bubnix.ab trojan

[motji]

Ještě to není dobré , uděláme pár testů

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

[Petura]

tak s GMERem mám problém. po spuštění proběhne rychlý sken, ale potom se Gmer ukončí....takže nestihnu ani stisknout SAVE

[motji]

Zkuste ho udělat v nouzovém režimu (po restartu mačkejte f8)

[Petura]

v nouzovém režimu se to chová stejně..nedá se spustit

[motji]

Ještě jeden pokus - zkuste Gmer přejmenovat na zmije.com a spustit. Pokud nepůjde, už to nezkoušejte a spustte AVPtool. Podíváme se, jestli tam není ještě nějaká mrška a pak zkusíme znovu výměnu souboru

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

[motji]

Jak to tu vypadá?

[Unisono]

Řeším naprosto stejný problém. Nejdříve nalezena infekce - win32/Rootkit.Kryptik.AF trojský kůň. Nevěděl jsem co s tím. Neustálé problémy.Na PC byl NOD 32. Dále jsem instaloval Bitdefender. V Nouz.rež. čistil, restartoval. Některé infekce DELETE jiné karanténa. Pak při startu systému řetězovitě detekoval Bubnix.AB ve WIN32 a ukládal do karantény. Foto přikládám. Aktualizace NODu se stala nefunkční. Sytém 300% zpomalení. Odinstaloval jsem oba v domění že se ovlivňují a nahradil Symantec Norton Internet Security 2010. Pak jsem opakovaně čistil: Ccleaner včetně registrů,Ad-Aware. Sytém běžel zdánlivě OK. V závěru poižit CleanUp. Ten vyžaduje restart k dokončení operace. Ten asi něco smazal? A od té doby již jen nouzový režim! Do normálního mě to nepustí. Hlásí poškození Windows. Log z nouz.rež.přiložen. Jsem na dně...

Logfile of random's system information tool 1.06 (written by random/random)
Run by Šeda at 2010-04-21 12:35:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 806 MB (5%) free of 18 GB
Total RAM: 1023 MB (67% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-1275210071-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-1275210071-682003330-1003UA.job
C:\WINDOWS\tasks\NeroLiveEpgUpdate-PC3_Šeda.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-12 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - E:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coIEPlg.dll [2010-03-26 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64d23501-5195-4224-9446-e2b0fb64e859}]
HiGames Toolbar - C:\Program Files\HiGames\tbHiG1.dll [2010-02-19 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\IPSBHO.DLL [2010-02-04 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8A7839C-51E8-4067-ADA3-CA74BABC1976}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - E:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-12 520192]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{64d23501-5195-4224-9446-e2b0fb64e859} - HiGames Toolbar - C:\Program Files\HiGames\tbHiG1.dll [2010-02-19 2349080]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coIEPlg.dll [2010-03-26 394608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-01 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"RTBatteryMeter"=C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]
"WinVNC"=E:\Program Files\RealVNC\WinVNC\winvnc.exe [2002-11-27 335872]
"PrintPack dispatcher"=E:\Program Files\Software602\Print2PDF\PrnPack.exe [2006-09-08 2543616]
"mouseElf"=C:\PROGRA~1\GENIUS~1\mouseElf.exe [2002-02-20 155648]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"PCSuiteTrayApplication"=E:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-15 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-04 1603152]
"Sony Ericsson PC Suite"=E:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-01-26 495616]
"CloneCDTray"=E:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=E:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"InstantBurn"=E:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe [2007-06-04 599600]
"LGODDFU"=E:\Program Files\lg_fwupdate\fwupdate.exe [2006-08-17 249856]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-03-18 75048]
"RemoteControl"=E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2008-07-21 87336]
"LanguageShortcut"=E:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2008-05-14 62760]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"NBKeyScan"=E:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe [2008-09-24 2254120]
"Adobe Reader Speed Launcher"=E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2009-01-12 26624]
"WEBTRAN"= []
"SoftAuto.exe"=C:\Program Files\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]
"Power2GoExpress"= []
"Google Update"=C:\Documents and Settings\Šeda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-07-11 133104]
"DAEMON Tools Lite"=E:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\Šeda\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
_uninst_setup_9.0.0.722_18.04.2010_23-12.exe.lnk - C:\Documents and Settings\Šeda\Local Settings\Temp\_uninst_setup_9.0.0.722_18.04.2010_23-12.exe.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\slbipsch]
C:\WINDOWS\system32\slbipsch.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
msmhost - {5E0AB119-E27E-4067-8D8C-FD648B2BC8EA}
msmdev - {B2546A54-2D3A-4F7D-B749-15D6D5D11CDC}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\Program Files\ICQ\ICQLite\ICQLite.exe"="E:\Program Files\ICQ\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"E:\Hry\Infogrames\Grand Prix 4\GP4.exe"="E:\Hry\Infogrames\Grand Prix 4\GP4.exe:*:Enabled:GP4"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"E:\Hry\TrackMania Nations ESWC\TmNationsESWC.exe"="E:\Hry\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Hry\HL2\hl2.exe"="E:\Hry\HL2\hl2.exe:*:Disabled:hl2"
"E:\Program Files\FlatOut\flatout.exe"="E:\Program Files\FlatOut\flatout.exe:*:Enabled:flatout"
"E:\Hry\NHL07\nhl2007.exe"="E:\Hry\NHL07\nhl2007.exe:*:Enabled:nhl2007"
"E:\Hry\Wiggles\Wiggles.exe"="E:\Hry\Wiggles\Wiggles.exe:*:Enabled:Wiggles"
"E:\Program Files\ICQ6\ICQ.exe"="E:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"E:\Program Files\Project Snowblind\Snowblind.MP"="E:\Program Files\Project Snowblind\Snowblind.MP:*:Disabled:Project: Snowblind (PC)"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="E:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program Files\TrackMania Original Demo\TmOriginalDemo.exe"="E:\Program Files\TrackMania Original Demo\TmOriginalDemo.exe:*:Enabled:TmOriginalDemo"
"E:\Program Files\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe"="E:\Program Files\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe:*:Enabled:TmSunriseExtremeDemo"
"C:\Documents and Settings\Šeda\Plocha\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Documents and Settings\Šeda\Plocha\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program Files\FlightGear\bin\Win32\fgfs.exe"="E:\Program Files\FlightGear\bin\Win32\fgfs.exe:*:Enabled:fgfs"
"C:\WINDOWS\system32\~.exe"="C:\WINDOWS\system32\~.exe:*:Enabled:Control"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\TmNationsForever\TmForever.exe"="E:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\EA SPORTS\NHL08\nhl2008.exe"="E:\Program Files\EA SPORTS\NHL08\nhl2008.exe:*:Enabled:nhl2008"
"E:\Program Files\TrackMania Sunrise\TmSunrise.exe"="E:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"E:\Program Files\FlatOut2\FlatOut2.exe"="E:\Program Files\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2"
"E:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="E:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"E:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="E:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"E:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="E:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Documents and Settings\Šeda\Local Settings\Temp\Nero Web\SetupXu.exe"="C:\Documents and Settings\Šeda\Local Settings\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials"
"E:\Program Files\ICQ6.5\ICQ.exe"="E:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"E:\Program Files\FlashGet\flashget.exe"="E:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="E:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:PowerDVD"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"H:\qip\QIP\qip.exe"="H:\qip\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Šeda\Local Settings\Temp\bulanci.tmp"="C:\Documents and Settings\Šeda\Local Settings\Temp\bulanci.tmp:*:Disabled:bulanci"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"E:\Program Files\racer\racer\racer.exe"="E:\Program Files\racer\racer\racer.exe:*:Enabled:racer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-04-21 12:35:18 ----D---- C:\rsit
2010-04-21 12:35:18 ----D---- C:\Program Files\trend micro
2010-04-21 11:57:15 ----A---- C:\WINDOWS\ntbtlog.txt
2010-04-21 07:09:34 ----D---- C:\Program Files\Symantec
2010-04-21 07:09:34 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-04-21 07:09:34 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-04-21 07:09:04 ----D---- C:\Program Files\Norton Internet Security
2010-04-21 07:09:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-04-21 07:08:42 ----D---- C:\Program Files\NortonInstaller
2010-04-21 07:08:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2010-04-20 12:24:02 ----A---- C:\WINDOWS\system32\bda4E6B.tmp
2010-04-20 09:12:02 ----D---- C:\Qoobox
2010-04-17 07:10:31 ----A---- C:\WINDOWS\system32\bda3D.tmp
2010-04-17 07:06:16 ----A---- C:\WINDOWS\system32\bda3B.tmp
2010-04-17 07:03:31 ----A---- C:\WINDOWS\system32\bda39.tmp
2010-04-17 07:02:45 ----A---- C:\WINDOWS\system32\bda38.tmp
2010-04-17 07:01:48 ----A---- C:\WINDOWS\system32\bda37.tmp
2010-04-17 07:01:37 ----A---- C:\WINDOWS\system32\bda36.tmp
2010-04-16 17:10:12 ----A---- C:\bdlog.txt
2010-04-16 12:25:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\BitDefender
2010-04-16 12:18:39 ----D---- C:\Program Files\Common Files\BitDefender
2010-04-15 19:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 19:27:14 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 19:21:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 19:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 19:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 19:20:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-09 11:26:59 ----A---- C:\WINDOWS\DCheck95.ini
2010-04-08 12:49:56 ----A---- C:\m23apdfj.tmp.X
2010-04-08 11:50:16 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-04-08 11:50:11 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-04-08 11:50:10 ----D---- C:\Program Files\Xvid
2010-04-07 05:51:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-07 05:51:24 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-07 05:51:24 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-07 05:51:23 ----A---- C:\WINDOWS\system32\java.exe
2010-04-02 17:20:45 ----D---- C:\Documents and Settings\Šeda\Data aplikací\UB
2010-04-02 17:19:25 ----D---- C:\Program Files\_uninstallation_info
2010-03-26 11:15:20 ----D---- C:\Program Files\Common Files\Freedom Scientific

======List of files/folders modified in the last 1 months======

2010-04-21 12:35:18 ----D---- C:\Program Files
2010-04-21 12:32:40 ----SD---- C:\WINDOWS\Tasks
2010-04-21 12:25:55 ----D---- C:\WINDOWS\Temp
2010-04-21 12:02:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 11:57:15 ----D---- C:\WINDOWS
2010-04-21 11:38:01 ----D---- C:\Documents and Settings\Šeda\Data aplikací\OpenOffice.org2
2010-04-21 11:37:09 ----D---- C:\WINDOWS\system32
2010-04-21 11:36:36 ----SHD---- C:\System Volume Information
2010-04-21 11:35:55 ----A---- C:\dummy.txt
2010-04-21 11:35:52 ----A---- C:\WINDOWS\lgfwup.ini
2010-04-21 11:35:35 ----A---- C:\log0.txt
2010-04-21 07:10:14 ----D---- C:\WINDOWS\Prefetch
2010-04-21 07:09:34 ----D---- C:\WINDOWS\system32\drivers
2010-04-21 07:09:34 ----D---- C:\Program Files\Common Files
2010-04-21 06:55:13 ----D---- C:\Program Files\ESET
2010-04-21 06:22:41 ----SHD---- C:\WINDOWS\Installer
2010-04-21 06:20:06 ----D---- C:\Config.Msi
2010-04-18 23:01:53 ----HD---- C:\WINDOWS\inf
2010-04-18 14:42:15 ----D---- C:\Documents and Settings
2010-04-17 07:08:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-16 12:24:28 ----D---- C:\WINDOWS\WinSxS
2010-04-16 01:44:12 ----D---- C:\WINDOWS\Minidump
2010-04-15 23:20:15 ----D---- C:\WINDOWS\Debug
2010-04-15 19:27:32 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 19:20:34 ----D---- C:\WINDOWS\ie8updates
2010-04-15 13:41:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-12 14:46:46 ----A---- C:\WINDOWS\TRNCOM.INI
2010-04-11 20:46:03 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-11 19:15:28 ----D---- C:\WINDOWS\system32\config
2010-04-11 19:14:49 ----D---- C:\WINDOWS\system32\wbem
2010-04-11 19:14:46 ----D---- C:\WINDOWS\Registration
2010-04-09 11:26:43 ----D---- C:\WINDOWS\system32\NtmsData
2010-04-09 11:26:37 ----D---- C:\Program Files\Rapidown
2010-04-09 11:26:30 ----D---- C:\Documents and Settings\Šeda\Data aplikací\uTorrent
2010-04-09 11:26:29 ----D---- C:\Documents and Settings\Šeda\Data aplikací\AVG7
2010-04-08 12:55:24 ----D---- C:\Garmin
2010-04-08 12:54:15 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-08 12:25:42 ----D---- C:\Program Files\Internet Explorer
2010-04-08 10:53:49 ----D---- C:\Documents and Settings\Šeda\Data aplikací\Vso
2010-04-07 05:51:41 ----D---- C:\Program Files\Common Files\Java
2010-04-07 05:51:03 ----D---- C:\Program Files\Java
2010-04-07 05:50:03 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-06 10:52:56 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-06 08:02:35 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 23:03:28 ----D---- C:\Documents and Settings\Šeda\Data aplikací\Skype
2010-03-29 12:38:38 ----D---- C:\WINDOWS\system32\temp
2010-03-28 15:16:17 ----D---- C:\Program Files\MSXML 4.0
2010-03-26 11:15:17 ----D---- C:\Program Files\Common Files\soft602

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CLBStor;InstantBurn Storage Helper Driver; C:\WINDOWS\system32\drivers\CLBStor.sys [2007-06-04 16048]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-01-14 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 genmcmn;Genus Mouse+ Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2001-09-21 6784]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2004-10-21 35840]
S1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20100324.001\BHDrvx86.sys []
S1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1106000.020\ccHPx86.sys [2010-02-26 501888]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
S1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1106000.020\SRTSP.SYS [2010-02-27 325680]
S1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1106000.020\SRTSPX.SYS [2010-02-27 43696]
S1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1106000.020\Ironx86.SYS [2010-02-27 116784]
S1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1106000.020\SYMTDI.SYS [2010-02-04 362032]
S1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2010-02-11 226880]
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};Power Control [2009/04/27 20:36:09]; \??\E:\Program Files\CyberLink\PowerDVD\000.fcl []
S2 CLBUDF;CyberLink InstantBurn UDF Filesystem; C:\WINDOWS\system32\drivers\CLBUDF.sys [2007-06-04 162096]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
S2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2004-08-23 11089]
S3 ab3f5754;ab3f5754; C:\WINDOWS\system32\drivers\ab3f5754.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-01 2300928]
S3 AR5523;Atheros USB Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;Atheros USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 DynCal;Dynamic Calibration Service; C:\WINDOWS\system32\drivers\Dyncal.sys []
S3 EraserUtilDrvI9;EraserUtilDrvI9; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys []
S3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20100415.001\IDSxpx86.sys []
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2004-08-12 49099]
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20100420.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20100420.024\NAVEX15.SYS []
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\System32\DRIVERS\NMnt.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys []
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2004-11-24 33408]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2004-11-24 12928]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-02-08 47360]
S3 se58bus;Sony Ericsson Device 088 driver (WDM); C:\WINDOWS\system32\DRIVERS\se58bus.sys []
S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 9360]
S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 97088]
S3 se58mgmt;Sony Ericsson Device 088 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se58mgmt.sys []
S3 se58nd5;Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (NDIS); C:\WINDOWS\system32\DRIVERS\se58nd5.sys []
S3 se58obex;Sony Ericsson Device 088 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se58obex.sys []
S3 se58unic;Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (WDM); C:\WINDOWS\system32\DRIVERS\se58unic.sys []
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM); C:\WINDOWS\system32\DRIVERS\sea1bus.sys []
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\sea1mdfl.sys []
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\sea1mdm.sys []
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\sea1mgmt.sys [2007-02-08 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS); C:\WINDOWS\system32\DRIVERS\sea1nd5.sys [2007-02-08 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\sea1obex.sys [2007-02-08 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM); C:\WINDOWS\system32\DRIVERS\sea1unic.sys [2007-02-08 90800]
S3 slabbus;USB Data Cable driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys []
S3 slabser;USB Data Cable Drivers; C:\WINDOWS\System32\DRIVERS\slabser.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS []
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys []
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-14 73344]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-04-07 1265264]
S2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
S2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe [2010-02-26 126392]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; E:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [2008-09-24 81920]
S2 SDPASVC;SDPAUMS server service; C:\WINDOWS\system32\sdpasvc.exe [2001-08-07 49152]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
S2 winvnc;VNC Server; E:\Program Files\RealVNC\WinVNC\winvnc.exe [2002-11-27 335872]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 bepprldr;BCL easyPDF SDK Loader; C:\Program Files\Common Files\BCL Technologies\easyPDF 4\bepprldr.exe [2006-08-23 86016]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[motji]

Unisono
Založte si prosím vlastní topic, takto by se to tu pletlo . děkuji za pochopení.
Vidím že jste použil combofix, udělal Vám log? Nod dal do karanteny spoustu infikovaných systémových souborů, pravděbodobně proto má počítač problém s normálním režimem.

[Unisono]

Problém s Norm.režimem nastal až v závěru po aplikaci CleanUp a následném restartu.
V karanténě NODu soubory již dlouho. Projev byl pouze "PC hlemýžď"
Jsem tu v podstatě poprvé, omluva. Nikdy jsem takto nepracoval..Kde ho mám založit samostatný topic?

[motji]

Zde kliknete na Nové téma http://www.viry.cz/forum/viewforum.php?f=13