Po restartu CleanUp pouze Nouzový režim

[Unisono]

Nyní tedy odjíždím a to vaše forum v případě úspěchu 100% podpořím !!!!

[Caroprd111]

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
IE - HKU\S-1-5-21-73586283-1275210071-682003330-1003\..\URLSearchHook: - Reg Error: Key error. File not found
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - No CLSID value found.
O2 - BHO: (no name) - {B8A7839C-51E8-4067-ADA3-CA74BABC1976} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1275210071-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1275210071-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O4 - HKU\S-1-5-21-73586283-1275210071-682003330-1003..\Run: [Power2GoExpress] File not found
O4 - HKU\S-1-5-21-73586283-1275210071-682003330-1003..\Run: [WEBTRAN] File not found
O4 - Startup: C:\Documents and Settings\Šeda\Nabídka Start\Programy\Po spuštění\_uninst_setup_9.0.0.722_18.04.2010_23-12.exe.lnk = C:\Documents and Settings\Šeda\Local Settings\Temp\_uninst_setup_9.0.0.722_18.04.2010_23-12.exe.bat File not found
O9 - Extra 'Tools' menuitem : GigaSize Toolbar - {18955D47-882E-48fc-B903-A4BDD030E7FD} - Reg Error: Value error. File not found
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-73586283-1275210071-682003330-1003\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-73586283-1275210071-682003330-1003\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-73586283-1275210071-682003330-1003\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O20 - Winlogon\Notify\slbipsch: DllName - C:\WINDOWS\system32\slbipsch.dll - C:\WINDOWS\System32\slbipsch.dll File not found
O21 - SSODL: msmdev - {B2546A54-2D3A-4F7D-B749-15D6D5D11CDC} - CLSID or File not found.
O21 - SSODL: msmhost - {5E0AB119-E27E-4067-8D8C-FD648B2BC8EA} - CLSID or File not found.
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010.04.21 14:57:03 | 000,802,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\faybowoj.sys
[2010.04.21 14:57:02 | 000,586,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\katnq.sys
[2010.04.21 11:44:00 | 000,000,280 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.04.21 11:35:05 | 000,000,280 | -H-- | M] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010.04.18 14:54:53 | 000,000,575 | ---- | M] () -- C:\Documents and Settings\Šeda\Plocha\CleanUp!.lnk
[2010.04.08 12:49:56 | 000,000,000 | ---- | C] () -- C:\m23apdfj.tmp.X
[2010.02.27 20:41:36 | 000,802,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\faybowoj.sys
[2010.02.27 20:40:50 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Šeda\Data aplikací\avdrn.dat
[2009.02.08 13:03:45 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Šeda\Data aplikací\inst.exe
[2008.09.22 07:40:24 | 000,053,395 | ---- | C] () -- C:\WINDOWS\System32\tdssinit.dll
[2007.02.22 15:36:25 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\winbri21.dll
[2006.11.26 10:21:35 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\gmcoinst.dll
[2006.09.25 10:15:03 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7D.DLL
[2009.02.20 20:13:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{12DD4DFD-49D5-4382-9533-B21955C1FD4C}
[2009.02.23 23:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009.02.20 20:12:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{6608C652-8B5C-4778-BAC8-B59DD368D024}
[2010.03.03 17:10:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2009.02.21 00:45:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{F40E9D30-5DFC-4B21-BFDB-A5CDEE6440A6}
[2001.05.24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE

:Services
SSHNAS

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\~.exe" =-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

:Commands 
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.


Tohle otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\System32\BASSMOD.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

[Unisono]

Takže jsem provedl vložení a opravu. Počítač restartoval. Do systému mě však opět nepustil, ani do Nouzového režimu s podporou sítě. Log zde:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Šeda at 2010-04-21 18:47:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 887 MB (5%) free of 18 GB
Total RAM: 1023 MB (67% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-1275210071-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-1275210071-682003330-1003UA.job
C:\WINDOWS\tasks\NeroLiveEpgUpdate-PC3_Šeda.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-12 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - E:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coIEPlg.dll [2010-03-26 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64d23501-5195-4224-9446-e2b0fb64e859}]
HiGames Toolbar - C:\Program Files\HiGames\tbHiG1.dll [2010-02-19 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\IPSBHO.DLL [2010-02-04 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - E:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-12 520192]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{64d23501-5195-4224-9446-e2b0fb64e859} - HiGames Toolbar - C:\Program Files\HiGames\tbHiG1.dll [2010-02-19 2349080]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coIEPlg.dll [2010-03-26 394608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-01 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"RTBatteryMeter"=C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]
"WinVNC"=E:\Program Files\RealVNC\WinVNC\winvnc.exe [2002-11-27 335872]
"PrintPack dispatcher"=E:\Program Files\Software602\Print2PDF\PrnPack.exe [2006-09-08 2543616]
"mouseElf"=C:\PROGRA~1\GENIUS~1\mouseElf.exe [2002-02-20 155648]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"PCSuiteTrayApplication"=E:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-15 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-04 1603152]
"Sony Ericsson PC Suite"=E:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-01-26 495616]
"CloneCDTray"=E:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=E:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"InstantBurn"=E:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe [2007-06-04 599600]
"LGODDFU"=E:\Program Files\lg_fwupdate\fwupdate.exe [2006-08-17 249856]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-03-18 75048]
"RemoteControl"=E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2008-07-21 87336]
"LanguageShortcut"=E:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2008-05-14 62760]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"NBKeyScan"=E:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe [2008-09-24 2254120]
"Adobe Reader Speed Launcher"=E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"OTL"=K:\Antivir\AAA\OTL.exe [2010-04-21 562176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2009-01-12 26624]
"SoftAuto.exe"=C:\Program Files\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]
"Google Update"=C:\Documents and Settings\Šeda\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-07-11 133104]
"DAEMON Tools Lite"=E:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\Šeda\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\Program Files\ICQ\ICQLite\ICQLite.exe"="E:\Program Files\ICQ\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"E:\Hry\Infogrames\Grand Prix 4\GP4.exe"="E:\Hry\Infogrames\Grand Prix 4\GP4.exe:*:Enabled:GP4"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"E:\Hry\TrackMania Nations ESWC\TmNationsESWC.exe"="E:\Hry\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Hry\HL2\hl2.exe"="E:\Hry\HL2\hl2.exe:*:Disabled:hl2"
"E:\Program Files\FlatOut\flatout.exe"="E:\Program Files\FlatOut\flatout.exe:*:Enabled:flatout"
"E:\Hry\NHL07\nhl2007.exe"="E:\Hry\NHL07\nhl2007.exe:*:Enabled:nhl2007"
"E:\Hry\Wiggles\Wiggles.exe"="E:\Hry\Wiggles\Wiggles.exe:*:Enabled:Wiggles"
"E:\Program Files\ICQ6\ICQ.exe"="E:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"E:\Program Files\Project Snowblind\Snowblind.MP"="E:\Program Files\Project Snowblind\Snowblind.MP:*:Disabled:Project: Snowblind (PC)"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="E:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program Files\TrackMania Original Demo\TmOriginalDemo.exe"="E:\Program Files\TrackMania Original Demo\TmOriginalDemo.exe:*:Enabled:TmOriginalDemo"
"E:\Program Files\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe"="E:\Program Files\TrackMania Sunrise Extreme Demo\TmSunriseExtremeDemo.exe:*:Enabled:TmSunriseExtremeDemo"
"C:\Documents and Settings\Šeda\Plocha\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Documents and Settings\Šeda\Plocha\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program Files\FlightGear\bin\Win32\fgfs.exe"="E:\Program Files\FlightGear\bin\Win32\fgfs.exe:*:Enabled:fgfs"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\TmNationsForever\TmForever.exe"="E:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\EA SPORTS\NHL08\nhl2008.exe"="E:\Program Files\EA SPORTS\NHL08\nhl2008.exe:*:Enabled:nhl2008"
"E:\Program Files\TrackMania Sunrise\TmSunrise.exe"="E:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"E:\Program Files\FlatOut2\FlatOut2.exe"="E:\Program Files\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2"
"E:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="E:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"E:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="E:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"E:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="E:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Documents and Settings\Šeda\Local Settings\Temp\Nero Web\SetupXu.exe"="C:\Documents and Settings\Šeda\Local Settings\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials"
"E:\Program Files\ICQ6.5\ICQ.exe"="E:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"E:\Program Files\FlashGet\flashget.exe"="E:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="E:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:PowerDVD"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"H:\qip\QIP\qip.exe"="H:\qip\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Šeda\Local Settings\Temp\bulanci.tmp"="C:\Documents and Settings\Šeda\Local Settings\Temp\bulanci.tmp:*:Disabled:bulanci"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"E:\Program Files\racer\racer\racer.exe"="E:\Program Files\racer\racer\racer.exe:*:Enabled:racer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-04-21 12:35:18 ----D---- C:\rsit
2010-04-21 12:35:18 ----D---- C:\Program Files\trend micro
2010-04-21 11:57:15 ----A---- C:\WINDOWS\ntbtlog.txt
2010-04-21 07:09:34 ----D---- C:\Program Files\Symantec
2010-04-21 07:09:34 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-04-21 07:09:34 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-04-21 07:09:04 ----D---- C:\Program Files\Norton Internet Security
2010-04-21 07:09:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-04-21 07:08:42 ----D---- C:\Program Files\NortonInstaller
2010-04-21 07:08:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2010-04-20 09:12:02 ----D---- C:\Qoobox
2010-04-16 17:10:12 ----A---- C:\bdlog.txt
2010-04-16 12:25:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\BitDefender
2010-04-16 12:18:39 ----D---- C:\Program Files\Common Files\BitDefender
2010-04-15 19:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 19:27:14 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 19:21:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 19:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 19:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 19:20:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-09 11:26:59 ----A---- C:\WINDOWS\DCheck95.ini
2010-04-08 11:50:16 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-04-08 11:50:11 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-04-08 11:50:10 ----D---- C:\Program Files\Xvid
2010-04-07 05:51:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-07 05:51:24 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-07 05:51:24 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-07 05:51:23 ----A---- C:\WINDOWS\system32\java.exe
2010-04-02 17:20:45 ----D---- C:\Documents and Settings\Šeda\Data aplikací\UB
2010-04-02 17:19:25 ----D---- C:\Program Files\_uninstallation_info
2010-03-26 11:15:20 ----D---- C:\Program Files\Common Files\Freedom Scientific

======List of files/folders modified in the last 1 months======

2010-04-21 18:47:31 ----SD---- C:\WINDOWS\Tasks
2010-04-21 18:35:16 ----D---- C:\WINDOWS\system32\drivers
2010-04-21 18:35:16 ----D---- C:\WINDOWS\system32
2010-04-21 18:35:13 ----D---- C:\WINDOWS
2010-04-21 12:35:18 ----D---- C:\Program Files
2010-04-21 12:25:55 ----D---- C:\WINDOWS\Temp
2010-04-21 12:02:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 11:38:01 ----D---- C:\Documents and Settings\Šeda\Data aplikací\OpenOffice.org2
2010-04-21 11:36:36 ----SHD---- C:\System Volume Information
2010-04-21 11:35:55 ----A---- C:\dummy.txt
2010-04-21 11:35:52 ----A---- C:\WINDOWS\lgfwup.ini
2010-04-21 11:35:35 ----A---- C:\log0.txt
2010-04-21 07:10:14 ----D---- C:\WINDOWS\Prefetch
2010-04-21 07:09:34 ----D---- C:\Program Files\Common Files
2010-04-21 06:55:13 ----D---- C:\Program Files\ESET
2010-04-21 06:22:41 ----SHD---- C:\WINDOWS\Installer
2010-04-21 06:20:06 ----D---- C:\Config.Msi
2010-04-18 23:01:53 ----HD---- C:\WINDOWS\inf
2010-04-18 14:42:15 ----D---- C:\Documents and Settings
2010-04-17 07:08:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-16 12:24:28 ----D---- C:\WINDOWS\WinSxS
2010-04-16 01:44:12 ----D---- C:\WINDOWS\Minidump
2010-04-15 23:20:15 ----D---- C:\WINDOWS\Debug
2010-04-15 19:27:32 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 19:20:34 ----D---- C:\WINDOWS\ie8updates
2010-04-15 13:41:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-12 14:46:46 ----A---- C:\WINDOWS\TRNCOM.INI
2010-04-11 20:46:03 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-11 19:15:28 ----D---- C:\WINDOWS\system32\config
2010-04-11 19:14:49 ----D---- C:\WINDOWS\system32\wbem
2010-04-11 19:14:46 ----D---- C:\WINDOWS\Registration
2010-04-09 11:26:43 ----D---- C:\WINDOWS\system32\NtmsData
2010-04-09 11:26:37 ----D---- C:\Program Files\Rapidown
2010-04-09 11:26:30 ----D---- C:\Documents and Settings\Šeda\Data aplikací\uTorrent
2010-04-09 11:26:29 ----D---- C:\Documents and Settings\Šeda\Data aplikací\AVG7
2010-04-08 12:55:24 ----D---- C:\Garmin
2010-04-08 12:54:15 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-08 12:25:42 ----D---- C:\Program Files\Internet Explorer
2010-04-08 10:53:49 ----D---- C:\Documents and Settings\Šeda\Data aplikací\Vso
2010-04-07 05:51:41 ----D---- C:\Program Files\Common Files\Java
2010-04-07 05:51:03 ----D---- C:\Program Files\Java
2010-04-07 05:50:03 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-06 10:52:56 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-06 08:02:35 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 23:03:28 ----D---- C:\Documents and Settings\Šeda\Data aplikací\Skype
2010-03-29 12:38:38 ----D---- C:\WINDOWS\system32\temp
2010-03-28 15:16:17 ----D---- C:\Program Files\MSXML 4.0
2010-03-26 11:15:17 ----D---- C:\Program Files\Common Files\soft602

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CLBStor;InstantBurn Storage Helper Driver; C:\WINDOWS\system32\drivers\CLBStor.sys [2007-06-04 16048]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-01-14 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 genmcmn;Genus Mouse+ Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2001-09-21 6784]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2004-10-21 35840]
S1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20100324.001\BHDrvx86.sys []
S1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1106000.020\ccHPx86.sys [2010-02-26 501888]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
S1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1106000.020\SRTSP.SYS [2010-02-27 325680]
S1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1106000.020\SRTSPX.SYS [2010-02-27 43696]
S1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1106000.020\Ironx86.SYS [2010-02-27 116784]
S1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1106000.020\SYMTDI.SYS [2010-02-04 362032]
S1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2010-02-11 226880]
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};Power Control [2009/04/27 20:36:09]; \??\E:\Program Files\CyberLink\PowerDVD\000.fcl []
S2 CLBUDF;CyberLink InstantBurn UDF Filesystem; C:\WINDOWS\system32\drivers\CLBUDF.sys [2007-06-04 162096]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
S2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2004-08-23 11089]
S3 a52y6o4r;a52y6o4r; C:\WINDOWS\system32\drivers\a52y6o4r.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-01 2300928]
S3 AR5523;Atheros USB Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;Atheros USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 DynCal;Dynamic Calibration Service; C:\WINDOWS\system32\drivers\Dyncal.sys []
S3 EraserUtilDrvI9;EraserUtilDrvI9; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys []
S3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20100415.001\IDSxpx86.sys []
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2004-08-12 49099]
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20100420.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20100420.024\NAVEX15.SYS []
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\System32\DRIVERS\NMnt.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys []
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2004-11-24 33408]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2004-11-24 12928]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-02-08 47360]
S3 se58bus;Sony Ericsson Device 088 driver (WDM); C:\WINDOWS\system32\DRIVERS\se58bus.sys []
S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 9360]
S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 97088]
S3 se58mgmt;Sony Ericsson Device 088 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se58mgmt.sys []
S3 se58nd5;Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (NDIS); C:\WINDOWS\system32\DRIVERS\se58nd5.sys []
S3 se58obex;Sony Ericsson Device 088 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se58obex.sys []
S3 se58unic;Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (WDM); C:\WINDOWS\system32\DRIVERS\se58unic.sys []
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM); C:\WINDOWS\system32\DRIVERS\sea1bus.sys []
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\sea1mdfl.sys []
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\sea1mdm.sys []
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\sea1mgmt.sys [2007-02-08 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS); C:\WINDOWS\system32\DRIVERS\sea1nd5.sys [2007-02-08 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\sea1obex.sys [2007-02-08 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM); C:\WINDOWS\system32\DRIVERS\sea1unic.sys [2007-02-08 90800]
S3 slabbus;USB Data Cable driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys []
S3 slabser;USB Data Cable Drivers; C:\WINDOWS\System32\DRIVERS\slabser.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS []
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys []
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-14 73344]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-04-07 1265264]
S2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-11-19 79136]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
S2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe [2010-02-26 126392]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; E:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [2008-09-24 81920]
S2 SDPASVC;SDPAUMS server service; C:\WINDOWS\system32\sdpasvc.exe [2001-08-07 49152]
S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
S2 winvnc;VNC Server; E:\Program Files\RealVNC\WinVNC\winvnc.exe [2002-11-27 335872]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 bepprldr;BCL easyPDF SDK Loader; C:\Program Files\Common Files\BCL Technologies\easyPDF 4\bepprldr.exe [2006-08-23 86016]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[Caroprd111]

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
• Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
• Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
• Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
• Během skenování může být počítač restartován.

[Unisono]

Pokud se týká té analýzy souboru, pak se bohužel nemohu v nouzovém režimu dostat na net. Kopíroval jsem soubor na Flashku a cestu pak nastavil právě na ni v jiném PC. Výsledky jsou snad zde:

http://www.virustotal.com/cs/analisis/8 ... 1271869133


Přenáším i v textové podobě sem:

Soubor BASSMOD.dll přijatý 2010.04.21 16:58:53 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 1/42 (2.39%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 38 a 55 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.04.21 -
AhnLab-V3 5.0.0.2 2010.04.21 -
AntiVir 7.10.6.168 2010.04.21 -
Antiy-AVL 2.0.3.7 2010.04.21 -
Authentium 5.2.0.5 2010.04.21 -
Avast 4.8.1351.0 2010.04.21 -
Avast5 5.0.332.0 2010.04.21 -
AVG 9.0.0.787 2010.04.21 -
BitDefender 7.2 2010.04.21 -
CAT-QuickHeal 10.00 2010.04.21 -
ClamAV 0.96.0.3-git 2010.04.21 -
Comodo 4658 2010.04.21 -
DrWeb 5.0.2.03300 2010.04.21 -
eSafe 7.0.17.0 2010.04.21 Suspicious File
eTrust-Vet 35.2.7439 2010.04.21 -
F-Prot 4.5.1.85 2010.04.21 -
F-Secure 9.0.15370.0 2010.04.21 -
Fortinet 4.0.14.0 2010.04.21 -
GData 21 2010.04.21 -
Ikarus T3.1.1.80.0 2010.04.21 -
Jiangmin 13.0.900 2010.04.20 -
K7AntiVirus 7.10.1004 2010.03.22 -
Kaspersky 7.0.0.125 2010.04.21 -
McAfee 5.400.0.1158 2010.04.21 -
McAfee+Artemis 5937 2010.03.31 -
McAfee-GW-Edition 6.8.5 2010.04.21 -
Microsoft 1.5703 2010.04.21 -
NOD32 5048 2010.04.21 -
Norman 6.04.11 2010.04.21 -
nProtect 2010-04-21.01 2010.04.21 -
Panda 10.0.2.7 2010.04.20 -
PCTools 7.0.3.5 2010.04.21 -
Rising 22.44.02.05 2010.04.21 -
Sophos 4.52.0 2010.04.21 -
Sunbelt 6203 2010.04.21 -
Symantec 20091.2.0.41 2010.04.21 -
TheHacker 6.5.2.0.266 2010.04.21 -
TrendMicro 9.120.0.1004 2010.04.21 -
TrendMicro-HouseCall 9.120.0.1004 2010.04.21 -
VBA32 3.12.12.4 2010.04.19 -
ViRobot 2010.4.21.2288 2010.04.21 -
VirusBuster 5.0.27.0 2010.04.21 -
Rozšiřující informace
File size: 34308 bytes
MD5...: e4ec57e8508c5c4040383ebe6d367928
SHA1..: b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06
SHA256: 8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f
ssdeep: 768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+dj
ctLSHiZ0
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x12043
timedatestamp.....: 0x40d588f5 (Sun Jun 20 12:54:13 2004)
machinetype.......: 0x14c (I386)

( 2 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x11000 0x7c04 7.98 f28dcca6060f98ffe80ecdc0af70864b
0x12000 0x688 0x800 5.01 c357226474d4e89456724075d6bdb097

( 4 imports )
> KERNEL32.dll: ExitProcess, LoadLibraryA, GetProcAddress, VirtualProtect, GlobalAlloc, GlobalFree
> WINMM.dll: timeGetTime
> MSVCRT.dll: -
> user32.dll: MessageBoxA, wsprintfA

( 27 exports )
BASSMOD_ErrorGetCode, BASSMOD_Free, BASSMOD_GetCPU, BASSMOD_GetDeviceDescription, BASSMOD_GetVersion, BASSMOD_GetVolume, BASSMOD_Init, BASSMOD_MusicDecode, BASSMOD_MusicFree, BASSMOD_MusicGetLength, BASSMOD_MusicGetName, BASSMOD_MusicGetPosition, BASSMOD_MusicGetVolume, BASSMOD_MusicIsActive, BASSMOD_MusicLoad, BASSMOD_MusicPause, BASSMOD_MusicPlay, BASSMOD_MusicPlayEx, BASSMOD_MusicRemoveSync, BASSMOD_MusicSetAmplify, BASSMOD_MusicSetPanSep, BASSMOD_MusicSetPosition, BASSMOD_MusicSetPositionScaler, BASSMOD_MusicSetSync, BASSMOD_MusicSetVolume, BASSMOD_MusicStop, BASSMOD_SetVolume
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Dynamic Link Library (generic) (55.7%)
Clipper DOS Executable (14.8%)
Generic Win/DOS Executable (14.7%)
DOS Executable Generic (14.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[Caroprd111]

Ok, počkám na log z ComboFixu.

[Unisono]

Jdu na ten Combifix!

[Caroprd111]

Ok

[Unisono]

Jsem asi lama. Jak mám vypnout Ad-Aware a Symantec Norton Internet Security 2010? Norton mi v nouzovém režimu nabízí pouze SCAN systému nebo odinstalaci.
Ad Aware mé veškeré Ad-Wath Live Real time Protection na OFF
Norton však nevím jak deaktivovat .....

[Caroprd111]

Hlášku ComboFixu ignorujte a pokračujte se zapnutým antivirem.

[Unisono]

OK

[Caroprd111]

Počkám na log.

[Unisono]

Ignoruji na dvakrát antivir, nyní hlásí POZOR!! CD-emulation drivers are running ... mám potvrdit OK?

[Caroprd111]

Ano, potvrďte.

[Unisono]

Už to restartuje