Re: stdrt.exe
Napsal: 24 kvě 2012 10:11
Mrknete do programu jestli tam nekde nenajdete ten Media Dashboard
Stránka 4 z 6
Re: stdrt.exe
Napsal: 24 kvě 2012 10:28
vůbec nikde není, zkusím prohledat přes hledání.
Re: stdrt.exe
Napsal: 24 kvě 2012 10:29
Spustte pak ComboFix, bez skriptu, "jen tak"
Re: stdrt.exe
Napsal: 24 kvě 2012 10:31
ok provedu, media dashboart zmizel ze směsovače už není v hlasitosti.
Re: stdrt.exe
Napsal: 24 kvě 2012 10:35
No super, aspon ze tak, snad se nam tam zas neobjevi 
Re: stdrt.exe
Napsal: 24 kvě 2012 11:12
ComboFix 12-05-23.06 - Jakub 24.05.2012 11:40:41.4.3 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4094.2911 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-24 do 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 09:52 . 2012-05-24 09:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-05-24 09:52 . 2012-05-24 09:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-24 08:50 . 2012-05-24 08:50 -------- d-----w- C:\_OTL
2012-05-23 09:51 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EA1D74E2-A987-4288-9F1C-B91F92C60D46}\mpengine.dll
2012-05-22 23:33 . 2012-05-22 23:33 -------- d-----w- c:\users\Jakub\AppData\Local\fontconfig
2012-05-22 23:33 . 2012-05-23 09:47 -------- d-----w- c:\users\Jakub\.gimp-2.8
2012-05-22 23:33 . 2012-05-22 23:33 -------- d-----w- c:\users\Jakub\AppData\Local\gegl-0.2
2012-05-22 23:02 . 2012-05-22 23:02 512 ----a-w- C:\PhysicalMBR.bin
2012-05-22 17:25 . 2012-05-22 17:25 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-22 17:18 . 2012-05-22 17:18 -------- d-----w- c:\windows\SysWow64\Adobe
2012-05-22 16:48 . 2012-05-22 17:25 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-22 13:17 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-22 13:17 . 2012-05-22 13:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-22 12:07 . 2012-05-22 12:07 -------- d-----w- C:\_OTM
2012-05-22 11:35 . 2012-05-22 11:35 -------- d-----w- c:\users\Jakub\AppData\Local\Mozilla
2012-05-22 11:35 . 2012-05-22 11:35 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-05-22 06:55 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-18 23:31 . 2012-05-18 23:31 -------- d-----w- c:\users\Jakub\AppData\Roaming\Pogo
2012-05-18 23:31 . 2012-05-18 23:31 -------- d-----w- c:\programdata\Pogo
2012-05-18 23:11 . 2012-05-18 23:19 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2012-05-15 18:04 . 2012-05-15 18:04 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-15 18:04 . 2012-05-19 18:07 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-05-15 18:04 . 2012-05-15 18:04 -------- d-----w- c:\users\Jakub\AppData\Local\PunkBuster
2012-05-14 19:21 . 2012-05-14 19:21 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-14 19:21 . 2012-05-14 19:21 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-13 13:43 . 2012-05-13 15:04 -------- d-----w- c:\users\Jakub\AppData\Local\NFS Underground 2
2012-05-11 20:15 . 2012-05-11 20:15 -------- d-----w- c:\users\Jakub\AppData\Roaming\ABBYY
2012-05-11 20:05 . 2012-05-11 20:05 -------- d-----w- c:\users\Jakub\AppData\Local\ABBYY
2012-05-11 20:05 . 2012-05-11 20:05 -------- d-----w- c:\programdata\ABBYY
2012-05-11 18:22 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 18:22 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 18:22 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-11 18:22 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-11 18:22 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-05-11 18:22 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-05-11 18:22 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-05-11 18:22 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-05-11 18:22 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-11 18:22 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-05-11 18:21 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 18:21 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 18:21 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 18:21 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 18:21 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-11 18:21 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-11 18:21 . 2012-04-02 05:26 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 18:21 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 18:21 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 18:21 . 2012-04-02 05:24 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 18:21 . 2012-04-02 05:24 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-10 20:53 . 2012-05-10 20:53 -------- d-----w- c:\program files (x86)\Research In Motion
2012-05-10 20:44 . 2012-05-10 20:45 -------- d-----w- c:\program files\Oracle
2012-05-10 20:43 . 2012-04-04 16:33 955800 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-08 21:52 . 2012-05-08 21:52 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll
2012-05-08 21:49 . 2012-05-08 21:52 -------- d-----w- c:\programdata\Propellerhead Software
2012-05-08 21:49 . 2012-05-08 22:00 -------- d-----w- c:\users\Jakub\AppData\Roaming\Propellerhead Software
2012-05-07 19:20 . 2004-08-18 08:34 442368 ----a-r- c:\windows\SysWow64\vp6vfw.dll
2012-05-06 20:23 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-05-06 20:23 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-05-06 20:23 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-05-06 19:07 . 2012-05-06 19:22 -------- d-----w- c:\users\Jakub\AppData\Roaming\Audacity
2012-05-06 08:38 . 2012-05-06 08:38 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-05-05 21:58 . 2012-05-05 21:58 -------- d-----w- c:\programdata\DigitalChocolate
2012-05-05 21:57 . 2012-05-05 21:57 -------- d-----w- c:\windows\Tower Bloxx Deluxe
2012-05-05 21:57 . 2012-05-05 21:57 -------- d-----w- c:\program files (x86)\Tower Bloxx Deluxe
2012-05-05 19:23 . 2012-05-05 19:23 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-05-05 19:22 . 2012-05-05 19:22 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
2012-05-05 19:10 . 2012-05-05 19:10 -------- d-----w- c:\windows\PCHEALTH
2012-05-02 19:01 . 2012-05-20 16:13 -------- d-----w- c:\users\Jakub\AppData\Roaming\.techniclauncher
2012-05-02 12:36 . 2012-05-02 12:36 -------- d-----w- c:\users\Jakub\AppData\Roaming\Milestone
2012-05-01 18:41 . 2012-05-24 08:57 -------- d-----w- c:\users\Jakub\AppData\Roaming\Skype
2012-05-01 18:41 . 2012-05-01 18:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-05-01 18:41 . 2012-05-01 18:41 -------- d-----r- c:\program files (x86)\Skype
2012-05-01 18:37 . 2012-05-01 18:41 -------- d-----w- c:\programdata\Skype
2012-04-30 22:41 . 2003-11-10 16:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-04-30 22:41 . 2003-11-10 16:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-04-30 22:41 . 2003-11-10 16:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-04-30 22:41 . 2003-11-10 16:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-04-30 22:41 . 2003-11-10 16:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-04-30 22:41 . 2012-04-30 22:41 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-04-30 22:41 . 2012-04-30 22:41 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-04-29 18:50 . 2012-04-29 18:53 -------- d-----w- c:\users\Jakub\AppData\Roaming\SpinTires
2012-04-24 19:01 . 2012-04-24 19:01 -------- d-----w- c:\program files (x86)\Sony Ericsson
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-22 17:25 . 2012-03-10 07:15 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-06 09:17 . 2012-03-21 18:43 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-05-06 09:17 . 2012-03-21 18:43 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-04-21 18:49 . 2012-04-21 18:49 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-04-21 09:01 . 2012-04-21 09:01 2 -----tw- c:\windows\winstart.bat
2012-04-21 06:39 . 2012-04-21 06:39 905154 ----a-w- c:\windows\SysWow64\lnsecsl.exe
2012-04-04 16:33 . 2012-04-19 09:04 839056 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-02 20:28 . 2012-04-02 20:31 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2012-04-02 20:28 . 2012-04-02 20:31 118784 ----a-w- c:\windows\system32\E_ILMGCE.DLL
2012-04-02 20:28 . 2012-04-02 20:31 88064 ----a-w- c:\windows\system32\E_IBCBGCE.DLL
2012-04-02 08:44 . 2012-03-21 18:43 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-04-02 08:44 . 2012-03-21 18:43 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-16 14:59 . 2012-03-16 15:00 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AD9E74FB-E6A8-46C9-9363-56450403A6BF}\gapaengine.dll
2012-03-14 17:23 . 2012-03-14 17:23 147248 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-03-14 17:22 . 2012-03-22 19:57 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-03-14 17:22 . 2012-03-14 17:22 117040 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2012-03-14 17:22 . 2012-03-22 19:57 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-03-10 08:04 . 2012-03-10 08:04 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-03-10 07:10 . 2012-03-10 07:10 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-10 06:49 . 2012-03-10 06:49 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-10 06:44 . 2012-03-10 06:44 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-10 06:44 . 2012-03-10 06:44 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-10 06:44 . 2012-03-10 06:44 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-10 06:44 . 2012-03-10 06:44 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-10 06:44 . 2012-03-10 06:44 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-10 06:44 . 2012-03-10 06:44 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-10 06:44 . 2012-03-10 06:44 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-10 06:44 . 2012-03-10 06:44 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-10 06:44 . 2012-03-10 06:44 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-10 06:44 . 2012-03-10 06:44 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-10 06:44 . 2012-03-10 06:44 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-10 06:44 . 2012-03-10 06:44 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-10 06:44 . 2012-03-10 06:44 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-10 06:44 . 2012-03-10 06:44 448512 ----a-w- c:\windows\system32\html.iec
2012-03-10 06:44 . 2012-03-10 06:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-10 06:44 . 2012-03-10 06:44 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-10 06:44 . 2012-03-10 06:44 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-10 06:44 . 2012-03-10 06:44 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-10 06:44 . 2012-03-10 06:44 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-10 06:44 . 2012-03-10 06:44 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-10 06:44 . 2012-03-10 06:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-10 06:44 . 2012-03-10 06:44 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-10 06:44 . 2012-03-10 06:44 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-10 06:44 . 2012-03-10 06:44 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-10 06:44 . 2012-03-10 06:44 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-10 06:44 . 2012-03-10 06:44 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-10 06:44 . 2012-03-10 06:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-10 06:44 . 2012-03-10 06:44 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-10 06:44 . 2012-03-10 06:44 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-10 06:44 . 2012-03-10 06:44 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-10 06:44 . 2012-03-10 06:44 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-10 06:44 . 2012-03-10 06:44 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-10 06:44 . 2012-03-10 06:44 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-10 06:44 . 2012-03-10 06:44 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-10 06:42 . 2012-03-10 06:42 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-03-10 06:42 . 2012-03-10 06:42 4068864 ----a-w- c:\windows\system32\mf.dll
2012-03-10 06:42 . 2012-03-10 06:42 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2012-03-10 06:42 . 2012-03-10 06:42 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-03-10 06:42 . 2012-03-10 06:42 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-03-10 06:42 . 2012-03-10 06:42 229888 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-03-10 06:42 . 2012-03-10 06:42 206848 ----a-w- c:\windows\system32\mfps.dll
2012-03-10 06:42 . 2012-03-10 06:42 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2012-03-10 06:42 . 2012-03-10 06:42 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-03-10 06:42 . 2012-03-10 06:42 1863680 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-03-10 06:42 . 2012-03-10 06:42 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2012-03-10 06:42 . 2012-03-10 06:42 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2012-03-10 06:42 . 2012-03-10 06:42 144384 ----a-w- c:\windows\system32\cdd.dll
2012-03-10 06:42 . 2012-03-10 06:42 135168 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2012-03-10 06:31 . 2012-03-10 06:31 1008640 ----a-w- c:\windows\system32\BCMLogon.dll
2012-03-10 06:31 . 2012-03-10 06:31 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-03-10 06:31 . 2012-03-10 06:31 47632 ----a-w- c:\windows\system32\drivers\npf.sys
2012-03-10 06:31 . 2012-03-10 06:31 459 ----a-w- c:\windows\SysWow64\vcredist_x64.bat
2012-03-10 06:31 . 2012-03-10 06:31 22520 ----a-w- c:\windows\system32\drivers\bcm42rly.sys
2012-03-10 06:31 . 2012-03-10 06:31 7604224 ----a-w- c:\windows\system32\BCMWLCPL.CPL
2012-03-10 06:31 . 2012-03-10 06:31 73216 ----a-w- c:\windows\system32\wltrynt.dll
2012-03-10 06:31 . 2012-03-10 06:31 60416 ----a-w- c:\windows\system32\bcmwlrmt.dll
2012-03-10 06:31 . 2012-03-10 06:31 4961800 ----a-w- c:\windows\SysWow64\vcredist_x64.exe
2012-03-10 06:31 . 2012-03-10 06:31 4420608 ----a-w- c:\windows\system32\bcmttls.dll
2012-03-10 06:31 . 2012-03-10 06:31 457 ----a-w- c:\windows\system32\vcredist_x64.bat
2012-03-10 06:31 . 2012-03-10 06:31 3161088 ----a-w- c:\windows\system32\vcredist_x64.exe
2012-03-10 06:31 . 2012-03-10 06:31 95472 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-03-10 06:31 . 2012-03-10 06:31 3558128 ----a-w- c:\windows\system32\bcmihvui64.dll
2012-03-10 06:31 . 2012-03-10 06:31 3893488 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2012-03-10 06:31 . 2012-03-10 06:31 2978296 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2012-03-01 12:21 . 2012-03-16 09:01 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{88C79FAE-9B42-443B-A413-C95286CE8448}\mpengine.dll
2012-03-01 06:54 . 2012-04-12 14:20 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:45 . 2012-04-12 14:20 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:40 . 2012-04-12 14:20 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:35 . 2012-04-12 14:20 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:49 . 2012-04-12 14:20 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:45 . 2012-04-12 14:20 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:40 . 2012-04-12 14:20 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-12 14:21 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-12 14:21 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-12 14:21 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-12 14:21 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-12 14:21 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-12 14:21 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
.
.
((((((((((((((((((((((((((((( SnapShot_2012-05-22_07.30.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-03 10:45 . 2012-05-03 10:45 98304 c:\windows\SysWOW64\Macromed\Shockwave 10\SwOnce.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 86016 c:\windows\SysWOW64\Macromed\Shockwave 10\SwMenuX.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 77824 c:\windows\SysWOW64\Macromed\Shockwave 10\SwInit.exe
+ 2012-05-03 10:45 . 2012-05-03 10:45 24576 c:\windows\SysWOW64\Macromed\Shockwave 10\DynaPlayer.dll
+ 2012-05-23 10:20 . 2012-05-24 08:59 47618 c:\windows\SysWOW64\key.dat
+ 2009-07-14 04:54 . 2012-05-24 08:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-05-22 07:29 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-05-24 06:17 . 2012-05-24 08:57 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012052420120525\index.dat
- 2009-07-14 04:54 . 2012-05-22 07:29 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-24 08:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-04-21 08:25 . 2012-05-12 01:38 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2012-04-21 08:25 . 2012-05-24 08:58 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2012-05-22 17:18 . 2012-05-22 17:18 87952 c:\windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe
+ 2012-04-26 13:05 . 2012-04-26 13:05 86016 c:\windows\SysWOW64\Adobe\Shockwave 11\SwMenu.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50 64512 c:\windows\SysWOW64\Adobe\Shockwave 11\gcapi_dll.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06 12800 c:\windows\SysWOW64\Adobe\Shockwave 11\DynaPlayer.dll
+ 2012-03-10 06:41 . 2012-05-23 06:12 31278 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-05-24 08:58 38764 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-03-10 06:23 . 2012-05-24 08:58 10660 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3997867176-2451664295-1965468521-1000_UserData.bin
- 2012-03-10 06:18 . 2012-05-15 17:58 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-03-10 06:18 . 2012-05-22 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-05-15 17:58 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-22 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-05-22 17:18 . 2012-05-22 17:18 10134 c:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
- 2012-05-22 07:29 . 2012-05-22 07:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-24 08:56 . 2012-05-24 08:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-24 08:56 . 2012-05-24 08:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-05-22 07:29 . 2012-05-22 07:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-03 10:45 . 2012-05-03 10:45 180224 c:\windows\SysWOW64\Macromed\Shockwave 10\Proj.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 475136 c:\windows\SysWOW64\Macromed\Shockwave 10\PluginPing.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 339968 c:\windows\SysWOW64\Macromed\Shockwave 10\Plugin.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 606208 c:\windows\SysWOW64\Macromed\Shockwave 10\iml32X.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 462848 c:\windows\SysWOW64\Macromed\Shockwave 10\Control.dll
+ 2012-05-22 16:48 . 2012-05-22 16:48 351904 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe
+ 2012-05-22 17:25 . 2012-05-22 17:25 351904 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
+ 2012-05-22 17:25 . 2012-05-22 17:25 424096 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.dll
+ 2012-05-22 16:48 . 2012-05-22 17:25 257696 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-05-22 22:52 . 2012-05-23 13:13 212992 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012052320120524\index.dat
+ 2012-05-22 08:00 . 2012-05-22 14:58 147456 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012052220120523\index.dat
+ 2012-05-22 08:00 . 2012-05-22 08:00 229376 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012050720120514\index.dat
+ 2012-04-26 12:50 . 2012-04-26 12:50 284088 c:\windows\SysWOW64\Adobe\Shockwave 11\SymCCIS.dll
+ 2012-04-26 13:05 . 2012-04-26 13:05 114176 c:\windows\SysWOW64\Adobe\Shockwave 11\SwInit.exe
+ 2012-04-26 13:06 . 2012-04-26 13:06 434176 c:\windows\SysWOW64\Adobe\Shockwave 11\Proj.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06 366592 c:\windows\SysWOW64\Adobe\Shockwave 11\Plugin.dll
+ 2012-04-26 12:54 . 2012-04-26 12:54 990208 c:\windows\SysWOW64\Adobe\Shockwave 11\iml32.dll
+ 2012-04-26 13:05 . 2012-04-26 13:05 544256 c:\windows\SysWOW64\Adobe\Shockwave 11\Control.dll
+ 2012-04-26 13:12 . 2012-04-26 13:12 113592 c:\windows\SysWOW64\Adobe\Director\SWDNLD.EXE
+ 2012-04-26 13:12 . 2012-04-26 13:12 281016 c:\windows\SysWOW64\Adobe\Director\SwDir.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06 145920 c:\windows\SysWOW64\Adobe\Director\np32dsw.dll
+ 2012-03-11 06:48 . 2012-05-24 08:47 292930 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2012-03-11 01:05 . 2012-05-23 18:57 253758 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2012-05-21 07:56 618108 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-05-22 18:12 618108 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2012-05-22 18:12 633392 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2012-05-21 07:56 633392 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-05-22 18:12 107388 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-05-21 07:56 107388 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2012-05-22 18:12 122914 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2012-05-21 07:56 122914 c:\windows\system32\perfc005.dat
+ 2012-05-22 17:25 . 2012-05-22 17:25 631456 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_235_ActiveX.exe
+ 2012-05-22 17:25 . 2012-05-22 17:25 461984 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_235_ActiveX.dll
- 2012-03-23 20:43 . 2012-05-22 07:28 670112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-03-23 20:43 . 2012-05-24 08:55 670112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-05-22 07:28 240548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-05-24 08:55 240548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-04-21 08:47 . 2012-05-22 07:28 473532 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-04-21 08:47 . 2012-05-24 08:55 473532 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-05-03 10:45 . 2012-05-03 10:45 1503232 c:\windows\SysWOW64\Macromed\Shockwave 10\dirapiX.dll
+ 2012-05-22 16:48 . 2012-05-22 16:48 8797856 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
+ 2009-07-14 04:54 . 2012-05-24 08:56 2637824 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-04-26 13:11 . 2012-04-26 13:11 1040824 c:\windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1165635.exe
+ 2012-04-26 12:50 . 2012-04-26 12:50 1231360 c:\windows\SysWOW64\Adobe\Shockwave 11\gi.dll
+ 2012-04-26 12:55 . 2012-04-26 12:55 1742336 c:\windows\SysWOW64\Adobe\Shockwave 11\dirapi.dll
+ 2012-03-10 08:29 . 2012-05-24 08:55 3234536 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3997867176-2451664295-1965468521-1000-12288.dat
+ 2012-04-26 12:34 . 2012-04-26 12:34 2118144 c:\windows\Installer\df4e19.msi
- 2009-07-14 02:34 . 2012-05-22 07:06 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-05-24 09:10 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-04-05 17356424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-14 636032]
"Bonus.SSR.FR11"="d:\program files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" [2012-01-19 933640]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AML Device Install.lnk - c:\program files (x86)\AMD AVT\bin\kdbsync.exe [2012-1-31 10752]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\SysWOW64\lnsecsl.exe [2012-04-21 905154]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-04-05 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-22 257696]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;d:\program files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-12-22 818952]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-14 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-01-03 55936]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-03-17 820768]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 5352960]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-25 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-25 877600]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-02-05 324608]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-03-17 496160]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-03-10 4786688]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 62.129.50.20 85.135.32.100
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\g24pvx4z.default\
.
.
------- Asociace souborů -------
.
.txt=Word Reader-TXT
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\SecuROM\License information*]
"datasecu"=hex:c4,8a,06,bf,e5,7e,18,73,b8,1f,e7,9f,eb,a3,04,90,3d,cc,6e,87,38,
54,9b,ff,d2,6f,a3,1b,c9,ac,4f,88,c8,59,c0,0f,bd,a7,7a,68,e1,10,1e,6f,6a,6c,\
"rkeysecu"=hex:8e,34,72,db,28,d6,78,3c,e6,39,b6,8b,19,7c,9e,03
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2012-05-24 12:11:23
ComboFix-quarantined-files.txt 2012-05-24 10:11
ComboFix2.txt 2012-05-22 07:47
ComboFix3.txt 2012-04-21 20:56
ComboFix4.txt 2012-04-21 11:40
.
Před spuštěním: Volných bajtů: 18 922 536 960
Po spuštění: Volných bajtů: 18 866 438 144
.
- - End Of File - - 246402C04F7C96753FE4CD1D535C5FEC
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4094.2911 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-24 do 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 09:52 . 2012-05-24 09:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-05-24 09:52 . 2012-05-24 09:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-24 08:50 . 2012-05-24 08:50 -------- d-----w- C:\_OTL
2012-05-23 09:51 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EA1D74E2-A987-4288-9F1C-B91F92C60D46}\mpengine.dll
2012-05-22 23:33 . 2012-05-22 23:33 -------- d-----w- c:\users\Jakub\AppData\Local\fontconfig
2012-05-22 23:33 . 2012-05-23 09:47 -------- d-----w- c:\users\Jakub\.gimp-2.8
2012-05-22 23:33 . 2012-05-22 23:33 -------- d-----w- c:\users\Jakub\AppData\Local\gegl-0.2
2012-05-22 23:02 . 2012-05-22 23:02 512 ----a-w- C:\PhysicalMBR.bin
2012-05-22 17:25 . 2012-05-22 17:25 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-22 17:18 . 2012-05-22 17:18 -------- d-----w- c:\windows\SysWow64\Adobe
2012-05-22 16:48 . 2012-05-22 17:25 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-22 13:17 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-22 13:17 . 2012-05-22 13:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-05-22 12:07 . 2012-05-22 12:07 -------- d-----w- C:\_OTM
2012-05-22 11:35 . 2012-05-22 11:35 -------- d-----w- c:\users\Jakub\AppData\Local\Mozilla
2012-05-22 11:35 . 2012-05-22 11:35 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-05-22 06:55 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-18 23:31 . 2012-05-18 23:31 -------- d-----w- c:\users\Jakub\AppData\Roaming\Pogo
2012-05-18 23:31 . 2012-05-18 23:31 -------- d-----w- c:\programdata\Pogo
2012-05-18 23:11 . 2012-05-18 23:19 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2012-05-15 18:04 . 2012-05-15 18:04 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-15 18:04 . 2012-05-19 18:07 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-05-15 18:04 . 2012-05-15 18:04 -------- d-----w- c:\users\Jakub\AppData\Local\PunkBuster
2012-05-14 19:21 . 2012-05-14 19:21 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-14 19:21 . 2012-05-14 19:21 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-13 13:43 . 2012-05-13 15:04 -------- d-----w- c:\users\Jakub\AppData\Local\NFS Underground 2
2012-05-11 20:15 . 2012-05-11 20:15 -------- d-----w- c:\users\Jakub\AppData\Roaming\ABBYY
2012-05-11 20:05 . 2012-05-11 20:05 -------- d-----w- c:\users\Jakub\AppData\Local\ABBYY
2012-05-11 20:05 . 2012-05-11 20:05 -------- d-----w- c:\programdata\ABBYY
2012-05-11 18:22 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 18:22 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 18:22 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-11 18:22 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-11 18:22 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-05-11 18:22 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-05-11 18:22 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-05-11 18:22 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-05-11 18:22 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-11 18:22 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-05-11 18:21 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 18:21 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 18:21 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 18:21 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 18:21 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-11 18:21 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-11 18:21 . 2012-04-02 05:26 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 18:21 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 18:21 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 18:21 . 2012-04-02 05:24 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 18:21 . 2012-04-02 05:24 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-10 20:53 . 2012-05-10 20:53 -------- d-----w- c:\program files (x86)\Research In Motion
2012-05-10 20:44 . 2012-05-10 20:45 -------- d-----w- c:\program files\Oracle
2012-05-10 20:43 . 2012-04-04 16:33 955800 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-08 21:52 . 2012-05-08 21:52 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll
2012-05-08 21:49 . 2012-05-08 21:52 -------- d-----w- c:\programdata\Propellerhead Software
2012-05-08 21:49 . 2012-05-08 22:00 -------- d-----w- c:\users\Jakub\AppData\Roaming\Propellerhead Software
2012-05-07 19:20 . 2004-08-18 08:34 442368 ----a-r- c:\windows\SysWow64\vp6vfw.dll
2012-05-06 20:23 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-05-06 20:23 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-05-06 20:23 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-05-06 19:07 . 2012-05-06 19:22 -------- d-----w- c:\users\Jakub\AppData\Roaming\Audacity
2012-05-06 08:38 . 2012-05-06 08:38 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-05-05 21:58 . 2012-05-05 21:58 -------- d-----w- c:\programdata\DigitalChocolate
2012-05-05 21:57 . 2012-05-05 21:57 -------- d-----w- c:\windows\Tower Bloxx Deluxe
2012-05-05 21:57 . 2012-05-05 21:57 -------- d-----w- c:\program files (x86)\Tower Bloxx Deluxe
2012-05-05 19:23 . 2012-05-05 19:23 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-05-05 19:22 . 2012-05-05 19:22 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
2012-05-05 19:10 . 2012-05-05 19:10 -------- d-----w- c:\windows\PCHEALTH
2012-05-02 19:01 . 2012-05-20 16:13 -------- d-----w- c:\users\Jakub\AppData\Roaming\.techniclauncher
2012-05-02 12:36 . 2012-05-02 12:36 -------- d-----w- c:\users\Jakub\AppData\Roaming\Milestone
2012-05-01 18:41 . 2012-05-24 08:57 -------- d-----w- c:\users\Jakub\AppData\Roaming\Skype
2012-05-01 18:41 . 2012-05-01 18:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-05-01 18:41 . 2012-05-01 18:41 -------- d-----r- c:\program files (x86)\Skype
2012-05-01 18:37 . 2012-05-01 18:41 -------- d-----w- c:\programdata\Skype
2012-04-30 22:41 . 2003-11-10 16:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-04-30 22:41 . 2003-11-10 16:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-04-30 22:41 . 2003-11-10 16:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-04-30 22:41 . 2003-11-10 16:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-04-30 22:41 . 2003-11-10 16:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-04-30 22:41 . 2012-04-30 22:41 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-04-30 22:41 . 2012-04-30 22:41 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-04-29 18:50 . 2012-04-29 18:53 -------- d-----w- c:\users\Jakub\AppData\Roaming\SpinTires
2012-04-24 19:01 . 2012-04-24 19:01 -------- d-----w- c:\program files (x86)\Sony Ericsson
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-22 17:25 . 2012-03-10 07:15 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-06 09:17 . 2012-03-21 18:43 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-05-06 09:17 . 2012-03-21 18:43 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-04-21 18:49 . 2012-04-21 18:49 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-04-21 09:01 . 2012-04-21 09:01 2 -----tw- c:\windows\winstart.bat
2012-04-21 06:39 . 2012-04-21 06:39 905154 ----a-w- c:\windows\SysWow64\lnsecsl.exe
2012-04-04 16:33 . 2012-04-19 09:04 839056 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-02 20:28 . 2012-04-02 20:31 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2012-04-02 20:28 . 2012-04-02 20:31 118784 ----a-w- c:\windows\system32\E_ILMGCE.DLL
2012-04-02 20:28 . 2012-04-02 20:31 88064 ----a-w- c:\windows\system32\E_IBCBGCE.DLL
2012-04-02 08:44 . 2012-03-21 18:43 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-04-02 08:44 . 2012-03-21 18:43 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-16 14:59 . 2012-03-16 15:00 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AD9E74FB-E6A8-46C9-9363-56450403A6BF}\gapaengine.dll
2012-03-14 17:23 . 2012-03-14 17:23 147248 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-03-14 17:22 . 2012-03-22 19:57 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-03-14 17:22 . 2012-03-14 17:22 117040 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2012-03-14 17:22 . 2012-03-22 19:57 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-03-10 08:04 . 2012-03-10 08:04 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-03-10 07:10 . 2012-03-10 07:10 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-10 06:49 . 2012-03-10 06:49 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-10 06:44 . 2012-03-10 06:44 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-10 06:44 . 2012-03-10 06:44 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-10 06:44 . 2012-03-10 06:44 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-10 06:44 . 2012-03-10 06:44 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-10 06:44 . 2012-03-10 06:44 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-10 06:44 . 2012-03-10 06:44 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-10 06:44 . 2012-03-10 06:44 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-10 06:44 . 2012-03-10 06:44 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-10 06:44 . 2012-03-10 06:44 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-10 06:44 . 2012-03-10 06:44 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-10 06:44 . 2012-03-10 06:44 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-10 06:44 . 2012-03-10 06:44 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-10 06:44 . 2012-03-10 06:44 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-10 06:44 . 2012-03-10 06:44 448512 ----a-w- c:\windows\system32\html.iec
2012-03-10 06:44 . 2012-03-10 06:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-10 06:44 . 2012-03-10 06:44 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-10 06:44 . 2012-03-10 06:44 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-10 06:44 . 2012-03-10 06:44 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-10 06:44 . 2012-03-10 06:44 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-10 06:44 . 2012-03-10 06:44 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-10 06:44 . 2012-03-10 06:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-10 06:44 . 2012-03-10 06:44 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-10 06:44 . 2012-03-10 06:44 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-10 06:44 . 2012-03-10 06:44 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-10 06:44 . 2012-03-10 06:44 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-10 06:44 . 2012-03-10 06:44 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-10 06:44 . 2012-03-10 06:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-10 06:44 . 2012-03-10 06:44 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-10 06:44 . 2012-03-10 06:44 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-10 06:44 . 2012-03-10 06:44 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-10 06:44 . 2012-03-10 06:44 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-10 06:44 . 2012-03-10 06:44 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-10 06:44 . 2012-03-10 06:44 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-10 06:44 . 2012-03-10 06:44 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-10 06:42 . 2012-03-10 06:42 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-03-10 06:42 . 2012-03-10 06:42 4068864 ----a-w- c:\windows\system32\mf.dll
2012-03-10 06:42 . 2012-03-10 06:42 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2012-03-10 06:42 . 2012-03-10 06:42 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-03-10 06:42 . 2012-03-10 06:42 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-03-10 06:42 . 2012-03-10 06:42 229888 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-03-10 06:42 . 2012-03-10 06:42 206848 ----a-w- c:\windows\system32\mfps.dll
2012-03-10 06:42 . 2012-03-10 06:42 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2012-03-10 06:42 . 2012-03-10 06:42 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-03-10 06:42 . 2012-03-10 06:42 1863680 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-03-10 06:42 . 2012-03-10 06:42 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2012-03-10 06:42 . 2012-03-10 06:42 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2012-03-10 06:42 . 2012-03-10 06:42 144384 ----a-w- c:\windows\system32\cdd.dll
2012-03-10 06:42 . 2012-03-10 06:42 135168 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2012-03-10 06:31 . 2012-03-10 06:31 1008640 ----a-w- c:\windows\system32\BCMLogon.dll
2012-03-10 06:31 . 2012-03-10 06:31 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-03-10 06:31 . 2012-03-10 06:31 47632 ----a-w- c:\windows\system32\drivers\npf.sys
2012-03-10 06:31 . 2012-03-10 06:31 459 ----a-w- c:\windows\SysWow64\vcredist_x64.bat
2012-03-10 06:31 . 2012-03-10 06:31 22520 ----a-w- c:\windows\system32\drivers\bcm42rly.sys
2012-03-10 06:31 . 2012-03-10 06:31 7604224 ----a-w- c:\windows\system32\BCMWLCPL.CPL
2012-03-10 06:31 . 2012-03-10 06:31 73216 ----a-w- c:\windows\system32\wltrynt.dll
2012-03-10 06:31 . 2012-03-10 06:31 60416 ----a-w- c:\windows\system32\bcmwlrmt.dll
2012-03-10 06:31 . 2012-03-10 06:31 4961800 ----a-w- c:\windows\SysWow64\vcredist_x64.exe
2012-03-10 06:31 . 2012-03-10 06:31 4420608 ----a-w- c:\windows\system32\bcmttls.dll
2012-03-10 06:31 . 2012-03-10 06:31 457 ----a-w- c:\windows\system32\vcredist_x64.bat
2012-03-10 06:31 . 2012-03-10 06:31 3161088 ----a-w- c:\windows\system32\vcredist_x64.exe
2012-03-10 06:31 . 2012-03-10 06:31 95472 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-03-10 06:31 . 2012-03-10 06:31 3558128 ----a-w- c:\windows\system32\bcmihvui64.dll
2012-03-10 06:31 . 2012-03-10 06:31 3893488 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2012-03-10 06:31 . 2012-03-10 06:31 2978296 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2012-03-01 12:21 . 2012-03-16 09:01 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{88C79FAE-9B42-443B-A413-C95286CE8448}\mpengine.dll
2012-03-01 06:54 . 2012-04-12 14:20 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:45 . 2012-04-12 14:20 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:40 . 2012-04-12 14:20 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:35 . 2012-04-12 14:20 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:49 . 2012-04-12 14:20 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:45 . 2012-04-12 14:20 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:40 . 2012-04-12 14:20 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-12 14:21 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-12 14:21 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-12 14:21 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-12 14:21 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-12 14:21 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-12 14:21 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
.
.
((((((((((((((((((((((((((((( SnapShot_2012-05-22_07.30.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-03 10:45 . 2012-05-03 10:45 98304 c:\windows\SysWOW64\Macromed\Shockwave 10\SwOnce.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 86016 c:\windows\SysWOW64\Macromed\Shockwave 10\SwMenuX.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 77824 c:\windows\SysWOW64\Macromed\Shockwave 10\SwInit.exe
+ 2012-05-03 10:45 . 2012-05-03 10:45 24576 c:\windows\SysWOW64\Macromed\Shockwave 10\DynaPlayer.dll
+ 2012-05-23 10:20 . 2012-05-24 08:59 47618 c:\windows\SysWOW64\key.dat
+ 2009-07-14 04:54 . 2012-05-24 08:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-05-22 07:29 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-05-24 06:17 . 2012-05-24 08:57 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012052420120525\index.dat
- 2009-07-14 04:54 . 2012-05-22 07:29 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-24 08:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-04-21 08:25 . 2012-05-12 01:38 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2012-04-21 08:25 . 2012-05-24 08:58 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2012-05-22 17:18 . 2012-05-22 17:18 87952 c:\windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe
+ 2012-04-26 13:05 . 2012-04-26 13:05 86016 c:\windows\SysWOW64\Adobe\Shockwave 11\SwMenu.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50 64512 c:\windows\SysWOW64\Adobe\Shockwave 11\gcapi_dll.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06 12800 c:\windows\SysWOW64\Adobe\Shockwave 11\DynaPlayer.dll
+ 2012-03-10 06:41 . 2012-05-23 06:12 31278 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-05-24 08:58 38764 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-03-10 06:23 . 2012-05-24 08:58 10660 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3997867176-2451664295-1965468521-1000_UserData.bin
- 2012-03-10 06:18 . 2012-05-15 17:58 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-03-10 06:18 . 2012-05-22 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-05-15 17:58 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-22 17:25 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-05-22 17:18 . 2012-05-22 17:18 10134 c:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
- 2012-05-22 07:29 . 2012-05-22 07:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-24 08:56 . 2012-05-24 08:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-24 08:56 . 2012-05-24 08:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-05-22 07:29 . 2012-05-22 07:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-03 10:45 . 2012-05-03 10:45 180224 c:\windows\SysWOW64\Macromed\Shockwave 10\Proj.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 475136 c:\windows\SysWOW64\Macromed\Shockwave 10\PluginPing.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 339968 c:\windows\SysWOW64\Macromed\Shockwave 10\Plugin.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 606208 c:\windows\SysWOW64\Macromed\Shockwave 10\iml32X.dll
+ 2012-05-03 10:45 . 2012-05-03 10:45 462848 c:\windows\SysWOW64\Macromed\Shockwave 10\Control.dll
+ 2012-05-22 16:48 . 2012-05-22 16:48 351904 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe
+ 2012-05-22 17:25 . 2012-05-22 17:25 351904 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
+ 2012-05-22 17:25 . 2012-05-22 17:25 424096 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.dll
+ 2012-05-22 16:48 . 2012-05-22 17:25 257696 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-05-22 22:52 . 2012-05-23 13:13 212992 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012052320120524\index.dat
+ 2012-05-22 08:00 . 2012-05-22 14:58 147456 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012052220120523\index.dat
+ 2012-05-22 08:00 . 2012-05-22 08:00 229376 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012050720120514\index.dat
+ 2012-04-26 12:50 . 2012-04-26 12:50 284088 c:\windows\SysWOW64\Adobe\Shockwave 11\SymCCIS.dll
+ 2012-04-26 13:05 . 2012-04-26 13:05 114176 c:\windows\SysWOW64\Adobe\Shockwave 11\SwInit.exe
+ 2012-04-26 13:06 . 2012-04-26 13:06 434176 c:\windows\SysWOW64\Adobe\Shockwave 11\Proj.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06 366592 c:\windows\SysWOW64\Adobe\Shockwave 11\Plugin.dll
+ 2012-04-26 12:54 . 2012-04-26 12:54 990208 c:\windows\SysWOW64\Adobe\Shockwave 11\iml32.dll
+ 2012-04-26 13:05 . 2012-04-26 13:05 544256 c:\windows\SysWOW64\Adobe\Shockwave 11\Control.dll
+ 2012-04-26 13:12 . 2012-04-26 13:12 113592 c:\windows\SysWOW64\Adobe\Director\SWDNLD.EXE
+ 2012-04-26 13:12 . 2012-04-26 13:12 281016 c:\windows\SysWOW64\Adobe\Director\SwDir.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06 145920 c:\windows\SysWOW64\Adobe\Director\np32dsw.dll
+ 2012-03-11 06:48 . 2012-05-24 08:47 292930 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2012-03-11 01:05 . 2012-05-23 18:57 253758 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2012-05-21 07:56 618108 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-05-22 18:12 618108 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2012-05-22 18:12 633392 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2012-05-21 07:56 633392 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-05-22 18:12 107388 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-05-21 07:56 107388 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2012-05-22 18:12 122914 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2012-05-21 07:56 122914 c:\windows\system32\perfc005.dat
+ 2012-05-22 17:25 . 2012-05-22 17:25 631456 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_235_ActiveX.exe
+ 2012-05-22 17:25 . 2012-05-22 17:25 461984 c:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_235_ActiveX.dll
- 2012-03-23 20:43 . 2012-05-22 07:28 670112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-03-23 20:43 . 2012-05-24 08:55 670112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-05-22 07:28 240548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-05-24 08:55 240548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-04-21 08:47 . 2012-05-22 07:28 473532 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-04-21 08:47 . 2012-05-24 08:55 473532 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-05-03 10:45 . 2012-05-03 10:45 1503232 c:\windows\SysWOW64\Macromed\Shockwave 10\dirapiX.dll
+ 2012-05-22 16:48 . 2012-05-22 16:48 8797856 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
+ 2009-07-14 04:54 . 2012-05-24 08:56 2637824 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-04-26 13:11 . 2012-04-26 13:11 1040824 c:\windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1165635.exe
+ 2012-04-26 12:50 . 2012-04-26 12:50 1231360 c:\windows\SysWOW64\Adobe\Shockwave 11\gi.dll
+ 2012-04-26 12:55 . 2012-04-26 12:55 1742336 c:\windows\SysWOW64\Adobe\Shockwave 11\dirapi.dll
+ 2012-03-10 08:29 . 2012-05-24 08:55 3234536 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3997867176-2451664295-1965468521-1000-12288.dat
+ 2012-04-26 12:34 . 2012-04-26 12:34 2118144 c:\windows\Installer\df4e19.msi
- 2009-07-14 02:34 . 2012-05-22 07:06 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-05-24 09:10 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-04-05 17356424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-14 636032]
"Bonus.SSR.FR11"="d:\program files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" [2012-01-19 933640]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AML Device Install.lnk - c:\program files (x86)\AMD AVT\bin\kdbsync.exe [2012-1-31 10752]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\SysWOW64\lnsecsl.exe [2012-04-21 905154]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-04-05 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-22 257696]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;d:\program files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-12-22 818952]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-14 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-01-03 55936]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-03-17 820768]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 5352960]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-25 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-25 877600]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-02-05 324608]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-03-17 496160]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-03-10 4786688]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 62.129.50.20 85.135.32.100
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\g24pvx4z.default\
.
.
------- Asociace souborů -------
.
.txt=Word Reader-TXT
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\SecuROM\License information*]
"datasecu"=hex:c4,8a,06,bf,e5,7e,18,73,b8,1f,e7,9f,eb,a3,04,90,3d,cc,6e,87,38,
54,9b,ff,d2,6f,a3,1b,c9,ac,4f,88,c8,59,c0,0f,bd,a7,7a,68,e1,10,1e,6f,6a,6c,\
"rkeysecu"=hex:8e,34,72,db,28,d6,78,3c,e6,39,b6,8b,19,7c,9e,03
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2012-05-24 12:11:23
ComboFix-quarantined-files.txt 2012-05-24 10:11
ComboFix2.txt 2012-05-22 07:47
ComboFix3.txt 2012-04-21 20:56
ComboFix4.txt 2012-04-21 11:40
.
Před spuštěním: Volných bajtů: 18 922 536 960
Po spuštění: Volných bajtů: 18 866 438 144
.
- - End Of File - - 246402C04F7C96753FE4CD1D535C5FEC
Re: stdrt.exe
Napsal: 24 kvě 2012 11:14
ono to stdrt se mě drží asi do dlouho, důvod kvůli kterému jsem reinstaloval win, a myslí že jsem si ho omylem stáhl v nějaké javě či kodeku. jinak jsem našel tohle, někde na netu.
stdrt.exe
We suggest you to remove STDRT.EXE from your computer as soon as possible.
STDRT.EXE is Trojan/Backdoor.
Kill the process STDRT.EXE and remove STDRT.EXE from Windows startup.
Malware: 48545af0b55a8704de5a2916d40e1763.exe
Removed: C:\WINDOWS\SYSTEM\REGSRV.EXE
C:\WINDOWS\TEMP\MRT2.TMP\STDRT.EXE
Classification:Antivirus Version Last Update Result
F-Secure 9.0.15370.0 2010.03.17 -
Kaspersky 7.0.0.125 2010.03.17 Hoax.Win32.BadJoke.Formatter.j
McAfee 5922 2010.03.16 -
Microsoft 1.5605 2010.03.17 -
NOD32 4950 2010.03.16 -
Additional information
File size: 675033 bytes
MD5 : 6c4661d4d840f5903381c5dc66382aef
SHA1 : 94fd4657cedf276724c8c66cd4ec6571bfa5ab2c
SHA256: 9cbd2f51a1102b69a78f2522325048c23de53acb33bc333d236567c0fa0505fb
stdrt.exe
We suggest you to remove STDRT.EXE from your computer as soon as possible.
STDRT.EXE is Trojan/Backdoor.
Kill the process STDRT.EXE and remove STDRT.EXE from Windows startup.
Malware: 48545af0b55a8704de5a2916d40e1763.exe
Removed: C:\WINDOWS\SYSTEM\REGSRV.EXE
C:\WINDOWS\TEMP\MRT2.TMP\STDRT.EXE
Classification:Antivirus Version Last Update Result
F-Secure 9.0.15370.0 2010.03.17 -
Kaspersky 7.0.0.125 2010.03.17 Hoax.Win32.BadJoke.Formatter.j
McAfee 5922 2010.03.16 -
Microsoft 1.5605 2010.03.17 -
NOD32 4950 2010.03.16 -
Additional information
File size: 675033 bytes
MD5 : 6c4661d4d840f5903381c5dc66382aef
SHA1 : 94fd4657cedf276724c8c66cd4ec6571bfa5ab2c
SHA256: 9cbd2f51a1102b69a78f2522325048c23de53acb33bc333d236567c0fa0505fb
Re: stdrt.exe
Napsal: 24 kvě 2012 11:17
tak schvalne hodne na virustotal znovu ten soubor a pak jeste tenhle C:\WINDOWS\SYSTEM\REGSRV.EXE
Re: stdrt.exe
Napsal: 24 kvě 2012 11:21
This infection seems to take on different names... I found a process calling itself "Adobe licensing console" which gets started with windows. This process executes C:WindowssysWOW64Adbcnsl.exe (i have a win 7 64 bit). This file is not actually from Adobe.
Když jsem zadal tyto 2 cesty, nic mi to nenašlo, soubor neexistuje.
Když jsem zadal tyto 2 cesty, nic mi to nenašlo, soubor neexistuje.
Re: stdrt.exe
Napsal: 24 kvě 2012 11:25
Fajn, ve spravci procesu je nase svine videt? Ve spravci hlasitosti? Co RAM pamet?
Re: stdrt.exe
Napsal: 24 kvě 2012 11:30
Ve správci není, ukončil jsem proces, někde jsem četl že to vypne ten vir (clickersvir), ve hlasitostni už nic není, a využití RAM je 33% což je nějaké to 1.33 GB, cože je docela divné, když nemám nic zaplé, míval jsem i 900 mb, ale je pravda že mam zaply antivir.
Re: stdrt.exe
Napsal: 24 kvě 2012 11:32
Našel jsem nějaký proces MsMpEng.exe a když jsem ho vypl tak se freeznul správce.
Re: stdrt.exe
Napsal: 24 kvě 2012 14:59
Ten proces je od windows defenderu
Skript pro SystemLook
Skript pro SystemLook
Kód: Vybrat vše
:filefind
REGSRV.EXE
Adbcnsl.exe
STDRT.EXE
:regfind
Adbcnsl.exe
STDRT.EXE
Re: stdrt.exe
Napsal: 24 kvě 2012 16:38
SystemLook 30.07.11 by jpshortstuff
Log created at 17:34 on 24/05/2012 by Jakub
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== filefind ==========
Searching for "REGSRV.EXE"
No files found.
Searching for "Adbcnsl.exe"
No files found.
Searching for "STDRT.EXE"
C:\_OTL\MovedFiles\05242012_105031\C_Windows\Temp\mrtA939.tmp\stdrt.exe --a---- 372736 bytes [06:14 24/05/2012] [06:14 24/05/2012] 5413B1A323F0837A01821FEA3CB2A5A2
C:\_OTM\MovedFiles\05222012_143546\C_Windows\temp\mrt9C00.tmp\stdrt.exe --a---- 372736 bytes [12:10 22/05/2012] [12:10 22/05/2012] 5413B1A323F0837A01821FEA3CB2A5A2
========== regfind ==========
Searching for "Adbcnsl.exe"
No data found.
Searching for "STDRT.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\23ceb14b_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrtD26B.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\3ec1f026_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrt27A1.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\61332721_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrtDD68.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b0ec14d2_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrt9462.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0c44719_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrt9C00.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ed8a2aee_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrt9F40.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication]
"Name"="stdrt.exe"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\23ceb14b_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrtD26B.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\3ec1f026_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrt27A1.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\61332721_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrtDD68.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b0ec14d2_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrt9462.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0c44719_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrt9C00.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ed8a2aee_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrt9F40.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication]
"Name"="stdrt.exe"
-= EOF =-
Log created at 17:34 on 24/05/2012 by Jakub
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== filefind ==========
Searching for "REGSRV.EXE"
No files found.
Searching for "Adbcnsl.exe"
No files found.
Searching for "STDRT.EXE"
C:\_OTL\MovedFiles\05242012_105031\C_Windows\Temp\mrtA939.tmp\stdrt.exe --a---- 372736 bytes [06:14 24/05/2012] [06:14 24/05/2012] 5413B1A323F0837A01821FEA3CB2A5A2
C:\_OTM\MovedFiles\05222012_143546\C_Windows\temp\mrt9C00.tmp\stdrt.exe --a---- 372736 bytes [12:10 22/05/2012] [12:10 22/05/2012] 5413B1A323F0837A01821FEA3CB2A5A2
========== regfind ==========
Searching for "Adbcnsl.exe"
No data found.
Searching for "STDRT.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\23ceb14b_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrtD26B.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\3ec1f026_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrt27A1.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\61332721_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrtDD68.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b0ec14d2_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrt9462.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0c44719_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrt9C00.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ed8a2aee_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrt9F40.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication]
"Name"="stdrt.exe"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\23ceb14b_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrtD26B.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\3ec1f026_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrt27A1.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\61332721_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrtDD68.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b0ec14d2_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrt9462.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e0c44719_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Windows\Temp\mrt9C00.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3997867176-2451664295-1965468521-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ed8a2aee_0]
@="{0.0.0.00000000}.{b6e97c69-0776-4f2c-a7a0-f1c9414a7d96}|\Device\HarddiskVolume2\Users\Jakub\AppData\Local\Temp\mrt9F40.tmp\stdrt.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication]
"Name"="stdrt.exe"
-= EOF =-
Re: stdrt.exe
Napsal: 24 kvě 2012 20:28
Ten proces stdrt.exe se tam dostal opravdu s nejakymi kodeky, ale ted je jiz neaktivni, aspon tedy nebezi...Muzem po nem pouklizet jeste zbytky v registrech
Ale poprosim o novy log z RSIT
Ale poprosim o novy log z RSIT