100% vytizeni CPU

[vyosek]

Pokud jste neudalal MBAM tak jej udelejte

Ktery proces vytezuje CPU nejvice - neni ve spravci videt i kdyz date zobrazit procesy vsech uzivatelu

[dokken]

nekolikanasobne opakovane spousteni CF pres noc (zamrzaval od 40 kroku) to odstranilo. Logy nemam, vse pak docisteno T-cleanerem, znova mbam pro jistotu, jeste malej problem s nefunkcnim win update (solved Fix-It od Micros.) vycisteni registru znova docasny adresare CCleanerem, pro jistotu AdAware (ten nasel 2 smejdy) a finalni defragmentace OO defrag a vse maka jak ma.
Ale i tak diky

[dokken]

Takze po puli dne se situace opakuje, 100% vytizeni CPU diky svchost

dam sem za chvili log z CF

[vyosek]

Pak udelejte sken AVP Toolem jeste http://viry.cz/forum/viewtopic.php?f=29&t=58179

[dokken]

OK provedu, potiz je v tom, ze diky vytizeni CPU jede scan CF neuveritelne pomalu, ted tam mam fazi 47 a odstartoval jsem to kolem 15h ((

[vyosek]

Nechte jej tedy bezet, pokud pracuje...AVPTool pak udelejte v nouzovem rezimu...

[dokken]

Jsem bez napadu, scan CF se nezdaril, nekolikrat mi to zamrzlo na fazi 48, ted se pokousim udelat scan AVPToolem v nouzaku...pak sem hodim log. Muzu se zeptat na postup jak odstavit obnoveni systemu ve Win 7? Na MS webu je jen videonavod a ten mi na laptopu nefunguje, diky chybejicimu pluginu. Ten jsem tam rucne nakopiroval (ty 3 knihovny-pouzivam Seamonkey)...
v nouzaku vytizeni CPU to samy

edit, vypnul jsem konecne obnoveni systemu ve Win 7

[dokken]

Takze mam urcitej posun, protoze vim, ze exovky na plose a vubec slozky a zastupci na plose brzdi PC, vytvoril jsem na D slozku desktop a zacal uvolnovat plochu presunutim vsech slozek na D disk. Vse v poho az na jedno kratke video s priponou .flv, ktery tam drzi jak pribity, nejde smazat, nejde prejmenovat, nejde odemknout unlockerem, nejde zabit killboxem, proste nic. Jsem na 100% presvedcenej, ze tady je zakopanej pes, nemuzu delat jakekoli scany, PC je vytizeno na 100%. Plocha je cista, az na tento jediny soubor. Nejaka myslenka? AVPTool nemlich to samy, nejde s tim vubec pracovat..

EDIT

podarilo se mi konecne unlockerem smazat ten .flv soubor, CPU pracuje lepe, ale stale s jistym vytizenim
pro jistotu sem dam za chvili log z CF

[dokken]

ComboFix 11-01-05.06 - dokken 07.01.2011 17:11:51.13.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.1280.631 [GMT 1:00]
Spuštěný z: c:\users\dokken\Desktop\CF.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-07 do 2011-01-07 )))))))))))))))))))))))))))))))
.

2011-01-07 16:25 . 2011-01-07 16:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-01-07 16:25 . 2011-01-07 16:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-07 14:57 . 2011-01-07 15:13 -------- d-----w- c:\program files\Unlocker
2011-01-07 14:16 . 2011-01-07 14:25 -------- d-----w- c:\windows\system32\catroot2
2011-01-07 14:12 . 2011-01-07 14:12 -------- d-----w- c:\users\dokken\AppData\Local\SvchostViewer
2011-01-07 12:47 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\67395552.sys
2011-01-07 12:47 . 2009-10-09 21:31 311312 ----a-w- c:\windows\system32\drivers\6739555.sys
2011-01-07 12:47 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\67395551.sys
2011-01-07 12:39 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\56652562.sys
2011-01-07 12:39 . 2009-10-09 21:31 311312 ----a-w- c:\windows\system32\drivers\5665256.sys
2011-01-07 12:39 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\56652561.sys
2011-01-07 10:37 . 2011-01-07 14:08 -------- d-----w- c:\program files\CleanUp!
2011-01-07 03:31 . 2011-01-07 14:19 -------- d-----w- c:\programdata\Kaspersky Lab
2011-01-07 03:29 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\12521122.sys
2011-01-07 03:29 . 2009-10-09 21:31 311312 ----a-w- c:\windows\system32\drivers\1252112.sys
2011-01-07 03:29 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\12521121.sys
2011-01-06 12:56 . 2011-01-06 12:56 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-01-06 12:54 . 2011-01-06 12:54 -------- d-----w- c:\users\dokken\AppData\Local\Sunbelt Software
2011-01-06 12:54 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{74C0E361-0033-4365-BCF4-41CEFAF7788B}\mpengine.dll
2011-01-06 12:53 . 2011-01-06 15:27 -------- dc-h--w- c:\programdata\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2011-01-06 12:52 . 2011-01-06 14:53 -------- d-----w- c:\programdata\Lavasoft
2011-01-06 09:06 . 2011-01-06 15:24 -------- d-----w- c:\programdata\Alwil Software
2011-01-06 08:53 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-06 08:52 . 2011-01-06 08:52 -------- d-----w- c:\programdata\Malwarebytes
2011-01-06 08:52 . 2011-01-06 08:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-06 08:52 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-06 08:49 . 2011-01-06 08:49 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-06 08:36 . 2011-01-06 08:36 -------- d-----w- c:\programdata\ATI
2011-01-06 06:00 . 2011-01-07 16:25 -------- d-----w- c:\users\dokken\AppData\Local\temp
2011-01-05 21:10 . 2011-01-05 21:10 -------- d-----w- c:\users\dokken\AppData\Roaming\Malwarebytes
2011-01-05 18:18 . 2011-01-05 18:18 388096 ----a-r- c:\users\dokken\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-05 18:18 . 2011-01-07 16:06 -------- d-----w- c:\program files\Trend Micro
2011-01-05 17:47 . 2011-01-05 17:47 -------- d-----w- c:\users\dokken\AppData\Roaming\Apple Computer
2011-01-05 15:08 . 2011-01-05 16:21 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-05 14:41 . 2011-01-05 15:14 -------- d-----w- c:\users\dokken\AppData\Roaming\XnView
2011-01-05 14:41 . 2011-01-05 14:41 -------- d-----w- c:\program files\XnView
2011-01-01 18:38 . 2011-01-01 18:38 -------- d-----w- c:\program files\Common Files\Skype
2010-12-30 22:19 . 2010-12-30 22:20 -------- d-----w- c:\program files\foobar2000
2010-12-29 22:37 . 2010-12-29 22:37 -------- d-----w- c:\users\dokken\AppData\Roaming\Anthropics
2010-12-29 22:37 . 2010-12-29 22:40 -------- d-----w- c:\program files\Portrait Professional 9 Trial
2010-12-29 21:31 . 2010-12-29 21:31 -------- d-----w- c:\program files\BitComet
2010-12-27 09:14 . 2011-01-06 14:20 -------- d-----w- c:\users\dokken\AppData\Roaming\foobar2000
2010-12-23 12:13 . 2008-03-18 03:07 275360 ----a-w- c:\windows\system32\DreamScene.dll
2010-12-23 12:11 . 2010-12-23 12:11 -------- d-----w- c:\users\dokken\AppData\Roaming\Video Wallpaper
2010-12-23 12:10 . 2010-12-23 12:10 -------- d-----w- c:\program files\PUSH Entertainment
2010-12-23 12:10 . 2010-05-27 11:13 332024 ----a-w- c:\windows\VIDEOWLP.scr
2010-12-22 20:33 . 2010-12-22 21:29 -------- d-----w- c:\program files\KD
2010-12-22 19:31 . 2004-11-18 10:49 45277 ----a-w- c:\windows\system32\drivers\skeyusb.sys
2010-12-22 19:31 . 2008-12-18 09:13 25680 ----a-w- c:\windows\system32\drivers\eusk2par.sys
2010-12-22 19:31 . 2005-08-22 11:02 43968 ----a-w- c:\windows\system32\drivers\eusk3usb.sys
2010-12-20 23:19 . 2010-12-20 23:22 -------- d-----w- c:\program files\MyCam
2010-12-15 20:42 . 2010-12-15 20:42 -------- d-----w- c:\users\dokken\AppData\Roaming\OCS
2010-12-15 20:28 . 2010-12-15 20:28 -------- d-----w- c:\users\dokken\AppData\Local\AOL
2010-12-10 15:10 . 2010-12-10 15:10 -------- d-----w- c:\program files\Common Files\Java
2010-12-10 15:10 . 2010-11-12 17:53 472808 ----a-w- c:\windows\system32\deployJava1.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-02 19:06 . 2010-10-25 20:42 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-11-02 18:56 . 2010-10-25 20:42 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-11-01 19:27 . 2010-10-23 15:46 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-10-29 17:16 . 2010-10-23 15:46 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-10-26 11:24 . 2010-10-26 11:24 163840 ----a-w- c:\windows\system32\GpsGateComClient.dll
2010-10-26 11:23 . 2010-10-26 11:23 118784 ----a-w- c:\windows\system32\GateApiXP.dll
2010-10-19 23:20 . 2010-10-19 23:20 25984 ----a-w- c:\windows\system32\drivers\VSPE.sys
2010-10-18 07:51 . 2010-10-18 07:52 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-10-18 07:51 . 2010-03-15 11:20 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-18 07:51 . 2010-03-15 11:20 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-10-13 13:43 . 2010-10-13 13:43 108336 ----a-w- c:\windows\system32\mswinsck.ocx
2010-06-13 23:43 . 2010-09-23 23:45 1581464 ----a-w- c:\program files\ShowMyPC3050.exe
2006-03-20 15:37 . 2010-10-25 12:30 5689344 ----a-w- c:\program files\mplayerc.exe
.

------- Sigcheck -------

[-] 2010-09-25 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"tsnp2std"="c:\windows\tsnp2std.exe" [2007-05-10 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\startupfolder\C:^Users^dokken^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GpsGate.lnk]
backup=c:\windows\pss\GpsGate.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-12-16 13:03 165144 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2008-12-16 13:14 962128 ----a-w- c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aliim]
2010-06-13 08:07 210328 ----a-w- c:\program files\trademanager\AliIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 15:09 20480 ----a-w- c:\windows\FixCamera.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2007-05-11 01:08 2512392 ----a-w- c:\windows\System32\oodtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2007-09-28 15:32 344064 ----a-w- c:\windows\vsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2008-12-16 12:25 4375032 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
2010-08-01 10:54 129584 ----a-w- c:\program files\VMware\VMware Workstation\vmware-tray.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-28 136176]
R3 athrusb;Belkin Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2008-07-28 904192]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528]
R3 eusk3usb;SmartKey 3 USB;c:\windows\system32\Drivers\eusk3usb.sys [2005-08-22 43968]
R3 Franson GpsGate 2.0;Franson GpsGate 2.0;c:\program files\Franson\GpsGate 2.0\GpsGateService.exe [2010-10-26 258048]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-04-13 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-04-13 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-04-13 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-04-13 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-04-13 25704]
S0 12521122;12521122 Boot Guard Driver;c:\windows\system32\DRIVERS\12521122.sys [2009-10-22 37392]
S0 56652562;56652562 Boot Guard Driver;c:\windows\system32\DRIVERS\56652562.sys [2009-10-22 37392]
S0 67395552;67395552 Boot Guard Driver;c:\windows\system32\DRIVERS\67395552.sys [2009-10-22 37392]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2008-07-31 20616]
S0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\DRIVERS\SI3112r.sys [2007-08-29 116264]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-24 691696]
S1 12521121;12521121;c:\windows\system32\DRIVERS\12521121.sys [2009-09-25 128016]
S1 56652561;56652561;c:\windows\system32\DRIVERS\56652561.sys [2009-09-25 128016]
S1 67395551;67395551;c:\windows\system32\DRIVERS\67395551.sys [2009-09-25 128016]
S1 AVPTooldrv;AVPTooldrv;c:\windows\system32\DRIVERS\6739555.sys [2009-10-09 311312]
S1 bizVSerial;Franson VSerial;c:\windows\system32\drivers\bizVSerialNT.sys [2006-04-03 14949]
S1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\windows\system32\drivers\VSPE.sys [2010-10-19 25984]
S1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par.sys [2008-12-18 25680]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/10/18 09:56];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 87536]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2009-10-14 583640]
S2 Realtek87B;Realtek87B;c:\program files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-08-01 70704]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-08-01 539184]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.mojebanka.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} - hxxp://90.177.104.70/cab/OCXChecker_8320.cab
.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B5555D575E7D6A3B9808A2D97226D213B555CB1C421561A5B61197D14BE451B6C8460379EA4570B6EDB63CD760C9FC6285FABC99C2D07701E0AF8C1D2517C5F7871AC74D826E296AD0DC7C8F03F582F14E435A34866EE45804902C8E0B937E726BED25855B0F487DD5DA7DBF0B738B138B38DC624E4A37AAC75C1DD616B807AF85BACFA77FA6741F10199C6B99007ABD7255F1BB7085ACD82A4079466E279B98B400EDDF10F40763E4063134632066CE8E9A387ED4823827F76C4FD252C22A7AADBD9BFBBF828DBF8E9500E2301A1A08BE0B4889796982C05895201716B5D989F87A6670D518C9909ABEC7635BF9930BB4AD28E2EEA8663240F3E1CF1F6D025B743FD2D12E433116697A3745570E8561F990D6B35CEC73ECFCC47FDF661B306A501AD75C3657ED7333C7F2BCA6E957F8E541C349F82EEC46AC49564C7B332495129D5FEF736ADAAE00AB9121E1E4229FA953D49214224BF745C4B9BF806FD11E905D498D7B568CB5ADA821EEB51A350C47DFE3A60D45399E0D7FED09AB4C62ABFAF4675D7A3948D4EDCD21C6E16713D49401BCBCD8D7973CA048AD97460CB2C7500102A9AEF40542482784EABB7172F7BED7203303DE7836EE6EA603AFB35361E423D3E16D30F29494C634C32A9FBC554287C40927A1A3D53DC67B85DA0B884A63820D191CD4F14601450BDE2A9B12AFF23752E5F72C94C9212AC17BCC9FC93AC8454E843711993610BC5B694C5644327713659039CE7B21887583689FC345C9631D30014DD7312A974B6739B40259E7CA4A10F6441E3B52B188BFF0030C5B79D9393D0D01DDB648C014E6461B958BC03B11572907F16BB731C766DF37519F29A4D075CA0B9E5C9B88BC072ACB4B4B916B1FB3DC0366580EEE1D602395315AA1909B4A02B5570814C17167A7A8A4B913D22F93E9CCDA0175A5F4054C850D0A0BBDD8A39CE18AD18592DF1DA124632E62BB81564E0E761875E6BEA31185095C762249DBAA80FD892674BA2E9F468E32FD45D9D02A041D07F594F07E4BA98EB85485B3C35F1A3C2E91B4B918CD2D72844BE000CC4380FDE74467024BF897CAB57B05E01C0F491376C7F416C9FB879D171258BE0882E7880A13EAF0343C083021A6919E1E373F96CBACAB8FA81E1A6192804367B273B3EFF0F600BC565B4B72FAF2EEBD7276BC19CB0623670BCBBDD7CF2592CC7148F0ADD5E9D7EA443FC20BF665B7153A0E1A384801F6E53EC25E5A5D7508C45E55C1FDA2487C040576E4377FE1577E086643D0C5AB9B5482DF7C097EC9BA2E0614DADF78544A1491B3BA78AE340FD661893784FE7A55828BA8ABC5295D9466E89F06172834EEAC57CA64935689F300"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-01-07 17:40:16
ComboFix-quarantined-files.txt 2011-01-07 16:40

Před spuštěním: Volných bajtů: 46 736 330 752
Po spuštění: Volných bajtů: 46 653 853 696

- - End Of File - - 32C89296079DCE3F105E188D837A0683

[vyosek]

Uz je vidim potvory Bud jsou to drivery AVPToolu nejak blbe pojmenovany nebo havet

Odinstalujte AVPTool

Stahnete Avenger (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
• Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
• Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize

• Kód: Vybrat vše

  Files to delete:
  c:\windows\system32\DRIVERS\12521121.sys
  c:\windows\system32\DRIVERS\56652561.sys
  c:\windows\system32\DRIVERS\67395551.sys
  c:\windows\system32\DRIVERS\6739555.sys
  c:\windows\system32\DRIVERS\12521122.sys
  c:\windows\system32\DRIVERS\56652562.sys
  c:\windows\system32\DRIVERS\67395552.sys
  
  Drivers to delete:
  12521121
  56652561
  67395551
  AVPTooldrv
  12521122
  6652562
  67395552
  gupdate

• Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
• Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
• Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
• Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt

[dokken]

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "c:\windows\system32\DRIVERS\12521121.sys" deleted successfully.
File "c:\windows\system32\DRIVERS\56652561.sys" deleted successfully.
File "c:\windows\system32\DRIVERS\67395551.sys" deleted successfully.
File "c:\windows\system32\DRIVERS\6739555.sys" deleted successfully.
File "c:\windows\system32\DRIVERS\12521122.sys" deleted successfully.
File "c:\windows\system32\DRIVERS\56652562.sys" deleted successfully.
File "c:\windows\system32\DRIVERS\67395552.sys" deleted successfully.
Driver "12521121" deleted successfully.
Driver "56652561" deleted successfully.
Driver "67395551" deleted successfully.
Driver "AVPTooldrv" deleted successfully.
Driver "12521122" deleted successfully.

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\6652562" not found!
Deletion of driver "6652562" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Driver "67395552" deleted successfully.
Driver "gupdate" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

[vyosek]

Nastala nejaka zmena

[dokken]

Rekl bych, ze PC je jiz v naprostem poradku
dekuji za rady

[vyosek]

Tak jsem na to tedy kapli, konecne

Nemate zac