program server.exe prestal pracovat

Zpráva

zavirovany8 · #16 Příspěvek od **zavirovany8** » 17 kvě 2012 14:32

Tady je log combofixu, musel jsem ale po zkonceni cinosti system restartovat, protoze pri pokusu cokoliv spustit mi to hlasilo:"pokus o neplatnou operaci na klic registru, ktery je oznacen pro odstraneni"

ComboFix 12-05-17.05 - uraboy 17.05.2012 15:19:30.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4007.2900 [GMT 2:00]
Spuštěný z: c:\users\uraboy\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Propellerhead Software\ReCycle
c:\programdata\Propellerhead Software\ReCycle\ReCycle210.dat
c:\users\uraboy\AppData\Roaming\Propellerhead Software\ReCycle
c:\users\uraboy\AppData\Roaming\Propellerhead Software\ReCycle\ReCycle Preferences File.prf
c:\users\uraboy\AppData\Roaming\SQLite3.dll
c:\windows\PFRO.log
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\install
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-17 do 2012-05-17 )))))))))))))))))))))))))))))))
.
.
2012-05-17 13:21 . 2012-05-17 13:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-16 15:26 . 2012-05-16 15:26 -------- d-----w- c:\programdata\Malwarebytes
2012-05-16 15:26 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-16 14:05 . 2012-05-16 14:05 -------- d-----w- C:\rsit
2012-05-16 14:05 . 2012-05-16 14:05 -------- d-----w- c:\program files\trend micro
2012-05-15 12:37 . 2012-04-18 01:03 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C3EE2B90-C5F4-4A46-8C1C-E8FBA7C03680}\mpengine.dll
2012-05-13 17:50 . 2012-05-13 17:50 -------- d-----w- c:\programdata\Apple
2012-05-13 17:50 . 2012-05-13 17:50 -------- d-----w- c:\program files (x86)\Bonjour
2012-05-13 17:49 . 2012-05-13 17:49 -------- d-----w- c:\program files\Novation
2012-05-13 17:49 . 2011-10-05 10:46 20824 ----a-w- c:\windows\system32\nvnusbaudio_coinst.dll
2012-05-13 17:49 . 2011-10-05 10:46 53080 ----a-w- c:\windows\system32\drivers\nvnusbaudio.sys
2012-05-13 17:49 . 2011-07-06 14:12 19800 ----a-w- c:\windows\system32\drivers\automap.sys
2012-05-13 17:17 . 2012-05-13 17:17 -------- d-----w- c:\program files (x86)\Common Files\Native Instruments
2012-05-13 17:05 . 2004-02-06 23:48 331263 ----a-w- c:\windows\LOOP.exe
2012-05-13 17:02 . 2012-05-13 17:02 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-05-13 16:58 . 2012-05-13 16:58 -------- d-----w- c:\program files (x86)\Image-Line
2012-05-13 16:58 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2012-05-13 16:58 . 2012-05-13 16:58 -------- d-----w- c:\program files (x86)\Outsim
2012-05-13 09:11 . 2012-05-13 09:11 -------- d-----w- c:\programdata\Ableton
2012-05-09 10:22 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 10:22 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 10:22 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-09 10:22 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-09 10:21 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 10:21 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-09 10:21 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 10:21 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 10:21 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 10:21 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 10:21 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 10:21 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 10:21 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-06 07:26 . 2012-05-06 07:26 338432 ------w- c:\windows\SysWow64\REX Shared Library.dll
2012-05-06 07:26 . 2012-05-06 07:26 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
2012-05-05 21:53 . 2009-07-27 02:54 90544 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-05-05 21:29 . 2012-05-17 13:21 -------- d-----w- c:\programdata\Propellerhead Software
2012-05-05 21:19 . 2012-05-05 21:19 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared
2012-05-05 21:19 . 2012-05-05 21:19 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-05-04 09:06 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2012-05-04 09:06 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2012-05-04 09:06 . 2012-05-04 09:06 -------- d-----w- c:\program files (x86)\SpeechGrid
2012-05-04 09:06 . 2012-05-04 09:06 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-05-03 08:49 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-05-03 08:49 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-05-03 08:28 . 2012-05-03 08:28 -------- d-----w- c:\windows\system32\SPReview
2012-05-03 08:28 . 2012-05-03 08:28 -------- d-----w- c:\windows\system32\EventProviders
2012-05-02 08:57 . 2012-05-02 08:57 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-04-27 17:29 . 2012-04-27 17:29 -------- d-----w- c:\programdata\Intel
2012-04-27 17:29 . 2012-04-27 17:29 -------- d-----w- c:\program files\Intel
2012-04-27 17:29 . 2012-04-27 17:29 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2012-04-27 17:29 . 2011-11-09 23:04 60184 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2012-04-27 15:01 . 2012-04-27 15:01 -------- d-----w- c:\programdata\McAfee
2012-04-27 15:01 . 2012-05-09 14:33 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-27 15:01 . 2012-05-09 14:33 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-27 15:01 . 2012-04-27 15:01 -------- d-----w- c:\windows\SysWow64\Macromed
2012-04-27 15:01 . 2012-04-27 15:01 -------- d-----w- c:\windows\system32\Macromed
2012-04-27 13:35 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2012-04-27 13:35 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-04-27 13:33 . 2010-11-20 13:27 232960 ----a-w- c:\windows\system32\scecli.dll
2012-04-27 13:32 . 2010-11-20 13:24 241664 ----a-w- c:\windows\system32\Ribbons.scr
2012-04-27 13:31 . 2010-11-20 13:33 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2012-04-27 13:31 . 2010-11-20 13:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbhub.sys.mui
2012-04-27 13:31 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-04-27 13:31 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-04-27 13:31 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-04-27 13:31 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-04-27 13:31 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-04-27 13:31 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-04-27 13:30 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-04-27 13:30 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-04-27 13:30 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-04-27 13:30 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-04-27 13:24 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-04-27 13:24 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-04-27 13:24 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-04-27 12:57 . 2012-04-27 12:57 -------- d-----w- c:\windows\SysWow64\Wat
2012-04-27 12:57 . 2012-04-27 12:57 -------- d-----w- c:\windows\system32\Wat
2012-04-26 19:28 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-04-26 19:21 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-26 19:21 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-26 19:21 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-26 19:21 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-26 19:21 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-26 19:21 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-26 19:21 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-26 19:03 . 2011-12-06 13:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-04-26 19:01 . 2012-01-20 07:47 -------- d-----w- c:\windows\Intel_Chipset_V9301019_XPVistaWin7
2012-04-26 19:01 . 2012-04-26 19:01 16896 ----a-w- c:\windows\AsTaskSched.dll
2012-04-26 19:01 . 2011-02-25 06:25 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-04-26 18:53 . 2011-12-26 02:02 120832 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-04-26 18:53 . 2011-12-26 02:02 20992 ----a-w- c:\windows\system32\OpenCL.dll
2012-04-26 18:53 . 2011-12-26 02:07 86016 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-04-26 18:53 . 2011-12-26 02:06 17920 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-04-26 18:52 . 2012-04-27 17:29 -------- d-----w- c:\program files (x86)\Intel
2012-04-26 18:52 . 2012-04-26 18:52 -------- d-----w- c:\program files\Common Files\Intel
2012-04-26 18:52 . 2012-04-26 18:52 -------- d-----w- c:\program files (x86)\Common Files\Intel
2012-04-26 18:51 . 2012-04-26 18:52 -------- d-----w- C:\Intel
2012-04-26 18:49 . 2012-04-26 18:49 -------- d-----w- c:\program files (x86)\ASM104xUSB3
2012-04-26 18:49 . 2012-05-13 17:50 -------- d-sh--w- c:\windows\Installer
2012-04-26 15:36 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-04-26 15:35 . 2010-11-20 13:33 288640 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-04-26 15:34 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-26 15:33 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2012-04-26 15:26 . 2012-02-23 08:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-04-26 15:24 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-26 15:24 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-04-26 15:24 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-04-26 15:24 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-04-26 15:24 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 15:24 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-04-26 15:24 . 2010-11-20 11:07 162816 ----a-w- c:\windows\system32\rdpudd.dll
2012-04-26 15:24 . 2010-11-20 11:03 20992 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-04-26 15:21 . 2012-02-03 19:01 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-04-26 15:21 . 2012-02-03 19:01 677480 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-04-26 15:21 . 2012-02-03 19:01 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-04-26 15:21 . 2012-04-26 19:10 -------- d-----w- c:\program files (x86)\Realtek
2012-04-26 15:21 . 2012-04-27 17:29 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-04-25 19:16 . 2012-04-25 18:26 -------- d-----w- c:\windows\Panther
2012-04-25 18:29 . 2012-04-25 18:29 2048 ----a-w- c:\windows\SysWow64\winver.exe
2012-04-25 18:29 . 2012-04-25 18:29 113543 ----a-w- c:\windows\SysWow64\slmgr.vbs
2012-04-25 18:27 . 2012-04-25 18:28 -------- d-----w- c:\users\uraboy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-03 08:34 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-05-03 08:34 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-04-26 18:17 . 2011-12-06 01:23 331264 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2012-04-26 18:17 . 2011-12-06 01:22 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2012-04-26 18:16 . 2012-01-12 12:24 274200 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-04-26 18:16 . 2012-01-05 17:49 90112 ----a-w- c:\windows\system32\igfxCoIn_v2618.dll
2012-04-26 18:16 . 2012-01-05 15:24 524800 ----a-w- c:\windows\system32\iglhsip64.dll
2012-04-26 18:16 . 2012-01-05 15:24 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-04-26 18:16 . 2012-01-05 15:24 244224 ----a-w- c:\windows\system32\iglhcp64.dll
2012-04-26 18:16 . 2012-01-05 15:24 201728 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-04-26 18:16 . 2012-01-12 12:24 170264 ----a-w- c:\windows\system32\igfxtray.exe
2012-04-26 18:16 . 2012-01-05 17:36 963912 ----a-w- c:\windows\system32\igkrng600.bin
2012-04-26 18:16 . 2012-01-05 15:30 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-04-26 18:16 . 2012-01-12 12:24 511256 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-04-26 18:16 . 2012-01-05 15:30 62976 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-04-26 18:16 . 2012-01-05 15:31 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438272 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-04-26 18:16 . 2012-01-05 15:31 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-04-26 18:16 . 2012-01-05 15:31 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-04-26 18:16 . 2012-01-05 15:31 430592 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-04-26 18:16 . 2012-01-05 15:31 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-04-26 18:16 . 2012-01-05 15:31 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-04-26 18:16 . 2012-01-05 15:29 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-04-26 18:16 . 2012-01-05 15:31 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-04-26 18:16 . 2012-01-05 15:29 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-04-26 18:16 . 2012-01-05 15:31 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-04-26 18:16 . 2012-01-05 15:31 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-04-26 18:16 . 2012-01-05 15:31 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-04-26 18:16 . 2012-01-05 15:31 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-04-26 18:16 . 2012-01-05 15:30 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-04-26 18:16 . 2012-01-12 12:24 440600 ----a-w- c:\windows\system32\igfxpers.exe
2012-04-26 18:16 . 2012-01-12 12:24 248600 ----a-w- c:\windows\system32\igfxext.exe
2012-04-26 18:16 . 2012-01-05 15:30 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-04-26 18:16 . 2012-01-05 15:27 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-04-26 18:16 . 2012-01-05 15:29 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-04-26 18:16 . 2012-01-05 15:29 429056 ----a-w- c:\windows\system32\igfxdev.dll
2012-04-26 18:16 . 2012-01-05 15:29 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-04-26 18:16 . 2012-01-05 15:26 320000 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-04-26 18:16 . 2012-01-05 15:31 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-04-26 18:16 . 2012-01-05 15:24 2780160 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-04-26 18:16 . 2012-01-05 15:24 246784 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-04-26 18:16 . 2012-01-05 15:24 219136 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-04-26 18:16 . 2012-01-05 15:24 2191872 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-04-26 18:16 . 2012-01-05 17:36 8034304 ----a-w- c:\windows\system32\igdumd64.dll
2012-04-26 18:16 . 2012-01-05 17:36 261208 ----a-w- c:\windows\system32\igfcg600m.bin
2012-04-26 18:16 . 2012-01-05 17:29 6079488 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-04-26 18:16 . 2012-01-05 17:36 14652768 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-04-26 18:16 . 2012-01-05 17:36 79360 ----a-w- c:\windows\system32\igdde64.dll
2012-04-26 18:16 . 2012-01-05 17:29 58880 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-04-26 18:16 . 2012-01-05 17:23 9536000 ----a-w- c:\windows\system32\igd10umd64.dll
2012-04-26 18:16 . 2012-01-05 17:11 7740928 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-04-26 18:15 . 2012-01-05 17:36 145804 ----a-w- c:\windows\system32\igcompkrng600.bin
2012-04-26 18:15 . 2012-01-05 15:58 18098176 ----a-w- c:\windows\system32\ig4icd64.dll
2012-04-26 18:15 . 2012-01-05 15:44 13184512 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-04-26 18:15 . 2012-01-12 12:24 398104 ----a-w- c:\windows\system32\hkcmd.exe
2012-04-26 18:15 . 2012-01-05 15:24 94208 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2012-04-26 18:15 . 2012-01-12 12:24 5886232 ----a-w- c:\windows\system32\GfxUI.exe
2012-04-26 18:15 . 2012-01-05 15:29 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-04-26 18:15 . 2012-01-05 15:29 172032 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-04-26 18:15 . 2012-01-12 12:23 184600 ----a-w- c:\windows\system32\difx64.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="d:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"SpeechGrid"="c:\program files (x86)\SpeechGrid\SpeechGrid.exe" [2011-09-22 275312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"="d:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-07-27 180224]
"Malwarebytes' Anti-Malware"="d:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 MBAMService;MBAMService;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 257696]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-04-26 274200]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 NvnUsbAudio;Novation USB Audio Driver;c:\windows\system32\DRIVERS\nvnusbaudio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 SpeechGridService;SpeechGridService;c:\program files (x86)\SpeechGrid\SpeechGridService.exe [2011-09-22 47984]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 automap;Automap MIDI Driver;c:\windows\system32\DRIVERS\automap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 14:33]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-26 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-26 398104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-26 440600]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-04-26 7560296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\uraboy\AppData\Roaming\Mozilla\Firefox\Profiles\5y301s3h.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2012-05-17 15:25:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-17 13:25
.
Před spuštěním: Volných bajtů: 75 363 577 856
Po spuštění: Volných bajtů: 75 122 376 704
.
- - End Of File - - D38353BDE5F3A74E4F1419386D5DA54E

#17 Příspěvek od **vyosek** » 18 kvě 2012 09:49

Toto je bohuzel bug ComboFixu, ktery se stale jaksi nedari odstranit jelikoz se neprislo na pricinu - vznika nahodne

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

c:\windows\System32\cmd.exe
c:\windows\LOOP.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

zavirovany8 · #18 Příspěvek od **zavirovany8** » 18 kvě 2012 13:49

https://www.virustotal.com/file/17f746d ... 337345036/
https://www.virustotal.com/file/ff91b0a ... 337345315/

#19 Příspěvek od **vyosek** » 19 kvě 2012 10:57

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=-
"Malwarebytes' Anti-Malware"=-

File::
c:\windows\Tasks\Adobe Flash Player Updater.job

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

zavirovany8 · #20 Příspěvek od **zavirovany8** » 19 kvě 2012 15:32

ComboFix 12-05-19.01 - uraboy 19.05.2012 15:44:15.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4007.2887 [GMT 2:00]
Spuštěný z: c:\users\uraboy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\uraboy\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-19 do 2012-05-19 )))))))))))))))))))))))))))))))
.
.
2012-05-19 13:46 . 2012-05-19 13:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-18 12:36 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A239605-9B3D-4FD3-B86F-619CC99EE568}\mpengine.dll
2012-05-17 15:42 . 2012-05-17 15:42 -------- d-----w- c:\program files\DIFX
2012-05-17 15:41 . 2012-05-18 16:17 -------- d-----w- c:\program files (x86)\LoudAudio
2012-05-17 15:35 . 2009-09-30 10:17 109408 ----a-w- c:\windows\SysWow64\drivers\MackieAudio.sys
2012-05-16 15:26 . 2012-05-16 15:26 -------- d-----w- c:\programdata\Malwarebytes
2012-05-16 15:26 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-16 14:05 . 2012-05-16 14:05 -------- d-----w- C:\rsit
2012-05-16 14:05 . 2012-05-16 14:05 -------- d-----w- c:\program files\trend micro
2012-05-13 17:50 . 2012-05-13 17:50 -------- d-----w- c:\programdata\Apple
2012-05-13 17:50 . 2012-05-13 17:50 -------- d-----w- c:\program files (x86)\Bonjour
2012-05-13 17:49 . 2012-05-13 17:49 -------- d-----w- c:\program files\Novation
2012-05-13 17:49 . 2011-10-05 10:46 20824 ----a-w- c:\windows\system32\nvnusbaudio_coinst.dll
2012-05-13 17:49 . 2011-10-05 10:46 53080 ----a-w- c:\windows\system32\drivers\nvnusbaudio.sys
2012-05-13 17:49 . 2011-07-06 14:12 19800 ----a-w- c:\windows\system32\drivers\automap.sys
2012-05-13 17:17 . 2012-05-13 17:17 -------- d-----w- c:\program files (x86)\Common Files\Native Instruments
2012-05-13 17:05 . 2004-02-06 23:48 331263 ----a-w- c:\windows\LOOP.exe
2012-05-13 17:02 . 2012-05-13 17:02 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-05-13 16:58 . 2012-05-13 16:58 -------- d-----w- c:\program files (x86)\Image-Line
2012-05-13 16:58 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2012-05-13 16:58 . 2012-05-13 16:58 -------- d-----w- c:\program files (x86)\Outsim
2012-05-13 09:11 . 2012-05-13 09:11 -------- d-----w- c:\programdata\Ableton
2012-05-09 10:22 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 10:22 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 10:22 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-09 10:22 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-09 10:21 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 10:21 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-09 10:21 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 10:21 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 10:21 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 10:21 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 10:21 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 10:21 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 10:21 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-06 07:26 . 2012-05-06 07:26 338432 ------w- c:\windows\SysWow64\REX Shared Library.dll
2012-05-06 07:26 . 2012-05-06 07:26 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
2012-05-05 21:53 . 2009-07-27 02:54 90544 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-05-05 21:29 . 2012-05-17 13:21 -------- d-----w- c:\programdata\Propellerhead Software
2012-05-05 21:19 . 2012-05-05 21:19 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared
2012-05-05 21:19 . 2012-05-05 21:19 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-05-04 09:06 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2012-05-04 09:06 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2012-05-04 09:06 . 2012-05-04 09:06 -------- d-----w- c:\program files (x86)\SpeechGrid
2012-05-04 09:06 . 2012-05-04 09:06 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-05-03 08:49 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-05-03 08:49 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-05-03 08:28 . 2012-05-03 08:28 -------- d-----w- c:\windows\system32\SPReview
2012-05-03 08:28 . 2012-05-03 08:28 -------- d-----w- c:\windows\system32\EventProviders
2012-05-02 08:57 . 2012-05-02 08:57 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-04-27 17:29 . 2012-04-27 17:29 -------- d-----w- c:\programdata\Intel
2012-04-27 17:29 . 2012-04-27 17:29 -------- d-----w- c:\program files\Intel
2012-04-27 17:29 . 2012-04-27 17:29 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2012-04-27 17:29 . 2011-11-09 23:04 60184 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2012-04-27 15:01 . 2012-04-27 15:01 -------- d-----w- c:\programdata\McAfee
2012-04-27 15:01 . 2012-05-09 14:33 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-27 15:01 . 2012-05-09 14:33 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-27 15:01 . 2012-04-27 15:01 -------- d-----w- c:\windows\SysWow64\Macromed
2012-04-27 15:01 . 2012-04-27 15:01 -------- d-----w- c:\windows\system32\Macromed
2012-04-27 13:35 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2012-04-27 13:35 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-04-27 13:33 . 2010-11-20 13:27 232960 ----a-w- c:\windows\system32\scecli.dll
2012-04-27 13:32 . 2010-11-20 13:24 241664 ----a-w- c:\windows\system32\Ribbons.scr
2012-04-27 13:31 . 2010-11-20 13:33 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2012-04-27 13:31 . 2010-11-20 13:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbhub.sys.mui
2012-04-27 13:31 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-04-27 13:31 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-04-27 13:31 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-04-27 13:31 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-04-27 13:31 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-04-27 13:31 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-04-27 13:30 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-04-27 13:30 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-04-27 13:30 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-04-27 13:30 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-04-27 13:24 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-04-27 13:24 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-04-27 13:24 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-04-27 12:57 . 2012-04-27 12:57 -------- d-----w- c:\windows\SysWow64\Wat
2012-04-27 12:57 . 2012-04-27 12:57 -------- d-----w- c:\windows\system32\Wat
2012-04-26 19:28 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-04-26 19:21 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-26 19:21 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-26 19:21 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-26 19:21 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-26 19:21 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-26 19:21 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-26 19:21 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-26 19:03 . 2011-12-06 13:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-04-26 19:01 . 2012-01-20 07:47 -------- d-----w- c:\windows\Intel_Chipset_V9301019_XPVistaWin7
2012-04-26 19:01 . 2012-04-26 19:01 16896 ----a-w- c:\windows\AsTaskSched.dll
2012-04-26 19:01 . 2011-02-25 06:25 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-04-26 18:53 . 2011-12-26 02:02 120832 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-04-26 18:53 . 2011-12-26 02:02 20992 ----a-w- c:\windows\system32\OpenCL.dll
2012-04-26 18:53 . 2011-12-26 02:07 86016 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-04-26 18:53 . 2011-12-26 02:06 17920 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-04-26 18:52 . 2012-04-27 17:29 -------- d-----w- c:\program files (x86)\Intel
2012-04-26 18:52 . 2012-04-26 18:52 -------- d-----w- c:\program files\Common Files\Intel
2012-04-26 18:52 . 2012-04-26 18:52 -------- d-----w- c:\program files (x86)\Common Files\Intel
2012-04-26 18:51 . 2012-04-26 18:52 -------- d-----w- C:\Intel
2012-04-26 18:49 . 2012-04-26 18:49 -------- d-----w- c:\program files (x86)\ASM104xUSB3
2012-04-26 18:49 . 2012-05-13 17:50 -------- d-sh--w- c:\windows\Installer
2012-04-26 15:36 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-04-26 15:35 . 2010-11-20 13:33 288640 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-04-26 15:34 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-26 15:33 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2012-04-26 15:26 . 2012-02-23 08:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-04-26 15:24 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-26 15:24 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
2012-04-26 15:24 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-04-26 15:24 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-04-26 15:24 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 15:24 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-04-26 15:24 . 2010-11-20 11:07 162816 ----a-w- c:\windows\system32\rdpudd.dll
2012-04-26 15:24 . 2010-11-20 11:03 20992 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-04-26 15:21 . 2012-02-03 19:01 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-04-26 15:21 . 2012-02-03 19:01 677480 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-04-26 15:21 . 2012-02-03 19:01 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-04-26 15:21 . 2012-04-26 19:10 -------- d-----w- c:\program files (x86)\Realtek
2012-04-26 15:21 . 2012-04-27 17:29 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-04-25 19:16 . 2012-04-25 18:26 -------- d-----w- c:\windows\Panther
2012-04-25 18:29 . 2012-04-25 18:29 2048 ----a-w- c:\windows\SysWow64\winver.exe
2012-04-25 18:29 . 2012-04-25 18:29 113543 ----a-w- c:\windows\SysWow64\slmgr.vbs
2012-04-25 18:27 . 2012-04-25 18:28 -------- d-----w- c:\users\uraboy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-03 08:34 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-05-03 08:34 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-04-26 18:17 . 2011-12-06 01:23 331264 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2012-04-26 18:17 . 2011-12-06 01:22 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2012-04-26 18:16 . 2012-01-12 12:24 274200 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-04-26 18:16 . 2012-01-05 17:49 90112 ----a-w- c:\windows\system32\igfxCoIn_v2618.dll
2012-04-26 18:16 . 2012-01-05 15:24 524800 ----a-w- c:\windows\system32\iglhsip64.dll
2012-04-26 18:16 . 2012-01-05 15:24 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-04-26 18:16 . 2012-01-05 15:24 244224 ----a-w- c:\windows\system32\iglhcp64.dll
2012-04-26 18:16 . 2012-01-05 15:24 201728 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-04-26 18:16 . 2012-01-12 12:24 170264 ----a-w- c:\windows\system32\igfxtray.exe
2012-04-26 18:16 . 2012-01-05 17:36 963912 ----a-w- c:\windows\system32\igkrng600.bin
2012-04-26 18:16 . 2012-01-05 15:30 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-04-26 18:16 . 2012-01-12 12:24 511256 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-04-26 18:16 . 2012-01-05 15:30 62976 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-04-26 18:16 . 2012-01-05 15:31 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438272 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-04-26 18:16 . 2012-01-05 15:31 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-04-26 18:16 . 2012-01-05 15:31 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-04-26 18:16 . 2012-01-05 15:31 430592 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-04-26 18:16 . 2012-01-05 15:31 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-04-26 18:16 . 2012-01-05 15:31 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-04-26 18:16 . 2012-01-05 15:29 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-04-26 18:16 . 2012-01-05 15:31 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-04-26 18:16 . 2012-01-05 15:29 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-04-26 18:16 . 2012-01-05 15:31 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-04-26 18:16 . 2012-01-05 15:31 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-04-26 18:16 . 2012-01-05 15:31 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-04-26 18:16 . 2012-01-05 15:31 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-04-26 18:16 . 2012-01-05 15:31 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-04-26 18:16 . 2012-01-05 15:31 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-04-26 18:16 . 2012-01-05 15:30 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-04-26 18:16 . 2012-01-12 12:24 440600 ----a-w- c:\windows\system32\igfxpers.exe
2012-04-26 18:16 . 2012-01-12 12:24 248600 ----a-w- c:\windows\system32\igfxext.exe
2012-04-26 18:16 . 2012-01-05 15:30 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-04-26 18:16 . 2012-01-05 15:27 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-04-26 18:16 . 2012-01-05 15:29 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-04-26 18:16 . 2012-01-05 15:29 429056 ----a-w- c:\windows\system32\igfxdev.dll
2012-04-26 18:16 . 2012-01-05 15:29 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-04-26 18:16 . 2012-01-05 15:26 320000 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-04-26 18:16 . 2012-01-05 15:31 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-04-26 18:16 . 2012-01-05 15:24 2780160 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-04-26 18:16 . 2012-01-05 15:24 246784 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-04-26 18:16 . 2012-01-05 15:24 219136 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-04-26 18:16 . 2012-01-05 15:24 2191872 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-04-26 18:16 . 2012-01-05 17:36 8034304 ----a-w- c:\windows\system32\igdumd64.dll
2012-04-26 18:16 . 2012-01-05 17:36 261208 ----a-w- c:\windows\system32\igfcg600m.bin
2012-04-26 18:16 . 2012-01-05 17:29 6079488 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-04-26 18:16 . 2012-01-05 17:36 14652768 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-04-26 18:16 . 2012-01-05 17:36 79360 ----a-w- c:\windows\system32\igdde64.dll
2012-04-26 18:16 . 2012-01-05 17:29 58880 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-04-26 18:16 . 2012-01-05 17:23 9536000 ----a-w- c:\windows\system32\igd10umd64.dll
2012-04-26 18:16 . 2012-01-05 17:11 7740928 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-04-26 18:15 . 2012-01-05 17:36 145804 ----a-w- c:\windows\system32\igcompkrng600.bin
2012-04-26 18:15 . 2012-01-05 15:58 18098176 ----a-w- c:\windows\system32\ig4icd64.dll
2012-04-26 18:15 . 2012-01-05 15:44 13184512 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-04-26 18:15 . 2012-01-12 12:24 398104 ----a-w- c:\windows\system32\hkcmd.exe
2012-04-26 18:15 . 2012-01-05 15:24 94208 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2012-04-26 18:15 . 2012-01-12 12:24 5886232 ----a-w- c:\windows\system32\GfxUI.exe
2012-04-26 18:15 . 2012-01-05 15:29 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-04-26 18:15 . 2012-01-05 15:29 172032 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-04-26 18:15 . 2012-01-12 12:23 184600 ----a-w- c:\windows\system32\difx64.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-17_13.22.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-02 20:30 . 2009-04-02 20:30 10296 c:\windows\SysWOW64\drivers\ASUSHWIO.SYS
+ 2012-04-25 18:29 . 2012-05-19 13:11 28524 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-05-19 13:11 27188 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:30 . 2012-05-18 16:18 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-05-13 17:51 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 04:46 . 2012-05-14 09:13 87696 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:46 . 2012-05-18 16:26 87696 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-04-26 17:03 . 2012-05-19 14:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-04-26 17:03 . 2012-05-17 13:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-04-26 17:03 . 2012-05-17 13:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-04-26 17:03 . 2012-05-19 14:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-04-25 18:29 . 2012-05-19 13:11 7492 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2503464768-849330344-1853747255-1000_UserData.bin
+ 2012-05-19 13:47 . 2012-05-19 13:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-05-17 13:22 . 2012-05-17 13:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-19 13:47 . 2012-05-19 13:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-05-17 13:22 . 2012-05-17 13:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-01 23:17 . 2012-05-19 14:25 200344 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2009-07-14 02:36 . 2012-05-19 13:51 606992 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-05-17 13:15 606992 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2012-05-19 13:51 622422 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2012-05-17 13:15 622422 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2012-05-17 13:15 103370 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-05-19 13:51 103370 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2012-05-19 13:51 118604 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2012-05-17 13:15 118604 c:\windows\system32\perfc005.dat
- 2009-07-14 05:30 . 2012-05-13 17:51 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-05-18 16:18 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-05-18 16:18 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2012-05-13 17:51 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-05-18 16:17 . 2010-07-13 15:09 218592 c:\windows\system32\DriverStore\FileRepository\mackie.inf_amd64_neutral_1642294ffc35594d\MackieAudio64.sys
+ 2012-05-18 16:17 . 2010-07-13 15:09 132184 c:\windows\system32\DriverStore\FileRepository\mackie.inf_amd64_neutral_1642294ffc35594d\MackieAsio64.dll
+ 2012-05-18 16:17 . 2010-07-13 15:09 122456 c:\windows\system32\DriverStore\FileRepository\mackie.inf_amd64_neutral_1642294ffc35594d\MackieAsio.dll
+ 2012-05-18 16:17 . 2010-07-08 13:56 233472 c:\windows\system32\DriverStore\FileRepository\mackie.inf_amd64_neutral_1642294ffc35594d\Mackie64.exe
+ 2012-05-18 16:17 . 2010-07-13 15:09 196696 c:\windows\system32\DriverStore\FileRepository\mackie.inf_amd64_neutral_1642294ffc35594d\LoudAudioProp64.dll
+ 2009-07-14 00:21 . 2009-07-14 01:41 299520 c:\windows\system32\drivers\UMDF\WpdFs.dll
+ 2009-07-14 05:01 . 2012-05-19 13:46 226304 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-05-17 13:21 226304 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:45 . 2012-05-13 18:56 5980439 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-05-18 16:18 5980439 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2012-04-27 15:37 . 2012-05-09 18:49 4196256 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2503464768-849330344-1853747255-1000-12288.dat
+ 2012-04-27 15:37 . 2012-05-18 16:15 4196256 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2503464768-849330344-1853747255-1000-12288.dat
+ 2012-04-26 18:54 . 2012-05-19 13:46 19650668 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2503464768-849330344-1853747255-1000-8192.dat
- 2012-04-26 18:54 . 2012-05-17 13:21 19650668 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2503464768-849330344-1853747255-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpeechGrid"="c:\program files (x86)\SpeechGrid\SpeechGrid.exe" [2011-09-22 275312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-09 257696]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-04-26 274200]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 NvnUsbAudio;Novation USB Audio Driver;c:\windows\system32\DRIVERS\nvnusbaudio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 MBAMService;MBAMService;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 SpeechGridService;SpeechGridService;c:\program files (x86)\SpeechGrid\SpeechGridService.exe [2011-09-22 47984]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 automap;Automap MIDI Driver;c:\windows\system32\DRIVERS\automap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-26 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-26 398104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-26 440600]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-04-26 7560296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\uraboy\AppData\Roaming\Mozilla\Firefox\Profiles\5y301s3h.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2012-05-19 16:27:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-19 14:27
ComboFix2.txt 2012-05-17 13:25
.
Před spuštěním: Volných bajtů: 76 202 283 008
Po spuštění: Volných bajtů: 75 758 882 816
.
- - End Of File - - 5441074FDFFDCBB45D236E74D2B677A1

#21 Příspěvek od **vyosek** » 19 kvě 2012 15:35

Jak se chova nas pacient

zavirovany8 · #22 Příspěvek od **zavirovany8** » 19 kvě 2012 17:31

No uz po tom malwaru to prestalo hlasit po startu systemu blbosti.A mel jsem problem take s tim ze sem v mozile klikl na nejakej odkaz, dal neco nacist a ono nic, zaclo to pouze nacitat, a az po druhem kliknuti se to najednou rozbehlo bezproblemove, tohle se mi uz stalo, a vim ze neni neco v poradku.Tedkom snad uz OK zatim.Snazim se chovat na internetu tak abych nebyl nakazen, ale obcas se asi ukliknu, nebo nevim jak jsem to schytal...instaloval jsem ted nejaky veci, pac mam win7 cerstve...

Dekuji

#23 Příspěvek od **vyosek** » 20 kvě 2012 00:28

´:arrow: Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

program server.exe prestal pracovat

Re: program server.exe prestal pracovat

Re: program server.exe prestal pracovat

Re: program server.exe prestal pracovat

Re: program server.exe prestal pracovat

Re: program server.exe prestal pracovat

Re: program server.exe prestal pracovat

Re: program server.exe prestal pracovat

Re: program server.exe prestal pracovat