PC generuje velké množství odchozích UDP spojení

[safcom]

Dobrý den,
prosím o pomoc - PC (Win7 64bit) neustále generuje velké množství odchozích spojení na různých UDP portech. Protože je PC v síti za Kerio Control firewallem, dojde vždy při dosažení limitu 600 připojení k zastavení síťové komunikace.
Přikládám log z ComboFixu:
kš


ComboFix 11-03-06.05 - kovar 07.03.2011 15:46:09.2.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2047.1212 [GMT 1:00]
Spuštěný z: E:\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\kovar.P3000\Documents\BackupRegistry(20110307).reg
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-07 do 2011-03-07 )))))))))))))))))))))))))))))))
.
.
2011-03-07 14:49 . 2011-03-07 14:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-07 14:42 . 2011-03-07 14:42 -------- d-----w- c:\program files (x86)\Radmin Viewer 3
2011-03-07 14:31 . 2011-03-07 14:31 -------- d-----w- c:\program files\Yamicsoft
2011-03-06 17:30 . 2011-03-06 17:30 -------- d-----w- c:\windows\PCHEALTH
2011-03-06 17:30 . 2011-03-06 17:30 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-03-06 17:30 . 2011-03-06 17:30 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-03-06 10:07 . 2011-03-06 10:07 -------- d-----w- c:\program files (x86)\Software602
2011-03-06 09:32 . 2011-03-06 09:32 -------- d-----w- c:\program files\STORMWARE
2011-03-06 09:32 . 2011-03-06 09:32 -------- d-----w- c:\program files (x86)\STORMWARE
2011-03-06 09:24 . 2011-03-07 08:52 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-03-06 09:14 . 2011-03-06 09:14 -------- d-----w- c:\windows\Downloaded Installations
2011-03-06 09:02 . 2011-03-06 09:02 -------- d-----w- c:\program files (x86)\Kerio
2011-03-06 08:57 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
2011-03-06 08:49 . 2011-03-06 08:49 -------- d-----w- c:\program files (x86)\My Company Name
2011-03-06 07:33 . 2011-03-06 07:33 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-03-06 07:33 . 2011-03-06 07:33 -------- d-----r- c:\program files (x86)\Skype
2011-03-06 07:33 . 2011-03-06 07:33 -------- d-----w- c:\programdata\Skype
2011-03-05 19:05 . 2011-03-05 19:05 -------- d-----w- c:\programdata\Easy Driver Pro
2011-03-05 18:47 . 2011-03-05 18:47 -------- d-----w- c:\windows\tessdata
2011-03-05 18:47 . 2011-03-05 18:47 -------- d-----w- c:\program files (x86)\FreeOCR
2011-03-05 18:47 . 2009-10-29 03:46 1883136 ------w- c:\windows\SysWow64\QuickPDFAX0717.dll
2011-03-05 18:47 . 2007-03-10 09:11 2680320 ------w- c:\windows\SysWow64\ImageEnXLibrary.ocx
2011-03-05 18:47 . 2008-04-27 20:28 962560 ------w- c:\windows\tesseract.exe
2011-03-05 18:44 . 2005-09-10 10:08 28160 ------w- c:\windows\SysWow64\pi86fxlmon.dll
2011-03-05 18:44 . 2006-07-27 08:44 22706 ------w- c:\windows\SysWow64\T1AL2K.DLL
2011-03-05 17:20 . 2011-03-05 17:20 -------- d-----w- c:\windows\SysWow64\Macromed
2011-03-05 17:07 . 2011-01-13 01:20 7844688 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-05 17:07 . 2011-02-10 22:31 7947600 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4160E27A-F209-4555-8B69-EBF25BECDAF1}\mpengine.dll
2011-03-05 17:06 . 2011-03-05 17:06 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F22A9F53-8552-42C4-9BCB-480A0E72BE0F}\gapaengine.dll
2011-03-05 17:00 . 2011-03-05 17:00 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-03-05 16:59 . 2011-03-05 17:00 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-03-05 16:59 . 2011-03-05 17:00 -------- d-----w- c:\program files\Microsoft Security Client
2011-03-05 16:51 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-03-05 16:51 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-03-05 16:45 . 2011-03-05 16:45 -------- d-----w- c:\windows\SysWow64\Wat
2011-03-05 16:45 . 2011-03-05 16:45 -------- d-----w- c:\windows\system32\Wat
2011-03-05 16:20 . 2011-03-05 16:20 -------- d-----w- C:\temp
2011-03-05 16:20 . 2011-03-05 16:20 -------- d-----w- c:\program files (x86)\Gemplus
2011-03-05 16:20 . 2003-08-29 22:35 24576 ------w- c:\windows\SysWow64\gemstrmw.exe
2011-03-05 16:20 . 2011-03-05 16:20 -------- d-----w- c:\program files (x86)\I.CA
2011-03-05 16:13 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2011-03-05 16:13 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2011-03-05 16:13 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-03-05 16:13 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-03-05 16:13 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-03-05 16:13 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2011-03-05 16:13 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2011-03-05 15:59 . 2011-02-23 08:34 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8FEA139B-0FE5-4099-9DBC-8E376776BFCA}\mpengine.dll
2011-03-05 15:54 . 2010-12-17 11:40 715776 ----a-w- c:\windows\system32\kerberos.dll
2011-03-05 15:54 . 2010-12-17 07:07 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-03-05 15:53 . 2011-01-07 12:17 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-05 15:53 . 2011-01-07 12:17 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-05 15:53 . 2011-01-07 07:46 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-05 15:53 . 2011-01-07 07:46 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-05 15:53 . 2011-01-05 06:56 3129344 ----a-w- c:\windows\system32\win32k.sys
2011-03-05 15:53 . 2011-01-07 09:51 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-05 15:53 . 2011-01-07 06:01 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-05 15:52 . 2011-01-07 12:14 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-03-05 15:52 . 2011-01-07 09:20 366592 ----a-w- c:\windows\system32\atmfd.dll
2011-03-05 15:52 . 2011-01-07 07:45 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-03-05 15:52 . 2011-01-07 05:43 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-03-05 15:52 . 2011-01-05 10:34 612864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-05 15:52 . 2011-01-05 05:55 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-05 15:52 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2011-03-05 15:52 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2011-03-05 15:47 . 2011-03-07 08:53 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-03-05 15:47 . 2011-03-07 08:53 -------- d-----w- c:\program files\Microsoft Sync Framework
2011-03-05 15:47 . 2011-03-07 08:53 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-03-05 15:47 . 2011-03-07 08:38 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-03-05 15:46 . 2011-03-07 08:38 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-03-05 15:45 . 2011-03-07 08:52 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-03-05 15:45 . 2011-03-07 08:38 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-03-05 15:45 . 2011-03-07 06:28 -------- d-----w- c:\programdata\Microsoft Help
2011-03-05 15:45 . 2011-03-07 14:42 -------- d-sh--w- c:\windows\Installer
2011-03-05 15:45 . 2011-03-07 08:37 -------- d-----r- C:\MSOCache
2011-03-05 15:29 . 2011-03-05 15:29 -------- d-----w- c:\program files\Microsoft Games
2011-03-05 15:07 . 2011-03-05 15:07 0 ----a-w- c:\windows\ativpsrm.bin
2011-03-05 15:00 . 2011-03-05 15:15 -------- d-----w- c:\windows\Panther
2011-03-05 14:59 . 2011-03-05 14:59 -------- d-----w- C:\Boot
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-21 03:24 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-26 15026056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Panasonic Device Monitor Wakeup"="c:\program files (x86)\Panasonic\Device Monitor\dmwakeup.exe" [2004-12-27 303104]
.
c:\users\kovar.P3000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SkypeMate.lnk - c:\program files (x86)\SkypeMate\SkypeMate.exe [2010-12-30 670720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [2010-11-21 3524608]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\drivers\acpipmi.sys [2010-11-21 12800]
R3 adp94xx;adp94xx;c:\windows\system32\drivers\adp94xx.sys [2009-07-14 491088]
R3 adpahci;adpahci;c:\windows\system32\drivers\adpahci.sys [2009-07-14 339536]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-21 107904]
R3 amdsbs;amdsbs;c:\windows\system32\drivers\amdsbs.sys [2009-07-14 194128]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [2010-11-21 61440]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 arcsas;arcsas;c:\windows\system32\drivers\arcsas.sys [2009-07-14 97856]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\drivers\bxvbda.sys [2009-06-10 468480]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\drivers\BrFiltLo.sys [2009-06-10 18432]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\drivers\BrFiltUp.sys [2009-06-10 8704]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 286720]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-06-10 47104]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-06-10 14976]
R3 circlass;Consumer IR Devices;c:\windows\system32\drivers\circlass.sys [2009-07-14 45568]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\drivers\evbda.sys [2009-06-10 3286016]
R3 elxstor;elxstor;c:\windows\system32\drivers\elxstor.sys [2009-07-14 530496]
R3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 34304]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 55376]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-06-10 31232]
R3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2010-11-21 78720]
R3 iaStorV;iaStorV;c:\windows\system32\drivers\iaStorV.sys [2010-11-21 410496]
R3 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-21 78848]
R3 iScsiPrt;iScsiPort Driver;c:\windows\system32\drivers\msiscsi.sys [2010-11-21 273792]
R3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [2009-07-14 31232]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 LSI_FC;LSI_FC;c:\windows\system32\drivers\lsi_fc.sys [2009-07-14 114752]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\drivers\lsi_sas.sys [2009-07-14 106560]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\drivers\lsi_sas2.sys [2009-07-14 65600]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\drivers\lsi_scsi.sys [2009-07-14 115776]
R3 megasas;megasas;c:\windows\system32\drivers\megasas.sys [2009-07-14 35392]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 mpio;mpio;c:\windows\system32\drivers\mpio.sys [2010-11-21 155008]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-21 31104]
R3 msdsm;msdsm;c:\windows\system32\drivers\msdsm.sys [2010-11-21 140672]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-14 8192]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\drivers\MTConfig.sys [2009-07-14 15360]
R3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-14 318976]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-14 35328]
R3 nfrd960;nfrd960;c:\windows\system32\drivers\nfrd960.sys [2009-07-14 51264]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-21 166272]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PerfHost;Hostitel knihoven DLL čítačů výkonu;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 ql2300;ql2300;c:\windows\system32\drivers\ql2300.sys [2009-07-14 1524816]
R3 ql40xx;ql40xx;c:\windows\system32\drivers\ql40xx.sys [2009-07-14 128592]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-14 13824]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\drivers\sisraid4.sys [2009-07-14 80464]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [2009-07-14 93184]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 stexstor;stexstor;c:\windows\system32\drivers\stexstor.sys [2009-07-14 24656]
R3 StorSvc;Služba úložiště;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-21 39424]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [2009-07-14 40960]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 64592]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-14 100352]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [2009-07-14 31232]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-21 215936]
R3 vmbus;vmbus;c:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
R3 vsmraid;vsmraid;c:\windows\system32\drivers\vsmraid.sys [2009-07-14 161872]
R3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\System32\drivers\vwifibus.sys [2009-07-14 24576]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2009-07-14 27776]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-05 1255736]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [2010-11-21 1504256]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 Wd;Wd;c:\windows\system32\drivers\wd.sys [2009-07-14 21056]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 27136]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 27136]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-21 27008]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [2009-07-14 367696]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2010-11-21 459248]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 70224]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-21 223248]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-21 14720]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2010-11-21 152960]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 15424]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 50768]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
S0 spldr;Security Processor Loader Driver; [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [2010-11-21 46464]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 36432]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [2010-11-21 71552]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [2010-11-21 363392]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 45056]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [2010-11-21 514560]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-21 102400]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 40448]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 24576]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 7680]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 8192]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [2010-11-21 119296]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-21 88576]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-14 12800]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-14 60928]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [2009-07-13 113152]
S2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 Panasonic Local Printer Service;Panasonic Local Printer Service;c:\progra~2\PANASO~1\LocalCom\lmsrvnt.exe [2004-08-03 36864]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 651264]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-21 45056]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\DRIVERS\1394ohci.sys [2010-11-21 229888]
S3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 27136]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 90624]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\DRIVERS\CompositeBus.sys [2010-11-21 38912]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-21 982912]
S3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [2009-08-10 119680]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 30208]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2009-07-14 77312]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-21 287744]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-21 128000]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 60416]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 24064]
S3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-21 29696]
S3 SPorts;High-Speed PCIe Serial Port;c:\windows\system32\DRIVERS\SPorts.sys [2009-08-17 122880]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-21 413184]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-21 167936]
S3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-21 194048]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-21 125440]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\DRIVERS\umbus.sys [2010-11-21 48640]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 27136]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS QWAVE wcncsvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
wcssvc REG_MULTI_SZ WcsPlugInService
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
msiscsi
schedule
SessionEnv
winmgmt
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-21 03:23 509952 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
winmgmt
SessionEnv
browser
EapHost
schedule
hkmsvc
wercplsupport
ProfSvc
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
StorSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: {F40D3B4F-9EED-4F2F-8AD0-E1EFF71F825B} = 192.168.100.100,194.228.41.113
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} - hxxps://bb24.csob.cz/Comp/IcaSignerCZ.cab
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-07 15:50:57
ComboFix-quarantined-files.txt 2011-03-07 14:50
ComboFix2.txt 2011-03-07 14:22
.
Před spuštěním: Volných bajtů: 84 083 093 504
Po spuštění: Volných bajtů: 83 910 078 464
.
- - End Of File - - 91CD72EB14EC16D30DAB4D106F12E49B

[Rudy]

Log vypadá čistý. Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

[safcom]

Tak to vypadá, že AVP Tool nic nenašel. Zde je log:

Automatická kontrola: dokončeno před 1 min. (události: 2, objekty: 372758, čas: 01:08:26)
7.3.2011 23:15:55 Úloha byla dokončena
7.3.2011 22:07:29 Úloha byla spuštěna

[Rudy]

PC vypadá po virové stránce čistý. Budete muset nastavit firewall tak, aby všechny nežádoucí spojení byla blokována. Návod: http://www.viry.cz/forum/viewtopic.php?f=41&t=108734 .

[safcom]

Děkuji za pomoc,

vypadá to, že po doporučeném proskenování a následném zablokování UDP4000 a UDP7871 spolu s eliminací P2P spojení, klesl počet odchozích UDP spojení na cca 50. Ty jsou podle všeho produktem spuštěného SKYPE.exe. Při ukončení tohoto procesu již zbylé UDP vymizí.

[Rudy]

Nemáte zač!