vir v MBR sektoru
vir v MBR sektoru
měl jsem v PC virus "Win32/Kryptik.X trojský kůň" , toho jsem se snad zbavil, ale ted mi NOD32 při analýze detekuje trojského koně v MBR sektoru disku, viz příloha, potřeboval bych poradit jestli se toho dá nějak zbavit (OS WinXP)
- Přílohy
-
Re: vir v MBR sektoru
Mohlo by pomoci přepsat MBR z instalačního CD ixpéček příkazem fixmbr, viz například http://support.microsoft.com/kb/314503/cs
- Než položíte dotaz, nejprve se ptejte strejdy Gůůgla.
- Výňatek z pravidel fóra PC-HELP:
- Název tématu zvolte takový, aby co nejvýstižněji charakterizoval obsah tématu.
- Nesnažte se řešit jiný problém (i když podobný) v jednom tématu. Raději založte nové téma.
- Mýliti se je Myloš.
Re: vir v MBR sektoru
Myslím, že pomůže jen celkový (pomalý) formát harddisku. Tohle dělali jen hodně staré viry.
Re: vir v MBR sektoru
Ale co to tu pisete?!
sr71 , aplikujte tento navod : http://viry.cz/forum/viewtopic.php?f=11&t=7294
Potom urobte logy z gmeru a tie dajte sem : http://viry.cz/forum/viewtopic.php?f=29&t=62878
sr71 , aplikujte tento navod : http://viry.cz/forum/viewtopic.php?f=11&t=7294
Potom urobte logy z gmeru a tie dajte sem : http://viry.cz/forum/viewtopic.php?f=29&t=62878
Moja nová kniha >> Kniha <<
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
Re: vir v MBR sektoru
díky za tipy, ale zdá se, že vir z MBR serktoru nějakým záhadným způsobem zmizel sám, ráno když jsem PC znovu zapnul tak už NOD nic nenajde 
Re: vir v MBR sektoru
Este chcem vidiet log z gmeru, aby to nahodou nebola blba paranoia esetu.
Moja nová kniha >> Kniha <<
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
Re: vir v MBR sektoru
zde je log z GMERU
Re: vir v MBR sektoru
kokám že se mě příloha nevložila, , v jakém formátu to musím vložit? to sem lze vkládat pouze jpg??
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: vir v MBR sektoru
omlouvám se za skok do tématu.jen poradím ať mají rádcové všechno připraveno.
ten log by měl být ve formátu txt, což je poznámkový blok. otevři jej a ten jeho obsah sem zkopíruj
ten log by měl být ve formátu txt, což je poznámkový blok. otevři jej a ten jeho obsah sem zkopíruj
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: vir v MBR sektoru
takže výpis z Gmeru
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-10-12 16:47:02
Windows 5.1.2600 Service Pack 2
---- User code sections - GMER 1.0.14 ----
.text C:\WINDOWS\Explorer.EXE[1736] SHELL32.dll!SHFileOperationW 7CA6D1B9 5 Bytes JMP 012F1102 C:\Program Files\Unlocker\UnlockerHook.dll
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00081b00cb3d
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00081b00cb3d
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Door Hasp Catching.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Gallactic Door MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Gate Squeek.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Heavy Door Latch MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Heavy Latch w_Rev.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Sand Bag Dragging2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Sledge Striking Anvil.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Bone Crush.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Bowling Srtike.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Poke.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Slip-Fall.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Smack.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Whip Crack Vx.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Whip Crack.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Alligator Hiss.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Resonance Nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Resonance.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Swoosh L-R.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Explosion Underwater nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Fire Roar.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Leopard Growl2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Polsating Rumble-50.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Pulsating Rumble.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Pulsating Rumble2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Motar Expl w_Rev.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Muffled Explosion nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Muffled Explosion.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Small Motar Expl.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\V8 Engine Idle.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Bike Sliding in Sand.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Glass Pack Pipe2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Heavy Bag Drop2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Hollow Wind .wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Horse Trotting.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Horse Walking.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Light Rainfall.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Lion Roar Multi.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Riding Mower Idle2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Time Machine Brk MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Time Machine Car MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Water Pour.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Whispy Air.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Bat Crack .wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Crowd Applause.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Crowd Cheering_Appl.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Soccerball Kick.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Stage Lights On.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Tackle.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Electronic Motor2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Flamethrower.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Laser Gun MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Missile Launch.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Missle Impact Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Nova Explosion MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Photon Torpedo Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Piercing Explosion nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Pulse Gun Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Rocket Takeoff MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Single Impact Expln.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Small Mortar Expl Double.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Turbine Rotation.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Warp Drive Engaging MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\small mortar rvb.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Camera Shutter.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Car Ignition2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Muscle Car Drive-by.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Muscle Car Shifting.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Plane Takeoff.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Screeching Brakes.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Baby Cough2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Bear Growl2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Cough harsh2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Crackling Hearth.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Fml Sneeze n Cough.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Santa's Sleigh Landing MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Sleigh Bells.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Snowball Hit.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Tearing Open Present.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Throat clearing2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG08.00.00.01WORKSTATION D35854E8667B1F190F7B178CDE00FE8D69931C5DFCD62D188229063284E55D640A28A0F9BBA4E745058FD6CFB12B86EE2464C05B2B9B2D7DA989BB7E00D4685263D219D8A97750B82C78D497C4B70F5D06505D943985EC9C40587747E17FF691A9179F86CFB6320A604608199644D9359D512413A93037B3A11D438A4C9C7F67AC2935169258482401790F1CEBA68C26F8D4EB7640EB3AD832524DDDA59CD76C3F3084B19807B4C67205A9804C6431B32E3EACEF873D0873D467E966981F3A0FB648D6134CA2FA03FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667FEBC9E127BECC74CBA7FD869164D6794698784FAA617D7E11D60FD692936F07E2C375DD4AEA6954D2F5A675E08574E2FA3017675F2860BD65DE62AD194C11B70103B164B8EBCA91EE6571AF69577D4BBA9523595262CCEF97058F0DAC21D90C7EE5BDCF53EA01A86490A17761D0CC896F821EBFC0462B632440878B83660AE8D47B7ED3DA246AE540500539C0507F8F61309685C91B73AB84DBC08B33553B5201D662A9E64528FAD50BAE8BAF68C18E2FD199D7B996CB39B01330B274C774AB478F0962C6E234A8962B015B8DEF33C3943D3A3372A7563BBD99B91854AFE7350E353DC0971475034794CBA8FEE4ADEA9F0B135FD157CEC4
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x97 0x20 0x4E 0x9A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
---- EOF - GMER 1.0.14 ----
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-10-12 16:47:02
Windows 5.1.2600 Service Pack 2
---- User code sections - GMER 1.0.14 ----
.text C:\WINDOWS\Explorer.EXE[1736] SHELL32.dll!SHFileOperationW 7CA6D1B9 5 Bytes JMP 012F1102 C:\Program Files\Unlocker\UnlockerHook.dll
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00081b00cb3d
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00081b00cb3d
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Door Hasp Catching.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Gallactic Door MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Gate Squeek.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Heavy Door Latch MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Heavy Latch w_Rev.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Sand Bag Dragging2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Sledge Striking Anvil.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Bone Crush.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Bowling Srtike.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Poke.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Slip-Fall.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Smack.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Whip Crack Vx.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Whip Crack.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Alligator Hiss.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Resonance Nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Resonance.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Swoosh L-R.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Explosion Underwater nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Fire Roar.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Leopard Growl2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Polsating Rumble-50.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Pulsating Rumble.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Pulsating Rumble2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Motar Expl w_Rev.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Muffled Explosion nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Muffled Explosion.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Small Motar Expl.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\V8 Engine Idle.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Bike Sliding in Sand.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Glass Pack Pipe2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Heavy Bag Drop2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Hollow Wind .wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Horse Trotting.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Horse Walking.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Light Rainfall.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Lion Roar Multi.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Riding Mower Idle2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Time Machine Brk MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Time Machine Car MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Water Pour.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Whispy Air.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Bat Crack .wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Crowd Applause.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Crowd Cheering_Appl.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Soccerball Kick.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Stage Lights On.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Tackle.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Electronic Motor2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Flamethrower.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Laser Gun MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Missile Launch.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Missle Impact Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Nova Explosion MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Photon Torpedo Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Piercing Explosion nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Pulse Gun Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Rocket Takeoff MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Single Impact Expln.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Small Mortar Expl Double.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Turbine Rotation.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Warp Drive Engaging MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\small mortar rvb.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Camera Shutter.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Car Ignition2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Muscle Car Drive-by.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Muscle Car Shifting.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Plane Takeoff.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Screeching Brakes.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Baby Cough2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Bear Growl2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Cough harsh2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Crackling Hearth.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Fml Sneeze n Cough.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Santa's Sleigh Landing MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Sleigh Bells.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Snowball Hit.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Tearing Open Present.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Throat clearing2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG08.00.00.01WORKSTATION D35854E8667B1F190F7B178CDE00FE8D69931C5DFCD62D188229063284E55D640A28A0F9BBA4E745058FD6CFB12B86EE2464C05B2B9B2D7DA989BB7E00D4685263D219D8A97750B82C78D497C4B70F5D06505D943985EC9C40587747E17FF691A9179F86CFB6320A604608199644D9359D512413A93037B3A11D438A4C9C7F67AC2935169258482401790F1CEBA68C26F8D4EB7640EB3AD832524DDDA59CD76C3F3084B19807B4C67205A9804C6431B32E3EACEF873D0873D467E966981F3A0FB648D6134CA2FA03FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667FEBC9E127BECC74CBA7FD869164D6794698784FAA617D7E11D60FD692936F07E2C375DD4AEA6954D2F5A675E08574E2FA3017675F2860BD65DE62AD194C11B70103B164B8EBCA91EE6571AF69577D4BBA9523595262CCEF97058F0DAC21D90C7EE5BDCF53EA01A86490A17761D0CC896F821EBFC0462B632440878B83660AE8D47B7ED3DA246AE540500539C0507F8F61309685C91B73AB84DBC08B33553B5201D662A9E64528FAD50BAE8BAF68C18E2FD199D7B996CB39B01330B274C774AB478F0962C6E234A8962B015B8DEF33C3943D3A3372A7563BBD99B91854AFE7350E353DC0971475034794CBA8FEE4ADEA9F0B135FD157CEC4
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x97 0x20 0x4E 0x9A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
---- EOF - GMER 1.0.14 ----
Re: vir v MBR sektoru
Ten log je vazne cely?
Moja nová kniha >> Kniha <<
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
Re: vir v MBR sektoru
projel jsem to Gmerem znovu a přikládám log, vir v MBR teď NOD nedetekuje, ale pro změnu po startu XP zobrazuje system hlášku, že chybí knihovna "giteatng.dll" - nic o této knihovně se mě však nikde nepodařilo najít
log:
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-10-14 19:57:13
Windows 5.1.2600 Service Pack 2
---- User code sections - GMER 1.0.14 ----
.text C:\WINDOWS\Explorer.EXE[1744] SHELL32.dll!SHFileOperationW 7CA6D1B9 5 Bytes JMP 10001102 C:\Program Files\Unlocker\UnlockerHook.dll
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )
AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00081b00cb3d
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00081b00cb3d
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Door Hasp Catching.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Gallactic Door MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Gate Squeek.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Heavy Door Latch MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Heavy Latch w_Rev.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Sand Bag Dragging2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Sledge Striking Anvil.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Bone Crush.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Bowling Srtike.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Poke.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Slip-Fall.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Smack.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Whip Crack Vx.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Whip Crack.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Alligator Hiss.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Resonance Nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Resonance.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Swoosh L-R.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Explosion Underwater nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Fire Roar.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Leopard Growl2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Polsating Rumble-50.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Pulsating Rumble.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Pulsating Rumble2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Motar Expl w_Rev.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Muffled Explosion nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Muffled Explosion.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Small Motar Expl.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\V8 Engine Idle.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Bike Sliding in Sand.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Glass Pack Pipe2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Heavy Bag Drop2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Hollow Wind .wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Horse Trotting.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Horse Walking.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Light Rainfall.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Lion Roar Multi.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Riding Mower Idle2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Time Machine Brk MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Time Machine Car MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Water Pour.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Whispy Air.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Bat Crack .wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Crowd Applause.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Crowd Cheering_Appl.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Soccerball Kick.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Stage Lights On.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Tackle.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Electronic Motor2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Flamethrower.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Laser Gun MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Missile Launch.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Missle Impact Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Nova Explosion MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Photon Torpedo Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Piercing Explosion nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Pulse Gun Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Rocket Takeoff MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Single Impact Expln.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Small Mortar Expl Double.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Turbine Rotation.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Warp Drive Engaging MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\small mortar rvb.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Camera Shutter.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Car Ignition2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Muscle Car Drive-by.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Muscle Car Shifting.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Plane Takeoff.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Screeching Brakes.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Baby Cough2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Bear Growl2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Cough harsh2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Crackling Hearth.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Fml Sneeze n Cough.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Santa's Sleigh Landing MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Sleigh Bells.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Snowball Hit.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Tearing Open Present.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Throat clearing2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG08.00.00.01WORKSTATION D35854E8667B1F190F7B178CDE00FE8D69931C5DFCD62D188229063284E55D640A28A0F9BBA4E745058FD6CFB12B86EE2464C05B2B9B2D7DA989BB7E00D4685263D219D8A97750B82C78D497C4B70F5D06505D943985EC9C40587747E17FF691A9179F86CFB6320A604608199644D9359D512413A93037B3A11D438A4C9C7F67AC2935169258482401790F1CEBA68C26F8D4EB7640EB3AD832524DDDA59CD76C3F3084B19807B4C67205A9804C6431B32E3EACEF873D0873D467E966981F3A0FB648D6134CA2FA03FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667FEBC9E127BECC74CBA7FD869164D6794698784FAA617D7E11D60FD692936F07E2C375DD4AEA6954D2F5A675E08574E2FA3017675F2860BD65DE62AD194C11B70103B164B8EBCA91EE6571AF69577D4BBA9523595262CCEF97058F0DAC21D90C7EE5BDCF53EA01A86490A17761D0CC896F821EBFC0462B632440878B83660AE8D47B7ED3DA246AE540500539C0507F8F61309685C91B73AB84DBC08B33553B5201D662A9E64528FAD50BAE8BAF68C18E2FD199D7B996CB39B01330B274C774AB478F0962C6E234A8962B015B8DEF33C3943D3A3372A7563BBD99B91854AFE7350E353DC0971475034794CBA8FEE4ADEA9F0B135FD157CEC4
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x97 0x20 0x4E 0x9A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
---- EOF - GMER 1.0.14 ----
log:
GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-10-14 19:57:13
Windows 5.1.2600 Service Pack 2
---- User code sections - GMER 1.0.14 ----
.text C:\WINDOWS\Explorer.EXE[1744] SHELL32.dll!SHFileOperationW 7CA6D1B9 5 Bytes JMP 10001102 C:\Program Files\Unlocker\UnlockerHook.dll
---- Devices - GMER 1.0.14 ----
AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )
AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00081b00cb3d
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00081b00cb3d
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Door Hasp Catching.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Gallactic Door MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Gate Squeek.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Heavy Door Latch MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Heavy Latch w_Rev.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Sand Bag Dragging2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Dveře\Sledge Striking Anvil.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Bone Crush.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Bowling Srtike.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Poke.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Slip-Fall.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Smack.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Whip Crack Vx.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Gag\Whip Crack.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Alligator Hiss.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Resonance Nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Resonance.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Deep Swoosh L-R.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Explosion Underwater nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Fire Roar.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Leopard Growl2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Polsating Rumble-50.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Pulsating Rumble.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Low Pulsating Rumble2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Motar Expl w_Rev.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Muffled Explosion nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Muffled Explosion.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\Small Motar Expl.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Temné burácení\V8 Engine Idle.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Bike Sliding in Sand.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Glass Pack Pipe2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Heavy Bag Drop2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Hollow Wind .wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Horse Trotting.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Horse Walking.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Light Rainfall.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Lion Roar Multi.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Riding Mower Idle2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Time Machine Brk MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Time Machine Car MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Water Pour.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Různé\Whispy Air.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Bat Crack .wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Crowd Applause.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Crowd Cheering_Appl.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Soccerball Kick.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Stage Lights On.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Hrající si děti\Tackle.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Electronic Motor2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Flamethrower.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Laser Gun MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Missile Launch.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Missle Impact Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Nova Explosion MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Photon Torpedo Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Piercing Explosion nova.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Pulse Gun Single.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Rocket Takeoff MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Single Impact Expln.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Small Mortar Expl Double.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Turbine Rotation.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\Warp Drive Engaging MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Vesmírná loď\small mortar rvb.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Camera Shutter.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Car Ignition2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Muscle Car Drive-by.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Muscle Car Shifting.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Plane Takeoff.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Cestování\Screeching Brakes.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Baby Cough2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Bear Growl2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Cough harsh2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Crackling Hearth.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Fml Sneeze n Cough.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Santa's Sleigh Landing MS.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Sleigh Bells.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Snowball Hit.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Tearing Open Present.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Pinnacle\Studio 11\Sound Effects\UFX \x2013 Zimní radovánky\Throat clearing2.wav 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG08.00.00.01WORKSTATION D35854E8667B1F190F7B178CDE00FE8D69931C5DFCD62D188229063284E55D640A28A0F9BBA4E745058FD6CFB12B86EE2464C05B2B9B2D7DA989BB7E00D4685263D219D8A97750B82C78D497C4B70F5D06505D943985EC9C40587747E17FF691A9179F86CFB6320A604608199644D9359D512413A93037B3A11D438A4C9C7F67AC2935169258482401790F1CEBA68C26F8D4EB7640EB3AD832524DDDA59CD76C3F3084B19807B4C67205A9804C6431B32E3EACEF873D0873D467E966981F3A0FB648D6134CA2FA03FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667FEBC9E127BECC74CBA7FD869164D6794698784FAA617D7E11D60FD692936F07E2C375DD4AEA6954D2F5A675E08574E2FA3017675F2860BD65DE62AD194C11B70103B164B8EBCA91EE6571AF69577D4BBA9523595262CCEF97058F0DAC21D90C7EE5BDCF53EA01A86490A17761D0CC896F821EBFC0462B632440878B83660AE8D47B7ED3DA246AE540500539C0507F8F61309685C91B73AB84DBC08B33553B5201D662A9E64528FAD50BAE8BAF68C18E2FD199D7B996CB39B01330B274C774AB478F0962C6E234A8962B015B8DEF33C3943D3A3372A7563BBD99B91854AFE7350E353DC0971475034794CBA8FEE4ADEA9F0B135FD157CEC4
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x97 0x20 0x4E 0x9A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
---- EOF - GMER 1.0.14 ----
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Seznam[Bot] a 3 hosti