Prosím o preventivní prohlídku

Zpráva

Dulcimer · #16 Příspěvek od **Dulcimer** » 11 úno 2013 18:53

Teď AVP doiskenoval pc a našel jeden soubor, který opravil.

#17 Příspěvek od **cernohous13** » 11 úno 2013 19:27

zkusíme ruční opravu registru - věřím, že na to máš

Start -> Spustit - zadej regedit - OK
Otevře se Editor registru - pro jistotu záloha registrů takto - Soubor -> Exportrovat... - zadej cestu a ulož.

Postupně budeš v levém okně křížkem před "složkou" otvírat:
+ HKEY_LOCAL_MACHINE
+ System
+ CurrentControlSet
+ Services

vyhledáš BITS -> klik pravým -> Oprávnění... -> Povolit vše

toto je správně

BITS_reg2.jpg (36.44 KiB) Zobrazeno 1045 x

restart a nový RSIT

v pravém okně budeš mít označenu hodnotu "ImagePath" s vadným údajem hodnoty
dvojklikem na červené ab před hodnotou otevřeš okno "Upravit řetězec" a %fystemRoot% změníš na %SystemRoot% -> OK

okno pro úpravu

BITS_reg1.jpg (35.81 KiB) Zobrazeno 1045 x

Následně sjedeš v levém okně dolů na wuauserv a postup zopakuješ.

při této činnosti raději třikrát měř než řízneš!

Dulcimer · #18 Příspěvek od **Dulcimer** » 11 úno 2013 19:35

Ahoj tak ruční oprava by problém být neměl, už jsem ji několikrát dělal, ale jak říkáš dvakrát měř a jednou řež

Vrhnu se na to zase zítra

Budeš tady přes den?

#19 Příspěvek od **cernohous13** » 11 úno 2013 19:37

Určitě se budu během dne vyskytovat

Dulcimer · #20 Příspěvek od **Dulcimer** » 12 úno 2013 08:53

Tady je RSIT po opravě registrů (aktualizace už běží):
Logfile of random's system information tool 1.09 (written by random/random)
Run by Simona Adamcová at 2013-02-12 08:51:51
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 10 GB (48%) free of 20 GB
Total RAM: 511 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:52:08, on 12.2.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\VIA\RAID\vialogsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Simona Adamcová\Plocha\RSIT.exe
C:\Program Files\trend micro\Simona Adamcová.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: _uninst_58541211.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Instalacky\ICQ\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Instalacky\ICQ\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Symantec Eraser Service (erasersvc10910) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Symantec Auto-upgrade Agent (Smcinst) - Unknown owner - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe (file missing)
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 7123 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-08 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-08 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-12-11 115560]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2000-01-01 577536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe [2006-11-02 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R1800 (od PDC)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9LE.EXE [2004-09-08 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R1800 na ucto (od FANDANB2)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9LE.EXE [2004-09-08 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo RX585 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICLE.EXE [2007-03-30 182272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-01-31 29387072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Simona Adamcová^Nabídka Start^Programy^Po spuštění^rncsys32.exe]
C:\Documents and Settings\Simona Adamcová\Nabídka Start\Programy\Po spuštění\rncsys32.exe []

C:\Documents and Settings\Simona Adamcová\Nabídka Start\Programy\Po spuštění
_uninst_58541211.lnk - C:\Documents and Settings\Simona Adamcová\Local Settings\Temp\_uninst_58541211.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt]
crypts.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mcenspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Icqlite\ICQLite.exe"="C:\Program Files\Icqlite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Icqlite\ICQLite.exe"="C:\Program Files\Icqlite\ICQLite.exe:*:Enabled:ICQ Lite"
"D:\Instalacky\ICQ\ICQ6\ICQ.exe"="D:\Instalacky\ICQ\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe"="C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service"
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE"="C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service"
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email"
"D:\Instalacky\ICQ\ICQ6.5\ICQ.exe"="D:\Instalacky\ICQ\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.DVSD"=pdvcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-02-11 15:56:14 ----SHD---- C:\RECYCLER
2013-02-11 13:48:54 ----SD---- C:\ComboFix
2013-02-11 11:01:29 ----A---- C:\WINDOWS\zip.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWSC.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWREG.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\sed.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\PEV.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\NIRCMD.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\MBR.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\grep.exe
2013-02-11 11:01:21 ----D---- C:\Qoobox
2013-02-11 11:01:11 ----D---- C:\WINDOWS\erdnt
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNHMCA.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100U.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100L.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100I.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100C.dll
2013-02-11 10:42:58 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2013-02-11 10:42:20 ----A---- C:\WINDOWS\system32\CNMLMAG.DLL
2013-02-11 10:41:53 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2013-02-11 10:41:11 ----A---- C:\WINDOWS\system32\CNC6100O.dll
2013-02-11 10:41:06 ----A---- C:\WINDOWS\system32\CNMIUAG.DLL
2013-02-11 10:40:21 ----HD---- C:\Program Files\CanonBJ
2013-02-11 10:11:40 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-02-09 11:40:52 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-09 10:04:37 ----D---- C:\_OTM
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\vusetup.dll
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\drivers\vulfntr.sys
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\drivers\vulfnth.sys
2013-02-08 23:44:59 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Sierra Wireless
2013-02-08 23:42:53 ----D---- C:\WINDOWS\pss
2013-02-08 23:30:53 ----A---- C:\WINDOWS\system32\drivers\videX32.sys
2013-02-08 23:28:46 ----D---- C:\Program Files\Realtek AC97
2013-02-08 23:26:32 ----D---- C:\Program Files\Belkin
2013-02-08 23:13:10 ----D---- C:\Program Files\Common Files\Skype
2013-02-08 22:50:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2013-02-08 22:50:33 ----D---- C:\Program Files\trend micro
2013-02-08 22:50:22 ----D---- C:\rsit
2013-02-08 22:49:58 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-02-08 22:49:57 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-02-08 22:49:57 ----A---- C:\WINDOWS\system32\javaws.exe
2013-02-08 22:49:44 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-02-08 22:49:44 ----A---- C:\WINDOWS\system32\javaw.exe
2013-02-08 22:49:43 ----A---- C:\WINDOWS\system32\java.exe
2013-02-08 22:43:37 ----D---- C:\Program Files\FileHippo.com
2013-02-08 22:39:09 ----RSD---- C:\WINDOWS\assembly
2013-02-08 22:38:18 ----D---- C:\WINDOWS\Microsoft.NET
2013-02-08 22:33:58 ----A---- C:\WINDOWS\system32\drivers\SWDUMon.sys
2013-02-08 22:33:35 ----D---- C:\Program Files\SlimDrivers
2013-02-08 18:51:32 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Opera
2013-02-08 18:51:08 ----D---- C:\Program Files\Opera
2013-02-08 17:39:07 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys

======List of files/folders modified in the last 1 month======

2013-02-12 08:50:51 ----D---- C:\WINDOWS\Temp
2013-02-12 08:50:30 ----D---- C:\WINDOWS\SoftwareDistribution
2013-02-12 08:47:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-12 08:40:13 ----D---- C:\WINDOWS
2013-02-12 08:33:32 ----D---- C:\WINDOWS\security
2013-02-12 08:32:50 ----A---- C:\WINDOWS\wincmd.ini
2013-02-12 08:32:42 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-12 08:32:40 ----SHD---- C:\WINDOWS\Installer
2013-02-12 08:32:36 ----RSD---- C:\WINDOWS\Fonts
2013-02-12 08:31:31 ----D---- C:\WINDOWS\system32
2013-02-11 18:54:58 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-11 18:51:52 ----D---- C:\WINDOWS\system32\drivers
2013-02-11 17:46:53 ----RD---- C:\Program Files
2013-02-11 17:46:44 ----HD---- C:\WINDOWS\inf
2013-02-11 17:41:07 ----D---- C:\Program Files\Common Files
2013-02-11 15:39:57 ----SHD---- C:\System Volume Information
2013-02-11 13:47:13 ----D---- C:\WINDOWS\system32\Restore
2013-02-11 10:54:34 ----D---- C:\WINDOWS\Media
2013-02-11 10:54:33 ----D---- C:\WINDOWS\twain_32
2013-02-11 10:30:52 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-11 10:30:42 ----D---- C:\Program Files\Common Files\System
2013-02-11 10:29:42 ----D---- C:\Program Files\Common Files\DESIGNER
2013-02-11 10:29:37 ----D---- C:\WINDOWS\Help
2013-02-11 10:29:17 ----A---- C:\WINDOWS\win.ini
2013-02-09 11:40:52 ----SD---- C:\WINDOWS\Tasks
2013-02-09 11:39:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-02-09 10:06:05 ----D---- C:\WINDOWS\NewSoft
2013-02-09 10:06:04 ----SHD---- C:\WINDOWS\CSC
2013-02-08 23:49:21 ----D---- C:\WINDOWS\system32\LogFiles
2013-02-08 23:45:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-02-08 23:45:31 ----D---- C:\WINDOWS\system32\CatRoot
2013-02-08 23:41:03 ----D---- C:\Program Files\Common Files\Panasonic
2013-02-08 23:34:36 ----D---- C:\WINDOWS\system
2013-02-08 23:34:36 ----D---- C:\Program Files\VIA
2013-02-08 23:34:25 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-02-08 23:15:22 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Skype
2013-02-08 23:13:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-02-08 23:13:10 ----RD---- C:\Program Files\Skype
2013-02-08 22:50:35 ----D---- C:\Program Files\Common Files\Java
2013-02-08 22:49:08 ----D---- C:\Program Files\Java
2013-02-08 22:40:32 ----D---- C:\Program Files\CCleaner
2013-02-08 22:39:32 ----D---- C:\WINDOWS\WinSxS
2013-02-08 22:38:23 ----D---- C:\WINDOWS\system32\mui
2013-02-08 22:38:23 ----D---- C:\Program Files\Internet Explorer
2013-02-08 22:32:42 ----SD---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Microsoft
2013-02-08 22:32:42 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Adobe
2013-02-08 22:31:26 ----D---- C:\Program Files\Common Files\Adobe
2013-02-08 22:31:03 ----D---- C:\Program Files\Adobe
2013-02-08 22:27:09 ----A---- C:\WINDOWS\compedia.ini
2013-02-08 22:21:21 ----AC---- C:\WINDOWS\disney.ini
2013-02-08 22:15:26 ----D---- C:\Program Files\Symantec
2013-02-08 22:07:28 ----D---- C:\Program Files\Google
2013-02-08 22:05:41 ----A---- C:\WINDOWS\system.ini
2013-02-08 17:48:34 ----D---- C:\WINDOWS\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2004-08-04 46464]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2000-01-01 117248]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2000-01-01 12952]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2009-06-11 279600]
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2009-06-11 43824]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-12-11 191536]
R1 SysPlant;SysPlant for NT; C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys [2009-06-11 92488]
R1 WPS;WPS; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-04-11 21275]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2000-01-01 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-02 1972224]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20121130.020\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20121130.020\NAVEX15.SYS []
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 swmsflt;swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [2008-09-16 26888]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-12-11 27696]
R3 Teefer2;Teefer2 Miniport; C:\WINDOWS\system32\DRIVERS\teefer2.sys [2009-06-11 49536]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2000-01-01 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2000-01-01 11264]
R3 WpsHelper;WpsHelper; \??\C:\WINDOWS\system32\drivers\WpsHelper.sys []
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-12-15 1368000]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2009-06-11 319664]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2013-02-11 13464]
S3 SWUMX20;Sierra Wireless USB MUX Driver (UMTS20); C:\WINDOWS\system32\DRIVERS\swumx20.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2006-10-09 203648]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-02 446464]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-12-11 108392]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-12-11 108392]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-02-08 170912]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [2009-06-11 1795400]
R2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2009-06-11 2440120]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-03-06 520192]
S2 erasersvc10910;Symantec Eraser Service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-12-11 108392]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 251248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Smcinst;Symantec Auto-upgrade Agent; C:\Program Files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe []
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [2009-06-11 320840]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]

-----------------EOF-----------------

#21 Příspěvek od **cernohous13** » 12 úno 2013 09:07

stáhni všechny chybějící aktualizace včetně SP3

následně
Otevři Poznámkový blok (Notepad) a vlož zelený text ze scriptu.

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Security Providers]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Soubor ulož jako -> oprava.reg - Uložit jako typ -> Všechny soubory
Zavři a dvojklikem na ikonu spusť - jen problikne a opraví registry - po akci jej smažeš.

Dulcimer · #22 Příspěvek od **Dulcimer** » 12 úno 2013 09:46

Tak vesele instaluji aktualizace, ale měl bych jeden dotaz.
Na počítači je Symantec Endprotection a já bych ho chtěl odinstalovat a hodit tam Avast, nebo MSE.
Symantec je chráněný heslem, které nikdo nezná - je nějaká možnost odinstalování?

#23 Příspěvek od **cernohous13** » 12 úno 2013 14:06

kuk http://forum.viry.cz/viewtopic.php?f=29&t=42886

taky můžeš zkusit v Nouzovém režimu kdy AV většinou neběží

přímo od pramene https://www.google.cz/search?q=symantec ... =firefox-a

Dulcimer · #24 Příspěvek od **Dulcimer** » 12 úno 2013 15:54

Bohužel v nouzovém režimu také nejde odinstalovat.
Z té stránky zde na virech není možnost použít odinstalátor pro Nortona, antivir tam není uveden mezi produkty.
Ale podařilo se mi najít na google stránku, kde nějakej maník napsal postup jak smazat hodnoty z registru a už to odinstalovat šlo

Jinak tady je aktuální log z RSIT pro kontrolu:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Simona Adamcová at 2013-02-12 15:52:56
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (42%) free of 20 GB
Total RAM: 511 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:53:05, on 12.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\RAID\vialogsv.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Simona Adamcová\Plocha\RSIT.exe
C:\Program Files\trend micro\Simona Adamcová.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Instalacky\ICQ\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Instalacky\ICQ\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Eraser Service (erasersvc10910) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Symantec Auto-upgrade Agent (Smcinst) - Unknown owner - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe (file missing)
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 6671 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-08 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-08 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-12-11 115560]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2000-01-01 577536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe [2006-11-02 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R1800 (od PDC)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9LE.EXE /P33 EPSON Stylus Photo R1800 (od PDC) /O5 TS001 /M Stylus Photo R1800 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R1800 na ucto (od FANDANB2)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9LE.EXE /P46 EPSON Stylus Photo R1800 na ucto (od FANDANB2) /O5 TS006 /M Stylus Photo R1800 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo RX585 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICLE.EXE /FU C:\WINDOWS\TEMP\E_S20D.tmp /EF HKCU []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-01-31 29387072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt]
crypts.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mcenspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Icqlite\ICQLite.exe"="C:\Program Files\Icqlite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Icqlite\ICQLite.exe"="C:\Program Files\Icqlite\ICQLite.exe:*:Enabled:ICQ Lite"
"D:\Instalacky\ICQ\ICQ6\ICQ.exe"="D:\Instalacky\ICQ\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe"="C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service"
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE"="C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service"
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email"
"D:\Instalacky\ICQ\ICQ6.5\ICQ.exe"="D:\Instalacky\ICQ\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.DVSD"=pdvcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-02-12 15:42:29 ----A---- C:\WINDOWS\ntbtlog.txt
2013-02-12 13:28:15 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2013-02-12 13:28:15 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2013-02-12 13:28:15 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2013-02-12 13:28:14 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2013-02-12 13:28:14 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2013-02-12 13:28:13 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2013-02-12 13:28:13 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2013-02-12 13:28:13 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2013-02-12 13:28:12 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2013-02-12 13:28:12 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2013-02-12 13:28:12 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2013-02-12 13:28:12 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2013-02-12 13:28:11 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2013-02-12 13:28:11 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2013-02-12 13:28:10 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2013-02-12 13:28:09 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2013-02-12 13:28:09 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2013-02-12 13:28:09 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2013-02-12 13:28:08 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2013-02-12 13:28:08 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2013-02-12 13:28:08 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2013-02-12 13:28:07 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2013-02-12 13:28:07 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2013-02-12 13:28:07 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2013-02-12 13:28:06 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2013-02-12 13:28:06 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2013-02-12 13:28:05 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2013-02-12 13:28:05 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2013-02-12 13:28:05 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2013-02-12 13:28:04 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2013-02-12 13:28:04 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2013-02-12 13:28:04 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2013-02-12 13:28:04 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2013-02-12 13:28:03 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2013-02-12 13:28:03 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2013-02-12 13:28:03 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2013-02-12 13:28:02 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2013-02-12 13:28:02 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2013-02-12 13:28:02 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2013-02-12 13:28:01 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2013-02-12 13:28:01 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2013-02-12 13:28:01 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2013-02-12 13:28:00 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2013-02-12 13:28:00 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2013-02-12 13:28:00 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2013-02-12 13:27:59 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2013-02-12 13:27:58 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2013-02-12 13:27:57 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2013-02-12 13:27:56 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2013-02-12 13:27:52 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2013-02-12 13:27:52 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2013-02-12 13:27:50 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2013-02-12 13:25:50 ----D---- C:\WINDOWS\Logs
2013-02-12 12:42:04 ----A---- C:\WINDOWS\OEWABLog.txt
2013-02-12 12:41:01 ----D---- C:\WINDOWS\Prefetch
2013-02-12 12:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2013-02-12 12:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2013-02-12 12:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2013-02-12 12:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2013-02-12 12:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2013-02-12 12:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2013-02-12 12:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2013-02-12 12:04:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2013-02-12 12:03:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2013-02-12 12:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2013-02-12 12:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2013-02-12 12:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2013-02-12 12:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2013-02-12 12:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2013-02-12 12:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2013-02-12 12:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2013-02-12 12:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2013-02-12 11:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2013-02-12 11:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2013-02-12 11:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2013-02-12 11:58:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2013-02-12 11:58:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2013-02-12 11:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2013-02-12 11:57:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2013-02-12 11:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2013-02-12 11:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2013-02-12 11:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2013-02-12 11:55:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2013-02-12 11:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2013-02-12 11:54:51 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2013-02-12 11:54:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2013-02-12 11:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2013-02-12 11:53:14 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2013-02-12 11:52:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2013-02-12 11:52:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2013-02-12 11:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2013-02-12 11:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2013-02-12 11:51:18 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2013-02-12 11:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2013-02-12 11:50:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2013-02-12 11:50:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2013-02-12 11:49:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2013-02-12 11:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2013-02-12 11:49:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2013-02-12 11:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2013-02-12 11:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2013-02-12 11:48:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2013-02-12 11:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2013-02-12 11:46:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2013-02-12 11:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2013-02-12 11:44:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2013-02-12 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2013-02-12 11:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2013-02-12 11:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2013-02-12 11:41:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2013-02-12 11:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2013-02-12 11:39:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2013-02-12 11:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2013-02-12 11:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2013-02-12 11:37:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2013-02-12 11:37:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2013-02-12 11:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2013-02-12 11:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2013-02-12 11:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2013-02-12 11:35:10 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2013-02-12 11:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2013-02-12 11:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2013-02-12 11:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2013-02-12 11:30:38 ----A---- C:\WINDOWS\setuplog.txt
2013-02-12 11:28:46 ----D---- C:\WINDOWS\l2schemas
2013-02-12 11:28:45 ----D---- C:\WINDOWS\system32\cs
2013-02-12 11:28:45 ----D---- C:\WINDOWS\system32\bits
2013-02-12 11:16:40 ----D---- C:\WINDOWS\network diagnostic
2013-02-12 11:10:49 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-02-12 10:39:31 ----D---- C:\WINDOWS\system32\XPSViewer
2013-02-12 10:39:23 ----D---- C:\Program Files\MSBuild
2013-02-12 10:39:19 ----D---- C:\WINDOWS\system32\en-US
2013-02-12 10:39:02 ----D---- C:\Program Files\Reference Assemblies
2013-02-12 10:37:54 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2013-02-12 10:37:54 ----N---- C:\WINDOWS\system32\prntvpt.dll
2013-02-12 10:37:53 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2013-02-12 10:31:07 ----SHD---- C:\Config.Msi
2013-02-12 10:28:20 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2013-02-12 10:28:13 ----D---- C:\Program Files\MSXML 6.0
2013-02-12 10:20:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2013-02-12 09:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2013-02-12 09:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2013-02-12 09:58:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2013-02-12 09:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2013-02-12 09:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2013-02-12 09:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2013-02-12 09:55:54 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2013-02-12 09:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2013-02-12 09:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2013-02-12 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2013-02-12 09:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2013-02-12 09:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2013-02-12 09:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2013-02-12 09:53:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2013-02-12 09:52:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2013-02-12 09:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2013-02-12 09:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2013-02-12 09:51:20 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2013-02-12 09:50:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2013-02-12 09:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2013-02-12 09:49:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2013-02-12 09:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2013-02-12 09:48:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2013-02-12 09:48:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2013-02-12 09:47:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2013-02-12 09:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2013-02-12 09:46:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2013-02-12 09:45:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2013-02-12 09:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2013-02-12 09:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2013-02-12 09:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2013-02-12 09:43:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2013-02-12 09:43:00 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2013-02-12 09:42:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2013-02-12 09:42:03 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2013-02-12 09:41:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2013-02-12 09:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2013-02-12 09:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2013-02-12 09:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2013-02-12 09:39:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2013-02-12 09:39:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2013-02-12 09:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2013-02-12 09:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2013-02-12 09:25:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2013-02-12 09:25:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2013-02-12 09:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2013-02-12 09:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2013-02-12 09:20:20 ----D---- C:\WINDOWS\ServicePackFiles
2013-02-12 09:20:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2013-02-12 09:19:16 ----D---- C:\WINDOWS\ie8updates
2013-02-12 08:59:37 ----N---- C:\WINDOWS\system32\browserchoice.exe
2013-02-12 08:58:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2013-02-12 08:57:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2013-02-12 08:56:32 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2013-02-11 15:56:14 ----SHD---- C:\RECYCLER
2013-02-11 13:48:54 ----SD---- C:\ComboFix
2013-02-11 11:01:29 ----A---- C:\WINDOWS\zip.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWSC.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWREG.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\sed.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\PEV.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\NIRCMD.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\MBR.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\grep.exe
2013-02-11 11:01:21 ----D---- C:\Qoobox
2013-02-11 11:01:11 ----D---- C:\WINDOWS\erdnt
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNHMCA.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100U.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100L.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100I.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100C.dll
2013-02-11 10:42:58 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2013-02-11 10:42:20 ----A---- C:\WINDOWS\system32\CNMLMAG.DLL
2013-02-11 10:41:53 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2013-02-11 10:41:11 ----A---- C:\WINDOWS\system32\CNC6100O.dll
2013-02-11 10:41:06 ----A---- C:\WINDOWS\system32\CNMIUAG.DLL
2013-02-11 10:40:21 ----HD---- C:\Program Files\CanonBJ
2013-02-11 10:11:40 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-02-09 11:40:52 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-09 10:04:37 ----D---- C:\_OTM
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\vusetup.dll
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\drivers\vulfntr.sys
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\drivers\vulfnth.sys
2013-02-08 23:44:59 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Sierra Wireless
2013-02-08 23:42:53 ----D---- C:\WINDOWS\pss
2013-02-08 23:30:53 ----A---- C:\WINDOWS\system32\drivers\videX32.sys
2013-02-08 23:28:46 ----D---- C:\Program Files\Realtek AC97
2013-02-08 23:26:32 ----D---- C:\Program Files\Belkin
2013-02-08 23:13:10 ----D---- C:\Program Files\Common Files\Skype
2013-02-08 22:50:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2013-02-08 22:50:33 ----D---- C:\Program Files\trend micro
2013-02-08 22:50:22 ----D---- C:\rsit
2013-02-08 22:49:58 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-02-08 22:49:57 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-02-08 22:49:57 ----A---- C:\WINDOWS\system32\javaws.exe
2013-02-08 22:49:44 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-02-08 22:49:44 ----A---- C:\WINDOWS\system32\javaw.exe
2013-02-08 22:49:43 ----A---- C:\WINDOWS\system32\java.exe
2013-02-08 22:43:37 ----D---- C:\Program Files\FileHippo.com
2013-02-08 22:39:09 ----RSD---- C:\WINDOWS\assembly
2013-02-08 22:38:18 ----D---- C:\WINDOWS\Microsoft.NET
2013-02-08 22:33:35 ----D---- C:\Program Files\SlimDrivers
2013-02-08 18:51:32 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Opera
2013-02-08 18:51:08 ----D---- C:\Program Files\Opera
2013-02-08 17:39:07 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys

======List of files/folders modified in the last 1 month======

2013-02-12 15:52:35 ----D---- C:\WINDOWS\Temp
2013-02-12 15:46:30 ----D---- C:\WINDOWS
2013-02-12 15:41:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-12 13:42:29 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-12 13:41:56 ----A---- C:\WINDOWS\wincmd.ini
2013-02-12 13:28:16 ----D---- C:\WINDOWS\system32\DirectX
2013-02-12 13:28:15 ----HD---- C:\WINDOWS\inf
2013-02-12 13:28:15 ----D---- C:\WINDOWS\system32
2013-02-12 13:25:53 ----D---- C:\Temp
2013-02-12 12:43:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-02-12 12:42:54 ----D---- C:\WINDOWS\Debug
2013-02-12 12:39:53 ----D---- C:\WINDOWS\system32\Setup
2013-02-12 12:39:53 ----D---- C:\WINDOWS\AppPatch
2013-02-12 12:39:52 ----RSD---- C:\WINDOWS\Fonts
2013-02-12 12:39:52 ----D---- C:\WINDOWS\system32\wbem
2013-02-12 12:39:50 ----D---- C:\WINDOWS\system32\drivers
2013-02-12 12:08:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-02-12 12:08:01 ----D---- C:\WINDOWS\system32\CatRoot
2013-02-12 12:04:08 ----D---- C:\Program Files\Outlook Express
2013-02-12 12:01:07 ----D---- C:\Program Files\Movie Maker
2013-02-12 11:39:17 ----D---- C:\WINDOWS\security
2013-02-12 11:35:14 ----D---- C:\Program Files\Messenger
2013-02-12 11:29:34 ----D---- C:\WINDOWS\WinSxS
2013-02-12 11:29:25 ----D---- C:\WINDOWS\ehome
2013-02-12 11:29:22 ----D---- C:\WINDOWS\system32\inetsrv
2013-02-12 11:29:21 ----D---- C:\WINDOWS\ime
2013-02-12 11:29:21 ----D---- C:\WINDOWS\Help
2013-02-12 11:28:51 ----D---- C:\WINDOWS\system32\cs-CZ
2013-02-12 11:28:50 ----D---- C:\WINDOWS\system32\usmt
2013-02-12 11:28:48 ----D---- C:\Program Files\Internet Explorer
2013-02-12 11:28:46 ----SHD---- C:\WINDOWS\Installer
2013-02-12 11:28:45 ----D---- C:\WINDOWS\PeerNet
2013-02-12 11:19:57 ----D---- C:\WINDOWS\system32\Restore
2013-02-12 11:19:57 ----D---- C:\WINDOWS\system32\npp
2013-02-12 11:19:54 ----D---- C:\WINDOWS\msagent
2013-02-12 11:19:52 ----D---- C:\WINDOWS\srchasst
2013-02-12 11:19:50 ----D---- C:\Program Files\NetMeeting
2013-02-12 11:19:48 ----D---- C:\WINDOWS\system32\Com
2013-02-12 11:19:43 ----D---- C:\Program Files\Windows Media Player
2013-02-12 11:19:42 ----D---- C:\Program Files\Windows NT
2013-02-12 11:19:30 ----D---- C:\Program Files\Common Files\System
2013-02-12 11:19:03 ----D---- C:\WINDOWS\system32\oobe
2013-02-12 11:19:00 ----D---- C:\WINDOWS\system
2013-02-12 11:14:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-02-12 10:39:23 ----RD---- C:\Program Files
2013-02-12 10:38:29 ----D---- C:\WINDOWS\system32\spool
2013-02-12 10:31:45 ----D---- C:\WINDOWS\system32\mui
2013-02-12 09:57:41 ----HD---- C:\WINDOWS\$hf_mig$
2013-02-12 09:32:53 ----D---- C:\Program Files\EPSON
2013-02-12 09:29:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\EPSON
2013-02-12 09:24:34 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-12 09:17:56 ----D---- C:\WINDOWS\twain_32
2013-02-12 08:50:30 ----D---- C:\WINDOWS\SoftwareDistribution
2013-02-11 17:41:07 ----D---- C:\Program Files\Common Files
2013-02-11 15:39:57 ----SHD---- C:\System Volume Information
2013-02-11 10:54:34 ----D---- C:\WINDOWS\Media
2013-02-11 10:30:52 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-11 10:29:42 ----D---- C:\Program Files\Common Files\DESIGNER
2013-02-11 10:29:17 ----A---- C:\WINDOWS\win.ini
2013-02-09 11:40:52 ----SD---- C:\WINDOWS\Tasks
2013-02-09 11:39:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-02-09 10:06:05 ----D---- C:\WINDOWS\NewSoft
2013-02-09 10:06:04 ----SHD---- C:\WINDOWS\CSC
2013-02-08 23:49:21 ----D---- C:\WINDOWS\system32\LogFiles
2013-02-08 23:41:03 ----D---- C:\Program Files\Common Files\Panasonic
2013-02-08 23:34:36 ----D---- C:\Program Files\VIA
2013-02-08 23:15:22 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Skype
2013-02-08 23:13:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-02-08 23:13:10 ----RD---- C:\Program Files\Skype
2013-02-08 22:50:35 ----D---- C:\Program Files\Common Files\Java
2013-02-08 22:49:08 ----D---- C:\Program Files\Java
2013-02-08 22:40:32 ----D---- C:\Program Files\CCleaner
2013-02-08 22:32:42 ----SD---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Microsoft
2013-02-08 22:32:42 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Adobe
2013-02-08 22:31:26 ----D---- C:\Program Files\Common Files\Adobe
2013-02-08 22:31:03 ----D---- C:\Program Files\Adobe
2013-02-08 22:27:09 ----A---- C:\WINDOWS\compedia.ini
2013-02-08 22:21:21 ----AC---- C:\WINDOWS\disney.ini
2013-02-08 22:15:26 ----D---- C:\Program Files\Symantec
2013-02-08 22:05:41 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2000-01-01 117248]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2000-01-01 12952]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2009-06-11 279600]
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2009-06-11 43824]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-12-11 191536]
R1 SysPlant;SysPlant for NT; C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys [2009-06-11 92488]
R1 WPS;WPS; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-04-11 21275]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2000-01-01 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-02 1972224]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20121130.020\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20121130.020\NAVEX15.SYS []
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 swmsflt;swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [2008-09-16 26888]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-12-11 27696]
R3 Teefer2;Teefer2 Miniport; C:\WINDOWS\system32\DRIVERS\teefer2.sys [2009-06-11 49536]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2000-01-01 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2000-01-01 11264]
R3 WpsHelper;WpsHelper; \??\C:\WINDOWS\system32\drivers\WpsHelper.sys []
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-12-15 1368000]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2009-06-11 319664]
S3 SWUMX20;Sierra Wireless USB MUX Driver (UMTS20); C:\WINDOWS\system32\DRIVERS\swumx20.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2006-10-09 203648]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-02 446464]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-12-11 108392]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-12-11 108392]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-02-08 170912]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [2009-06-11 1795400]
R2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2009-06-11 2440120]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-03-06 520192]
S2 erasersvc10910;Symantec Eraser Service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-12-11 108392]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 251248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Smcinst;Symantec Auto-upgrade Agent; C:\Program Files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe []
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [2009-06-11 320840]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#25 Příspěvek od **cernohous13** » 12 úno 2013 16:34

Provedl jsi akci s opravou registru?
Nějak se mi nedaří odstranit trojana - zkus použít http://www.scanforfree.com/49/remove-mcenspc-dll.html

Zbytky po Symantec odstraníme následně (ještě toho dost vidím)

Dulcimer · #26 Příspěvek od **Dulcimer** » 12 úno 2013 16:46

Provedl jsi akci s opravou registru?

Ano prvedl (BITS + wuaserv).
Nějak se mi nedaří odstranit trojana - zkus použít http://www.scanforfree.com/49/remove-mcenspc-dll.html

Jdu na to.
Zbytky po Symantec odstraníme následně (ještě toho dost vidím)

Dobrá.

#27 Příspěvek od **cernohous13** » 12 úno 2013 17:23

Měl jsem na mysli tuto akci

cernohous13 píše: následně
Otevři Poznámkový blok (Notepad) a vlož zelený text ze scriptu.
Kód: Vybrat vše
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Security Providers]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Soubor ulož jako -> oprava.reg - Uložit jako typ -> Všechny soubory
Zavři a dvojklikem na ikonu spusť - jen problikne a opraví registry - po akci jej smažeš.

Dulcimer · #28 Příspěvek od **Dulcimer** » 12 úno 2013 17:26

Moc se omlouvám, přehlédnul jsem se

Úkon jsem provedl dodatečně.

#29 Příspěvek od **cernohous13** » 12 úno 2013 17:34

Pak by ten SpyHuner mohl být zbytečný - uvidíme v příštím RSITu

Tak zkusím naivní odstranění zbytků Symantecu

OTMscript (už jsi to dělal)

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[emptyjava]
[clearallrestorepoints]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Program Files\Symantec
C:\Program Files\Common Files\Symantec Shared
C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
C:\WINDOWS\system32\drivers\wpsdrvnt.sys
C:\WINDOWS\System32\Drivers\SYMTDI.SYS
C:\WINDOWS\System32\Drivers\SRTSPX.SYS
C:\WINDOWS\System32\Drivers\SRTSP.SYS

:Reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe"=-
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE"=-
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

:Services
SNAC
Smcinst
erasersvc10910
Symantec AntiVirus
SmcService
ccSetMgr
ccEvtMgr
SYMREDRV
SymEvent
NAVEX15
NAVENG
EraserUtilRebootDrv
WPS
SYMTDI
SRTSPX
SRTSP
SPBBCDrv
eeCtrl

očekávám
1. log OTM
2. nový RSIT
3. popis současných problémů

jak sám vidíš, máme tu trochu problémy ale F5 to jistí

Dulcimer · #30 Příspěvek od **Dulcimer** » 13 úno 2013 08:16

Tady je OTM:
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: administrator.FADAMEC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.FADAMEC.old
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: frantisek.adamec
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 6480 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Simona Adamcová
->Temp folder emptied: 74232661 bytes
->Temporary Internet Files folder emptied: 360742 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 3265352 bytes
->Flash cache emptied: 506 bytes

User: simona.adamcova
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1520106 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 61260 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 76,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: administrator.FADAMEC

User: Administrator.FADAMEC.old

User: All Users

User: Default User

User: frantisek.adamec
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Simona Adamcová
->Flash cache emptied: 0 bytes

User: simona.adamcova
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Administrator

User: administrator.FADAMEC

User: Administrator.FADAMEC.old

User: All Users

User: Default User

User: frantisek.adamec

User: LocalService

User: NetworkService

User: Simona Adamcová
->Java cache emptied: 0 bytes

User: simona.adamcova

Total Java Files Cleaned = 0,00 mb

Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP188.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP266.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD5.tmp folder moved successfully.
File/Folder C:\Program Files\Symantec not found.
C:\Program Files\Common Files\Symantec Shared\VirusDefs folder moved successfully.
C:\Program Files\Common Files\Symantec Shared\COH folder moved successfully.
C:\Program Files\Common Files\Symantec Shared folder moved successfully.
File/Folder C:\WINDOWS\System32\Drivers\SYMREDRV.SYS not found.
File/Folder C:\WINDOWS\system32\Drivers\SYMEVENT.SYS not found.
File/Folder C:\WINDOWS\system32\drivers\wpsdrvnt.sys not found.
File/Folder C:\WINDOWS\System32\Drivers\SYMTDI.SYS not found.
File/Folder C:\WINDOWS\System32\Drivers\SRTSPX.SYS not found.
File/Folder C:\WINDOWS\System32\Drivers\SRTSP.SYS not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list\\C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe not found.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list\\C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE not found.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list\\C:\Program Files\Common Files\Symantec Shared\ccApp.exe not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus\ not found.
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\\"SecurityProviders"|"msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" /E : value set successfully!
========== SERVICES/DRIVERS ==========
Error: No service named SNAC was found to stop!
Service\Driver key SNAC not found.
Service Smcinst stopped successfully!
Service Smcinst deleted successfully!
Error: No service named erasersvc10910 was found to stop!
Service\Driver key erasersvc10910 not found.
Error: No service named Symantec AntiVirus was found to stop!
Service\Driver key Symantec AntiVirus not found.
Error: No service named SmcService was found to stop!
Service\Driver key SmcService not found.
Error: No service named ccSetMgr was found to stop!
Service\Driver key ccSetMgr not found.
Error: No service named ccEvtMgr was found to stop!
Service\Driver key ccEvtMgr not found.
Error: No service named SYMREDRV was found to stop!
Service\Driver key SYMREDRV not found.
Error: No service named SymEvent was found to stop!
Service\Driver key SymEvent not found.
Error: No service named NAVEX15 was found to stop!
Service\Driver key NAVEX15 not found.
Error: No service named NAVENG was found to stop!
Service\Driver key NAVENG not found.
Error: No service named EraserUtilRebootDrv was found to stop!
Service\Driver key EraserUtilRebootDrv not found.
Error: No service named WPS was found to stop!
Service\Driver key WPS not found.
Error: No service named SYMTDI was found to stop!
Service\Driver key SYMTDI not found.
Error: No service named SRTSPX was found to stop!
Service\Driver key SRTSPX not found.
Error: No service named SRTSP was found to stop!
Service\Driver key SRTSP not found.
Error: No service named SPBBCDrv was found to stop!
Service\Driver key SPBBCDrv not found.
Error: No service named eeCtrl was found to stop!
Service\Driver key eeCtrl not found.

OTM by OldTimer - Version 3.1.21.0 log created on 02132013_080729

Files moved on Reboot...
File C:\Documents and Settings\Simona Adamcová\Local Settings\Temp\Perflib_Perfdata_ee8.dat not found!

Registry entries deleted on Reboot...

VIRY.CZ

Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku