop Security, tak mě čeká v jejím počítači velký úklid. ...přežijí jen dokumenty

#17 Příspěvek od **Caroprd111** » 19 dub 2010 14:09

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

hacuc · #18 Příspěvek od **hacuc** » 19 dub 2010 14:13

napadá mě ještě jedna věc, po startu počítače při první příležitosti spouštím program Rkill, který stopne Deskpotvoru...
předtím to byl jediný způsob jak s notebookem pracovat, protože hlášky o 97 infikovaných souborech vyskakovaly cca každých 5 sekund. Možná bych ale měl teď nechat desktop sec. normálně běžet, abysme na něj mohli, ...

#19 Příspěvek od **Caroprd111** » 19 dub 2010 14:16

Pokud je to možné, tak ho nechte běžet.

hacuc · #20 Příspěvek od **hacuc** » 19 dub 2010 14:45

Stejně koukám, jaká je to mrcha! Teď, po restartu, ho nechám běžet a votravuje a votravuje.... grrrr

#21 Příspěvek od **Caroprd111** » 19 dub 2010 14:46

Počkám na log z OTL, poté viry pomocí skriptu smažeme.

hacuc · #22 Příspěvek od **hacuc** » 19 dub 2010 15:02

Mám trochu problém s OTL, sken doběhne, pak se ale program kousne...

PS: Docela se autorům D.S. 2010 povedl skin, jako běžný uživatel bych klik na první "OK" který z toho vyskočí ...

#23 Příspěvek od **Caroprd111** » 19 dub 2010 15:03

Zkuste to v nouzovém režimu.

hacuc · #24 Příspěvek od **hacuc** » 19 dub 2010 15:36

Vypadá to bledě, stejně jako předtím OTL dojede test a zamrzne

#25 Příspěvek od **Caroprd111** » 19 dub 2010 15:41

Zkuste spustit OTL bez skriptu (nic nezadávat jen stisknout tl. Prohledat).

hacuc · #26 Příspěvek od **hacuc** » 19 dub 2010 16:07

tak, po krátkém boji logy z otl

OTL logfile created on: 19.4.2010 16:57:03 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\Evík\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 014,00 Mb Total Physical Memory | 528,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,73 Gb Total Space | 16,36 Gb Free Space | 31,04% Space Free | Partition Type: NTFS
Drive D: | 53,19 Gb Total Space | 0,43 Gb Free Space | 0,80% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 109,13 Mb Total Space | 105,62 Mb Free Space | 96,79% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
Drive H: | 7,52 Gb Total Space | 7,46 Gb Free Space | 99,26% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: EMÁNEK
Current User Name: Evík
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.19 15:14:04 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evík\Plocha\OTL.exe
PRC - [2010.04.19 15:03:56 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Evík\Local Settings\temp\RtkBtMnt.exe
PRC - [2010.04.15 14:51:46 | 000,147,968 | ---- | M] () -- C:\Documents and Settings\Evík\Data aplikací\Desktop Security 2010\securitycenter.exe
PRC - [2010.03.09 12:24:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.03.09 12:24:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.12 02:05:04 | 001,531,989 | ---- | M] (The Firebird Project) -- C:\Program Files\Firebird\bin\fbserver.exe
PRC - [2007.12.12 02:05:04 | 000,065,536 | ---- | M] (The Firebird Project) -- C:\Program Files\Firebird\bin\fbguard.exe
PRC - [2007.07.12 12:36:40 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
PRC - [2007.07.11 15:07:46 | 000,421,888 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007.07.04 12:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007.06.15 15:00:08 | 000,368,640 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2007.06.14 20:21:00 | 000,850,704 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007.06.13 21:55:52 | 000,166,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2007.05.28 16:56:16 | 000,342,528 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2007.03.21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.03.21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.03.06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007.03.02 12:25:08 | 000,208,896 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
PRC - [2007.03.01 19:21:52 | 000,024,576 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2006.04.14 10:07:20 | 028,933,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2005.01.07 17:30:56 | 000,864,256 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe

========== Modules (SafeList) ==========

MOD - [2010.04.19 15:14:04 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evík\Plocha\OTL.exe
MOD - [2008.04.14 05:21:49 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008.04.14 05:21:45 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2007.05.28 16:55:16 | 000,024,064 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\MSNChatHook.dll
MOD - [2007.05.28 16:54:22 | 000,077,824 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\ShowErrMsg.dll
MOD - [2007.05.28 16:54:18 | 000,167,936 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\sysenv.dll
MOD - [2007.01.08 22:17:44 | 000,502,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2007.01.04 16:04:52 | 000,199,168 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\CryptoAPI.dll
MOD - [2006.02.22 12:19:46 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc71u.dll
MOD - [2005.10.11 14:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2004.08.18 05:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2003.02.21 05:42:20 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2010.03.09 12:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.03.09 12:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.03.09 12:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.12.12 02:05:04 | 001,531,989 | ---- | M] (The Firebird Project) [On_Demand | Running] -- C:\Program Files\Firebird\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.12 02:05:04 | 000,065,536 | ---- | M] (The Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2007.03.21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.03.06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2007.03.01 19:21:52 | 000,024,576 | ---- | M] ( ) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2006.04.14 10:07:20 | 028,933,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2006.04.14 10:05:58 | 000,240,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2006.04.14 10:04:54 | 000,087,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2005.10.14 03:50:20 | 000,045,272 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)

========== Driver Services (SafeList) ==========

DRV - [2010.03.09 12:12:54 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.03.09 12:12:33 | 000,162,640 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.03.09 12:09:08 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.03.09 12:08:41 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.03.09 12:08:30 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.03.09 12:08:15 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.22 16:32:37 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 20:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 20:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008.04.13 20:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.08.14 08:09:30 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007.07.31 11:43:44 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.07.31 11:43:44 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2007.07.31 11:43:42 | 000,014,120 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2007.06.14 20:23:00 | 000,017,408 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2007.06.06 00:48:58 | 005,761,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007.05.30 20:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.05.28 16:55:20 | 000,060,416 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007.05.28 16:54:40 | 000,012,800 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdfilter.sys -- (psdfilter)
DRV - [2007.05.02 11:09:26 | 010,222,720 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2007.05.02 03:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007.03.21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007.02.16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006.12.22 20:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006.12.22 20:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006.12.22 20:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006.10.13 00:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006.04.04 23:20:37 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2005.12.16 16:15:06 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005.02.23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.01.13 15:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
DRV - [2004.10.15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2003.09.20 09:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.10.24 11:54:40 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001.08.17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.17 10:36:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.19\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

O1 HOSTS File: ([2004.08.18 05:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKCU..\Run: [SecurityCenter] C:\Documents and Settings\Evík\Data aplikací\Desktop Security 2010\securitycenter.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: cpp.cz ([sus] https in Důvěryhodné servery)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Evík\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Evík\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.04.19 11:31:32 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.04.19 11:31:34 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010.04.19 11:31:34 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.19 16:41:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.04.19 16:40:10 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010.04.19 16:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evík\Plocha\ikony
[2010.04.19 15:15:27 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Evík\Plocha\OTL.exe
[2010.04.19 12:36:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Evík\Recent
[2010.04.19 11:44:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.04.19 11:44:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.04.19 11:44:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.04.19 11:44:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.04.19 11:43:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.04.19 11:40:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.04.19 11:31:32 | 000,000,000 | R--D | C] -- C:\autorun.inf
[2010.04.19 10:56:53 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.04.17 21:54:15 | 000,162,640 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.04.17 21:54:15 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.04.17 21:54:14 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.04.17 21:54:14 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.04.17 21:54:14 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.04.17 21:54:14 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.04.17 21:54:14 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.04.17 21:54:03 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.04.17 21:54:03 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010.04.17 21:53:54 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.04.17 21:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.04.16 15:53:53 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.16 14:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evík\Data aplikací\Desktop Security 2010
[2010.04.16 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evík\Data aplikací\Malwarebytes
[2010.04.16 12:08:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.16 12:08:06 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.16 12:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.04.16 12:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.04.11 12:18:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evík\Plocha\AKUTNÍ - ŠKOLA
[2010.03.25 14:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evík\Dokumenty\Nová složka
[2010.03.25 12:33:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evík\Dokumenty\FOTKY Zlatíčka
[2010.03.21 19:40:39 | 000,356,437 | ---- | C] (The Firebird Project) -- C:\WINDOWS\System32\GDS32.DLL
[2010.03.21 19:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\Firebird
[2010.03.21 19:40:18 | 000,000,000 | ---D | C] -- C:\GEN
[2010.03.21 19:40:07 | 000,356,437 | ---- | C] (The Firebird Project) -- C:\WINDOWS\System\GDS32.DLL
[2010.03.21 19:40:07 | 000,266,293 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVCRT.DLL
[2009.12.31 15:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2009.06.14 11:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.06.13 21:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.03.03 13:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.03.03 13:00:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.03.03 13:00:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.03.03 13:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.06.10 22:17:56 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2008.06.10 22:17:56 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2008.06.10 22:17:56 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2008.06.10 22:17:56 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2008.03.07 12:06:25 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Evík\Data aplikací\pcouffin.sys
[2007.12.24 06:34:33 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.19 16:51:01 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.04.19 16:51:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.19 16:50:39 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.19 16:50:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.19 16:50:30 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.19 16:49:36 | 005,767,168 | -H-- | M] () -- C:\Documents and Settings\Evík\ntuser.dat
[2010.04.19 16:49:36 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Evík\ntuser.ini
[2010.04.19 16:31:37 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010.04.19 16:20:41 | 000,000,133 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\cmd.bat
[2010.04.19 15:47:12 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.19 15:14:04 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Evík\Plocha\OTL.exe
[2010.04.19 14:43:41 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.19 11:37:48 | 006,675,223 | ---- | M] () -- C:\UsbFix_Upload_Me_EMÁNEK.zip
[2010.04.19 10:42:46 | 001,777,683 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\UsbFix.exe
[2010.04.18 01:04:39 | 115,343,872 | -HS- | M] () -- C:\eDS_PSD_drive.vmdf
[2010.04.17 23:32:19 | 000,000,424 | ---- | M] () -- C:\WINDOWS\zipgenius.xml
[2010.04.17 21:54:15 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.04.17 21:54:14 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.04.17 14:48:30 | 003,916,775 | R--- | M] () -- C:\Documents and Settings\Evík\Plocha\ComboFix.exe
[2010.04.16 16:21:20 | 000,451,584 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\CKScanner.exe
[2010.04.16 15:51:50 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\RSIT.exe
[2010.04.16 14:34:00 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\rkill.com
[2010.04.16 12:08:14 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.04.15 20:39:43 | 000,002,254 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\Google Chrome.lnk
[2010.04.12 20:26:39 | 000,492,276 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.12 20:26:39 | 000,489,078 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.04.12 20:26:39 | 000,102,118 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.04.12 20:26:39 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.12 20:26:37 | 001,190,882 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.11 21:45:33 | 000,630,997 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\zelesa001.pdf
[2010.04.10 22:20:07 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010.04.10 22:20:07 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010.04.10 18:10:26 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\AEGON Expert 2.0.lnk
[2010.04.07 14:34:26 | 002,387,456 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\Conseq Pavel Lejček.xls
[2010.04.07 10:02:48 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\Evík\Data aplikací\AVSMediaPlayer.m3u
[2010.04.07 09:56:47 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Evík\Dokumenty\PORADY.doc
[2010.04.06 17:52:11 | 000,522,619 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\Pavel Lejček.pdf
[2010.04.06 13:52:28 | 000,001,775 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Abakus.lnk
[2010.03.31 14:16:47 | 000,252,744 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\scandist Procházka
[2010.03.31 13:20:39 | 000,075,918 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\Kontakty_na_centralu_2010_02.pdf
[2010.03.31 08:02:10 | 001,486,621 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\aviva Molová.pdf
[2010.03.30 21:37:48 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.25 14:44:09 | 002,647,224 | -H-- | M] () -- C:\Documents and Settings\Evík\Local Settings\Data aplikací\IconCache.db
[2010.03.25 14:07:49 | 001,827,976 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\Hlavní foto.jpg
[2010.03.23 16:54:30 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\Generali - chyby u Allegra.doc
[2010.03.23 10:45:36 | 000,084,721 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\BMW1.pdf
[2010.03.21 19:40:07 | 000,356,437 | ---- | M] (The Firebird Project) -- C:\WINDOWS\System\GDS32.DLL
[2010.03.21 19:40:07 | 000,266,293 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System\MSVCRT.DLL
[2010.03.21 19:39:55 | 048,868,352 | ---- | M] () -- C:\Documents and Settings\Evík\Plocha\Poradce1.26.1.MAKFAC.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.19 16:50:30 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.19 16:31:37 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010.04.19 15:27:31 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\cmd.bat
[2010.04.19 11:44:00 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.04.19 11:44:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.04.19 11:44:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.04.19 11:44:00 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.04.19 11:44:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.04.19 11:40:43 | 003,916,775 | R--- | C] () -- C:\Documents and Settings\Evík\Plocha\ComboFix.exe
[2010.04.19 11:37:45 | 006,675,223 | ---- | C] () -- C:\UsbFix_Upload_Me_EMÁNEK.zip
[2010.04.19 10:56:52 | 001,777,683 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\UsbFix.exe
[2010.04.17 21:54:56 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\RSIT.exe
[2010.04.17 21:54:15 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.04.16 16:25:38 | 000,451,584 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\CKScanner.exe
[2010.04.16 16:11:27 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\rkill.com
[2010.04.16 12:08:14 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.04.11 21:45:30 | 000,630,997 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\zelesa001.pdf
[2010.04.10 22:20:07 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010.04.10 22:20:07 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010.04.07 14:34:24 | 002,387,456 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\Conseq Pavel Lejček.xls
[2010.04.07 09:56:14 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Evík\Dokumenty\PORADY.doc
[2010.04.06 17:52:11 | 000,522,619 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\Pavel Lejček.pdf
[2010.04.06 13:51:56 | 000,001,775 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Abakus.lnk
[2010.03.31 14:16:46 | 000,252,744 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\scandist Procházka
[2010.03.31 08:02:02 | 001,486,621 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\aviva Molová.pdf
[2010.03.25 14:07:48 | 001,827,976 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\Hlavní foto.jpg
[2010.03.23 17:18:11 | 000,075,918 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\Kontakty_na_centralu_2010_02.pdf
[2010.03.23 16:54:29 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\Generali - chyby u Allegra.doc
[2010.03.23 10:45:36 | 000,084,721 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\BMW1.pdf
[2010.03.21 19:39:44 | 048,868,352 | ---- | C] () -- C:\Documents and Settings\Evík\Plocha\Poradce1.26.1.MAKFAC.exe
[2010.01.05 23:07:33 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Evík\Data aplikací\AVSMediaPlayer.m3u
[2009.10.24 12:59:45 | 000,000,407 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.10.24 12:54:28 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2009.10.20 20:31:09 | 002,656,928 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.10.20 12:44:14 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2009.09.11 11:13:15 | 000,000,394 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2009.09.11 11:12:54 | 000,001,191 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009.09.11 11:09:46 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\HPPCPR01.DLL
[2009.09.04 20:50:10 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.07.22 16:42:00 | 000,000,092 | ---- | C] () -- C:\WINDOWS\SILCOM_P.INI
[2009.07.22 16:39:11 | 000,000,099 | ---- | C] () -- C:\WINDOWS\ALIK.INI
[2009.07.22 16:32:36 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.02.12 11:12:08 | 000,044,098 | ---- | C] () -- C:\Documents and Settings\Evík\usrlgo.bmp
[2008.11.24 23:09:37 | 000,002,854 | ---- | C] () -- C:\Documents and Settings\Evík\Data aplikací\mainhst.zgh
[2008.07.08 20:17:08 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX6000EFDG.ini
[2008.07.08 19:47:15 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX6000.ini
[2008.07.06 09:37:19 | 000,003,672 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2008.07.01 12:05:12 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008.07.01 11:55:15 | 000,007,893 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2008.06.10 22:18:02 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008.05.18 13:06:41 | 000,000,783 | ---- | C] () -- C:\WINDOWS\NTIWVEDT.INI
[2008.03.17 19:38:22 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDMKR32.INI
[2008.03.07 12:06:29 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Evík\Data aplikací\pcouffin.log
[2008.03.07 12:06:25 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Evík\Data aplikací\inst.exe
[2008.03.07 12:06:25 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Evík\Data aplikací\pcouffin.cat
[2008.03.07 12:06:25 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Evík\Data aplikací\pcouffin.inf
[2008.02.18 22:26:18 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.02.18 22:09:44 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Evík\default.pls
[2008.02.18 20:53:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.02.18 20:47:14 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.02.18 20:47:14 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.02.18 20:47:13 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.02.18 20:47:12 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.02.18 20:47:12 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.01.27 23:03:42 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\Evík\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.29 18:42:52 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Evík\BackupResult.DAT
[2007.12.29 18:19:39 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2007.12.28 21:48:50 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007.12.26 00:51:36 | 000,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007.12.26 00:51:36 | 000,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007.12.26 00:51:36 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007.12.26 00:51:36 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007.12.26 00:51:36 | 000,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007.12.26 00:51:36 | 000,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007.12.24 06:37:38 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2007.12.24 06:35:43 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NATTraversal.dll
[2007.12.24 06:34:33 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2007.12.24 06:30:42 | 005,767,168 | -H-- | C] () -- C:\Documents and Settings\Evík\ntuser.dat
[2007.12.24 06:30:42 | 000,016,384 | -H-- | C] () -- C:\Documents and Settings\Evík\ntuser.dat.LOG
[2007.12.24 06:30:42 | 000,000,272 | -HS- | C] () -- C:\Documents and Settings\Evík\ntuser.ini
[2007.12.24 06:30:42 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Evík\Local Settings\Data aplikací\fusioncache.dat
[2007.12.24 06:29:39 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2007.12.24 06:29:39 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2007.12.23 07:35:51 | 000,000,037 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini
[2007.08.14 09:09:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.08.14 08:10:04 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2007.08.14 08:09:32 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2007.08.14 08:09:32 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2007.08.14 08:09:32 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2007.06.05 16:24:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4837.dll
[2007.06.05 15:48:58 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007.05.28 16:56:14 | 001,411,584 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
[2007.05.28 16:55:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2007.05.28 16:54:32 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll
[2007.01.04 16:10:22 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys
[2006.03.10 14:18:16 | 000,036,404 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.08.18 05:00:00 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003.11.24 15:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll
[2003.11.24 15:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001.07.07 03:00:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
< End of report >

hacuc · #27 Příspěvek od **hacuc** » 19 dub 2010 16:08

+ extra

OTL Extras logfile created on: 19.4.2010 16:57:03 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\Evík\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 014,00 Mb Total Physical Memory | 528,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52,73 Gb Total Space | 16,36 Gb Free Space | 31,04% Space Free | Partition Type: NTFS
Drive D: | 53,19 Gb Total Space | 0,43 Gb Free Space | 0,80% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 109,13 Mb Total Space | 105,62 Mb Free Space | 96,79% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
Drive H: | 7,52 Gb Total Space | 7,46 Gb Free Space | 99,26% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: EMÁNEK
Current User Name: Evík
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Documents and Settings\Evík\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Documents and Settings\Evík\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FreeCommander] -- C:\Program Files\FreeCommander\FreeCommander.exe /C "%1" (Marek Jasinski - www.FreeCommander.com)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"C:\Program Files\MSI\MyGuard Live\MyGuard Live.exe" = C:\Program Files\MSI\MyGuard Live\MyGuard Live.exe:*:Enabled:MyGuard -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{23E797E9-F852-4AEA-93F0-772ED2B9D9F9}" = OpenOffice.org 3.1
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"{432282b5-d708-431a-9ada-abbbbac3f205}" = Business Contact Manager pro aplikaci Outlook 2007
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B6FC9C2-C5B4-4F58-8E50-1587236285D0}" = Simulace_2009
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{94882586-CD3C-4C31-9A84-5636615DC3D7}" = hppscan3390
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer-
"{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}" = ArcSoft Software Suite
"{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Součásti připojení sady Microsoft Office Small Business
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}" = EPSON Easy Photo Print
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C071E980-DE71-49A1-B96F-D0083FADD2B6}" = Expert
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer
"{C3184764-8312-43BB-8ADC-D52DCD96ED5E}" = Abakus
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.0.3.1150)
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = StarCam Genie
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F63C7908-08EA-46F5-9EDF-DFF9FD231029}" = Nero 7 Essentials
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"22 her_is1" = 22 her verze 1.10
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AXA Kalkulačka_is1" = AXA Kalkulačka 1.10
"BSPlayer1" = BSPlayer
"Business Contact Manager pro aplikaci Outlook 2007" = Business Contact Manager pro aplikaci Outlook 2007
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ESDX6000_CX5900 User's Guide" = ESDX6000_CX5900 User's Guide
"FBDBServer_1_5_is1" = Firebird 1.5.5
"FOTOLAB Home Print Service" = FOTOLAB Home Print Service
"FreeCommander_is1" = FreeCommander 2008.06c
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hledik - Poradce - makléř FAC" = Poradce - makléř FAC, verze 1.26/1
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}" = Heroes of Might and Magic® IV
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}" = QuickTime
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.4088
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.83 Full
"LManager" = Launch Manager
"Magic DVD Copier_is1" = Magic DVD Copier V4.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MangleS" = Mangle Screen Saver
"Méďa a obrázky_is1" = Méďa a obrázky verze 1.00
"Méďa počítá_is1" = Méďa počítá verze 1.00
"Méďa_čte1" = Méďa_čte1
"Méďa-barvy a tvary_is1" = Méďa-barvy a tvary verze 1.00
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Thunderbird (2.0.0.19)" = Mozilla Thunderbird (2.0.0.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyGuard Live" = MyGuard Live
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Smart Defrag_is1" = Smart Defrag 1.11
"ST6UNST #2" = Všeználek to ví
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Desktop Security 2010" = Desktop Security 2010
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19.4.2010 9:59:53 | Computer Name = EMÁNEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.1.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.4.2010 10:09:39 | Computer Name = EMÁNEK | Source = Google Update | ID = 20
Description =

Error - 19.4.2010 10:09:50 | Computer Name = EMÁNEK | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = An error occurred during decryption.

Error - 19.4.2010 10:09:51 | Computer Name = EMÁNEK | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = FallBack certificate initialization failed with error code: 1.

Error - 19.4.2010 10:41:29 | Computer Name = EMÁNEK | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = An error occurred during decryption.

Error - 19.4.2010 10:41:29 | Computer Name = EMÁNEK | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = FallBack certificate initialization failed with error code: 1.

Error - 19.4.2010 10:50:53 | Computer Name = EMÁNEK | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = An error occurred during decryption.

Error - 19.4.2010 10:50:53 | Computer Name = EMÁNEK | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = FallBack certificate initialization failed with error code: 1.

Error - 19.4.2010 10:51:22 | Computer Name = EMÁNEK | Source = Google Update | ID = 20
Description =

Error - 19.4.2010 10:59:54 | Computer Name = EMÁNEK | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 19.4.2010 10:42:32 | Computer Name = EMÁNEK | Source = Service Control Manager | ID = 7034
Description = Služba Firebird Server - DefaultInstance byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 19.4.2010 10:47:12 | Computer Name = EMÁNEK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 19.4.2010 10:47:15 | Computer Name = EMÁNEK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 19.4.2010 10:47:55 | Computer Name = EMÁNEK | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 19.4.2010 10:47:55 | Computer Name = EMÁNEK | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 19.4.2010 10:47:55 | Computer Name = EMÁNEK | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 19.4.2010 10:47:55 | Computer Name = EMÁNEK | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 19.4.2010 10:47:55 | Computer Name = EMÁNEK | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss
Tcpip

Error - 19.4.2010 10:49:36 | Computer Name = EMÁNEK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 19.4.2010 10:50:51 | Computer Name = EMÁNEK | Source = Print | ID = 19
Description = Došlo k chybě sdílení tiskárny + 1722, tiskárna Microsoft XPS Document
Writer název sdílení Tiskárna2.

< End of report >

#28 Příspěvek od **Caroprd111** » 19 dub 2010 16:13

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
PRC - [2010.04.15 14:51:46 | 000,147,968 | ---- | M] () -- C:\Documents and Settings\Evík\Data aplikací\Desktop Security 2010\securitycenter.exe
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
O4 - HKCU..\Run: [SecurityCenter] C:\Documents and Settings\Evík\Data aplikací\Desktop Security 2010\securitycenter.exe ()
O32 - AutoRun File - [2010.04.19 11:31:32 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.04.19 11:31:34 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010.04.19 11:31:34 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT32 ]
2010.04.16 14:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Evík\Data aplikací\Desktop Security 2010
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:Commands
[PURITY] 
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

hacuc · #29 Příspěvek od **hacuc** » 19 dub 2010 16:22

All processes killed
========== OTL ==========
No active process named securitycenter.exe was found!
Service CLTNetCnService stopped successfully!
Service CLTNetCnService deleted successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SecurityCenter deleted successfully.
C:\Documents and Settings\Evík\Data aplikací\Desktop Security 2010\securitycenter.exe moved successfully.
File not found.
File not found.
File not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET15F.tmp deleted successfully.
C:\WINDOWS\System32\SET163.tmp deleted successfully.
C:\WINDOWS\System32\SET16B.tmp deleted successfully.
C:\WINDOWS\002906_.tmp deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 208896 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes

User: Evík
->Temp folder emptied: 2392627 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 16786 bytes

User: NetworkService
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33273 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Evík
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.1.3 log created on 04192010_171810

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_364.dat not found!
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_a10.dat moved successfully.

Registry entries deleted on Reboot...

#30 Příspěvek od **Caroprd111** » 19 dub 2010 16:37

Tohle otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\System32\APISlice.dll
C:\WINDOWS\System32\InstallCheck.dll
C:\WINDOWS\System32\UIVCL.dll
C:\WINDOWS\System32\igfxCoIn_v4837.dll
C:\WINDOWS\System32\NTICDMK7.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

VIRY.CZ

Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010

Re: Desktop security 2010