Re: 100 % Procesor u všeho
Napsal: 20 pro 2011 19:27
Ctrl+Alt+Deletevyosek píše: Ktery proces nejvice zatezuje CPU?
Stránka 3 z 5
Re: 100 % Procesor u všeho
Napsal: 21 pro 2011 16:23
Zdravím,
jak jsem již psal zabírá to vždy když zapnu Operu tak proces " opera.exe " když Mozilla tak " firefox.exe + nějakej plugin-container.exe " nebo jak a prostě když zapnu hru tak ta hra bere když neni nic zaplý tak to nejede 100% takže
když zapnu internet ( operu ) tak to de pomalu tak co myslíte že stím je ? Parametry mého PC
Procesor : 2,6 GHz Intel Celeron
RAM : 1,5 GB
Grafická karta : 128 MB nVIDIA Ge Force FX 5200
HDD : 350 GB +- mam 3 HDD
jak jsem již psal zabírá to vždy když zapnu Operu tak proces " opera.exe " když Mozilla tak " firefox.exe + nějakej plugin-container.exe " nebo jak a prostě když zapnu hru tak ta hra bere když neni nic zaplý tak to nejede 100% takže
když zapnu internet ( operu ) tak to de pomalu tak co myslíte že stím je ? Parametry mého PCProcesor : 2,6 GHz Intel Celeron
RAM : 1,5 GB
Grafická karta : 128 MB nVIDIA Ge Force FX 5200
HDD : 350 GB +- mam 3 HDD
Re: 100 % Procesor u všeho
Napsal: 21 pro 2011 18:34
Ví někdo teda ?
Re: 100 % Procesor u všeho
Napsal: 21 pro 2011 18:55
Omlouvám se za SPAM ale jsem bezradný
Re: 100 % Procesor u všeho
Napsal: 21 pro 2011 20:32
Zdravim a pekny vecer preji 
Uvedomte si prosim, ze jsme na foru, kde jsou radci ve svem volnem case a zdarma, pokud jste potreboval urgentni reseni, mel jste se obratit na specializovane servisy, kde jsou technici placeni a resi problemy ihned.
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Uvedomte si prosim, ze jsme na foru, kde jsou radci ve svem volnem case a zdarma, pokud jste potreboval urgentni reseni, mel jste se obratit na specializovane servisy, kde jsou technici placeni a resi problemy ihned.
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
Re: 100 % Procesor u všeho
Napsal: 22 pro 2011 13:49
zdravím
omlouvám se ještě jednou tu máte Log ze včerejška znovu ho dělat nechci jelikož je vše stejně jako včera nic sem nestahoval atd...
ComboFix 11-12-19.03 - PC 20.12.2011 13:33:39.2.1 - x86
Spuštěný z: c:\combofix\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-20 do 2011-12-20 )))))))))))))))))))))))))))))))
.
.
2011-12-18 11:46 . 2011-12-18 11:46 -------- d-----w- c:\program files\Defraggler
2011-12-14 15:30 . 2011-12-14 15:30 -------- d-----w- C:\_OTL
2011-12-14 14:26 . 2011-12-14 14:26 512 ----a-w- C:\PhysicalMBR.bin
2011-12-14 00:19 . 2011-12-14 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2011-12-13 15:45 . 2011-12-13 15:45 -------- d-----w- C:\rsit
2011-12-12 13:40 . 2011-12-12 13:44 -------- d-----w- c:\program files\ICQ7.7
2011-12-12 12:05 . 2011-12-12 12:05 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-12-12 11:59 . 2011-08-18 14:25 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-12-12 11:57 . 2011-12-12 11:57 -------- d-----w- c:\program files\Lavasoft
2011-12-12 11:57 . 2011-12-12 11:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2011-12-12 11:36 . 2011-12-12 11:37 -------- d-----w- C:\Adobe 3
2011-12-10 13:55 . 2011-12-10 13:55 -------- d-----w- C:\Counter-Strike 2D
2011-12-06 16:50 . 2011-12-06 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-12-05 19:06 . 2011-12-05 19:06 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Unity
2011-11-26 19:31 . 2011-11-26 19:31 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2011-11-26 19:31 . 2011-11-26 19:31 -------- d-----w- c:\program files\Common Files\Steam
2011-11-26 19:31 . 2011-12-12 13:36 -------- d-----w- c:\program files\Steam
2011-11-21 13:10 . 2011-11-21 13:10 -------- d-----w- c:\program files\Common Files\DirectX
2011-11-21 13:09 . 2011-06-19 17:56 4122968 ----a-w- c:\windows\system32\GameMon.des
2011-11-21 13:08 . 2005-01-03 15:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2011-11-21 13:08 . 2003-07-20 00:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2011-11-21 13:08 . 2011-11-21 13:08 -------- d-----w- c:\program files\Common Files\INCA Shared
2011-11-20 14:16 . 2011-11-20 14:16 -------- d-----w- c:\program files\GamersFirst
2011-11-20 14:06 . 2011-11-20 14:06 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Opera
2011-11-20 14:04 . 2011-12-09 14:59 -------- d-----w- c:\program files\Opera
2011-11-20 13:01 . 2011-11-20 13:01 -------- d-----w- c:\documents and settings\PC\Data aplikací\Garena
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 11:51 . 2011-09-01 16:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-26 12:50 . 2011-10-10 13:40 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-11-23 14:40 . 2008-04-14 05:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-22 18:01 . 2011-09-28 11:06 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2011-11-19 15:44 . 2011-09-10 10:53 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-11-04 19:13 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 19:13 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 11:23 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-14 06:51 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 10:12 . 2011-10-28 10:06 6108 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2011-10-28 10:11 . 2011-10-28 10:11 64020 ----a-w- c:\windows\BricoPackUninst.cmd
2011-10-28 10:11 . 2008-04-14 06:52 219648 ----a-w- c:\windows\system32\uxtheme.dll
2011-10-28 05:32 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 08:06 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2008-04-14 06:07 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-23 10:12 . 2011-09-10 09:14 165232 ---ha-w- c:\documents and settings\PC\Data aplikací\Microsoft\Virtual PC\VPCKeyboard.dll
2011-10-18 11:13 . 2008-04-14 06:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2011-08-31 07:03 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-09 14:34 . 2011-09-09 12:50 436792 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-10-03 14:49 . 2011-10-05 13:09 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-10-03 14:49 . 2011-10-05 13:09 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-10-03 14:49 . 2011-10-03 14:49 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-03 14:49 . 2011-10-03 14:49 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-10-03 14:49 . 2011-10-03 14:49 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-10-03 04:06 . 2011-09-20 16:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37 . 2011-09-20 16:56 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2008-04-14 06:51 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2010-03-18 08:09 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2004-08-18 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-11-13 09:27 . 2011-08-31 22:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
.
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-18_11.28.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-20 06:54 . 2011-12-20 06:54 16384 c:\windows\Temp\Perflib_Perfdata_72c.dat
+ 2011-12-18 11:46 . 2011-12-18 11:46 24064 c:\windows\Installer\886f1.msi
- 2011-12-18 11:03 . 2011-05-25 00:43 15614312 c:\windows\SoftwareDistribution\Download\Install\NDP20SP2-KB2518864-x86.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-18 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-05-04 161328]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"SMART Board Tools"="c:\program files\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784]
Styler.lnk - c:\documents and settings\PC\Data aplikací\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-10-28 15086]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^Registration Driver Parallel Lines.LNK]
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\Registration Driver Parallel Lines.LNK
backup=c:\windows\pss\Registration Driver Parallel Lines.LNKStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 21:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-07-06 17:52 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCGui.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\SMARTSNMPAgent.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCService.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\VantageService.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.7\\ICQ.exe"=
"d:\\Program Files\\Counter-Strike 1.624\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59012:TCP"= 59012:TCP:Pando Media Booster
"59012:UDP"= 59012:UDP:Pando Media Booster
"57545:TCP"= 57545:TCP:Pando Media Booster
"57545:UDP"= 57545:UDP:Pando Media Booster
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528]
R3 cmipci;CMI8738/8768 Audio Driver;c:\windows\system32\drivers\cmipci.sys [2009-09-24 37888]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-06-17 25480]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-08-18 15232]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-19 4122968]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-10-03 104752]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-08-18 64512]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-10-09 436792]
S1 TSKNF900.SYS;TSKNF900.SYS;c:\windows\system32\Drivers\TSKNF900.SYS [2009-04-19 17672]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-10-03 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-10-03 91440]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-12-12 2152152]
S2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\Education Software\UCService.exe [2011-07-13 311664]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-10-03 116016]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 12:04]
.
.
------- Doplňkový sken -------
.
uStart Page =
mStart Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download with Xilisoft YouTube Video Converter - c:\program files\Xilisoft\YouTube Video Converter\upod_link.HTM
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\uu089caj.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-20 13:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32]
"RuntimeVersion"="v1.1.4322"
"Assembly"="mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
"ThreadingModel"="Both"
@="mscoree.dll"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\2.0.0.0]
"RuntimeVersion"="v2.0.50727"
"Assembly"="mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\4.0.0.0]
"RuntimeVersion"="v4.0.30319"
"Assembly"="mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32]
"RuntimeVersion"="v1.0.3705"
"Assembly"="mscorcfg, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
"Class"="Microsoft.CLRAdmin.CWizardPage"
"ThreadingModel"="Both"
@="c:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscormmc.dll"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32\1.0.3300.0]
"RuntimeVersion"="v1.0.3705"
"Assembly"="mscorcfg, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
"Class"="Microsoft.CLRAdmin.CWizardPage"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}\Inpr*cServer32]
@="c:\\Program Files\\Combined Community Codec Pack\\Filters\\FFDShow\\ffdshow.ax"
"ThreadingModel"="Both"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\Inpr*cServer32]
@="c:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\skypeieplugin.dll"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\Inpr*cServer32]
@="c:\\WINDOWS\\system32\\Mscomctl.ocx"
"InprocServer32"=multi:"q9JeFF%`-?&T!$UQ!H?4MsComCtlOcx<\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5FB6957-65E6-491B-BB37-B25C9FE3BEA7}\Inpr*cServer32]
@="c:\\Program Files\\Combined Community Codec Pack\\Filters\\Mpeg2DecFilter.ax"
"ThreadingModel"="Both"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Assemblies\C:|P*ogram Files|Reference Assemblies|Microsoft|Framework|v3.0|PresentationFramework.Classic.dll]
"PresentationFramework.Classic,fileVersion=\"3.0.6920.1427\",culture=\"neutral\",version=\"3.0.0.0\",publicKeyToken=\"31bf3856ad364e35\",processorArchitecture=\"MSIL\""=multi:"i`TI]]zu$6IFqxoJt$?iWPF30_WPF2M_x86_enu_ddf>u%K5@U]U'93jV}mo'D2,\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{29D97D99-2C50-4855-BC74-B3E372DDD602}\Prox*StubClsid32]
@Class="REG_SZ"
@="{C5621364-87CC-4731-8947-929CAE75323E}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2A75C1FD-06B0-3CBB-B467-2545D4D6C865}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2E50547C-A8AA-4f60-B57E-1F414711007B}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{334DF94A-7556-4CBC-8C04-043096B02D82}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{418C5753-9B5F-409F-B67F-C55A65FD54B5}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\Prox*StubClsid32]
@Class="REG_SZ"
@="{777C8A05-5C36-11D5-ABAF-00B0D02332EB}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{7FA2A2C6-276C-3F23-AF2A-800CCD05CFF2}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{82D6B3BF-A633-3B3B-A09E-2363E4B24A41}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{832C16F7-88FA-4D0D-A7F3-E26453C23FC6}\NumM*thods]
@Class="REG_SZ"
@="6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{9A863567-0F37-4D78-92B8-35693624D3ED}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{B0B96BA6-98B6-4CFD-BE70-887893448685}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{C6B4F799-F85B-4661-8E76-E8DE3E97190D}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA6FBD25-933F-4411-9148-4CE1D01BD4E2}\NumM*thods]
@Class="REG_SZ"
@="6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CBE1F78A-31CD-437C-A4F7-EDF38FFB3E44}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D0AD6773-7241-444F-A3A8-7233258713AA}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D17506C2-6B26-11D0-8914-00C04FC2A0CA}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D658392C-E872-11D2-83C2-00C04F8EDCC4}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E341516B-2E32-11D1-9964-00C04FBBB345}\Prox*StubClsid32]
@Class="REG_SZ"
@="{64B8F404-A4AE-11D1-B7B6-00C04FB926AF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EB41E8C5-4442-11D1-8906-00A0C9110049}\Prox*StubClsid]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF638827-FADC-4E96-94DE-82021AD62BA3}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF72D021-2C6D-3E33-9442-574BFD6E0871}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F5F31F14-FDF0-4D29-835A-46ADFE743B78}\NumM*thods]
@Class="REG_SZ"
@="5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F72C8D97-6DBD-11D1-A1E8-00C04FC2FBE1}\Prox*StubClsid32]
@Class="REG_SZ"
@="{B8DA6310-E19B-11D0-933C-00A0C90DCAA9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F938C991-3029-11CF-8C44-00AA006B6814}\Prox*StubClsid32]
@Class="REG_SZ"
@="{92A3A302-DA7C-4A1F-BA7E-1802BB5D2D02}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FD77473D-BE55-438F-9AC8-885F164C67A4}\Prox*StubClsid32]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}]
@="_DPushButtonEvents"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid32]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\TypeLib]
@="{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}"
"Version"="d.4"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew]
@="&Open"
"MUIVerb"="@c:\\WINDOWS\\system32\\ieframe.dll.mui,-5731"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\command]
@="\"c:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" %1"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec]
@="\"file://%1\",,-1,,,,,"
"NoActivateHandler"=""
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Application]
@="IExplore"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\IfExec]
@="*"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Topic]
@="WWW_OpenURLNewWindow"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO]
@="DirectSoundFlangerDMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CLSID]
@="{EFCA3D92-DFD8-4672-A603-7420894BAD98}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CurVer]
@="Microsoft.DirectSoundFlangerDMO.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1]
@="DirectSoundGargleDMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1\CLSID]
@="{DAFD8210-5711-4B91-9FE3-F75B7AE279BF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\MIME\Database\Content Type\vide*/x-flv]
"Extension"=".flv"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1]
@="MSMQEvent Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1\CLSID]
@="{D7D6E07A-DCCD-11d0-AA4B-0060970DEBAE}"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1]
@="Segment funkce datových služeb BDA"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1\CLSID]
@="{334125C0-77E5-11D3-B653-00C04F79498E}"
.
[HKEY_LOCAL_MACHINE\software\Classes\opendocument.ImpressTemplate.1\shell\prin**o\command]
@="\"c:\\Program Files\\OpenOffice.org 3\\program\\soffice.exe\" -pt \"%2\" \"%1\""
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions]
@="Photoshop GalleryOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CLSID]
@="{e77ce1a6-a3bf-4a6d-874a-8eb24fae2c3f}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CurVer]
@="Photoshop.GalleryOptions.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10]
@="Photoshop RawSaveOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10\CLSID]
@="{f23dd8af-d7e0-4633-8baa-4ac879b13092}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10]
@="Photoshop SGIRGBSaveOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10\CLSID]
@="{e3a92d91-d84e-491d-b974-c7b898b64b4c}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Printers\shellex\Prop*rtySheetHandlers\ICM Printer Management]
@="{675F097E-4C4D-11D0-B6C1-0800091AA605}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot]
@="System.EnterpriseServices.Internal.SoapServerVRoot"
.
[HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot\CLSID]
@="{CAA817CC-0C04-4D22-A05C-2B7E162F4E8F}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus]
@="VideoHDCPStatus Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CLSID]
@="{EEF5290C-7F3D-4640-93F2-F189DC616510}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CurVer]
@="Video_TVServer.VideoHDCPStatus.1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\Fusion\References\PresentationBuildTasks, Version=4.0.0.0, Culture=neutral, PublicKeyT*ken=31bf3856ad364e35, processorArchitecture=MSIL\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}"=".NET Framework Redist Setup"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]
"Status"=dword:00000003
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1]
"Scenario"=dword:00000020
"Status"=dword:00000000
"RuntimeVersion"="v2.0.50727"
"ImageList"=hex:06,00,00,00,01,23,5a,22,e1,ae,97,42,bb,72,4d,41,16,29,dd,99,d5,
05,00,00,00,b4,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\2]
"Scenario"=dword:00000020
"Status"=dword:00000003
"RuntimeVersion"="v2.0.50727"
"ImageList"=hex:06,00,00,00,01,ee,a7,bc,c8,d3,56,e3,f2,dc,b4,f3,6d,fc,1c,6b,c0,
05,00,00,00,b4,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]
"Status"=dword:00000003
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\0]
"Scenario"=dword:00000000
"Status"=dword:00000000
"RuntimeVersion"="v4.0.30319"
"ImageList"=hex:30,00,00,00,01,64,72,ee,f5,09,8d,68,2d,9f,e1,ba,98,8f,0e,2a,16,
05,00,00,00,b6,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,46,00,6f,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\1]
"Scenario"=dword:00000000
"Status"=dword:00000002
"RuntimeVersion"="v4.0.30319"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7]
"DisplayName"="System,2.0.0.0,,b77a5c561934e089"
"Status"=dword:00000000
"MVID"=hex:af,39,f6,e6,44,af,02,87,3b,9b,ae,31,9f,2b,fb,13
"ConfigString"=""
"ConfigMask"=dword:00001109
"ILDependencies"=hex:d8,d4,4b,42,de,65,fe,2b,05,00,00,00,02,00,00,00,00,00,00,
00,57,8d,ab,19,f5,0e,ee,70,06,00,00,00,02,00,00,00,00,00,00,00,4f,fe,50,3f,\
"NIDependencies"=hex:c6,38,19,18,c5,e2,50,79,08,00,00,00,02,00,00,00,00,00,00,
00
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7\InvertDependencies]
"110e8ba\\7836ed93\\6"=""
"1b47d045\\7f3aad1e\\5"=""
"3d67735\\6e35940e\\4"=""
"55d78379\\2ffb0c52\\3"=""
"4b875519\\38945df3\\2"=""
"46b91004\\77ccecdd\\1"=""
"70e80e6e\\43fd4348\\d"=""
"53e01c0b\\2d485ce4\\c"=""
"7ac727df\\7b5311d7\\b"=""
"226b2009\\5b43ba09\\a"=""
"6087e565\\1de2335f\\11"=""
"48cbec9d\\30c2c2bf\\18"=""
"3cca06a0\\6dc7d4c0\\17"=""
"42d76e4d\\6a6f846e\\16"=""
"6c9a55d4\\6b2ef2ae\\15"=""
"73320ae2\\5643f3bb\\14"=""
"61e7e666\\c991064\\13"=""
"6faf58\\19ab8d57\\12"=""
"5764ec77\\51be0150\\19"=""
"2a8ab4f5\\364a4dcf\\20"=""
"476b8f1d\\6b98653e\\1b"=""
"4c7ba6e4\\70134b7d\\1a"=""
"212ef70c\\627678ca\\28"=""
"7dfaa0d2\\79080a91\\27"=""
"561175dc\\1878c7bb\\26"=""
"77a2835c\\36d9491a\\25"=""
"3b9d4dd3\\7cae3392\\24"=""
"3cf7117f\\34bfbdd7\\22"=""
"408b62a\\5e394295\\29"=""
"20327a6b\\730776a9\\2f"=""
"70e0fcf4\\22b71a50\\2e"=""
"673eaac0\\41f1f143\\2b"=""
"573eb423\\16fa6aa6\\31"=""
"634c2e69\\474c21c8\\38"=""
"69656b97\\2b81e88b\\37"=""
"1865da81\\15379461\\35"=""
"2a7f0223\\919b802\\34"=""
"378d4dc7\\2e3eefa8\\33"=""
"2219f480\\224c3261\\32"=""
"4f1555b2\\35df3f71\\39"=""
"1320606e\\51bbe64e\\40"=""
"5044d811\\39d851f1\\3f"=""
"1e7178c9\\62af46e3\\3e"=""
"159a66b8\\424bd4d8\\3b"=""
"640d09ef\\75638fee\\3a"=""
"6f06001f\\475dce40\\41"=""
"5510f47d\\78e5f298\\47"=""
"4d8855e2\\614f9804\\46"=""
"58052d2f\\19693f50\\44"=""
"1734f8c5\\5094d6df\\43"=""
"3c0e944b\\5668366c\\42"=""
"6666f4a8\\4fc542c4\\49"=""
"1c22df2f\\4f99a7c9\\50"=""
"505c41c7\\18407c1\\4f"=""
"429b0dd8\\4c76ceeb\\4d"=""
"740e747\\712ad40\\4c"=""
"4eb53aa8\\7fc0fca1\\4b"=""
"6fe67a05\\7c66cbfe\\4a"=""
"46549924\\6a90ef1c\\51"=""
"6960d6d7\\79f4e0d0\\58"=""
"774c02ca\\5f5ec0c2\\57"=""
"64be1fa4\\3ced59c5\\56"=""
"340dcf4c\\3a6a696d\\55"=""
"4f0ed0af\\7a0f7aa7\\54"=""
"f3eb9d9\\2e829ffb\\53"=""
"57d4b1bf\\85e83df\\52"=""
"5132fda3\\7665d79c\\59"=""
"7f0603e4\\73843e06\\60"=""
"5a8de2c3\\2b1a4e4\\5e"=""
"db950d6\\141dfd70\\5d"=""
"7548b7e5\\36d1a880\\5c"=""
"7b7b125f\\2f57887a\\5b"=""
"2a3a6b59\\1a4f246d\\5a"=""
"5fcea75a\\3c9c8d7b\\61"=""
"6eae2d34\\3b249b34\\68"=""
"7fe99dd6\\24bf93f6\\67"=""
"6a686da6\\652572bb\\66"=""
"79a57d4e\\6dd86662\\65"=""
"361f692e\\5b2d242\\64"=""
"3522e5b1\\622ac2c4\\63"=""
"22819cfd\\5a64a10\\62"=""
"439b21dc\\8d013d6\\69"=""
"12bcedd0\\54280fca\\70"=""
"481e243f\\392c4553\\6f"=""
"7367db5c\\4fd4b97d\\6e"=""
"1afb76b9\\aa460d9\\6d"=""
"72522657\\2b351479\\6c"=""
"5fddae7d\\30b32757\\6a"=""
"1dbe171c\\2c6993f6\\71"=""
"4aab34c8\\27aa01a1\\78"=""
"38587ddc\\2089aaf0\\77"=""
"298818d6\\6c1422cf\\76"=""
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v4.0.30319_32\NI\44ec6d48\74c9*6c5\1c]
"DisplayName"="System.Xaml,4.0.0.0,,b77a5c561934e089"
"Status"=dword:00000000
"MVID"=hex:41,85,13,0e,da,1d,7a,5e,0e,04,74,e7,23,43,57,0b
"ConfigString"=""
"ConfigMask"=dword:00001109
"ILDependencies"=hex:d5,74,f4,34,3f,6f,24,65,06,00,00,00,04,00,00,00,00,00,00,
00,d5,74,f4,34,3f,6f,24,65,06,00,00,00,04,00,00,00,00,00,00,00,c5,f6,c9,74,\
"NIDependencies"=hex:c6,38,19,18,42,ca,99,14,08,00,00,00,04,00,00,00,00,00,00,
00,4f,7c,bc,30,cd,e5,99,5a,07,00,00,00,04,00,00,00,00,00,00,00,4f,7c,bc,30,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2902.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{75339C8C-B4BA-463B-BAC7-975FCA2F89D9}"="DirectX for Managed Code"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2907.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{75339C8C-B4BA-463B-BAC7-975FCA2F89D9}"="DirectX for Managed Code"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Jet\4.0\ISAM Formats\Outl*ok 9.0]
"Engine"="Exchange"
"ImportFilter"="Outlook()"
"CanLink"=hex:01
"OneTablePerFile"=hex:00
"IsamType"=dword:00000003
"IndexDialog"=hex:00
"CreateDBOnExport"=hex:00
"SupportsLongNames"=hex:01
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Multimedia\WMPlayer\MIME Types\vide*/x-ogm]
"Extension.Key"=".ogm"
"Extensions.SpaceSep"=".ogm"
"Extensions.CommaSep"="ogm"
"UserApprovedOwning"="yes"
"AlreadyRegistered"="yes"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\Netw*rkCrawler\Objects\WorkgroupCrawler]
"CLSID"="{72b3882f-453a-4633-aac9-8c3dced62aff}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\AFB9*38A1D0589A40F6A95DDC9D82AA7]
"16034BAFBFEF8E641A9569173059BDE5"="c:\\Program Files\\OpenOffice.org 3\\Basis\\share\\fingerprint\\hungarian.lm"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Internet Settings\Allo*edDragImageExts]
@=""
".aif"=dword:00000001
".aifc"=dword:00000001
".aiff"=dword:00000001
".art"=dword:00000001
".asf"=dword:00000001
".asx"=dword:00000001
".au"=dword:00000001
".avi"=dword:00000001
".bm"=dword:00000001
".bmp"=dword:00000001
".dib"=dword:00000001
".dvr-ms"=dword:00000001
".emf"=dword:00000001
".gif"=dword:00000001
".ico"=dword:00000001
".jfif"=dword:00000001
".jpe"=dword:00000001
".jpeg"=dword:00000001
".jpg"=dword:00000001
".m1v"=dword:00000001
".m3u"=dword:00000001
".mid"=dword:00000001
".midi"=dword:00000001
".mp2"=dword:00000001
".mp2v"=dword:00000001
".mp3"=dword:00000001
".mpa"=dword:00000001
".mpe"=dword:00000001
".mpeg"=dword:00000001
".mpg"=dword:00000001
".mpv"=dword:00000001
".mpv2"=dword:00000001
".png"=dword:00000001
".rmi"=dword:00000001
".snd"=dword:00000001
".tif"=dword:00000001
".tiff"=dword:00000001
".wav"=dword:00000001
".wax"=dword:00000001
".wm"=dword:00000001
".wma"=dword:00000001
".wmf"=dword:00000001
".wmp"=dword:00000001
".wmv"=dword:00000001
".wmx"=dword:00000001
".wvx"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_*.dll]
"CheckAppHelp"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\16]
"ServiceName"="{201DC694-EA64-420C-83D2-D4E55A971B18}"
"Description"="VirtualBox Host-Only Ethernet Adapter"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\2]
"ServiceName"="{7C15B241-2BE2-4121-AD0B-AF17FFC3254F}"
"Description"="VIA Rhine II Fast Ethernet Adapter"
.
Celkový čas: 2011-12-20 13:53:52
ComboFix-quarantined-files.txt 2011-12-20 12:53
ComboFix2.txt 2011-12-18 11:32
.
Před spuštěním: Volných bajtů: 23 054 700 544
Po spuštění: Volných bajtů: 23 041 327 104
.
- - End Of File - - CDEA82356CEB8ECC71F74604742FFDEB
omlouvám se ještě jednou tu máte Log ze včerejška znovu ho dělat nechci jelikož je vše stejně jako včera nic sem nestahoval atd...
ComboFix 11-12-19.03 - PC 20.12.2011 13:33:39.2.1 - x86
Spuštěný z: c:\combofix\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-20 do 2011-12-20 )))))))))))))))))))))))))))))))
.
.
2011-12-18 11:46 . 2011-12-18 11:46 -------- d-----w- c:\program files\Defraggler
2011-12-14 15:30 . 2011-12-14 15:30 -------- d-----w- C:\_OTL
2011-12-14 14:26 . 2011-12-14 14:26 512 ----a-w- C:\PhysicalMBR.bin
2011-12-14 00:19 . 2011-12-14 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2011-12-13 15:45 . 2011-12-13 15:45 -------- d-----w- C:\rsit
2011-12-12 13:40 . 2011-12-12 13:44 -------- d-----w- c:\program files\ICQ7.7
2011-12-12 12:05 . 2011-12-12 12:05 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-12-12 11:59 . 2011-08-18 14:25 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-12-12 11:57 . 2011-12-12 11:57 -------- d-----w- c:\program files\Lavasoft
2011-12-12 11:57 . 2011-12-12 11:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2011-12-12 11:36 . 2011-12-12 11:37 -------- d-----w- C:\Adobe 3
2011-12-10 13:55 . 2011-12-10 13:55 -------- d-----w- C:\Counter-Strike 2D
2011-12-06 16:50 . 2011-12-06 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-12-05 19:06 . 2011-12-05 19:06 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Unity
2011-11-26 19:31 . 2011-11-26 19:31 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2011-11-26 19:31 . 2011-11-26 19:31 -------- d-----w- c:\program files\Common Files\Steam
2011-11-26 19:31 . 2011-12-12 13:36 -------- d-----w- c:\program files\Steam
2011-11-21 13:10 . 2011-11-21 13:10 -------- d-----w- c:\program files\Common Files\DirectX
2011-11-21 13:09 . 2011-06-19 17:56 4122968 ----a-w- c:\windows\system32\GameMon.des
2011-11-21 13:08 . 2005-01-03 15:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2011-11-21 13:08 . 2003-07-20 00:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2011-11-21 13:08 . 2011-11-21 13:08 -------- d-----w- c:\program files\Common Files\INCA Shared
2011-11-20 14:16 . 2011-11-20 14:16 -------- d-----w- c:\program files\GamersFirst
2011-11-20 14:06 . 2011-11-20 14:06 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Opera
2011-11-20 14:04 . 2011-12-09 14:59 -------- d-----w- c:\program files\Opera
2011-11-20 13:01 . 2011-11-20 13:01 -------- d-----w- c:\documents and settings\PC\Data aplikací\Garena
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 11:51 . 2011-09-01 16:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-26 12:50 . 2011-10-10 13:40 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-11-23 14:40 . 2008-04-14 05:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-22 18:01 . 2011-09-28 11:06 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2011-11-19 15:44 . 2011-09-10 10:53 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-11-04 19:13 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 19:13 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 11:23 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-14 06:51 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 10:12 . 2011-10-28 10:06 6108 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2011-10-28 10:11 . 2011-10-28 10:11 64020 ----a-w- c:\windows\BricoPackUninst.cmd
2011-10-28 10:11 . 2008-04-14 06:52 219648 ----a-w- c:\windows\system32\uxtheme.dll
2011-10-28 05:32 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 08:06 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2008-04-14 06:07 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-23 10:12 . 2011-09-10 09:14 165232 ---ha-w- c:\documents and settings\PC\Data aplikací\Microsoft\Virtual PC\VPCKeyboard.dll
2011-10-18 11:13 . 2008-04-14 06:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2011-08-31 07:03 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-09 14:34 . 2011-09-09 12:50 436792 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-10-03 14:49 . 2011-10-05 13:09 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-10-03 14:49 . 2011-10-05 13:09 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-10-03 14:49 . 2011-10-03 14:49 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-03 14:49 . 2011-10-03 14:49 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-10-03 14:49 . 2011-10-03 14:49 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-10-03 04:06 . 2011-09-20 16:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37 . 2011-09-20 16:56 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2008-04-14 06:51 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2010-03-18 08:09 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2004-08-18 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-11-13 09:27 . 2011-08-31 22:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
.
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-18_11.28.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-20 06:54 . 2011-12-20 06:54 16384 c:\windows\Temp\Perflib_Perfdata_72c.dat
+ 2011-12-18 11:46 . 2011-12-18 11:46 24064 c:\windows\Installer\886f1.msi
- 2011-12-18 11:03 . 2011-05-25 00:43 15614312 c:\windows\SoftwareDistribution\Download\Install\NDP20SP2-KB2518864-x86.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-18 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-05-04 161328]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"SMART Board Tools"="c:\program files\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784]
Styler.lnk - c:\documents and settings\PC\Data aplikací\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-10-28 15086]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^Registration Driver Parallel Lines.LNK]
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\Registration Driver Parallel Lines.LNK
backup=c:\windows\pss\Registration Driver Parallel Lines.LNKStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 21:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-07-06 17:52 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCGui.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\SMARTSNMPAgent.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCService.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\VantageService.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.7\\ICQ.exe"=
"d:\\Program Files\\Counter-Strike 1.624\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59012:TCP"= 59012:TCP:Pando Media Booster
"59012:UDP"= 59012:UDP:Pando Media Booster
"57545:TCP"= 57545:TCP:Pando Media Booster
"57545:UDP"= 57545:UDP:Pando Media Booster
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528]
R3 cmipci;CMI8738/8768 Audio Driver;c:\windows\system32\drivers\cmipci.sys [2009-09-24 37888]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-06-17 25480]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-08-18 15232]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-19 4122968]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-10-03 104752]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-08-18 64512]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-10-09 436792]
S1 TSKNF900.SYS;TSKNF900.SYS;c:\windows\system32\Drivers\TSKNF900.SYS [2009-04-19 17672]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-10-03 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-10-03 91440]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-12-12 2152152]
S2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\Education Software\UCService.exe [2011-07-13 311664]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-10-03 116016]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 12:04]
.
.
------- Doplňkový sken -------
.
uStart Page =
mStart Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download with Xilisoft YouTube Video Converter - c:\program files\Xilisoft\YouTube Video Converter\upod_link.HTM
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\uu089caj.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-20 13:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32]
"RuntimeVersion"="v1.1.4322"
"Assembly"="mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
"ThreadingModel"="Both"
@="mscoree.dll"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\2.0.0.0]
"RuntimeVersion"="v2.0.50727"
"Assembly"="mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\4.0.0.0]
"RuntimeVersion"="v4.0.30319"
"Assembly"="mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32]
"RuntimeVersion"="v1.0.3705"
"Assembly"="mscorcfg, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
"Class"="Microsoft.CLRAdmin.CWizardPage"
"ThreadingModel"="Both"
@="c:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscormmc.dll"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32\1.0.3300.0]
"RuntimeVersion"="v1.0.3705"
"Assembly"="mscorcfg, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
"Class"="Microsoft.CLRAdmin.CWizardPage"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}\Inpr*cServer32]
@="c:\\Program Files\\Combined Community Codec Pack\\Filters\\FFDShow\\ffdshow.ax"
"ThreadingModel"="Both"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\Inpr*cServer32]
@="c:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\skypeieplugin.dll"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\Inpr*cServer32]
@="c:\\WINDOWS\\system32\\Mscomctl.ocx"
"InprocServer32"=multi:"q9JeFF%`-?&T!$UQ!H?4MsComCtlOcx<\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5FB6957-65E6-491B-BB37-B25C9FE3BEA7}\Inpr*cServer32]
@="c:\\Program Files\\Combined Community Codec Pack\\Filters\\Mpeg2DecFilter.ax"
"ThreadingModel"="Both"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Assemblies\C:|P*ogram Files|Reference Assemblies|Microsoft|Framework|v3.0|PresentationFramework.Classic.dll]
"PresentationFramework.Classic,fileVersion=\"3.0.6920.1427\",culture=\"neutral\",version=\"3.0.0.0\",publicKeyToken=\"31bf3856ad364e35\",processorArchitecture=\"MSIL\""=multi:"i`TI]]zu$6IFqxoJt$?iWPF30_WPF2M_x86_enu_ddf>u%K5@U]U'93jV}mo'D2,\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{29D97D99-2C50-4855-BC74-B3E372DDD602}\Prox*StubClsid32]
@Class="REG_SZ"
@="{C5621364-87CC-4731-8947-929CAE75323E}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2A75C1FD-06B0-3CBB-B467-2545D4D6C865}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2E50547C-A8AA-4f60-B57E-1F414711007B}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{334DF94A-7556-4CBC-8C04-043096B02D82}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{418C5753-9B5F-409F-B67F-C55A65FD54B5}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\Prox*StubClsid32]
@Class="REG_SZ"
@="{777C8A05-5C36-11D5-ABAF-00B0D02332EB}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{7FA2A2C6-276C-3F23-AF2A-800CCD05CFF2}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{82D6B3BF-A633-3B3B-A09E-2363E4B24A41}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{832C16F7-88FA-4D0D-A7F3-E26453C23FC6}\NumM*thods]
@Class="REG_SZ"
@="6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{9A863567-0F37-4D78-92B8-35693624D3ED}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{B0B96BA6-98B6-4CFD-BE70-887893448685}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{C6B4F799-F85B-4661-8E76-E8DE3E97190D}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA6FBD25-933F-4411-9148-4CE1D01BD4E2}\NumM*thods]
@Class="REG_SZ"
@="6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CBE1F78A-31CD-437C-A4F7-EDF38FFB3E44}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D0AD6773-7241-444F-A3A8-7233258713AA}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D17506C2-6B26-11D0-8914-00C04FC2A0CA}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D658392C-E872-11D2-83C2-00C04F8EDCC4}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E341516B-2E32-11D1-9964-00C04FBBB345}\Prox*StubClsid32]
@Class="REG_SZ"
@="{64B8F404-A4AE-11D1-B7B6-00C04FB926AF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EB41E8C5-4442-11D1-8906-00A0C9110049}\Prox*StubClsid]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF638827-FADC-4E96-94DE-82021AD62BA3}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF72D021-2C6D-3E33-9442-574BFD6E0871}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F5F31F14-FDF0-4D29-835A-46ADFE743B78}\NumM*thods]
@Class="REG_SZ"
@="5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F72C8D97-6DBD-11D1-A1E8-00C04FC2FBE1}\Prox*StubClsid32]
@Class="REG_SZ"
@="{B8DA6310-E19B-11D0-933C-00A0C90DCAA9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F938C991-3029-11CF-8C44-00AA006B6814}\Prox*StubClsid32]
@Class="REG_SZ"
@="{92A3A302-DA7C-4A1F-BA7E-1802BB5D2D02}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FD77473D-BE55-438F-9AC8-885F164C67A4}\Prox*StubClsid32]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}]
@="_DPushButtonEvents"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid32]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\TypeLib]
@="{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}"
"Version"="d.4"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew]
@="&Open"
"MUIVerb"="@c:\\WINDOWS\\system32\\ieframe.dll.mui,-5731"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\command]
@="\"c:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" %1"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec]
@="\"file://%1\",,-1,,,,,"
"NoActivateHandler"=""
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Application]
@="IExplore"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\IfExec]
@="*"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Topic]
@="WWW_OpenURLNewWindow"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO]
@="DirectSoundFlangerDMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CLSID]
@="{EFCA3D92-DFD8-4672-A603-7420894BAD98}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CurVer]
@="Microsoft.DirectSoundFlangerDMO.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1]
@="DirectSoundGargleDMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1\CLSID]
@="{DAFD8210-5711-4B91-9FE3-F75B7AE279BF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\MIME\Database\Content Type\vide*/x-flv]
"Extension"=".flv"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1]
@="MSMQEvent Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1\CLSID]
@="{D7D6E07A-DCCD-11d0-AA4B-0060970DEBAE}"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1]
@="Segment funkce datových služeb BDA"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1\CLSID]
@="{334125C0-77E5-11D3-B653-00C04F79498E}"
.
[HKEY_LOCAL_MACHINE\software\Classes\opendocument.ImpressTemplate.1\shell\prin**o\command]
@="\"c:\\Program Files\\OpenOffice.org 3\\program\\soffice.exe\" -pt \"%2\" \"%1\""
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions]
@="Photoshop GalleryOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CLSID]
@="{e77ce1a6-a3bf-4a6d-874a-8eb24fae2c3f}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CurVer]
@="Photoshop.GalleryOptions.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10]
@="Photoshop RawSaveOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10\CLSID]
@="{f23dd8af-d7e0-4633-8baa-4ac879b13092}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10]
@="Photoshop SGIRGBSaveOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10\CLSID]
@="{e3a92d91-d84e-491d-b974-c7b898b64b4c}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Printers\shellex\Prop*rtySheetHandlers\ICM Printer Management]
@="{675F097E-4C4D-11D0-B6C1-0800091AA605}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot]
@="System.EnterpriseServices.Internal.SoapServerVRoot"
.
[HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot\CLSID]
@="{CAA817CC-0C04-4D22-A05C-2B7E162F4E8F}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus]
@="VideoHDCPStatus Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CLSID]
@="{EEF5290C-7F3D-4640-93F2-F189DC616510}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CurVer]
@="Video_TVServer.VideoHDCPStatus.1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\Fusion\References\PresentationBuildTasks, Version=4.0.0.0, Culture=neutral, PublicKeyT*ken=31bf3856ad364e35, processorArchitecture=MSIL\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}"=".NET Framework Redist Setup"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]
"Status"=dword:00000003
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1]
"Scenario"=dword:00000020
"Status"=dword:00000000
"RuntimeVersion"="v2.0.50727"
"ImageList"=hex:06,00,00,00,01,23,5a,22,e1,ae,97,42,bb,72,4d,41,16,29,dd,99,d5,
05,00,00,00,b4,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\2]
"Scenario"=dword:00000020
"Status"=dword:00000003
"RuntimeVersion"="v2.0.50727"
"ImageList"=hex:06,00,00,00,01,ee,a7,bc,c8,d3,56,e3,f2,dc,b4,f3,6d,fc,1c,6b,c0,
05,00,00,00,b4,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]
"Status"=dword:00000003
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\0]
"Scenario"=dword:00000000
"Status"=dword:00000000
"RuntimeVersion"="v4.0.30319"
"ImageList"=hex:30,00,00,00,01,64,72,ee,f5,09,8d,68,2d,9f,e1,ba,98,8f,0e,2a,16,
05,00,00,00,b6,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,46,00,6f,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\1]
"Scenario"=dword:00000000
"Status"=dword:00000002
"RuntimeVersion"="v4.0.30319"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7]
"DisplayName"="System,2.0.0.0,,b77a5c561934e089"
"Status"=dword:00000000
"MVID"=hex:af,39,f6,e6,44,af,02,87,3b,9b,ae,31,9f,2b,fb,13
"ConfigString"=""
"ConfigMask"=dword:00001109
"ILDependencies"=hex:d8,d4,4b,42,de,65,fe,2b,05,00,00,00,02,00,00,00,00,00,00,
00,57,8d,ab,19,f5,0e,ee,70,06,00,00,00,02,00,00,00,00,00,00,00,4f,fe,50,3f,\
"NIDependencies"=hex:c6,38,19,18,c5,e2,50,79,08,00,00,00,02,00,00,00,00,00,00,
00
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7\InvertDependencies]
"110e8ba\\7836ed93\\6"=""
"1b47d045\\7f3aad1e\\5"=""
"3d67735\\6e35940e\\4"=""
"55d78379\\2ffb0c52\\3"=""
"4b875519\\38945df3\\2"=""
"46b91004\\77ccecdd\\1"=""
"70e80e6e\\43fd4348\\d"=""
"53e01c0b\\2d485ce4\\c"=""
"7ac727df\\7b5311d7\\b"=""
"226b2009\\5b43ba09\\a"=""
"6087e565\\1de2335f\\11"=""
"48cbec9d\\30c2c2bf\\18"=""
"3cca06a0\\6dc7d4c0\\17"=""
"42d76e4d\\6a6f846e\\16"=""
"6c9a55d4\\6b2ef2ae\\15"=""
"73320ae2\\5643f3bb\\14"=""
"61e7e666\\c991064\\13"=""
"6faf58\\19ab8d57\\12"=""
"5764ec77\\51be0150\\19"=""
"2a8ab4f5\\364a4dcf\\20"=""
"476b8f1d\\6b98653e\\1b"=""
"4c7ba6e4\\70134b7d\\1a"=""
"212ef70c\\627678ca\\28"=""
"7dfaa0d2\\79080a91\\27"=""
"561175dc\\1878c7bb\\26"=""
"77a2835c\\36d9491a\\25"=""
"3b9d4dd3\\7cae3392\\24"=""
"3cf7117f\\34bfbdd7\\22"=""
"408b62a\\5e394295\\29"=""
"20327a6b\\730776a9\\2f"=""
"70e0fcf4\\22b71a50\\2e"=""
"673eaac0\\41f1f143\\2b"=""
"573eb423\\16fa6aa6\\31"=""
"634c2e69\\474c21c8\\38"=""
"69656b97\\2b81e88b\\37"=""
"1865da81\\15379461\\35"=""
"2a7f0223\\919b802\\34"=""
"378d4dc7\\2e3eefa8\\33"=""
"2219f480\\224c3261\\32"=""
"4f1555b2\\35df3f71\\39"=""
"1320606e\\51bbe64e\\40"=""
"5044d811\\39d851f1\\3f"=""
"1e7178c9\\62af46e3\\3e"=""
"159a66b8\\424bd4d8\\3b"=""
"640d09ef\\75638fee\\3a"=""
"6f06001f\\475dce40\\41"=""
"5510f47d\\78e5f298\\47"=""
"4d8855e2\\614f9804\\46"=""
"58052d2f\\19693f50\\44"=""
"1734f8c5\\5094d6df\\43"=""
"3c0e944b\\5668366c\\42"=""
"6666f4a8\\4fc542c4\\49"=""
"1c22df2f\\4f99a7c9\\50"=""
"505c41c7\\18407c1\\4f"=""
"429b0dd8\\4c76ceeb\\4d"=""
"740e747\\712ad40\\4c"=""
"4eb53aa8\\7fc0fca1\\4b"=""
"6fe67a05\\7c66cbfe\\4a"=""
"46549924\\6a90ef1c\\51"=""
"6960d6d7\\79f4e0d0\\58"=""
"774c02ca\\5f5ec0c2\\57"=""
"64be1fa4\\3ced59c5\\56"=""
"340dcf4c\\3a6a696d\\55"=""
"4f0ed0af\\7a0f7aa7\\54"=""
"f3eb9d9\\2e829ffb\\53"=""
"57d4b1bf\\85e83df\\52"=""
"5132fda3\\7665d79c\\59"=""
"7f0603e4\\73843e06\\60"=""
"5a8de2c3\\2b1a4e4\\5e"=""
"db950d6\\141dfd70\\5d"=""
"7548b7e5\\36d1a880\\5c"=""
"7b7b125f\\2f57887a\\5b"=""
"2a3a6b59\\1a4f246d\\5a"=""
"5fcea75a\\3c9c8d7b\\61"=""
"6eae2d34\\3b249b34\\68"=""
"7fe99dd6\\24bf93f6\\67"=""
"6a686da6\\652572bb\\66"=""
"79a57d4e\\6dd86662\\65"=""
"361f692e\\5b2d242\\64"=""
"3522e5b1\\622ac2c4\\63"=""
"22819cfd\\5a64a10\\62"=""
"439b21dc\\8d013d6\\69"=""
"12bcedd0\\54280fca\\70"=""
"481e243f\\392c4553\\6f"=""
"7367db5c\\4fd4b97d\\6e"=""
"1afb76b9\\aa460d9\\6d"=""
"72522657\\2b351479\\6c"=""
"5fddae7d\\30b32757\\6a"=""
"1dbe171c\\2c6993f6\\71"=""
"4aab34c8\\27aa01a1\\78"=""
"38587ddc\\2089aaf0\\77"=""
"298818d6\\6c1422cf\\76"=""
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v4.0.30319_32\NI\44ec6d48\74c9*6c5\1c]
"DisplayName"="System.Xaml,4.0.0.0,,b77a5c561934e089"
"Status"=dword:00000000
"MVID"=hex:41,85,13,0e,da,1d,7a,5e,0e,04,74,e7,23,43,57,0b
"ConfigString"=""
"ConfigMask"=dword:00001109
"ILDependencies"=hex:d5,74,f4,34,3f,6f,24,65,06,00,00,00,04,00,00,00,00,00,00,
00,d5,74,f4,34,3f,6f,24,65,06,00,00,00,04,00,00,00,00,00,00,00,c5,f6,c9,74,\
"NIDependencies"=hex:c6,38,19,18,42,ca,99,14,08,00,00,00,04,00,00,00,00,00,00,
00,4f,7c,bc,30,cd,e5,99,5a,07,00,00,00,04,00,00,00,00,00,00,00,4f,7c,bc,30,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2902.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{75339C8C-B4BA-463B-BAC7-975FCA2F89D9}"="DirectX for Managed Code"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2907.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{75339C8C-B4BA-463B-BAC7-975FCA2F89D9}"="DirectX for Managed Code"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Jet\4.0\ISAM Formats\Outl*ok 9.0]
"Engine"="Exchange"
"ImportFilter"="Outlook()"
"CanLink"=hex:01
"OneTablePerFile"=hex:00
"IsamType"=dword:00000003
"IndexDialog"=hex:00
"CreateDBOnExport"=hex:00
"SupportsLongNames"=hex:01
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Multimedia\WMPlayer\MIME Types\vide*/x-ogm]
"Extension.Key"=".ogm"
"Extensions.SpaceSep"=".ogm"
"Extensions.CommaSep"="ogm"
"UserApprovedOwning"="yes"
"AlreadyRegistered"="yes"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\Netw*rkCrawler\Objects\WorkgroupCrawler]
"CLSID"="{72b3882f-453a-4633-aac9-8c3dced62aff}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\AFB9*38A1D0589A40F6A95DDC9D82AA7]
"16034BAFBFEF8E641A9569173059BDE5"="c:\\Program Files\\OpenOffice.org 3\\Basis\\share\\fingerprint\\hungarian.lm"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Internet Settings\Allo*edDragImageExts]
@=""
".aif"=dword:00000001
".aifc"=dword:00000001
".aiff"=dword:00000001
".art"=dword:00000001
".asf"=dword:00000001
".asx"=dword:00000001
".au"=dword:00000001
".avi"=dword:00000001
".bm"=dword:00000001
".bmp"=dword:00000001
".dib"=dword:00000001
".dvr-ms"=dword:00000001
".emf"=dword:00000001
".gif"=dword:00000001
".ico"=dword:00000001
".jfif"=dword:00000001
".jpe"=dword:00000001
".jpeg"=dword:00000001
".jpg"=dword:00000001
".m1v"=dword:00000001
".m3u"=dword:00000001
".mid"=dword:00000001
".midi"=dword:00000001
".mp2"=dword:00000001
".mp2v"=dword:00000001
".mp3"=dword:00000001
".mpa"=dword:00000001
".mpe"=dword:00000001
".mpeg"=dword:00000001
".mpg"=dword:00000001
".mpv"=dword:00000001
".mpv2"=dword:00000001
".png"=dword:00000001
".rmi"=dword:00000001
".snd"=dword:00000001
".tif"=dword:00000001
".tiff"=dword:00000001
".wav"=dword:00000001
".wax"=dword:00000001
".wm"=dword:00000001
".wma"=dword:00000001
".wmf"=dword:00000001
".wmp"=dword:00000001
".wmv"=dword:00000001
".wmx"=dword:00000001
".wvx"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_*.dll]
"CheckAppHelp"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\16]
"ServiceName"="{201DC694-EA64-420C-83D2-D4E55A971B18}"
"Description"="VirtualBox Host-Only Ethernet Adapter"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\2]
"ServiceName"="{7C15B241-2BE2-4121-AD0B-AF17FFC3254F}"
"Description"="VIA Rhine II Fast Ethernet Adapter"
.
Celkový čas: 2011-12-20 13:53:52
ComboFix-quarantined-files.txt 2011-12-20 12:53
ComboFix2.txt 2011-12-18 11:32
.
Před spuštěním: Volných bajtů: 23 054 700 544
Po spuštění: Volných bajtů: 23 041 327 104
.
- - End Of File - - CDEA82356CEB8ECC71F74604742FFDEB
Re: 100 % Procesor u všeho
Napsal: 22 pro 2011 16:22
Jinak omlouvám se že není dnešní ale včerejší
Re: 100 % Procesor u všeho
Napsal: 22 pro 2011 20:01
No nic radši LOCK jelikož to nemá cenu nikdo nic nenapíše
Re: 100 % Procesor u všeho
Napsal: 22 pro 2011 20:01
Chápu že tu nejsem jen já ale když se podívam tak ste se koukaly na můj Topic a najednou nic a píšete jinde tak pokud nevíte co s tim tak napište díky
Re: 100 % Procesor u všeho
Napsal: 22 pro 2011 20:09
takže buď si počkej na svého řešitele, nebo se řiď jeho radouvyosek píše:Zdravim a pekny vecer preji
Uvedomte si prosim, ze jsme na foru, kde jsou radci ve svem volnem case a zdarma, pokud jste potreboval urgentni reseni, mel jste se obratit na specializovane servisy, kde jsou technici placeni a resi problemy ihned.
Re: 100 % Procesor u všeho
Napsal: 22 pro 2011 21:24
Jak bylo zmineno, nejsme tu porad a jak psal kolega, pokud se Vam to nelibi, nikdo Vas tu nenuti byt, tlacitko "Odhlasit se" je vlevo nahore.
Pres den jsem sem jen nakoukl z prace a nemel jsem cas a klid lustit log, proto jsem se do nej nepoustel...
Pokud chcete, zde je dalsi postup:
Pokud nemate, tak presunte Combofix na plochu
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
Pres den jsem sem jen nakoukl z prace a nemel jsem cas a klid lustit log, proto jsem se do nej nepoustel...
Pokud chcete, zde je dalsi postup:
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: RegLock:: [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_*.dll] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\16] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\2] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Internet Settings\Allo*edDragImageExts] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\AFB9*38A1D0589A40F6A95DDC9D82AA7] [HKEY_LOCAL_MACHINE\software\Microsoft\Multimedia\WMPlayer\MIME Types\vide*/x-ogm] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\Netw*rkCrawler\Objects\WorkgroupCrawler] [HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v4.0.30319_32\NI\44ec6d48\74c9*6c5\1c] [HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2902.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}] [HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2907.0, Culture=neutral, [HKEY_LOCAL_MACHINE\software\Microsoft\Jet\4.0\ISAM Formats\Outl*ok 9.0] [HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7\InvertDependencies] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\2.0.0.0] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\4.0.0.0] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32\1.0.3300.0] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}\Inpr*cServer32] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\Inpr*cServer32] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\Inpr*cServer32] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5FB6957-65E6-491B-BB37-B25C9FE3BEA7}\Inpr*cServer32] [HKEY_LOCAL_MACHINE\software\Classes\Installer\Assemblies\C:|P*ogram Files|Reference Assemblies|Microsoft|Framework|v3.0|PresentationFramework.Classic.dll] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{29D97D99-2C50-4855-BC74-B3E372DDD602}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{2A75C1FD-06B0-3CBB-B467-2545D4D6C865}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{2E50547C-A8AA-4f60-B57E-1F414711007B}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{334DF94A-7556-4CBC-8C04-043096B02D82}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{418C5753-9B5F-409F-B67F-C55A65FD54B5}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{7FA2A2C6-276C-3F23-AF2A-800CCD05CFF2}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{82D6B3BF-A633-3B3B-A09E-2363E4B24A41}\Prox*StubClsid] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{832C16F7-88FA-4D0D-A7F3-E26453C23FC6}\NumM*thods] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{9A863567-0F37-4D78-92B8-35693624D3ED}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{B0B96BA6-98B6-4CFD-BE70-887893448685}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{C6B4F799-F85B-4661-8E76-E8DE3E97190D}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA6FBD25-933F-4411-9148-4CE1D01BD4E2}\NumM*thods] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{CBE1F78A-31CD-437C-A4F7-EDF38FFB3E44}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{D0AD6773-7241-444F-A3A8-7233258713AA}\Prox*StubClsid] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{D17506C2-6B26-11D0-8914-00C04FC2A0CA}\Prox*StubClsid] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{D658392C-E872-11D2-83C2-00C04F8EDCC4}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E341516B-2E32-11D1-9964-00C04FBBB345}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{EB41E8C5-4442-11D1-8906-00A0C9110049}\Prox*StubClsid] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF638827-FADC-4E96-94DE-82021AD62BA3}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF72D021-2C6D-3E33-9442-574BFD6E0871}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{F5F31F14-FDF0-4D29-835A-46ADFE743B78}\NumM*thods] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{F72C8D97-6DBD-11D1-A1E8-00C04FC2FBE1}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{F938C991-3029-11CF-8C44-00AA006B6814}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{FD77473D-BE55-438F-9AC8-885F164C67A4}\Prox*StubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\TypeLib] [HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew] [HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\command] [HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec] [HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Application] [HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\IfExec] [HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Topic] [HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO] [HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CurVer] [HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1] [HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\MIME\Database\Content Type\vide*/x-flv] [HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1] [HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1] [HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\opendocument.ImpressTemplate.1\shell\prin**o\command] [HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions] [HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CurVer] [HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10] [HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10] [HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\Printers\shellex\Prop*rtySheetHandlers\ICM Printer Management] [HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot] [HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus] [HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CLSID] [HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CurVer] [HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\Fusion\References\PresentationBuildTasks, Version=4.0.0.0, Culture=neutral, PublicKeyT*ken=31bf3856ad364e35, processorArchitecture=MSIL\{2EC93463-B0C3-45E1-8364-327E96AEA856}] [HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a] [HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1] [HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\2] [HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, [HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\0] [HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, [HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7] Firefox:: FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\uu089caj.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - File:: c:\windows\Tasks\Ad-Aware Update (Weekly).job Driver:: XDva390 Registry:: [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000000 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"=- "NeroFilterCheck"=- Restore:: c:\windows\system32\drivers\tcpip.sys c:\windows\system32\wuauclt.exe c:\windows\explorer.exe c:\windows\regedit.exe ClearJavaCache:: AtJob:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraciRe: 100 % Procesor u všeho
Napsal: 27 pro 2011 16:01
Vše provedeno podle návodu tu je LOG :
ComboFix 11-12-26.03 - PC 27.12.2011 15:36:06.3.1 - x86
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PC\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Ad-Aware Update (Weekly).job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\explorer.exe . . . je infikován!!
.
c:\windows\regedit.exe . . . je infikován!!
.
Nakažená kopie c:\windows\system32\drivers\tcpip.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
.
c:\windows\system32\wuauclt.exe . . . je infikován!!
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA390
-------\Service_XDva390
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-27 do 2011-12-27 )))))))))))))))))))))))))))))))
.
.
2011-12-22 18:32 . 2011-12-22 18:32 -------- d-----w- c:\program files\iWEB Studio
2011-12-22 18:32 . 2011-12-22 18:32 796672 ----a-w- c:\windows\GPInstall.exe
2011-12-21 09:23 . 2011-12-21 09:23 -------- d-----w- c:\documents and settings\LocalService\Plocha
2011-12-20 16:15 . 2011-12-20 16:18 -------- d-----w- c:\documents and settings\PC\Data aplikací\PhotoFiltre
2011-12-20 16:14 . 2011-12-20 16:14 -------- d-----w- c:\program files\PhotoFiltre
2011-12-18 11:46 . 2011-12-18 11:46 -------- d-----w- c:\program files\Defraggler
2011-12-14 15:30 . 2011-12-14 15:30 -------- d-----w- C:\_OTL
2011-12-14 14:26 . 2011-12-14 14:26 512 ----a-w- C:\PhysicalMBR.bin
2011-12-14 00:19 . 2011-12-14 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2011-12-13 15:45 . 2011-12-13 15:45 -------- d-----w- C:\rsit
2011-12-12 13:40 . 2011-12-12 13:44 -------- d-----w- c:\program files\ICQ7.7
2011-12-12 12:05 . 2011-12-12 12:05 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-12-12 11:59 . 2011-08-18 14:25 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-12-12 11:57 . 2011-12-12 11:57 -------- d-----w- c:\program files\Lavasoft
2011-12-12 11:57 . 2011-12-12 11:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2011-12-12 11:36 . 2011-12-12 11:37 -------- d-----w- C:\Adobe 3
2011-12-10 13:55 . 2011-12-10 13:55 -------- d-----w- C:\Counter-Strike 2D
2011-12-06 16:50 . 2011-12-06 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-12-05 19:06 . 2011-12-05 19:06 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Unity
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 11:51 . 2011-09-01 16:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-26 12:50 . 2011-10-10 13:40 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-11-23 14:40 . 2008-04-14 05:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-22 18:01 . 2011-09-28 11:06 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2011-11-19 15:44 . 2011-09-10 10:53 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-11-04 19:13 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 19:13 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 11:23 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-14 06:51 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 10:12 . 2011-10-28 10:06 6108 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2011-10-28 10:11 . 2011-10-28 10:11 64020 ----a-w- c:\windows\BricoPackUninst.cmd
2011-10-28 10:11 . 2008-04-14 06:52 219648 ----a-w- c:\windows\system32\uxtheme.dll
2011-10-28 05:32 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 08:06 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2008-04-14 06:07 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-23 10:12 . 2011-09-10 09:14 165232 ---ha-w- c:\documents and settings\PC\Data aplikací\Microsoft\Virtual PC\VPCKeyboard.dll
2011-10-18 11:13 . 2008-04-14 06:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2011-08-31 07:03 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-09 14:34 . 2011-09-09 12:50 436792 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-10-03 14:49 . 2011-10-05 13:09 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-10-03 14:49 . 2011-10-05 13:09 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-10-03 14:49 . 2011-10-03 14:49 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-03 14:49 . 2011-10-03 14:49 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-10-03 14:49 . 2011-10-03 14:49 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-10-03 04:06 . 2011-09-20 16:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37 . 2011-09-20 16:56 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-13 09:27 . 2011-08-31 22:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
.
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-18_11.28.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-27 14:51 . 2011-12-27 14:51 16384 c:\windows\temp\Perflib_Perfdata_754.dat
+ 2011-12-20 18:12 . 2011-12-22 06:32 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2011-08-31 07:10 . 2011-12-13 15:12 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-08-31 07:10 . 2011-12-22 06:32 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2011-08-31 07:10 . 2011-12-13 15:12 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-20 18:12 . 2011-12-22 06:32 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-18 11:46 . 2011-12-18 11:46 24064 c:\windows\Installer\886f1.msi
- 2009-09-27 17:01 . 2008-06-20 11:51 361600 c:\windows\system32\drivers\tcpip.sys
+ 2009-09-27 17:01 . 2008-06-20 11:59 361600 c:\windows\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"SMART Board Tools"="c:\program files\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784]
Styler.lnk - c:\documents and settings\PC\Data aplikací\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-10-28 15086]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^Registration Driver Parallel Lines.LNK]
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\Registration Driver Parallel Lines.LNK
backup=c:\windows\pss\Registration Driver Parallel Lines.LNKStartup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCGui.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\SMARTSNMPAgent.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCService.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\VantageService.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.7\\ICQ.exe"=
"d:\\Program Files\\Counter-Strike 1.624\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59012:TCP"= 59012:TCP:Pando Media Booster
"59012:UDP"= 59012:UDP:Pando Media Booster
"57545:TCP"= 57545:TCP:Pando Media Booster
"57545:UDP"= 57545:UDP:Pando Media Booster
.
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528]
R3 cmipci;CMI8738/8768 Audio Driver;c:\windows\system32\drivers\cmipci.sys [2009-09-24 37888]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-06-17 25480]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-08-18 15232]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-19 4122968]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-10-03 104752]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-08-18 64512]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-10-09 436792]
S1 TSKNF900.SYS;TSKNF900.SYS;c:\windows\system32\Drivers\TSKNF900.SYS [2009-04-19 17672]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-10-03 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-10-03 91440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-12-12 2152152]
S2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\Education Software\UCService.exe [2011-07-13 311664]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-10-03 116016]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 12:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com?o=10148&l=dis
mStart Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download with Xilisoft YouTube Video Converter - c:\program files\Xilisoft\YouTube Video Converter\upod_link.HTM
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\uu089caj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-27 15:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32]
"RuntimeVersion"="v1.1.4322"
"Assembly"="mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
"ThreadingModel"="Both"
@="mscoree.dll"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\2.0.0.0]
"RuntimeVersion"="v2.0.50727"
"Assembly"="mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\4.0.0.0]
"RuntimeVersion"="v4.0.30319"
"Assembly"="mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32]
"RuntimeVersion"="v1.0.3705"
"Assembly"="mscorcfg, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
"Class"="Microsoft.CLRAdmin.CWizardPage"
"ThreadingModel"="Both"
@="c:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscormmc.dll"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32\1.0.3300.0]
"RuntimeVersion"="v1.0.3705"
"Assembly"="mscorcfg, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
"Class"="Microsoft.CLRAdmin.CWizardPage"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}\Inpr*cServer32]
@="c:\\Program Files\\Combined Community Codec Pack\\Filters\\FFDShow\\ffdshow.ax"
"ThreadingModel"="Both"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\Inpr*cServer32]
@="c:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\skypeieplugin.dll"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\Inpr*cServer32]
@="c:\\WINDOWS\\system32\\Mscomctl.ocx"
"InprocServer32"=multi:"q9JeFF%`-?&T!$UQ!H?4MsComCtlOcx<\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5FB6957-65E6-491B-BB37-B25C9FE3BEA7}\Inpr*cServer32]
@="c:\\Program Files\\Combined Community Codec Pack\\Filters\\Mpeg2DecFilter.ax"
"ThreadingModel"="Both"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Assemblies\C:|P*ogram Files|Reference Assemblies|Microsoft|Framework|v3.0|PresentationFramework.Classic.dll]
"PresentationFramework.Classic,fileVersion=\"3.0.6920.1427\",culture=\"neutral\",version=\"3.0.0.0\",publicKeyToken=\"31bf3856ad364e35\",processorArchitecture=\"MSIL\""=multi:"i`TI]]zu$6IFqxoJt$?iWPF30_WPF2M_x86_enu_ddf>u%K5@U]U'93jV}mo'D2,\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{29D97D99-2C50-4855-BC74-B3E372DDD602}\Prox*StubClsid32]
@Class="REG_SZ"
@="{C5621364-87CC-4731-8947-929CAE75323E}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2A75C1FD-06B0-3CBB-B467-2545D4D6C865}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2E50547C-A8AA-4f60-B57E-1F414711007B}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{334DF94A-7556-4CBC-8C04-043096B02D82}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{418C5753-9B5F-409F-B67F-C55A65FD54B5}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\Prox*StubClsid32]
@Class="REG_SZ"
@="{777C8A05-5C36-11D5-ABAF-00B0D02332EB}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{7FA2A2C6-276C-3F23-AF2A-800CCD05CFF2}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{82D6B3BF-A633-3B3B-A09E-2363E4B24A41}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{832C16F7-88FA-4D0D-A7F3-E26453C23FC6}\NumM*thods]
@Class="REG_SZ"
@="6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{9A863567-0F37-4D78-92B8-35693624D3ED}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{B0B96BA6-98B6-4CFD-BE70-887893448685}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{C6B4F799-F85B-4661-8E76-E8DE3E97190D}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA6FBD25-933F-4411-9148-4CE1D01BD4E2}\NumM*thods]
@Class="REG_SZ"
@="6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CBE1F78A-31CD-437C-A4F7-EDF38FFB3E44}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D0AD6773-7241-444F-A3A8-7233258713AA}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D17506C2-6B26-11D0-8914-00C04FC2A0CA}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D658392C-E872-11D2-83C2-00C04F8EDCC4}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E341516B-2E32-11D1-9964-00C04FBBB345}\Prox*StubClsid32]
@Class="REG_SZ"
@="{64B8F404-A4AE-11D1-B7B6-00C04FB926AF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EB41E8C5-4442-11D1-8906-00A0C9110049}\Prox*StubClsid]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF638827-FADC-4E96-94DE-82021AD62BA3}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF72D021-2C6D-3E33-9442-574BFD6E0871}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F5F31F14-FDF0-4D29-835A-46ADFE743B78}\NumM*thods]
@Class="REG_SZ"
@="5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F72C8D97-6DBD-11D1-A1E8-00C04FC2FBE1}\Prox*StubClsid32]
@Class="REG_SZ"
@="{B8DA6310-E19B-11D0-933C-00A0C90DCAA9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F938C991-3029-11CF-8C44-00AA006B6814}\Prox*StubClsid32]
@Class="REG_SZ"
@="{92A3A302-DA7C-4A1F-BA7E-1802BB5D2D02}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FD77473D-BE55-438F-9AC8-885F164C67A4}\Prox*StubClsid32]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}]
@="_DPushButtonEvents"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid32]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\TypeLib]
@="{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}"
"Version"="d.4"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew]
@="&Open"
"MUIVerb"="@c:\\WINDOWS\\system32\\ieframe.dll.mui,-5731"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\command]
@="\"c:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" %1"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec]
@="\"file://%1\",,-1,,,,,"
"NoActivateHandler"=""
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Application]
@="IExplore"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\IfExec]
@="*"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Topic]
@="WWW_OpenURLNewWindow"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO]
@="DirectSoundFlangerDMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CLSID]
@="{EFCA3D92-DFD8-4672-A603-7420894BAD98}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CurVer]
@="Microsoft.DirectSoundFlangerDMO.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1]
@="DirectSoundGargleDMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1\CLSID]
@="{DAFD8210-5711-4B91-9FE3-F75B7AE279BF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\MIME\Database\Content Type\vide*/x-flv]
"Extension"=".flv"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1]
@="MSMQEvent Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1\CLSID]
@="{D7D6E07A-DCCD-11d0-AA4B-0060970DEBAE}"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1]
@="Segment funkce datových služeb BDA"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1\CLSID]
@="{334125C0-77E5-11D3-B653-00C04F79498E}"
.
[HKEY_LOCAL_MACHINE\software\Classes\opendocument.ImpressTemplate.1\shell\prin**o\command]
@="\"c:\\Program Files\\OpenOffice.org 3\\program\\soffice.exe\" -pt \"%2\" \"%1\""
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions]
@="Photoshop GalleryOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CLSID]
@="{e77ce1a6-a3bf-4a6d-874a-8eb24fae2c3f}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CurVer]
@="Photoshop.GalleryOptions.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10]
@="Photoshop RawSaveOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10\CLSID]
@="{f23dd8af-d7e0-4633-8baa-4ac879b13092}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10]
@="Photoshop SGIRGBSaveOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10\CLSID]
@="{e3a92d91-d84e-491d-b974-c7b898b64b4c}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Printers\shellex\Prop*rtySheetHandlers\ICM Printer Management]
@="{675F097E-4C4D-11D0-B6C1-0800091AA605}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot]
@="System.EnterpriseServices.Internal.SoapServerVRoot"
.
[HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot\CLSID]
@="{CAA817CC-0C04-4D22-A05C-2B7E162F4E8F}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus]
@="VideoHDCPStatus Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CLSID]
@="{EEF5290C-7F3D-4640-93F2-F189DC616510}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CurVer]
@="Video_TVServer.VideoHDCPStatus.1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\Fusion\References\PresentationBuildTasks, Version=4.0.0.0, Culture=neutral, PublicKeyT*ken=31bf3856ad364e35, processorArchitecture=MSIL\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}"=".NET Framework Redist Setup"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]
"Status"=dword:00000003
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1]
"Scenario"=dword:00000020
"Status"=dword:00000000
"RuntimeVersion"="v2.0.50727"
"ImageList"=hex:06,00,00,00,01,23,5a,22,e1,ae,97,42,bb,72,4d,41,16,29,dd,99,d5,
05,00,00,00,b4,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\2]
"Scenario"=dword:00000020
"Status"=dword:00000003
"RuntimeVersion"="v2.0.50727"
"ImageList"=hex:06,00,00,00,01,ee,a7,bc,c8,d3,56,e3,f2,dc,b4,f3,6d,fc,1c,6b,c0,
05,00,00,00,b4,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]
"Status"=dword:00000003
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\0]
"Scenario"=dword:00000000
"Status"=dword:00000000
"RuntimeVersion"="v4.0.30319"
"ImageList"=hex:30,00,00,00,01,64,72,ee,f5,09,8d,68,2d,9f,e1,ba,98,8f,0e,2a,16,
05,00,00,00,b6,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,46,00,6f,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\1]
"Scenario"=dword:00000000
"Status"=dword:00000002
"RuntimeVersion"="v4.0.30319"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7]
"DisplayName"="System,2.0.0.0,,b77a5c561934e089"
"Status"=dword:00000000
"MVID"=hex:af,39,f6,e6,44,af,02,87,3b,9b,ae,31,9f,2b,fb,13
"ConfigString"=""
"ConfigMask"=dword:00001109
"ILDependencies"=hex:d8,d4,4b,42,de,65,fe,2b,05,00,00,00,02,00,00,00,00,00,00,
00,57,8d,ab,19,f5,0e,ee,70,06,00,00,00,02,00,00,00,00,00,00,00,4f,fe,50,3f,\
"NIDependencies"=hex:c6,38,19,18,c5,e2,50,79,08,00,00,00,02,00,00,00,00,00,00,
00
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7\InvertDependencies]
"110e8ba\\7836ed93\\6"=""
"1b47d045\\7f3aad1e\\5"=""
"3d67735\\6e35940e\\4"=""
"55d78379\\2ffb0c52\\3"=""
"4b875519\\38945df3\\2"=""
"46b91004\\77ccecdd\\1"=""
"70e80e6e\\43fd4348\\d"=""
"53e01c0b\\2d485ce4\\c"=""
"7ac727df\\7b5311d7\\b"=""
"226b2009\\5b43ba09\\a"=""
"6087e565\\1de2335f\\11"=""
"48cbec9d\\30c2c2bf\\18"=""
"3cca06a0\\6dc7d4c0\\17"=""
"42d76e4d\\6a6f846e\\16"=""
"6c9a55d4\\6b2ef2ae\\15"=""
"73320ae2\\5643f3bb\\14"=""
"61e7e666\\c991064\\13"=""
"6faf58\\19ab8d57\\12"=""
"5764ec77\\51be0150\\19"=""
"2a8ab4f5\\364a4dcf\\20"=""
"476b8f1d\\6b98653e\\1b"=""
"4c7ba6e4\\70134b7d\\1a"=""
"212ef70c\\627678ca\\28"=""
"7dfaa0d2\\79080a91\\27"=""
"561175dc\\1878c7bb\\26"=""
"77a2835c\\36d9491a\\25"=""
"3b9d4dd3\\7cae3392\\24"=""
"3cf7117f\\34bfbdd7\\22"=""
"408b62a\\5e394295\\29"=""
"20327a6b\\730776a9\\2f"=""
"70e0fcf4\\22b71a50\\2e"=""
"673eaac0\\41f1f143\\2b"=""
"573eb423\\16fa6aa6\\31"=""
"634c2e69\\474c21c8\\38"=""
"69656b97\\2b81e88b\\37"=""
"1865da81\\15379461\\35"=""
"2a7f0223\\919b802\\34"=""
"378d4dc7\\2e3eefa8\\33"=""
"2219f480\\224c3261\\32"=""
"4f1555b2\\35df3f71\\39"=""
"1320606e\\51bbe64e\\40"=""
"5044d811\\39d851f1\\3f"=""
"1e7178c9\\62af46e3\\3e"=""
"159a66b8\\424bd4d8\\3b"=""
"640d09ef\\75638fee\\3a"=""
"6f06001f\\475dce40\\41"=""
"5510f47d\\78e5f298\\47"=""
"4d8855e2\\614f9804\\46"=""
"58052d2f\\19693f50\\44"=""
"1734f8c5\\5094d6df\\43"=""
"3c0e944b\\5668366c\\42"=""
"6666f4a8\\4fc542c4\\49"=""
"1c22df2f\\4f99a7c9\\50"=""
"505c41c7\\18407c1\\4f"=""
"429b0dd8\\4c76ceeb\\4d"=""
"740e747\\712ad40\\4c"=""
"4eb53aa8\\7fc0fca1\\4b"=""
"6fe67a05\\7c66cbfe\\4a"=""
"46549924\\6a90ef1c\\51"=""
"6960d6d7\\79f4e0d0\\58"=""
"774c02ca\\5f5ec0c2\\57"=""
"64be1fa4\\3ced59c5\\56"=""
"340dcf4c\\3a6a696d\\55"=""
"4f0ed0af\\7a0f7aa7\\54"=""
"f3eb9d9\\2e829ffb\\53"=""
"57d4b1bf\\85e83df\\52"=""
"5132fda3\\7665d79c\\59"=""
"7f0603e4\\73843e06\\60"=""
"5a8de2c3\\2b1a4e4\\5e"=""
"db950d6\\141dfd70\\5d"=""
"7548b7e5\\36d1a880\\5c"=""
"7b7b125f\\2f57887a\\5b"=""
"2a3a6b59\\1a4f246d\\5a"=""
"5fcea75a\\3c9c8d7b\\61"=""
"6eae2d34\\3b249b34\\68"=""
"7fe99dd6\\24bf93f6\\67"=""
"6a686da6\\652572bb\\66"=""
"79a57d4e\\6dd86662\\65"=""
"361f692e\\5b2d242\\64"=""
"3522e5b1\\622ac2c4\\63"=""
"22819cfd\\5a64a10\\62"=""
"439b21dc\\8d013d6\\69"=""
"12bcedd0\\54280fca\\70"=""
"481e243f\\392c4553\\6f"=""
"7367db5c\\4fd4b97d\\6e"=""
"1afb76b9\\aa460d9\\6d"=""
"72522657\\2b351479\\6c"=""
"5fddae7d\\30b32757\\6a"=""
"1dbe171c\\2c6993f6\\71"=""
"4aab34c8\\27aa01a1\\78"=""
"38587ddc\\2089aaf0\\77"=""
"298818d6\\6c1422cf\\76"=""
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v4.0.30319_32\NI\44ec6d48\74c9*6c5\1c]
"DisplayName"="System.Xaml,4.0.0.0,,b77a5c561934e089"
"Status"=dword:00000000
"MVID"=hex:41,85,13,0e,da,1d,7a,5e,0e,04,74,e7,23,43,57,0b
"ConfigString"=""
"ConfigMask"=dword:00001109
"ILDependencies"=hex:d5,74,f4,34,3f,6f,24,65,06,00,00,00,04,00,00,00,00,00,00,
00,d5,74,f4,34,3f,6f,24,65,06,00,00,00,04,00,00,00,00,00,00,00,c5,f6,c9,74,\
"NIDependencies"=hex:c6,38,19,18,42,ca,99,14,08,00,00,00,04,00,00,00,00,00,00,
00,4f,7c,bc,30,cd,e5,99,5a,07,00,00,00,04,00,00,00,00,00,00,00,4f,7c,bc,30,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2902.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{75339C8C-B4BA-463B-BAC7-975FCA2F89D9}"="DirectX for Managed Code"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2907.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{75339C8C-B4BA-463B-BAC7-975FCA2F89D9}"="DirectX for Managed Code"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Jet\4.0\ISAM Formats\Outl*ok 9.0]
"Engine"="Exchange"
"ImportFilter"="Outlook()"
"CanLink"=hex:01
"OneTablePerFile"=hex:00
"IsamType"=dword:00000003
"IndexDialog"=hex:00
"CreateDBOnExport"=hex:00
"SupportsLongNames"=hex:01
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Multimedia\WMPlayer\MIME Types\vide*/x-ogm]
"Extension.Key"=".ogm"
"Extensions.SpaceSep"=".ogm"
"Extensions.CommaSep"="ogm"
"UserApprovedOwning"="yes"
"AlreadyRegistered"="yes"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\Netw*rkCrawler\Objects\WorkgroupCrawler]
"CLSID"="{72b3882f-453a-4633-aac9-8c3dced62aff}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\AFB9*38A1D0589A40F6A95DDC9D82AA7]
"16034BAFBFEF8E641A9569173059BDE5"="c:\\Program Files\\OpenOffice.org 3\\Basis\\share\\fingerprint\\hungarian.lm"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Internet Settings\Allo*edDragImageExts]
@=""
".aif"=dword:00000001
".aifc"=dword:00000001
".aiff"=dword:00000001
".art"=dword:00000001
".asf"=dword:00000001
".asx"=dword:00000001
".au"=dword:00000001
".avi"=dword:00000001
".bm"=dword:00000001
".bmp"=dword:00000001
".dib"=dword:00000001
".dvr-ms"=dword:00000001
".emf"=dword:00000001
".gif"=dword:00000001
".ico"=dword:00000001
".jfif"=dword:00000001
".jpe"=dword:00000001
".jpeg"=dword:00000001
".jpg"=dword:00000001
".m1v"=dword:00000001
".m3u"=dword:00000001
".mid"=dword:00000001
".midi"=dword:00000001
".mp2"=dword:00000001
".mp2v"=dword:00000001
".mp3"=dword:00000001
".mpa"=dword:00000001
".mpe"=dword:00000001
".mpeg"=dword:00000001
".mpg"=dword:00000001
".mpv"=dword:00000001
".mpv2"=dword:00000001
".png"=dword:00000001
".rmi"=dword:00000001
".snd"=dword:00000001
".tif"=dword:00000001
".tiff"=dword:00000001
".wav"=dword:00000001
".wax"=dword:00000001
".wm"=dword:00000001
".wma"=dword:00000001
".wmf"=dword:00000001
".wmp"=dword:00000001
".wmv"=dword:00000001
".wmx"=dword:00000001
".wvx"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_*.dll]
"CheckAppHelp"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\16]
"ServiceName"="{201DC694-EA64-420C-83D2-D4E55A971B18}"
"Description"="VirtualBox Host-Only Ethernet Adapter"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\2]
"ServiceName"="{7C15B241-2BE2-4121-AD0B-AF17FFC3254F}"
"Description"="VIA Rhine II Fast Ethernet Adapter"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3096)
c:\windows\system32\SHDOCVW.dll
c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\SMART Technologies\Education Software\SMARTBoardService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\SMART Technologies\Education Software\Marker.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2011-12-27 15:59:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-27 14:58
ComboFix2.txt 2011-12-20 12:53
ComboFix3.txt 2011-12-18 11:32
.
Před spuštěním: Volných bajtů: 18 006 343 680
Po spuštění: Volných bajtů: 17 915 932 672
.
- - End Of File - - A778542EB77963BEABE8F08702252F3F
ComboFix 11-12-26.03 - PC 27.12.2011 15:36:06.3.1 - x86
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PC\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Ad-Aware Update (Weekly).job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\explorer.exe . . . je infikován!!
.
c:\windows\regedit.exe . . . je infikován!!
.
Nakažená kopie c:\windows\system32\drivers\tcpip.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
.
c:\windows\system32\wuauclt.exe . . . je infikován!!
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA390
-------\Service_XDva390
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-27 do 2011-12-27 )))))))))))))))))))))))))))))))
.
.
2011-12-22 18:32 . 2011-12-22 18:32 -------- d-----w- c:\program files\iWEB Studio
2011-12-22 18:32 . 2011-12-22 18:32 796672 ----a-w- c:\windows\GPInstall.exe
2011-12-21 09:23 . 2011-12-21 09:23 -------- d-----w- c:\documents and settings\LocalService\Plocha
2011-12-20 16:15 . 2011-12-20 16:18 -------- d-----w- c:\documents and settings\PC\Data aplikací\PhotoFiltre
2011-12-20 16:14 . 2011-12-20 16:14 -------- d-----w- c:\program files\PhotoFiltre
2011-12-18 11:46 . 2011-12-18 11:46 -------- d-----w- c:\program files\Defraggler
2011-12-14 15:30 . 2011-12-14 15:30 -------- d-----w- C:\_OTL
2011-12-14 14:26 . 2011-12-14 14:26 512 ----a-w- C:\PhysicalMBR.bin
2011-12-14 00:19 . 2011-12-14 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2011-12-13 15:45 . 2011-12-13 15:45 -------- d-----w- C:\rsit
2011-12-12 13:40 . 2011-12-12 13:44 -------- d-----w- c:\program files\ICQ7.7
2011-12-12 12:05 . 2011-12-12 12:05 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-12-12 11:59 . 2011-08-18 14:25 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-12-12 11:57 . 2011-12-12 11:57 -------- d-----w- c:\program files\Lavasoft
2011-12-12 11:57 . 2011-12-12 11:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2011-12-12 11:36 . 2011-12-12 11:37 -------- d-----w- C:\Adobe 3
2011-12-10 13:55 . 2011-12-10 13:55 -------- d-----w- C:\Counter-Strike 2D
2011-12-06 16:50 . 2011-12-06 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-12-05 19:06 . 2011-12-05 19:06 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Unity
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 11:51 . 2011-09-01 16:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-26 12:50 . 2011-10-10 13:40 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-11-23 14:40 . 2008-04-14 05:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-22 18:01 . 2011-09-28 11:06 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2011-11-19 15:44 . 2011-09-10 10:53 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-11-04 19:13 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 19:13 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 11:23 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2008-04-14 06:51 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 10:12 . 2011-10-28 10:06 6108 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2011-10-28 10:11 . 2011-10-28 10:11 64020 ----a-w- c:\windows\BricoPackUninst.cmd
2011-10-28 10:11 . 2008-04-14 06:52 219648 ----a-w- c:\windows\system32\uxtheme.dll
2011-10-28 05:32 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 08:06 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2008-04-14 06:07 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-23 10:12 . 2011-09-10 09:14 165232 ---ha-w- c:\documents and settings\PC\Data aplikací\Microsoft\Virtual PC\VPCKeyboard.dll
2011-10-18 11:13 . 2008-04-14 06:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2011-08-31 07:03 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-09 14:34 . 2011-09-09 12:50 436792 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-10-03 14:49 . 2011-10-05 13:09 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-10-03 14:49 . 2011-10-05 13:09 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-10-03 14:49 . 2011-10-03 14:49 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-03 14:49 . 2011-10-03 14:49 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-10-03 14:49 . 2011-10-03 14:49 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-10-03 04:06 . 2011-09-20 16:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37 . 2011-09-20 16:56 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-13 09:27 . 2011-08-31 22:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
.
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 13E794E5591776CBC71055A7B3CC1D5F . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . ED69B3B6CD23D1D00815D5F70D517E01 . 225792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-12-18_11.28.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-27 14:51 . 2011-12-27 14:51 16384 c:\windows\temp\Perflib_Perfdata_754.dat
+ 2011-12-20 18:12 . 2011-12-22 06:32 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2011-08-31 07:10 . 2011-12-13 15:12 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-08-31 07:10 . 2011-12-22 06:32 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2011-08-31 07:10 . 2011-12-13 15:12 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-20 18:12 . 2011-12-22 06:32 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-18 11:46 . 2011-12-18 11:46 24064 c:\windows\Installer\886f1.msi
- 2009-09-27 17:01 . 2008-06-20 11:51 361600 c:\windows\system32\drivers\tcpip.sys
+ 2009-09-27 17:01 . 2008-06-20 11:59 361600 c:\windows\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"SMART Board Tools"="c:\program files\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784]
Styler.lnk - c:\documents and settings\PC\Data aplikací\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-10-28 15086]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^PC^Nabídka Start^Programy^Po spuštění^Registration Driver Parallel Lines.LNK]
path=c:\documents and settings\PC\Nabídka Start\Programy\Po spuštění\Registration Driver Parallel Lines.LNK
backup=c:\windows\pss\Registration Driver Parallel Lines.LNKStartup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCGui.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\SMARTSNMPAgent.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCService.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\VantageService.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.7\\ICQ.exe"=
"d:\\Program Files\\Counter-Strike 1.624\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59012:TCP"= 59012:TCP:Pando Media Booster
"59012:UDP"= 59012:UDP:Pando Media Booster
"57545:TCP"= 57545:TCP:Pando Media Booster
"57545:UDP"= 57545:UDP:Pando Media Booster
.
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528]
R3 cmipci;CMI8738/8768 Audio Driver;c:\windows\system32\drivers\cmipci.sys [2009-09-24 37888]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-06-17 25480]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-08-18 15232]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-19 4122968]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-10-03 104752]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-08-18 64512]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-10-09 436792]
S1 TSKNF900.SYS;TSKNF900.SYS;c:\windows\system32\Drivers\TSKNF900.SYS [2009-04-19 17672]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-10-03 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-10-03 91440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-12-12 2152152]
S2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\Education Software\UCService.exe [2011-07-13 311664]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-10-03 116016]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 12:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com?o=10148&l=dis
mStart Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download with Xilisoft YouTube Video Converter - c:\program files\Xilisoft\YouTube Video Converter\upod_link.HTM
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\PC\Data aplikací\Mozilla\Firefox\Profiles\uu089caj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-27 15:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32]
"RuntimeVersion"="v1.1.4322"
"Assembly"="mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
"ThreadingModel"="Both"
@="mscoree.dll"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\2.0.0.0]
"RuntimeVersion"="v2.0.50727"
"Assembly"="mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1163D0CA-2A02-37C1-BF3F-A9B9E9D49245}\Inpr*cServer32\4.0.0.0]
"RuntimeVersion"="v4.0.30319"
"Assembly"="mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
"Class"="System.Runtime.Remoting.Proxies.ProxyAttribute"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32]
"RuntimeVersion"="v1.0.3705"
"Assembly"="mscorcfg, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
"Class"="Microsoft.CLRAdmin.CWizardPage"
"ThreadingModel"="Both"
@="c:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscormmc.dll"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1AC66142-B805-3C20-A589-49CC6B80E8FB}\Inpr*cServer32\1.0.3300.0]
"RuntimeVersion"="v1.0.3705"
"Assembly"="mscorcfg, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
"Class"="Microsoft.CLRAdmin.CWizardPage"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}\Inpr*cServer32]
@="c:\\Program Files\\Combined Community Codec Pack\\Filters\\FFDShow\\ffdshow.ax"
"ThreadingModel"="Both"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\Inpr*cServer32]
@="c:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\skypeieplugin.dll"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\Inpr*cServer32]
@="c:\\WINDOWS\\system32\\Mscomctl.ocx"
"InprocServer32"=multi:"q9JeFF%`-?&T!$UQ!H?4MsComCtlOcx<\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5FB6957-65E6-491B-BB37-B25C9FE3BEA7}\Inpr*cServer32]
@="c:\\Program Files\\Combined Community Codec Pack\\Filters\\Mpeg2DecFilter.ax"
"ThreadingModel"="Both"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Assemblies\C:|P*ogram Files|Reference Assemblies|Microsoft|Framework|v3.0|PresentationFramework.Classic.dll]
"PresentationFramework.Classic,fileVersion=\"3.0.6920.1427\",culture=\"neutral\",version=\"3.0.0.0\",publicKeyToken=\"31bf3856ad364e35\",processorArchitecture=\"MSIL\""=multi:"i`TI]]zu$6IFqxoJt$?iWPF30_WPF2M_x86_enu_ddf>u%K5@U]U'93jV}mo'D2,\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{29D97D99-2C50-4855-BC74-B3E372DDD602}\Prox*StubClsid32]
@Class="REG_SZ"
@="{C5621364-87CC-4731-8947-929CAE75323E}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2A75C1FD-06B0-3CBB-B467-2545D4D6C865}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2E50547C-A8AA-4f60-B57E-1F414711007B}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{334DF94A-7556-4CBC-8C04-043096B02D82}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{418C5753-9B5F-409F-B67F-C55A65FD54B5}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\Prox*StubClsid32]
@Class="REG_SZ"
@="{777C8A05-5C36-11D5-ABAF-00B0D02332EB}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{7FA2A2C6-276C-3F23-AF2A-800CCD05CFF2}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{82D6B3BF-A633-3B3B-A09E-2363E4B24A41}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{832C16F7-88FA-4D0D-A7F3-E26453C23FC6}\NumM*thods]
@Class="REG_SZ"
@="6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{9A863567-0F37-4D78-92B8-35693624D3ED}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{B0B96BA6-98B6-4CFD-BE70-887893448685}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{C6B4F799-F85B-4661-8E76-E8DE3E97190D}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CA6FBD25-933F-4411-9148-4CE1D01BD4E2}\NumM*thods]
@Class="REG_SZ"
@="6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{CBE1F78A-31CD-437C-A4F7-EDF38FFB3E44}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D0AD6773-7241-444F-A3A8-7233258713AA}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D17506C2-6B26-11D0-8914-00C04FC2A0CA}\Prox*StubClsid]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{D658392C-E872-11D2-83C2-00C04F8EDCC4}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E341516B-2E32-11D1-9964-00C04FBBB345}\Prox*StubClsid32]
@Class="REG_SZ"
@="{64B8F404-A4AE-11D1-B7B6-00C04FB926AF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EB41E8C5-4442-11D1-8906-00A0C9110049}\Prox*StubClsid]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF638827-FADC-4E96-94DE-82021AD62BA3}\Prox*StubClsid32]
@Class="REG_SZ"
@="{E3B47733-F557-45DB-9CB0-332FB5586B7A}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{EF72D021-2C6D-3E33-9442-574BFD6E0871}\Prox*StubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F5F31F14-FDF0-4D29-835A-46ADFE743B78}\NumM*thods]
@Class="REG_SZ"
@="5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F72C8D97-6DBD-11D1-A1E8-00C04FC2FBE1}\Prox*StubClsid32]
@Class="REG_SZ"
@="{B8DA6310-E19B-11D0-933C-00A0C90DCAA9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F938C991-3029-11CF-8C44-00AA006B6814}\Prox*StubClsid32]
@Class="REG_SZ"
@="{92A3A302-DA7C-4A1F-BA7E-1802BB5D2D02}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FD77473D-BE55-438F-9AC8-885F164C67A4}\Prox*StubClsid32]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}]
@="_DPushButtonEvents"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\ProxyStubClsid32]
@="{00020420-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FF8*BE9B-8784-4B18-976D-F889C1F8B1E9}\TypeLib]
@="{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}"
"Version"="d.4"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew]
@="&Open"
"MUIVerb"="@c:\\WINDOWS\\system32\\ieframe.dll.mui,-5731"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\command]
@="\"c:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" %1"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec]
@="\"file://%1\",,-1,,,,,"
"NoActivateHandler"=""
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Application]
@="IExplore"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\IfExec]
@="*"
.
[HKEY_LOCAL_MACHINE\software\Classes\mhtmlfile\shell\open*ew\ddeexec\Topic]
@="WWW_OpenURLNewWindow"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO]
@="DirectSoundFlangerDMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CLSID]
@="{EFCA3D92-DFD8-4672-A603-7420894BAD98}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundFlangerDMO\CurVer]
@="Microsoft.DirectSoundFlangerDMO.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1]
@="DirectSoundGargleDMO"
.
[HKEY_LOCAL_MACHINE\software\Classes\Micr*soft.DirectSoundGargleDMO.1\CLSID]
@="{DAFD8210-5711-4B91-9FE3-F75B7AE279BF}"
.
[HKEY_LOCAL_MACHINE\software\Classes\MIME\Database\Content Type\vide*/x-flv]
"Extension"=".flv"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1]
@="MSMQEvent Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSMQ*MSMQEvent.1\CLSID]
@="{D7D6E07A-DCCD-11d0-AA4B-0060970DEBAE}"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1]
@="Segment funkce datových služeb BDA"
.
[HKEY_LOCAL_MACHINE\software\Classes\MSVidCtl.MSVidDataSe*vices.1\CLSID]
@="{334125C0-77E5-11D3-B653-00C04F79498E}"
.
[HKEY_LOCAL_MACHINE\software\Classes\opendocument.ImpressTemplate.1\shell\prin**o\command]
@="\"c:\\Program Files\\OpenOffice.org 3\\program\\soffice.exe\" -pt \"%2\" \"%1\""
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions]
@="Photoshop GalleryOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CLSID]
@="{e77ce1a6-a3bf-4a6d-874a-8eb24fae2c3f}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.GalleryOptions\CurVer]
@="Photoshop.GalleryOptions.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10]
@="Photoshop RawSaveOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.RawSaveOptions.10\CLSID]
@="{f23dd8af-d7e0-4633-8baa-4ac879b13092}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10]
@="Photoshop SGIRGBSaveOptions"
.
[HKEY_LOCAL_MACHINE\software\Classes\Phot*shop.SGIRGBSaveOptions.10\CLSID]
@="{e3a92d91-d84e-491d-b974-c7b898b64b4c}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Printers\shellex\Prop*rtySheetHandlers\ICM Printer Management]
@="{675F097E-4C4D-11D0-B6C1-0800091AA605}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot]
@="System.EnterpriseServices.Internal.SoapServerVRoot"
.
[HKEY_LOCAL_MACHINE\software\Classes\Syst*m.EnterpriseServices.Internal.SoapServerVRoot\CLSID]
@="{CAA817CC-0C04-4D22-A05C-2B7E162F4E8F}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus]
@="VideoHDCPStatus Class"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CLSID]
@="{EEF5290C-7F3D-4640-93F2-F189DC616510}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Vide*_TVServer.VideoHDCPStatus\CurVer]
@="Video_TVServer.VideoHDCPStatus.1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\Fusion\References\PresentationBuildTasks, Version=4.0.0.0, Culture=neutral, PublicKeyT*ken=31bf3856ad364e35, processorArchitecture=MSIL\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}"=".NET Framework Redist Setup"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a]
"Status"=dword:00000003
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\1]
"Scenario"=dword:00000020
"Status"=dword:00000000
"RuntimeVersion"="v2.0.50727"
"ImageList"=hex:06,00,00,00,01,23,5a,22,e1,ae,97,42,bb,72,4d,41,16,29,dd,99,d5,
05,00,00,00,b4,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Micr*soft.Build.Engine, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\2]
"Scenario"=dword:00000020
"Status"=dword:00000003
"RuntimeVersion"="v2.0.50727"
"ImageList"=hex:06,00,00,00,01,ee,a7,bc,c8,d3,56,e3,f2,dc,b4,f3,6d,fc,1c,6b,c0,
05,00,00,00,b4,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]
"Status"=dword:00000003
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\0]
"Scenario"=dword:00000000
"Status"=dword:00000000
"RuntimeVersion"="v4.0.30319"
"ImageList"=hex:30,00,00,00,01,64,72,ee,f5,09,8d,68,2d,9f,e1,ba,98,8f,0e,2a,16,
05,00,00,00,b6,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,46,00,6f,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\.NETFramework\v2.0.50727\NGenService\Roots\Wind*wsFormsIntegration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\1]
"Scenario"=dword:00000000
"Status"=dword:00000002
"RuntimeVersion"="v4.0.30319"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7]
"DisplayName"="System,2.0.0.0,,b77a5c561934e089"
"Status"=dword:00000000
"MVID"=hex:af,39,f6,e6,44,af,02,87,3b,9b,ae,31,9f,2b,fb,13
"ConfigString"=""
"ConfigMask"=dword:00001109
"ILDependencies"=hex:d8,d4,4b,42,de,65,fe,2b,05,00,00,00,02,00,00,00,00,00,00,
00,57,8d,ab,19,f5,0e,ee,70,06,00,00,00,02,00,00,00,00,00,00,00,4f,fe,50,3f,\
"NIDependencies"=hex:c6,38,19,18,c5,e2,50,79,08,00,00,00,02,00,00,00,00,00,00,
00
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v2.0.50727_32\NI\30bc*c4f\3f50fe4f\7\InvertDependencies]
"110e8ba\\7836ed93\\6"=""
"1b47d045\\7f3aad1e\\5"=""
"3d67735\\6e35940e\\4"=""
"55d78379\\2ffb0c52\\3"=""
"4b875519\\38945df3\\2"=""
"46b91004\\77ccecdd\\1"=""
"70e80e6e\\43fd4348\\d"=""
"53e01c0b\\2d485ce4\\c"=""
"7ac727df\\7b5311d7\\b"=""
"226b2009\\5b43ba09\\a"=""
"6087e565\\1de2335f\\11"=""
"48cbec9d\\30c2c2bf\\18"=""
"3cca06a0\\6dc7d4c0\\17"=""
"42d76e4d\\6a6f846e\\16"=""
"6c9a55d4\\6b2ef2ae\\15"=""
"73320ae2\\5643f3bb\\14"=""
"61e7e666\\c991064\\13"=""
"6faf58\\19ab8d57\\12"=""
"5764ec77\\51be0150\\19"=""
"2a8ab4f5\\364a4dcf\\20"=""
"476b8f1d\\6b98653e\\1b"=""
"4c7ba6e4\\70134b7d\\1a"=""
"212ef70c\\627678ca\\28"=""
"7dfaa0d2\\79080a91\\27"=""
"561175dc\\1878c7bb\\26"=""
"77a2835c\\36d9491a\\25"=""
"3b9d4dd3\\7cae3392\\24"=""
"3cf7117f\\34bfbdd7\\22"=""
"408b62a\\5e394295\\29"=""
"20327a6b\\730776a9\\2f"=""
"70e0fcf4\\22b71a50\\2e"=""
"673eaac0\\41f1f143\\2b"=""
"573eb423\\16fa6aa6\\31"=""
"634c2e69\\474c21c8\\38"=""
"69656b97\\2b81e88b\\37"=""
"1865da81\\15379461\\35"=""
"2a7f0223\\919b802\\34"=""
"378d4dc7\\2e3eefa8\\33"=""
"2219f480\\224c3261\\32"=""
"4f1555b2\\35df3f71\\39"=""
"1320606e\\51bbe64e\\40"=""
"5044d811\\39d851f1\\3f"=""
"1e7178c9\\62af46e3\\3e"=""
"159a66b8\\424bd4d8\\3b"=""
"640d09ef\\75638fee\\3a"=""
"6f06001f\\475dce40\\41"=""
"5510f47d\\78e5f298\\47"=""
"4d8855e2\\614f9804\\46"=""
"58052d2f\\19693f50\\44"=""
"1734f8c5\\5094d6df\\43"=""
"3c0e944b\\5668366c\\42"=""
"6666f4a8\\4fc542c4\\49"=""
"1c22df2f\\4f99a7c9\\50"=""
"505c41c7\\18407c1\\4f"=""
"429b0dd8\\4c76ceeb\\4d"=""
"740e747\\712ad40\\4c"=""
"4eb53aa8\\7fc0fca1\\4b"=""
"6fe67a05\\7c66cbfe\\4a"=""
"46549924\\6a90ef1c\\51"=""
"6960d6d7\\79f4e0d0\\58"=""
"774c02ca\\5f5ec0c2\\57"=""
"64be1fa4\\3ced59c5\\56"=""
"340dcf4c\\3a6a696d\\55"=""
"4f0ed0af\\7a0f7aa7\\54"=""
"f3eb9d9\\2e829ffb\\53"=""
"57d4b1bf\\85e83df\\52"=""
"5132fda3\\7665d79c\\59"=""
"7f0603e4\\73843e06\\60"=""
"5a8de2c3\\2b1a4e4\\5e"=""
"db950d6\\141dfd70\\5d"=""
"7548b7e5\\36d1a880\\5c"=""
"7b7b125f\\2f57887a\\5b"=""
"2a3a6b59\\1a4f246d\\5a"=""
"5fcea75a\\3c9c8d7b\\61"=""
"6eae2d34\\3b249b34\\68"=""
"7fe99dd6\\24bf93f6\\67"=""
"6a686da6\\652572bb\\66"=""
"79a57d4e\\6dd86662\\65"=""
"361f692e\\5b2d242\\64"=""
"3522e5b1\\622ac2c4\\63"=""
"22819cfd\\5a64a10\\62"=""
"439b21dc\\8d013d6\\69"=""
"12bcedd0\\54280fca\\70"=""
"481e243f\\392c4553\\6f"=""
"7367db5c\\4fd4b97d\\6e"=""
"1afb76b9\\aa460d9\\6d"=""
"72522657\\2b351479\\6c"=""
"5fddae7d\\30b32757\\6a"=""
"1dbe171c\\2c6993f6\\71"=""
"4aab34c8\\27aa01a1\\78"=""
"38587ddc\\2089aaf0\\77"=""
"298818d6\\6c1422cf\\76"=""
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\NativeImagesIndex\v4.0.30319_32\NI\44ec6d48\74c9*6c5\1c]
"DisplayName"="System.Xaml,4.0.0.0,,b77a5c561934e089"
"Status"=dword:00000000
"MVID"=hex:41,85,13,0e,da,1d,7a,5e,0e,04,74,e7,23,43,57,0b
"ConfigString"=""
"ConfigMask"=dword:00001109
"ILDependencies"=hex:d5,74,f4,34,3f,6f,24,65,06,00,00,00,04,00,00,00,00,00,00,
00,d5,74,f4,34,3f,6f,24,65,06,00,00,00,04,00,00,00,00,00,00,00,c5,f6,c9,74,\
"NIDependencies"=hex:c6,38,19,18,42,ca,99,14,08,00,00,00,04,00,00,00,00,00,00,
00,4f,7c,bc,30,cd,e5,99,5a,07,00,00,00,04,00,00,00,00,00,00,00,4f,7c,bc,30,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2902.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{75339C8C-B4BA-463B-BAC7-975FCA2F89D9}"="DirectX for Managed Code"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Fusion\References\Micr*soft.DirectX.Direct3DX, Version=1.0.2907.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35\{2EC93463-B0C3-45E1-8364-327E96AEA856}]
"{75339C8C-B4BA-463B-BAC7-975FCA2F89D9}"="DirectX for Managed Code"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Jet\4.0\ISAM Formats\Outl*ok 9.0]
"Engine"="Exchange"
"ImportFilter"="Outlook()"
"CanLink"=hex:01
"OneTablePerFile"=hex:00
"IsamType"=dword:00000003
"IndexDialog"=hex:00
"CreateDBOnExport"=hex:00
"SupportsLongNames"=hex:01
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Multimedia\WMPlayer\MIME Types\vide*/x-ogm]
"Extension.Key"=".ogm"
"Extensions.SpaceSep"=".ogm"
"Extensions.CommaSep"="ogm"
"UserApprovedOwning"="yes"
"AlreadyRegistered"="yes"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\Netw*rkCrawler\Objects\WorkgroupCrawler]
"CLSID"="{72b3882f-453a-4633-aac9-8c3dced62aff}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\AFB9*38A1D0589A40F6A95DDC9D82AA7]
"16034BAFBFEF8E641A9569173059BDE5"="c:\\Program Files\\OpenOffice.org 3\\Basis\\share\\fingerprint\\hungarian.lm"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Internet Settings\Allo*edDragImageExts]
@=""
".aif"=dword:00000001
".aifc"=dword:00000001
".aiff"=dword:00000001
".art"=dword:00000001
".asf"=dword:00000001
".asx"=dword:00000001
".au"=dword:00000001
".avi"=dword:00000001
".bm"=dword:00000001
".bmp"=dword:00000001
".dib"=dword:00000001
".dvr-ms"=dword:00000001
".emf"=dword:00000001
".gif"=dword:00000001
".ico"=dword:00000001
".jfif"=dword:00000001
".jpe"=dword:00000001
".jpeg"=dword:00000001
".jpg"=dword:00000001
".m1v"=dword:00000001
".m3u"=dword:00000001
".mid"=dword:00000001
".midi"=dword:00000001
".mp2"=dword:00000001
".mp2v"=dword:00000001
".mp3"=dword:00000001
".mpa"=dword:00000001
".mpe"=dword:00000001
".mpeg"=dword:00000001
".mpg"=dword:00000001
".mpv"=dword:00000001
".mpv2"=dword:00000001
".png"=dword:00000001
".rmi"=dword:00000001
".snd"=dword:00000001
".tif"=dword:00000001
".tiff"=dword:00000001
".wav"=dword:00000001
".wax"=dword:00000001
".wm"=dword:00000001
".wma"=dword:00000001
".wmf"=dword:00000001
".wmp"=dword:00000001
".wmv"=dword:00000001
".wmx"=dword:00000001
".wvx"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_*.dll]
"CheckAppHelp"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\16]
"ServiceName"="{201DC694-EA64-420C-83D2-D4E55A971B18}"
"Description"="VirtualBox Host-Only Ethernet Adapter"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Netw*rkCards\2]
"ServiceName"="{7C15B241-2BE2-4121-AD0B-AF17FFC3254F}"
"Description"="VIA Rhine II Fast Ethernet Adapter"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3096)
c:\windows\system32\SHDOCVW.dll
c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\SMART Technologies\Education Software\SMARTBoardService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\SMART Technologies\Education Software\Marker.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2011-12-27 15:59:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-27 14:58
ComboFix2.txt 2011-12-20 12:53
ComboFix3.txt 2011-12-18 11:32
.
Před spuštěním: Volných bajtů: 18 006 343 680
Po spuštění: Volných bajtů: 17 915 932 672
.
- - End Of File - - A778542EB77963BEABE8F08702252F3F
Re: 100 % Procesor u všeho
Napsal: 28 pro 2011 01:09
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- c:\windows\system32\wuauclt.exe
c:\windows\explorer.exe
c:\windows\regedit.exe - Kliknete na Prochazet
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Send File
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
Re: 100 % Procesor u všeho
Napsal: 28 pro 2011 14:34
u 1. je :
Antivirus Version Last Update Result
AntiVir 7.11.20.54 2011.12.28 -
Antiy-AVL 2.0.3.7 2011.12.28 Virus/Win32.CrazyPrier.gen
Avast 6.0.1289.0 2011.12.28 -
AVG 10.0.0.1190 2011.12.28 -
BitDefender 7.2 2011.12.28 -
CAT-QuickHeal 12.00 2011.12.28 -
ClamAV 0.97.3.0 2011.12.28 -
Commtouch 5.3.2.6 2011.12.28 -
Comodo 11118 2011.12.28 -
Emsisoft 5.1.0.11 2011.12.28 -
eSafe 7.0.17.0 2011.12.25 -
eTrust-Vet 37.0.9650 2011.12.28 -
F-Prot 4.6.5.141 2011.12.27 -
F-Secure 9.0.16440.0 2011.12.28 -
Fortinet 4.3.388.0 2011.12.28 -
GData 22.323/22.610 2011.12.28 -
Ikarus T3.1.1.109.0 2011.12.28 -
Jiangmin 13.0.900 2011.12.27 -
K7AntiVirus 9.120.5786 2011.12.27 -
Kaspersky 9.0.0.837 2011.12.28 -
Microsoft 1.7903 2011.12.28 -
nProtect 2011-12-28.01 2011.12.28 -
PCTools 8.0.0.5 2011.12.28 -
Prevx 3.0 2011.12.28 -
Sophos 4.72.0 2011.12.28 -
Symantec 20111.2.0.82 2011.12.28 -
TheHacker 6.7.0.1.366 2011.12.27 -
TrendMicro 9.500.0.1008 2011.12.28 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.28 -
VBA32 3.12.16.4 2011.12.28 -
VIPRE 11316 2011.12.28 -
ViRobot 2011.12.28.4851 2011.12.28 -
u 2. je :
Antivirus Version Last Update Result
AhnLab-V3 2011.12.28.02 2011.12.28 -
AntiVir 7.11.20.55 2011.12.28 -
Antiy-AVL 2.0.3.7 2011.12.28 -
Avast 6.0.1289.0 2011.12.28 -
AVG 10.0.0.1190 2011.12.28 -
BitDefender 7.2 2011.12.28 -
CAT-QuickHeal 12.00 2011.12.28 -
ClamAV 0.97.3.0 2011.12.28 -
Commtouch 5.3.2.6 2011.12.28 -
Comodo 11118 2011.12.28 -
Emsisoft 5.1.0.11 2011.12.28 -
eSafe 7.0.17.0 2011.12.25 -
eTrust-Vet 37.0.9650 2011.12.28 -
F-Prot 4.6.5.141 2011.12.27 -
F-Secure 9.0.16440.0 2011.12.28 -
Fortinet 4.3.388.0 2011.12.28 -
GData 22 2011.12.28 -
Ikarus T3.1.1.109.0 2011.12.28 -
Jiangmin 13.0.900 2011.12.27 -
K7AntiVirus 9.120.5786 2011.12.27 -
Kaspersky 9.0.0.837 2011.12.28 -
McAfee-GW-Edition 2010.1E 2011.12.28 -
Microsoft 1.7903 2011.12.28 -
NOD32 6748 2011.12.28 -
Norman 6.07.13 2011.12.28 -
nProtect 2011-12-28.01 2011.12.28 -
Panda 10.0.3.5 2011.12.27 -
PCTools 8.0.0.5 2011.12.28 -
Prevx 3.0 2011.12.28 -
Rising 23.90.02.02 2011.12.28 -
Sophos 4.72.0 2011.12.28 -
SUPERAntiSpyware 4.40.0.1006 2011.12.27 -
Symantec 20111.2.0.82 2011.12.28 -
TheHacker 6.7.0.1.366 2011.12.27 -
TrendMicro 9.500.0.1008 2011.12.28 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.28 -
VBA32 3.12.16.4 2011.12.28 -
VIPRE 11316 2011.12.28 -
ViRobot 2011.12.28.4851 2011.12.28 -
VirusBuster 14.1.137.0 2011.12.28 -
u 3. je :
Antivirus Version Last Update Result
AhnLab-V3 2011.12.28.02 2011.12.28 -
AntiVir 7.11.20.54 2011.12.28 -
Antiy-AVL 2.0.3.7 2011.12.28 -
Avast 6.0.1289.0 2011.12.28 -
AVG 10.0.0.1190 2011.12.28 -
BitDefender 7.2 2011.12.28 -
ByteHero 1.0.0.1 2011.12.07 -
CAT-QuickHeal 12.00 2011.12.28 -
ClamAV 0.97.3.0 2011.12.28 -
Commtouch 5.3.2.6 2011.12.28 -
Comodo 11118 2011.12.28 -
DrWeb 5.0.2.03300 2011.12.28 -
Emsisoft 5.1.0.11 2011.12.28 -
eSafe 7.0.17.0 2011.12.25 -
eTrust-Vet 37.0.9650 2011.12.28 -
F-Prot 4.6.5.141 2011.12.27 -
F-Secure 9.0.16440.0 2011.12.28 -
Fortinet 4.3.388.0 2011.12.28 -
GData 22 2011.12.28 -
Ikarus T3.1.1.109.0 2011.12.28 -
Jiangmin 13.0.900 2011.12.27 -
K7AntiVirus 9.120.5786 2011.12.27 -
Kaspersky 9.0.0.837 2011.12.28 -
McAfee 5.400.0.1158 2011.12.28 -
McAfee-GW-Edition 2010.1E 2011.12.28 -
Microsoft 1.7903 2011.12.28 -
NOD32 6748 2011.12.28 -
Norman 6.07.13 2011.12.28 -
nProtect 2011-12-28.01 2011.12.28 -
Panda 10.0.3.5 2011.12.27 -
PCTools 8.0.0.5 2011.12.28 -
Prevx 3.0 2011.12.28 -
Rising 23.90.02.02 2011.12.28 -
Sophos 4.72.0 2011.12.28 -
SUPERAntiSpyware 4.40.0.1006 2011.12.27 -
Symantec 20111.2.0.82 2011.12.28 -
TheHacker 6.7.0.1.366 2011.12.27 -
TrendMicro 9.500.0.1008 2011.12.28 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.28 -
VBA32 3.12.16.4 2011.12.28 -
VIPRE 11316 2011.12.28 -
ViRobot 2011.12.28.4851 2011.12.28 -
VirusBuster 14.1.137.0 2011.12.28 -
takže jen u toho 1: ukázalo vir u jednoho antivirusu nechápu teda ..
VirusBuster 14.1.137.0 2011.12.28 -
Antivirus Version Last Update Result
AntiVir 7.11.20.54 2011.12.28 -
Antiy-AVL 2.0.3.7 2011.12.28 Virus/Win32.CrazyPrier.gen
Avast 6.0.1289.0 2011.12.28 -
AVG 10.0.0.1190 2011.12.28 -
BitDefender 7.2 2011.12.28 -
CAT-QuickHeal 12.00 2011.12.28 -
ClamAV 0.97.3.0 2011.12.28 -
Commtouch 5.3.2.6 2011.12.28 -
Comodo 11118 2011.12.28 -
Emsisoft 5.1.0.11 2011.12.28 -
eSafe 7.0.17.0 2011.12.25 -
eTrust-Vet 37.0.9650 2011.12.28 -
F-Prot 4.6.5.141 2011.12.27 -
F-Secure 9.0.16440.0 2011.12.28 -
Fortinet 4.3.388.0 2011.12.28 -
GData 22.323/22.610 2011.12.28 -
Ikarus T3.1.1.109.0 2011.12.28 -
Jiangmin 13.0.900 2011.12.27 -
K7AntiVirus 9.120.5786 2011.12.27 -
Kaspersky 9.0.0.837 2011.12.28 -
Microsoft 1.7903 2011.12.28 -
nProtect 2011-12-28.01 2011.12.28 -
PCTools 8.0.0.5 2011.12.28 -
Prevx 3.0 2011.12.28 -
Sophos 4.72.0 2011.12.28 -
Symantec 20111.2.0.82 2011.12.28 -
TheHacker 6.7.0.1.366 2011.12.27 -
TrendMicro 9.500.0.1008 2011.12.28 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.28 -
VBA32 3.12.16.4 2011.12.28 -
VIPRE 11316 2011.12.28 -
ViRobot 2011.12.28.4851 2011.12.28 -
u 2. je :
Antivirus Version Last Update Result
AhnLab-V3 2011.12.28.02 2011.12.28 -
AntiVir 7.11.20.55 2011.12.28 -
Antiy-AVL 2.0.3.7 2011.12.28 -
Avast 6.0.1289.0 2011.12.28 -
AVG 10.0.0.1190 2011.12.28 -
BitDefender 7.2 2011.12.28 -
CAT-QuickHeal 12.00 2011.12.28 -
ClamAV 0.97.3.0 2011.12.28 -
Commtouch 5.3.2.6 2011.12.28 -
Comodo 11118 2011.12.28 -
Emsisoft 5.1.0.11 2011.12.28 -
eSafe 7.0.17.0 2011.12.25 -
eTrust-Vet 37.0.9650 2011.12.28 -
F-Prot 4.6.5.141 2011.12.27 -
F-Secure 9.0.16440.0 2011.12.28 -
Fortinet 4.3.388.0 2011.12.28 -
GData 22 2011.12.28 -
Ikarus T3.1.1.109.0 2011.12.28 -
Jiangmin 13.0.900 2011.12.27 -
K7AntiVirus 9.120.5786 2011.12.27 -
Kaspersky 9.0.0.837 2011.12.28 -
McAfee-GW-Edition 2010.1E 2011.12.28 -
Microsoft 1.7903 2011.12.28 -
NOD32 6748 2011.12.28 -
Norman 6.07.13 2011.12.28 -
nProtect 2011-12-28.01 2011.12.28 -
Panda 10.0.3.5 2011.12.27 -
PCTools 8.0.0.5 2011.12.28 -
Prevx 3.0 2011.12.28 -
Rising 23.90.02.02 2011.12.28 -
Sophos 4.72.0 2011.12.28 -
SUPERAntiSpyware 4.40.0.1006 2011.12.27 -
Symantec 20111.2.0.82 2011.12.28 -
TheHacker 6.7.0.1.366 2011.12.27 -
TrendMicro 9.500.0.1008 2011.12.28 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.28 -
VBA32 3.12.16.4 2011.12.28 -
VIPRE 11316 2011.12.28 -
ViRobot 2011.12.28.4851 2011.12.28 -
VirusBuster 14.1.137.0 2011.12.28 -
u 3. je :
Antivirus Version Last Update Result
AhnLab-V3 2011.12.28.02 2011.12.28 -
AntiVir 7.11.20.54 2011.12.28 -
Antiy-AVL 2.0.3.7 2011.12.28 -
Avast 6.0.1289.0 2011.12.28 -
AVG 10.0.0.1190 2011.12.28 -
BitDefender 7.2 2011.12.28 -
ByteHero 1.0.0.1 2011.12.07 -
CAT-QuickHeal 12.00 2011.12.28 -
ClamAV 0.97.3.0 2011.12.28 -
Commtouch 5.3.2.6 2011.12.28 -
Comodo 11118 2011.12.28 -
DrWeb 5.0.2.03300 2011.12.28 -
Emsisoft 5.1.0.11 2011.12.28 -
eSafe 7.0.17.0 2011.12.25 -
eTrust-Vet 37.0.9650 2011.12.28 -
F-Prot 4.6.5.141 2011.12.27 -
F-Secure 9.0.16440.0 2011.12.28 -
Fortinet 4.3.388.0 2011.12.28 -
GData 22 2011.12.28 -
Ikarus T3.1.1.109.0 2011.12.28 -
Jiangmin 13.0.900 2011.12.27 -
K7AntiVirus 9.120.5786 2011.12.27 -
Kaspersky 9.0.0.837 2011.12.28 -
McAfee 5.400.0.1158 2011.12.28 -
McAfee-GW-Edition 2010.1E 2011.12.28 -
Microsoft 1.7903 2011.12.28 -
NOD32 6748 2011.12.28 -
Norman 6.07.13 2011.12.28 -
nProtect 2011-12-28.01 2011.12.28 -
Panda 10.0.3.5 2011.12.27 -
PCTools 8.0.0.5 2011.12.28 -
Prevx 3.0 2011.12.28 -
Rising 23.90.02.02 2011.12.28 -
Sophos 4.72.0 2011.12.28 -
SUPERAntiSpyware 4.40.0.1006 2011.12.27 -
Symantec 20111.2.0.82 2011.12.28 -
TheHacker 6.7.0.1.366 2011.12.27 -
TrendMicro 9.500.0.1008 2011.12.28 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.28 -
VBA32 3.12.16.4 2011.12.28 -
VIPRE 11316 2011.12.28 -
ViRobot 2011.12.28.4851 2011.12.28 -
VirusBuster 14.1.137.0 2011.12.28 -
takže jen u toho 1: ukázalo vir u jednoho antivirusu nechápu teda ..
VirusBuster 14.1.137.0 2011.12.28 -
Re: 100 % Procesor u všeho
Napsal: 28 pro 2011 19:24
u mě je to nějaký špatný furt nic navíc mi začíná házet PC modrou smrt každou 2. Hodinu mi jí hodí tak mam 2. problémi
navíc mi začíná házet PC modrou smrt každou 2. Hodinu mi jí hodí tak mam 2. problémi