yourprofitclub.com - nelze odstranit !

[osc]

Ahoj,
prosim o pomoc, sam si jiz nevim rady...
Do PC (Win7) se me dostala nejaka potvora, ktera pri pouzivani internetoveho prohlizece (Firefox) neustale presmerovava na adresu yourprofitclub.com
Na odstraneni jsem naprosto bez uspechu vyzkousel tyto programy: SUPERAntiSpyware, Malwarebytes' Anti-Malware, ComboFix, STOPzilla!
Log z RSIT prikladam.

Moc díky!

Logfile of random's system information tool 1.09 (written by random/random)
Run by ondra at 2011-08-10 16:31:43
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 624 GB (87%) free of 715 GB
Total RAM: 3945 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:48, on 10.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\ondra.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - c:\program files (x86)\stopzilla!\sziebho.dll (file missing)
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11700 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1920
"taskhost.exe"
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyImpact/npn_with_spdy/ --disable-client-side-phishing-detection --channel=3896.00BD9160.544010145 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll" --lang=cs --channel=3896.065A8C40.2077796669 /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyImpact/npn_with_spdy/ --disable-client-side-phishing-detection --channel=3896.063D9840.481592929 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\PROGRA~2\Google\Chrome\APPLIC~1\130782~1.112\gcswf32.dll",BrokerMain browser=chrome
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Google\Chrome\Application\13.0.782.112\gcswf32.dll" --lang=cs --channel=3896.0656A380.135667422 --flash-broker=1356 /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyImpact/npn_with_spdy/ --disable-client-side-phishing-detection --channel=3896.071F5B00.159499069 /prefetch:3
taskeng.exe {7BAC1910-3305-4E92-B8BC-9651B15C418E}
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\schubert\_instal\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\rt9bhkxu.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{361e74d4-4406-eea5-f083-b85d313ebdd0}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-15 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3215F20-3212-11D6-9F8B-00D0B743919D}]
c:\program files (x86)\stopzilla!\sziebho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-14 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-14 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-14 418328]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-18 11775592]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-06-15 15141768]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-07-29 5464448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe [2011-01-12 303104]
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"Adobe_ID0ENQBO"=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-01-07 384000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 290304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2011-08-10 16:31:44 ----D---- C:\Program Files\trend micro
2011-08-10 16:31:43 ----D---- C:\rsit
2011-08-10 15:18:17 ----D---- C:\Program Files (x86)\STOPzilla!
2011-08-10 15:18:16 ----D---- C:\ProgramData\STOPzilla!
2011-08-10 14:37:53 ----A---- C:\Windows\system32\drivers\Cat.DB
2011-08-10 14:37:24 ----AD---- C:\ProgramData\TEMP
2011-08-10 14:25:02 ----D---- C:\ProgramData\PC Tools
2011-08-10 14:16:04 ----D---- C:\Users\ondra\AppData\Roaming\Mozilla
2011-08-10 10:58:00 ----SHD---- C:\$RECYCLE.BIN
2011-08-10 10:54:49 ----D---- C:\Windows\temp
2011-08-10 10:47:26 ----A---- C:\Windows\zip.exe
2011-08-10 10:47:26 ----A---- C:\Windows\SWSC.exe
2011-08-10 10:47:26 ----A---- C:\Windows\SWREG.exe
2011-08-10 10:47:26 ----A---- C:\Windows\sed.exe
2011-08-10 10:47:26 ----A---- C:\Windows\PEV.exe
2011-08-10 10:47:26 ----A---- C:\Windows\NIRCMD.exe
2011-08-10 10:47:26 ----A---- C:\Windows\MBR.exe
2011-08-10 10:47:26 ----A---- C:\Windows\grep.exe
2011-08-10 10:47:21 ----D---- C:\Windows\ERDNT
2011-08-10 10:45:24 ----D---- C:\Qoobox
2011-08-10 10:00:10 ----D---- C:\Program Files\CCleaner
2011-08-10 09:47:59 ----D---- C:\Users\ondra\AppData\Roaming\Malwarebytes
2011-08-10 09:47:54 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-08-10 09:47:53 ----D---- C:\ProgramData\Malwarebytes
2011-08-10 09:47:50 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-08-10 09:47:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-09 18:12:52 ----RA---- C:\Windows\SYSWOW64\IS3HTUI5.dll
2011-08-09 18:12:50 ----RA---- C:\Windows\SYSWOW64\SZIO5.dll
2011-08-09 18:12:50 ----RA---- C:\Windows\SYSWOW64\SZComp5.dll
2011-08-09 18:12:48 ----RA---- C:\Windows\SYSWOW64\SZBase5.dll
2011-08-09 18:12:48 ----RA---- C:\Windows\SYSWOW64\IS3XDat5.dll
2011-08-09 18:12:48 ----RA---- C:\Windows\SYSWOW64\IS3Svc5.dll
2011-08-09 18:12:48 ----RA---- C:\Windows\SYSWOW64\IS3Inet5.dll
2011-08-09 18:12:48 ----RA---- C:\Windows\SYSWOW64\IS3Hks5.dll
2011-08-09 18:12:48 ----RA---- C:\Windows\SYSWOW64\IS3DBA5.dll
2011-08-09 18:12:46 ----RA---- C:\Windows\SYSWOW64\IS3Win325.dll
2011-08-09 18:12:46 ----RA---- C:\Windows\SYSWOW64\IS3UI5.dll
2011-08-09 18:12:46 ----RA---- C:\Windows\SYSWOW64\IS3Base5.dll
2011-08-09 11:02:03 ----D---- C:\Users\ondra\AppData\Roaming\SUPERAntiSpyware.com
2011-08-09 11:01:40 ----D---- C:\ProgramData\!SASCORE
2011-08-09 11:01:38 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-08-09 11:01:38 ----D---- C:\Program Files\SUPERAntiSpyware
2011-08-08 12:58:07 ----D---- C:\Program Files (x86)\Autodesk
2011-08-08 12:57:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2011-08-08 12:57:19 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-08-08 12:57:18 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2011-08-08 12:57:18 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2011-08-08 12:57:18 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-08-08 12:57:18 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-07-14 08:30:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-07-14 08:30:31 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-14 08:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-14 08:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-14 08:30:24 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-07-14 08:30:24 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-07-14 08:30:24 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-07-14 08:30:24 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-07-14 08:30:24 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-07-14 08:30:24 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-07-14 08:30:24 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-07-14 08:30:21 ----A---- C:\Windows\system32\wow64win.dll
2011-07-14 08:30:21 ----A---- C:\Windows\system32\kernel32.dll
2011-07-14 08:30:21 ----A---- C:\Windows\system32\conhost.exe
2011-07-14 08:30:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-07-14 08:30:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-07-14 08:30:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-07-14 08:30:20 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-07-14 08:30:20 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-07-14 08:30:20 ----A---- C:\Windows\system32\wow64cpu.dll
2011-07-14 08:30:20 ----A---- C:\Windows\system32\wow64.dll
2011-07-14 08:30:20 ----A---- C:\Windows\system32\winsrv.dll
2011-07-14 08:30:20 ----A---- C:\Windows\system32\ntvdm64.dll
2011-07-14 08:30:19 ----A---- C:\Windows\SYSWOW64\user.exe
2011-07-14 08:30:16 ----A---- C:\Windows\system32\win32k.sys
2011-07-14 08:30:08 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-07-14 08:30:08 ----A---- C:\Windows\system32\fsutil.exe
2011-07-14 08:30:08 ----A---- C:\Windows\system32\esent.dll
2011-07-14 08:30:08 ----A---- C:\Windows\system32\drivers\storport.sys
2011-07-14 08:30:08 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-07-14 08:30:08 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-07-14 08:30:08 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-07-14 08:30:08 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-07-14 08:30:07 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-07-14 08:30:07 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-07-14 08:30:07 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-07-14 08:30:07 ----A---- C:\Windows\system32\drivers\amdsata.sys

======List of files/folders modified in the last 1 month======

2011-08-10 16:31:48 ----D---- C:\Windows\Prefetch
2011-08-10 16:31:44 ----RD---- C:\Program Files
2011-08-10 16:31:27 ----D---- C:\Users\ondra\AppData\Roaming\Skype
2011-08-10 15:57:17 ----SHD---- C:\System Volume Information
2011-08-10 15:40:47 ----D---- C:\Windows\System32
2011-08-10 15:40:47 ----D---- C:\Windows\inf
2011-08-10 15:40:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-10 15:37:25 ----A---- C:\Windows\SYSWOW64\log.txt
2011-08-10 15:35:35 ----D---- C:\Windows\system32\drivers
2011-08-10 15:34:15 ----D---- C:\Windows\system32\config
2011-08-10 15:18:20 ----SHD---- C:\Windows\Installer
2011-08-10 15:18:17 ----RD---- C:\Program Files (x86)
2011-08-10 15:18:16 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-10 15:18:16 ----D---- C:\Windows\SysWOW64
2011-08-10 15:18:16 ----D---- C:\ProgramData
2011-08-10 15:18:16 ----D---- C:\Program Files (x86)\Common Files
2011-08-10 14:59:21 ----D---- C:\Windows
2011-08-10 14:37:32 ----D---- C:\Windows\winsxs
2011-08-10 14:15:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-10 10:53:25 ----D---- C:\Windows\system32\wdi
2011-08-10 10:52:00 ----A---- C:\Windows\system.ini
2011-08-10 10:51:54 ----D---- C:\Windows\system32\drivers\etc
2011-08-10 10:49:43 ----D---- C:\Windows\AppPatch
2011-08-10 10:49:43 ----D---- C:\Program Files\Common Files
2011-08-10 10:03:57 ----D---- C:\Users\ondra\AppData\Roaming\DAEMON Tools Lite
2011-08-10 10:03:50 ----D---- C:\Windows\Logs
2011-08-10 10:03:50 ----D---- C:\Windows\debug
2011-08-10 09:32:45 ----D---- C:\Program Files\Microsoft Security Client
2011-08-10 09:32:10 ----D---- C:\Windows\system32\catroot
2011-08-10 03:07:37 ----RSD---- C:\Windows\assembly
2011-08-10 03:07:37 ----D---- C:\Windows\Microsoft.NET
2011-08-10 03:03:51 ----D---- C:\Program Files (x86)\Microsoft Security Client
2011-08-10 03:03:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-08-08 15:45:35 ----D---- C:\schubert
2011-08-08 13:16:24 ----D---- C:\ProgramData\Autodesk
2011-08-08 13:05:51 ----D---- C:\Program Files\Autodesk
2011-08-08 13:03:08 ----D---- C:\Windows\Downloaded Program Files
2011-08-08 13:03:05 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-08-08 13:01:53 ----RSD---- C:\Windows\Fonts
2011-08-08 13:00:25 ----D---- C:\Users\ondra\AppData\Roaming\Autodesk
2011-07-18 11:30:31 ----D---- C:\Windows\rescache
2011-07-18 09:07:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-07-18 09:07:19 ----D---- C:\Windows\system32\cs-CZ
2011-07-18 09:07:17 ----D---- C:\Windows\system32\DriverStore
2011-07-14 17:17:07 ----A---- C:\Windows\system32\MRT.exe
2011-07-14 08:30:00 ----D---- C:\Windows\system32\catroot2
2011-07-14 08:28:46 ----D---- C:\Windows\system32\Tasks
2011-07-14 08:28:43 ----RD---- C:\Program Files (x86)\Skype
2011-07-14 08:28:42 ----D---- C:\ProgramData\Skype
2011-07-14 08:24:33 ----D---- C:\Users\ondra\AppData\Roaming\skypePM
2011-07-11 10:13:13 ----D---- C:\ProgramData\Skype Extras

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 szkg5;szkg5; C:\Windows\SySWOW64\DRIVERS\szkg64.sys [2011-06-02 74768]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-22 254528]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-01-07 12262688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-18 2719336]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-07-06 25912]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
S0 is3srv;is3srv; C:\Windows\SySWOW64\drivers\is3srv64.sys [2011-06-02 74768]
S3 ALSysIO;ALSysIO; \??\C:\Users\ondra\AppData\Local\Temp\ALSysIO64.sys []
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-07-19 146816]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 szserver;STOPzilla Service; C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe [2011-08-09 62928]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 136176]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-08-08 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-05-23 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 136176]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[stell]

Zdravim
Stiahni na plochu
http://www.majorgeeks.com/GooredFix_d7057.html
Uisti sa, všetky okná prehliadača Firefox sú uzavreté.
spustiť nástroj, dvakrát kliknite na to (XP), alebo kliknite pravým tlačidlom myši a vyberte Spustiť ako administrátor (Vista / Win 7).
Po zobrazení výzvy na spustenie skenovania, kliknite na tlačidlo Áno.
GooredFix bude kontrolovať infekciu, a potom sa objaví log.
Prilož prosím Goored.txt ( nájsdes na ploche).

[osc]

Ahoj,
děkuju za pomoc - postupoval jsem dle navodu, log prikladam. ondrej

GooredFix by jpshortstuff (03.07.10.1)
Log created at 10:09 on 11/08/2011 (ondra)
Firefox version 5.0.1 (cs)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{361e74d4-4406-eea5-f083-b85d313ebdd0} [11:12 08/08/2011]
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [08:13 14/06/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [12:15 10/08/2011]
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [12:10 15/06/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(none)

-=E.O.F=-

[osc]

Ahoj,
ještě pár postřehů k problému:
- dnes mě to přesměrovalo i na jiné stránky - např. http://ad.yieldmanager.com, www.fling.com, http://www.electricmustache.com/, a problikává tam i něco dalšího..
- děje se to ve Firefoxu, když do pravého horního vyhledávacího políčka(Google) něco zadám, pak kliknu na nějaký vyhledaný odkaz - a ono to přesměruje (při kroku zpět to už skočí na požadovanou stránku), případně to přesměruje při kroku zpět
- používám ještě prohlížeč Google Chrome a ten je bez problémů, vyzkoušel sem IE 8 (64bit) a ten se zdá být také v pořádku...

Nebudu s tím tedy nic dělat, počkám na další postup. Díky moc! ondrej

[osc]

Ahoj,
tak jsem pro jistotu udělal scan GooredFixem jeste jednou a log prikladam. ondrej

GooredFix by jpshortstuff (03.07.10.1)
Log created at 17:29 on 11/08/2011 (ondra)
Firefox version 5.0.1 (cs)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{361e74d4-4406-eea5-f083-b85d313ebdd0} [11:12 08/08/2011]
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [08:13 14/06/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [12:15 10/08/2011]
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [12:10 15/06/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(none)

---------- Old Logs ----------
GooredFix[08.09.59_11-08-2011].txt

-=E.O.F=-

[stell]

PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

[osc]

Ahoj,
tady je log z ComboFixu. diky ondrej


ComboFix 11-08-11.06 - ondra 12.08.2011 10:59:20.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3945.2592 [GMT 2:00]
Spuštěný z: c:\users\ondra\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: STOPzilla Anti-Spyware *Disabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-12 do 2011-08-12 )))))))))))))))))))))))))))))))
.
.
2011-08-12 09:02 . 2011-08-12 09:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-12 08:56 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5EA789BF-DF7A-4F83-918F-EC0721DB823B}\mpengine.dll
2011-08-11 08:13 . 2010-11-30 09:43 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B06C8CC9-6C0D-42F8-A352-A6ED0FDC3E05}\gapaengine.dll
2011-08-11 08:08 . 2011-07-16 05:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-08-10 14:31 . 2011-08-10 14:31 -------- d-----w- c:\program files\trend micro
2011-08-10 14:31 . 2011-08-10 14:31 -------- d-----w- C:\rsit
2011-08-10 13:18 . 2011-08-10 13:18 -------- d-----w- c:\program files (x86)\STOPzilla!
2011-08-10 13:18 . 2011-08-12 09:03 -------- d-----w- c:\programdata\STOPzilla!
2011-08-10 13:18 . 2011-08-10 13:18 -------- d-----w- c:\program files (x86)\Common Files\iS3
2011-08-10 12:25 . 2011-08-10 12:57 -------- d-----w- c:\programdata\PC Tools
2011-08-10 08:00 . 2011-08-10 08:00 -------- d-----w- c:\program files\CCleaner
2011-08-10 07:47 . 2011-08-10 07:47 -------- d-----w- c:\users\ondra\AppData\Roaming\Malwarebytes
2011-08-10 07:47 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-10 07:47 . 2011-08-10 07:47 -------- d-----w- c:\programdata\Malwarebytes
2011-08-10 07:47 . 2011-08-10 07:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-10 07:47 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-10 01:03 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-08-09 16:12 . 2011-08-09 16:12 132560 ----a-r- c:\windows\SysWow64\IS3HTUI5.dll
2011-08-09 16:12 . 2011-08-09 16:12 546256 ----a-r- c:\windows\SysWow64\SZComp5.dll
2011-08-09 16:12 . 2011-08-09 16:12 22992 ----a-r- c:\windows\SysWow64\SZIO5.dll
2011-08-09 16:12 . 2011-08-09 16:12 99792 ----a-r- c:\windows\SysWow64\IS3Svc5.dll
2011-08-09 16:12 . 2011-08-09 16:12 99792 ----a-r- c:\windows\SysWow64\IS3Inet5.dll
2011-08-09 16:12 . 2011-08-09 16:12 67024 ----a-r- c:\windows\SysWow64\IS3Hks5.dll
2011-08-09 16:12 . 2011-08-09 16:12 456144 ----a-r- c:\windows\SysWow64\SZBase5.dll
2011-08-09 16:12 . 2011-08-09 16:12 398800 ----a-r- c:\windows\SysWow64\IS3DBA5.dll
2011-08-09 16:12 . 2011-08-09 16:12 28624 ----a-r- c:\windows\SysWow64\IS3XDat5.dll
2011-08-09 16:12 . 2011-08-09 16:12 738768 ----a-r- c:\windows\SysWow64\IS3Base5.dll
2011-08-09 16:12 . 2011-08-09 16:12 390608 ----a-r- c:\windows\SysWow64\IS3UI5.dll
2011-08-09 16:12 . 2011-08-09 16:12 230864 ----a-r- c:\windows\SysWow64\IS3Win325.dll
2011-08-09 09:02 . 2011-08-09 09:02 -------- d-----w- c:\users\ondra\AppData\Roaming\SUPERAntiSpyware.com
2011-08-09 09:01 . 2011-08-09 09:01 -------- d-----w- c:\programdata\!SASCORE
2011-08-09 09:01 . 2011-08-12 09:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-09 09:01 . 2011-08-09 09:01 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-08-08 11:15 . 2011-08-10 10:32 -------- d-----w- c:\users\ondra\AppData\Local\cache
2011-08-08 11:12 . 2011-07-19 11:47 1856512 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{361e74d4-4406-eea5-f083-b85d313ebdd0}\components\fe0ccb86.dll
2011-08-08 10:58 . 2011-08-08 10:58 -------- d-----w- c:\program files (x86)\Autodesk
2011-08-08 10:57 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-16 04:26 . 2011-08-11 08:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-13 04:53 . 2011-05-19 06:25 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-27 16:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-27 16:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-06-27 15:50 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-06-15 12:09 . 2011-06-15 12:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-06-02 10:58 . 2011-06-02 10:58 74768 ----a-r- c:\windows\SysWow64\drivers\SZKG64.sys
2011-06-02 10:58 . 2011-06-02 10:58 74768 ----a-r- c:\windows\SysWow64\drivers\is3srv64.sys
2011-05-24 11:42 . 2011-06-29 07:46 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-29 07:46 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 07:46 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 07:46 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 07:46 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-05-22 08:37 . 2011-05-22 08:37 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-05-19 07:23 . 2011-05-19 07:23 60416 ----a-w- c:\windows\system32\KMMON.DLL
2011-05-19 07:16 . 2007-04-23 22:32 16896 ----a-w- c:\windows\system32\LFXPCLPO.EXE
2011-05-19 07:16 . 2007-04-23 22:09 44544 ----a-w- c:\windows\system32\LFXPJL31.DLL
2011-05-19 07:16 . 2007-04-23 22:31 16896 ----a-w- c:\windows\system32\LFXCOI31.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-12 5466496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-01-11 303104]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 is3srv;is3srv;c:\windows\SySWOW64\drivers\is3srv64.sys [2011-06-02 74768]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 136176]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 ALSysIO;ALSysIO;c:\users\ondra\AppData\Local\Temp\ALSysIO64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-08-08 1431888]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 136176]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [2011-06-02 74768]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-12 139648]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 08:13]
.
2011-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 08:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-14 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-14 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-14 418328]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.daemon-search.com/startpage
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 195.113.144.194 94.74.228.228
FF - ProfilePath - c:\users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\rt9bhkxu.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.032"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.abr"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ani"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.apd"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.arw"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bay"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bmp"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bw"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cr2"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.crw"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cs1"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cur"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcr"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dib"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djv"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djvu"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dng"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.emf"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.eps"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.erf"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fff"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fpx"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.gif"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.hdr"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icl"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icn"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.iff"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ilbm"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.int"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.inta"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.iw4"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2c"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2k"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jbr"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jp2"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpc"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpe"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpeg"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpg"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpk"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpx"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.kdc"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.lbm"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mef"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mos"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mrw"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nef"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nrw"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.orf"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbm"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbr"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcd"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pct"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcx"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pef"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pgm"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pict"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pix"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.png"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ppm"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psd"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psp"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspbrush"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspimage"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.raf"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ras"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.raw"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgb"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgba"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rle"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rsb"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rw2"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rwl"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sgi"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sr2"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.srf"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tga"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.thm"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tif"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tiff"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttc"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttf"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30po"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30pp"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30ppf"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbm"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbmp"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wmf"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xbm"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xmp"
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2011-08-12 11:07:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-12 09:07
.
Před spuštěním: Volných bajtů: 654 481 727 488
Po spuštění: Volných bajtů: 654 213 681 152
.
- - End Of File - - ECA5F35826D73A31FCEBA28B3DCE5EB6

[stell]

1:Odinstaluj program
STOPzilla Anti-Spyware

2:Vidim ze mas tam aj Malwarebytes>>otvor>>zalozka protokoly, a vloz sem najnovsi protokol.

3:Pri tejto akcii je nutné mať ComboFix na ploche.
Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
RegLock::
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log čo ComboFix vytvorí

[osc]

1 - odinstalovano

2 -
10:50:13 ondra MESSAGE Scheduled update executed successfully
(v poslednim protokolu pouze jedna veta, navic pridavam z 10/08/2011 - viz dale)
09:48:45 ondra MESSAGE Protection started successfully
09:48:48 ondra MESSAGE IP Protection started successfully
09:49:12 ondra IP-BLOCK 93.158.114.94 (Type: outgoing, Port: 49835, Process: firefox.exe)
09:49:12 ondra IP-BLOCK 93.158.114.94 (Type: outgoing, Port: 49836, Process: firefox.exe)
09:55:18 ondra MESSAGE Protection started successfully
09:55:22 ondra MESSAGE IP Protection started successfully
09:56:26 ondra IP-BLOCK 93.158.114.94 (Type: outgoing, Port: 49208, Process: firefox.exe)
09:56:26 ondra IP-BLOCK 93.158.114.94 (Type: outgoing, Port: 49259, Process: firefox.exe)
09:58:18 ondra IP-BLOCK 93.158.114.94 (Type: outgoing, Port: 49279, Process: firefox.exe)
09:59:54 ondra MESSAGE IP Protection stopped

3 - provedeno, log. viz dale

ComboFix 11-08-12.01 - ondra 12.08.2011 13:56:41.3.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3945.2080 [GMT 2:00]
Spuštěný z: c:\users\ondra\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ondra\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-12 do 2011-08-12 )))))))))))))))))))))))))))))))
.
.
2011-08-12 11:59 . 2011-08-12 11:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-12 09:46 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{140D1425-B57D-4DAE-837D-8A8A527F4DA7}\mpengine.dll
2011-08-11 08:13 . 2010-11-30 09:43 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B06C8CC9-6C0D-42F8-A352-A6ED0FDC3E05}\gapaengine.dll
2011-08-11 08:08 . 2011-07-16 05:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-08-10 14:31 . 2011-08-10 14:31 -------- d-----w- c:\program files\trend micro
2011-08-10 14:31 . 2011-08-10 14:31 -------- d-----w- C:\rsit
2011-08-10 13:18 . 2011-08-12 11:42 -------- d-----w- c:\programdata\STOPzilla!
2011-08-10 12:25 . 2011-08-10 12:57 -------- d-----w- c:\programdata\PC Tools
2011-08-10 08:00 . 2011-08-10 08:00 -------- d-----w- c:\program files\CCleaner
2011-08-10 07:47 . 2011-08-10 07:47 -------- d-----w- c:\users\ondra\AppData\Roaming\Malwarebytes
2011-08-10 07:47 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-10 07:47 . 2011-08-10 07:47 -------- d-----w- c:\programdata\Malwarebytes
2011-08-10 07:47 . 2011-08-10 07:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-10 07:47 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-10 01:03 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-08-09 09:02 . 2011-08-09 09:02 -------- d-----w- c:\users\ondra\AppData\Roaming\SUPERAntiSpyware.com
2011-08-09 09:01 . 2011-08-09 09:01 -------- d-----w- c:\programdata\!SASCORE
2011-08-09 09:01 . 2011-08-12 09:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-09 09:01 . 2011-08-09 09:01 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-08-08 11:15 . 2011-08-10 10:32 -------- d-----w- c:\users\ondra\AppData\Local\cache
2011-08-08 11:12 . 2011-07-19 11:47 1856512 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{361e74d4-4406-eea5-f083-b85d313ebdd0}\components\fe0ccb86.dll
2011-08-08 10:58 . 2011-08-08 10:58 -------- d-----w- c:\program files (x86)\Autodesk
2011-08-08 10:57 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-08-08 10:57 . 2009-09-04 15:29 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-16 04:26 . 2011-08-11 08:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-13 04:53 . 2011-05-19 06:25 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-27 16:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-27 16:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-06-27 15:50 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-06-15 12:09 . 2011-06-15 12:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-24 11:42 . 2011-06-29 07:46 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-29 07:46 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 07:46 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 07:46 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 07:46 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-05-22 08:37 . 2011-05-22 08:37 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-05-19 07:23 . 2011-05-19 07:23 60416 ----a-w- c:\windows\system32\KMMON.DLL
2011-05-19 07:16 . 2007-04-23 22:32 16896 ----a-w- c:\windows\system32\LFXPCLPO.EXE
2011-05-19 07:16 . 2007-04-23 22:09 44544 ----a-w- c:\windows\system32\LFXPJL31.DLL
2011-05-19 07:16 . 2007-04-23 22:31 16896 ----a-w- c:\windows\system32\LFXCOI31.DLL
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-12_09.03.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-10 07:12 . 2011-08-12 09:14 30374 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-12 09:14 28660 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-04-21 09:06 . 2011-08-12 08:53 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-04-21 09:06 . 2011-08-12 11:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-04-21 09:06 . 2011-08-12 08:53 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-04-21 09:06 . 2011-08-12 11:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-12 10:34 . 2011-08-12 10:34 70656 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml.Hosting\2f4f8c27bead809838c2edc45e7fc6c0\System.Xaml.Hosting.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 42496 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\357c754688a5756ac7fc4fc831ffbf03\System.Windows.Presentation.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 26112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Routing\05b9b55d7f39ef542f2571947a87b5a4\System.Web.Routing.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 53760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\c05543a5ad0e08b8142e22ded1741b31\System.Web.DynamicData.Design.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\f7738bf2ff3dc492be82f64880dcfc4c\System.Web.ApplicationServices.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 26112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Abstract#\004cb520bc780937c699a24c354bc4b5\System.Web.Abstractions.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 13824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\1c2f6b00c9b1e09bb46e15de193e9f69\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\32d3441efb46d802cdc65de502f28e3b\System.AddIn.Contract.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 47104 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Workflow.#\dbfb9e15a3fda72ac9866da23512ddb8\Microsoft.Workflow.Compiler.ni.exe
+ 2011-08-12 10:31 . 2011-08-12 10:31 14336 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualC\512c12c2af578c00e8655b0ec2a92102\Microsoft.VisualC.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 10752 c:\windows\assembly\NativeImages_v4.0.30319_64\dfsvc\4a82ab8680409c1dc5a55e26742e8900\dfsvc.ni.exe
+ 2011-08-12 09:57 . 2011-08-12 09:57 58368 c:\windows\assembly\NativeImages_v4.0.30319_64\Accessibility\b1136d0eb9ce963a7675b0d6cd7c4c4e\Accessibility.ni.dll
- 2011-06-30 09:29 . 2011-06-30 09:29 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4cd8ba75f60cf8dc66767b833520241e\UIAutomationProvider.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4cd8ba75f60cf8dc66767b833520241e\UIAutomationProvider.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 54784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\e79b604afd028454021741ed9a346cda\System.Xaml.Hosting.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\b25f69257705a10c95b7b3189e2fc390\System.Windows.Presentation.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\9e512eb1252bc8ce95a683401c23b166\System.Web.Routing.ni.dll
- 2011-08-08 11:36 . 2011-08-08 11:36 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\9e512eb1252bc8ce95a683401c23b166\System.Web.Routing.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\0e7767944043ea135ac3d5c8e640a461\System.Web.DynamicData.Design.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\c43c3b0a5d254895dd63c46bad2f23c0\System.Web.ApplicationServices.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\a118628344dcd347e02de32e2712e2e2\System.Web.Abstractions.ni.dll
- 2011-08-08 11:36 . 2011-08-08 11:36 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\a118628344dcd347e02de32e2712e2e2\System.Web.Abstractions.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a1fdc3ccb352a4ad6ee0efa0eaee40fb\System.ServiceModel.Channels.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\18c3190be242e39d21bce5f53a9d9901\System.ServiceModel.ServiceMoniker40.ni.dll
- 2011-08-08 11:36 . 2011-08-08 11:36 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\18c3190be242e39d21bce5f53a9d9901\System.ServiceModel.ServiceMoniker40.ni.dll
- 2011-06-30 09:29 . 2011-06-30 09:29 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\a1cbada42bb39fc34ee40e9e4afba87e\System.AddIn.Contract.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\a1cbada42bb39fc34ee40e9e4afba87e\System.AddIn.Contract.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 37888 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\17c3a09744ad7d2b365ca85a4c7f183e\Microsoft.Workflow.Compiler.ni.exe
+ 2011-08-12 09:31 . 2011-08-12 09:31 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\2bdbd057211d05a088b7a9004203e58b\Microsoft.VisualC.ni.dll
- 2011-06-30 09:29 . 2011-06-30 09:29 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\2bdbd057211d05a088b7a9004203e58b\Microsoft.VisualC.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\0c39314a7513b436d3aaaeae3b4bd3e7\Accessibility.ni.dll
- 2011-06-30 09:28 . 2011-06-30 09:28 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\0c39314a7513b436d3aaaeae3b4bd3e7\Accessibility.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\f4b0a65a0cad6d091bb903fb5f7f490d\System.Windows.Presentation.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\055b996b602a243bd4fcbdde8accc09c\System.Web.DynamicData.Design.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\b33d58d0716cc4abc0183d5167bcdc2e\stdole.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\fe5b12605f26ab36c26f0a3b3c475dd5\PresentationFontCache.ni.exe
+ 2011-08-12 09:56 . 2011-08-12 09:56 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\66019b987c020943413851e959ca80c2\Microsoft.WSMan.Runtime.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\f2ee738d8439bf9025e1234c6afbd7e8\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\e29ed5ad26446d196b4a5ea7e69c74e9\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\b1c9507f23021701932fca6306d0df0f\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\a4d48547af11390249b96fd1526ea514\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\636902d124bb3ee04ded9773d46f1d5d\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\6096a2f20727ede39049c5f3628b9a60\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 93696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\f08621c868979befad8763fe0d125331\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e64111bd10d5f438c9583b792b3607e1\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 84480 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e0ac06be22a8faf7637a87c3d2990f38\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 87040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\aa2d67a0cadfb018e5325282d8c595de\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 89088 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\9192fec4837545ae41f959c6a4f21265\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\65ced0afa728e411a0c76ea34e923a47\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 64000 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\dad98b9c968ce9a0b150753090c0d0aa\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 66048 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\cbba8254a8034f08e8b158ffd90e03e8\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b1a1a072eba978666cefe4f99fc6401c\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\cdbee55e7f6c60f5cb56d6ec9f083951\LoadMxf.ni.exe
+ 2011-08-12 09:55 . 2011-08-12 09:55 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\16951451968fea951a2294c0ff4bd49e\ehiUPnP.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\867a57af137c4a524067cdbbf09766e0\ehiTVMSMusic.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\0c6cb1fd7a82938112cbea2c22e433df\dfsvc.ni.exe
+ 2011-08-12 09:29 . 2011-08-12 09:29 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\66bf22d787e954e8b8c7fae7e102f9ed\WindowsLiveWriter.ni.exe
+ 2011-08-12 09:29 . 2011-08-12 09:29 81408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\be5d569caf396e249c17414d48d0fbce\WindowsLive.Writer.Passport.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3ef94ae15e7d80bb818934265bb90c10\System.Windows.Presentation.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\dd2bb107a0bbac08a0ccaf93c8bb7490\System.Web.DynamicData.Design.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\54d33aa6cf3af2d6e28c7d46c0ce363f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\e88e6ace53ab318210c1657483321e40\System.AddIn.Contract.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\cd32e850b908317981c109dd20a0d5b2\stdole.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\fe7afc935e0c66172577a1ded815993b\PresentationFontCache.ni.exe
+ 2011-08-12 09:30 . 2011-08-12 09:30 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\69b036f1479a9aa93430f2d1676032b2\napcrypt.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\ab2d4de59dee683a2f77123f671839ba\Microsoft.WSMan.Runtime.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\8a102c44ccfe60d131d7e350d149bf85\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\7ce6ebef5427853ecb5bd68da29f1fdd\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\405aa271df15b8ce1b0b970f37687152\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\3442a002e4e5d93ca3895a29ba7adb74\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\20c20811d44ba8c9513f2f2ba96d7047\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\09a9791efe9f32a50bd01346f0b05666\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\034ab6a3d60fdfba641443f16efdf309\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\2ac41c859d5e5e84993a555e3eeaea90\Microsoft.Vsa.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\fa0ab046907e7ed154ce2ba749eebb52\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f356c4455ca50bd2b3d1707214229ad8\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 84992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d0c295eb230de5ed682181830d4747db\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c5a915e87a37fdedf41ac24ee5f97bb1\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b282b2b3144437e0322d3c6c29e734d6\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8d721ab82f8d49ed7d3fcc4f547cee5d\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\51705dba55e430dd088a76e7c07f8d3e\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3534f931f053ffd10f687f48170cd9c0\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1bae59136b7143a0a5dd3d927d9ed4bd\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0c0a573d4a6aba73f2916a1d9e56bfb3\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\d0a9152ccf7fdbbff625ca972783ece8\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\261ccf76aae6ac8c396b7e40370f9430\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\9152d7f0adafac97d853647ca783b8e4\Microsoft.Build.Framework.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\5c219cc49d452997a91d916309511e68\Microsoft.Build.Framework.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\ac010bace23545b3a5b1825e5c7b046e\ehiUserXp.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\027211443c6da8187fe92e682c048cd5\dfsvc.ni.exe
+ 2011-05-10 07:17 . 2011-08-12 09:14 6334 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2227245731-3193272954-811429164-1001_UserData.bin
+ 2011-08-12 12:00 . 2011-08-12 12:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-12 09:03 . 2011-08-12 09:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-12 09:03 . 2011-08-12 09:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-12 12:00 . 2011-08-12 12:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-12 09:30 . 2011-08-12 09:30 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\cec5dc6db7419a80bba3f9d73833fb65\dfsvc.ni.exe
- 2011-06-30 09:28 . 2011-06-30 09:28 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\cec5dc6db7419a80bba3f9d73833fb65\dfsvc.ni.exe
+ 2009-07-14 02:36 . 2011-08-12 10:15 654278 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-08-12 08:51 654278 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-08-12 10:15 668534 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-08-12 08:51 668534 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-08-12 10:15 122110 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-08-12 08:51 122110 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2011-08-12 08:51 141130 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2011-08-12 10:15 141130 c:\windows\system32\perfc005.dat
+ 2009-07-14 04:46 . 2011-08-12 09:10 107616 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 05:01 . 2011-08-12 09:02 443408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-08-12 11:59 443408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-08-12 10:35 . 2011-08-12 10:35 552960 c:\windows\assembly\NativeImages_v4.0.30319_64\XamlBuildTask\7c400a0f16c0a0a0697357e5aa18d89b\XamlBuildTask.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 462336 c:\windows\assembly\NativeImages_v4.0.30319_64\WsatConfig\57c4b65ef846fe05e9c03416e4dc8338\WsatConfig.ni.exe
+ 2011-08-12 10:34 . 2011-08-12 10:34 322048 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\6c332f5c8c795f7e5415d94bf1d68b0b\WindowsFormsIntegration.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\21b0a1645439e2c615a317dc4cca191d\UIAutomationTypes.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 122368 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\792559a31b651ec7c2d5da9847961736\UIAutomationProvider.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\0b326be8df8a20d09e9eb8e827c7258c\UIAutomationClient.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 525824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\c767821a3004226d67edf155d5737083\System.Xml.Linq.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 254976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\a7fe785edf8113c49b5fa6adcb537408\System.Windows.Input.Manipulations.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 244224 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\820bf604c5055ca63864f042254fad55\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 314880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.RegularE#\4a4069e206c748016fd69f33283435b4\System.Web.RegularExpressions.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 444416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity\8c53f8968c1aee56e428f7a8b2712017\System.Web.Entity.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 366080 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity.D#\0d056c8e5bd962e148e98c4e887ce310\System.Web.Entity.Design.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 962048 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\5eca8504400b3abe12e8511a91ba1f96\System.Web.DynamicData.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 329216 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\4dd53f516e00c633b9d114f0b18354c5\System.Web.DataVisualization.Design.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 903168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\0cad532e2fb59585cc790c3fe656e64f\System.Transactions.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 280576 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ee501cc4420ce53f2ded79b3ad798c90\System.ServiceProcess.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 107520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\e3cbf844da8dbc1190d37abc30570e29\System.ServiceModel.Channels.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 574976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\d5dca414bf2eaadaa237977df320e072\System.ServiceModel.Activation.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 507904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4b2c5b2baad543993991af8e6e347964\System.ServiceModel.Routing.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 939520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Security\bd4e7dba4c1d18de2bb92f050691f714\System.Security.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 376320 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\93ee99e5061f73f7e0d64e28e72acdd8\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 994304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\8343c5b434a16b418f727c2d94c6957d\System.Runtime.Remoting.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 308224 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Cach#\a4f46af5bee02697f096338385e2baf4\System.Runtime.Caching.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 176640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\97a9eaf09596eebab9ed3e17546ae804\System.Numerics.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 930304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\41d449b0be8ff6b6dc9174313db88459\System.Net.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\f8aa02fc7b4467081e19e35a5601f518\System.Messaging.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\4fc188ed573c4a57a0287938986f6a1c\System.Management.Instrumentation.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\0cca1aa68edcb1f5ee92fc8aaa2c7d51\System.IO.Log.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\80d06aff25a9994a00f2976a1cb06733\System.IdentityModel.Selectors.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 348672 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\df0ac9043e9b88bcafa5b378994d8365\System.EnterpriseServices.Wrapper.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 511488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Dynamic\ce5254e2408f77d6a09d30508f8dd52a\System.Dynamic.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 289792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing.Desi#\2e852fd84583fc2332ce488779f6b106\System.Drawing.Design.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 628736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\6048f7c3071c23536b976d262c34fae1\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\80d5d1a7442173fc59c419b8d1c647ff\System.Device.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 658944 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\8b196cf45ef0a5a64299cc414eaeeabb\System.Data.Services.Design.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\33038b29c486ff870f23a6b37e5b9d11\System.Data.DataSetExtensions.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 181248 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\c509822f920d2613ab999e6148ab8099\System.Configuration.Install.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\e0dc7e5bc5e66268387e19c10727a030\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\55d507e7cc2017d6eed82527df1e910a\System.AddIn.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 553472 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\0a65293a0732eaeb538fb5d9accafe92\System.Activities.DurableInstancing.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 430080 c:\windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\7597686f1c999b6491518ff47508acdf\SMSvcHost.ni.exe
+ 2011-08-12 10:31 . 2011-08-12 10:31 184832 c:\windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\53d186939a3367ce3b37c84464370ca6\SMDiagnostics.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 387584 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\eb1dae468677366538f99b623e7a7018\PresentationFramework.Royale.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 745984 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\1e80fa78c14d8cac7feaa1d70ffb0a38\PresentationFramework.Luna.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 331264 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\196d1a63ee35811bd9ce868bc70273a7\PresentationFramework.Classic.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 555520 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\039366972f5ad8f34025c5aed57c1929\PresentationFramework.Aero.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 364544 c:\windows\assembly\NativeImages_v4.0.30319_64\MSBuild\e02e5954de8e345aaeeadda0ce9b2ce3\MSBuild.ni.exe
+ 2011-08-12 10:31 . 2011-08-12 10:31 422400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\2282b71e9ea6da3366b3b81984109382\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 600064 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\85e60ede22b298d7e5fcc17757f74ef1\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 849920 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Uti#\49cb222730019ddee3188e59aa5db9fa\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 353792 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Fra#\9fd80f7ed7273ee7e2f49159fc8fbea4\Microsoft.Build.Framework.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 279552 c:\windows\assembly\NativeImages_v4.0.30319_64\CustomMarshalers\4f99fd1b2d217c9950b0e7c053b9e906\CustomMarshalers.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 660480 c:\windows\assembly\NativeImages_v4.0.30319_64\ComSvcConfig\ee81e938d05b8f9f4b5e523d64c0e13d\ComSvcConfig.ni.exe
+ 2011-08-12 10:36 . 2011-08-12 10:36 404480 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\e782fcf4c7fd93759848209e2e4623e3\XamlBuildTask.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 356864 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\4911603e46d56e98201c6f5e0ecb0e8d\WsatConfig.ni.exe
+ 2011-08-12 10:36 . 2011-08-12 10:36 252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\6472eef5098d682d9fe1ba988f0e2a16\WindowsFormsIntegration.ni.dll
- 2011-06-30 09:29 . 2011-06-30 09:29 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\7297158168dfc68b1b96bf6b0f56b093\UIAutomationTypes.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\7297158168dfc68b1b96bf6b0f56b093\UIAutomationTypes.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 482816 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\30c40325e5863915a93fdbc61888017e\UIAutomationClient.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\21077827f11f2b5473a075c2cfe52869\System.Xml.Linq.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\fd14fbfb1b15903bf9fb8b712e497117\System.Windows.Input.Manipulations.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\58daccadab92efee72bdd83b9efa8d9d\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\3a7926eda66a2c2f23c5e0a9a10e3add\System.Web.RegularExpressions.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 861696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\758ee66f2b33aff7ed4e5c77203519af\System.Web.Extensions.Design.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 332800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\32b3da52b6b772e804aa661c5a0e9139\System.Web.Entity.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 297472 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\0c2f55e715613d0d049b5ec2020e5dba\System.Web.Entity.Design.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 705536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\2cb43bfb33d917dff8a98e2f36d39d0b\System.Web.DynamicData.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 259072 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\1622be328ba5237b16b77574d0bb683b\System.Web.DataVisualization.Design.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\35088dcea3449dd518738b606bd9a150\System.Transactions.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\e5e480c7ee8c4e0e0a08bb9d809da311\System.ServiceProcess.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e6c0820211b8ef81c6273f1e2159662b\System.ServiceModel.Routing.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 422912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d9854773e25636562796594d81b711ce\System.ServiceModel.Activation.ni.dll
- 2011-06-30 09:29 . 2011-06-30 09:29 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a31a4045963913a3228777af311f4428\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a31a4045963913a3228777af311f4428\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 770560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ecabf11096837ede75a4818632bf715c\System.Runtime.Remoting.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 241664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\37e9674a79d53b6c76795ffa783ea960\System.Runtime.Caching.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 653312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\6a64161b2b9795a2db7404b1c4594a1f\System.Net.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\db4a2bdca79d189d8d4a5beaf5798eff\System.Messaging.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\da1301f9af8b84875439449d68ed6488\System.Management.Instrumentation.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\cf5e78d682f36ee0cf243c9c0086d9c4\System.IO.Log.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\2322a873c1b039804c0606c71852d192\System.IdentityModel.Selectors.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\535974de0ac28f073025a0d2cfae1568\System.EnterpriseServices.Wrapper.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\535974de0ac28f073025a0d2cfae1568\System.EnterpriseServices.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\0c37a3bc52d0a8fb2343f912da4a49a6\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\062b6ae9f82eb189eb383c26d0a40996\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\d325ed56b35d4745619121ae9293bf07\System.Device.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 507904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\903d833bc30502e13bb81c77f5c4b8ac\System.Data.Services.Design.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\544584967fdc7025f6a4506696110493\System.Data.DataSetExtensions.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\acd1a7754df6d47b53df162dfe63de92\System.Configuration.Install.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\0f2c28024362223e2f9d3666bacdae54\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\9c18864a019ded007f212239f6b5a37a\System.AddIn.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\736a509c3674fdfd018ae4530d12397a\System.Activities.DurableInstancing.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\227ebd4817d958e0ccb2234fd8dfc9ce\SMSvcHost.ni.exe
+ 2011-08-12 09:31 . 2011-08-12 09:31 142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\04375632f6906bd95e87c5d85b31e2a6\SMDiagnostics.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 274432 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\c4cb9433cbb7063563e31e0c4c4b82d8\MSBuild.ni.exe
+ 2011-08-12 09:31 . 2011-08-12 09:31 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8fc8777e515a67cf6af8f2f9816eb410\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\982b28a3e0a3f8818f893a3331d9f0bd\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 631808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\a539de15ecaf42c1157674a49fe9df36\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 258048 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\360a6ba32f831caf2754c5eaf20b40e4\Microsoft.Build.Framework.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 135680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\2311c93f3173ee66456dea5292b12b48\Microsoft.Build.Conversion.v4.0.ni.dll
- 2011-06-30 09:28 . 2011-06-30 09:28 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\dcc2883f0bbf0909874059fe9768016b\CustomMarshalers.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\dcc2883f0bbf0909874059fe9768016b\CustomMarshalers.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 474624 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\0cd2bfab01a740108d6ec30ab3f669ce\ComSvcConfig.ni.exe
+ 2011-08-12 09:30 . 2011-08-12 09:30 846336 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\d276401e942d49b3f2b399c3ea9309e9\AspNetMMCExt.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\bfb29034e69046d05e1ff758c0fcda27\WsatConfig.ni.exe
+ 2011-08-12 09:57 . 2011-08-12 09:57 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\1c573262c14ba755ac6ccab0945711cb\WindowsFormsIntegration.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\ad5c1e837ea97e2e6401fd4fac9d99d4\UIAutomationClient.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\50621c88a5345fd8fcb959a9fc25f084\TaskScheduler.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\ebd55d35d25cf10e6e24453238d3c5eb\System.Xml.Linq.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\0bf594db7ec4fd4754f7535f24b254aa\System.Web.Routing.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\09199f147cafe8a357cbcf68f6098a77\System.Web.Entity.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\b21a0f26bff3d30480050c41f4f786f6\System.Web.Entity.Design.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\adfea0205de0aeb42c9bd80be40d7c47\System.Web.DynamicData.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\b6cc0ab04339d7cf16e83487e921fb71\System.Web.Abstractions.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\0646a91d680e840b201eb7a96876f053\System.Net.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\f53e6c7d027431c87b5839036a2f977d\System.Messaging.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\b9e961f0a21c8afe6213218fdbc8f8a2\System.Management.Instrumentation.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\49a6af02ac362d95ccf98068492053e5\System.IO.Log.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\4b21a062e82d08cf0ce61e7f1c8d1f2a\System.IdentityModel.Selectors.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\5e0b2a3713da55d99450c9cad93c4d2f\System.Data.Services.Design.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\486d44582be2000df84c46e187a88e70\System.Data.DataSetExtensions.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\1bcd63abfac2072c18ab799a37dd89cf\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\268f6f10ba5e94d24677a1a68f97ac15\System.AddIn.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\fc738e6c257a4851a220b9660688c25f\System.AddIn.Contract.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\7706a4ac4bf3f09a2d0b655e363fa401\sysglobl.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\8103d9a6fe544e521f89b92d24ac298a\SMSvcHost.ni.exe
+ 2011-08-12 09:54 . 2011-08-12 09:54 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\c268879bbddc814fadfe497300c03752\SMDiagnostics.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 376832 c:\windows\assembly\NativeImages_v2.0.50727_64\SecurityAuditPolici#\a1f13955ca1028875a75a96ca614f949\SecurityAuditPoliciesSnapIn.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\a04a8437f757b8da7a707e31702169d6\napsnap.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\711d1c8357619b22e5caffd9cab59736\napinit.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\644fd981e996dd2ba072cc6265a0b74b\naphlpr.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\fe39885123be43ee8b6f4c1ca669d49b\napcrypt.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\b75df85509061d9729506b8af64513f7\MSBuild.ni.exe
+ 2011-08-12 09:55 . 2011-08-12 09:55 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\c42d34f67692030a55a9bc64004e9041\MMCFxCommon.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\5db5412b8b9fdbe83b43a79b76cb39c6\Microsoft.WSMan.Management.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\de2193a90cfc32eed4ad1c78a99b8363\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\0836bcb90046e51c8bd055c0755bd57d\Microsoft.Vsa.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 390656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d056d0cb42bbccc1021e51868972bbcc\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 232448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cd54af9e5015a62fbad0b60460b182ee\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 499200 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\c65916749cde39fbe973df6d7d276932\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 777728 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\c13be527cd76c3425be317056d9fa356\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\aea04ed0f605316f6be788339f14ec7d\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 202752 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\9139f5736be52a098a86121a23bdf60a\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 494592 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\8a54ca40b958fe8dd5be510fccd05a71\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 277504 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\75dc0aa79ec38c2c8685756ff7c3b031\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\6dea41b26de73ee20112e1f780e795b9\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\679336a10a3630cc6ac56b5c01f1fe9c\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5d3075c08472a7f26d3f94f70a55a921\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 226816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\57359634d01fc155c2bd8359caa2dc50\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\48862d9e40531be0552f7dc7f90e2c7d\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 970240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\3ca45519cf4f0fb31199f11ccf775be8\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 226816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\017253ab1cff2e08a521ee4724a81717\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\b3361f5be5cde787e5e6c67b1bf55684\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 235008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\d9690cae12595eadba0605f021f48d5f\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 937472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\2f74ed7bc1850b7db2e4d2a804a6df52\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 318976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\283fa4c05c71071fd97d028a0ee48ec6\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 275456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\2330fedf74b1566e7607445d0664745a\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d99d7734ec2e39696ac5ce7e7b2d76bd\Microsoft.PowerShell.Security.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\77160cddd8417526c586e13b529f68bf\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6a1869785554446d202d6f718d036a3e\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\5c7ffe4abea4b5a400f768cad060835d\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\d0fa4f83ea50a4c7cd3e50b40e8ba5f5\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\c4b939d55984f85d37fc5e8cc5790621\Microsoft.Office.Tools.v9.0.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f0cb734b7acfb102c57ed39f8918ce3d\Microsoft.MediaCenter.Mheg.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e4313e989939114d32f9254a74eee676\Microsoft.MediaCenter.Interop.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\87d3f8fed35fa164d0e5dabbcee46df8\Microsoft.MediaCenter.Playback.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5ec49bda571c34526ad7db5ec7a201c4\Microsoft.MediaCenter.iTv.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\3ea7a7a15d59a1185b74f340f05c0b33\Microsoft.MediaCenter.Sports.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\1cbb6b9711bed2da17ae866cf2f58c31\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\04b81e74cc96402e59800be2c13358f9\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\503235feed6b59fff53b29c9def81a5d\Microsoft.ManagementConsole.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 399360 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\8957ee8531a07a14713becab927220c6\Microsoft.GroupPolicy.Interop.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 618496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\1d50fe27db4c4144efe6d2d445b1c121\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\6c999c27e6724dd1d0a10202f3e52e57\Microsoft.Build.Utilities.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\137428fc7e8ae3a1b733ffc45a3f3076\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\748b8b1f294666450436cc174c0b0684\Microsoft.Build.Framework.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\4196ba1264bd52f324e01016716cbbe9\Microsoft.Build.Framework.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\8be3ef8d90c0f3e97437887dac5a8d78\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 423424 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\3f6fda39fc730d02ffcc315ba0c2b9c0\Microsoft.ApplicationId.Framework.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 727040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\11fdc05858c96e128780105a572921e5\Microsoft.ApplicationId.RuleWizard.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\736323a581cc019ae2027f71dc496668\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\39e1e694a468028f2ca73994f76322d4\Mcx2Dvcs.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\d820c1a490dfb31933fd53f96514bbce\mcupdate.ni.exe
+ 2011-08-12 09:54 . 2011-08-12 09:54 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\428aa9c2151b0f385227c513c9497673\mcstoredb.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\614f7b9e9c362ac6d4175638ea2237d9\mcplayerinterop.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\7f8a262f2b6807a47517c1ea6e6b2a7b\mcGlidHostObj.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\0801a977b58776ed017238d4aaa7995e\MCESidebarCtrl.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\136009b4f22e65e77a916747429e599b\EventViewer.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\d313ec20c40b0fd3125b8e710f74556d\ehRecObj.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\fb85aad5c54840d8c5a17ac30a2fdfd7\ehiWUapi.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\af6c550e9382dba858ca65bb220799ea\ehiwmp.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\244edb2f64f825975b8c70f34162e6a6\ehiUserXp.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\b37be197d70d359e864bfffcca28fdb9\ehiiTv.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\b538d9ee6bfc71d120550427ccbe9e9e\ehiExtens.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\ce8305e1973d5a65569d9757f5b59c29\ehiBmlDataCarousel.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\440bebddd70e03b2548635373ad2b666\ehiActivScp.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\a267870c9fce983dca1c454fbde4cc7e\ehExtHost.ni.exe
+ 2011-08-12 09:54 . 2011-08-12 09:54 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\3a7ccf1084f8a546e8f7e7eecf33045c\ehCIR.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\436b0b38f271b905950f054c548a5722\CustomMarshalers.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\1af89517b158d3a94c051dfbc4ae9769\ComSvcConfig.ni.exe
+ 2011-08-12 09:53 . 2011-08-12 09:53 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\61dd29a580f09716118ef51868ad9edd\BDATunePIA.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\41ccc24e8cc5f2474ce1105f0b8ebb78\WsatConfig.ni.exe
+ 2011-08-12 09:29 . 2011-08-12 09:29 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\a8045967b5aeda93cad09897479f3dee\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 174080

[osc]

c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e63d47ee82fa97964d00039893c8cf86\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 374272 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d796d184a98ba34d27c293bf4fb3fb69\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b8bd14197d9b1e4e70050a4e7e6564f5\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a0493277ae6c1d62c037511566002602\WindowsLive.Writer.Interop.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\99b0e05dddfd77231f552ecde3ffec4f\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9461d16c415bef24d73aa628181765ea\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8d0f1aba900e1122517ee1dccf351b15\WindowsLive.Writer.Controls.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8ce2a9eb783f1d04d3e3ac236b186bf5\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\85ce2e7e4a111a8336082095a8f104c1\WindowsLive.Writer.Api.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\598b03cb1a0b8fda89970077f749cb33\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 891392 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4eca83e886cb4c57869d416de17c2487\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3b8c0cec3bac70dffc3441c8305a3621\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\36564c86fd316a77c20162c76cd48327\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\04c4d9b258b16a98d5a47fce34940de1\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\95340a43291565121fe6b6951e905835\WindowsLive.Client.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bb04320c07e3c71ac2d18cb382d97f41\WindowsFormsIntegration.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d63e6fb41aa502bf6724043e6ac1367f\UIAutomationClient.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\1c1f731e8684204f56f37cc66b5bc60d\TaskScheduler.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\b096bd83a66a8d1dcd761747730cc64c\System.Xml.Linq.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\efca1fd7e9df8e24c007cd003346e0e5\System.Web.Routing.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6c551bf6f7716b0f527f4274fb04cc2e\System.Web.Extensions.Design.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\03eda303152940cb2e78a0030cf572b5\System.Web.Entity.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\7b93fe55a51f2a6010365a17546170bc\System.Web.Entity.Design.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\979bf2cab91b5d50aef1525ca96ff690\System.Web.DynamicData.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\067516a8300bb5fdbddb38cb9f6c934e\System.Web.Abstractions.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\e16f381a978103ac92bf64b99716c857\System.Net.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\ac9fe083b4cf11aab834d6654cdeb429\System.Messaging.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b95b509ac74958a1d8568293c3dc43ba\System.Management.Instrumentation.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e083fdbcc88f5850290f2cf65ae1efae\System.IO.Log.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\736226563a7f564e4629e34d52b3d6c6\System.IdentityModel.Selectors.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1f6d55f401cfe7041f9fd3b4aebffa9b\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\0896f955eb175a4e0bfff73b94f57619\System.Data.Services.Design.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\8f130b77f8f47e23cd748679173bdf33\System.Data.Entity.Design.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ad3f6eae36ce486187311de6836b4904\System.Data.DataSetExtensions.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fc5edc97ac59d0d0d45bb9b623b9927b\System.AddIn.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\88f0efe11487b846342fdee227f3da52\sysglobl.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4a33aa8911167af5fcba60f1b02ad45b\SMSvcHost.ni.exe
+ 2011-08-12 09:29 . 2011-08-12 09:29 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\b907dd027bbe99c5035b1d6355f83998\SMDiagnostics.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\8672e2155460b6fb8b1cf09095d149d9\SecurityAuditPoliciesSnapIn.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\96f4e4b87e625a1c36e4de2efb6f7dcc\napsnap.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\a4e2648f8b4962f4c9660b2085290b06\napinit.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\8fcb3f856afb930c5add8498cadb4d13\naphlpr.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\46d3794a4a440f22cff17197648f6887\MSBuild.ni.exe
+ 2011-08-12 09:29 . 2011-08-12 09:29 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\71b549afed40761f8be9075ca9ad8dd7\MMCFxCommon.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\fd457e872296300765fa1a6d96a6683c\Microsoft.WSMan.Management.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 337408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d3507fe27d8923dd419bfd835581752d\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c35af2e781284aaa8950788a83537d49\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b7d6360dcead019981eefacfa72416e6\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 365056 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b42639fb347902bc5b1469968cd04d7b\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 191488 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\af54bd4955873ab6bd3fdf52f0115ed7\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ae8fe0125b35fc268b9b2f9e3c1b3578\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 663552 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9c748be94847db6c1e5301a99ba507b4\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9695b47898d63ded758b233fca5ab614\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9415b026c58ef2fc5927a383162e9e54\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\76ee89a9fc6963c5243918faf33baca8\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6b120f8db932a314de97c4cd216f8784\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4a8e5945ad34fa301703ba1a919726ff\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\357ee59bdfd1a6401467728163ebb4b6\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 184320 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\322af7c48ad1082cd3d8d326dcc823f4\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\04044d74e0b5f8cd581d47f3e94757e0\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\b96b80f166196dc0e148c73dc8452d25\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 187392 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\fbb7d30f2de697e4f77a02a2aeaf70f4\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\d5db2f08b957beaa1fe59ecd8c830c37\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 210944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\bbf387226939a9d1b23f8c240cff9964\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 157184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\5732689d52aa336fce2ae58b0d2cef27\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f5b347719df9fa791416713aa0fd342f\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\bebf12cadd8b4fbd9c8135405c64794b\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b3b22c86860de1de178e294bc4bd534d\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\512a72ebad1bd44687d8134cd46e1a5c\Microsoft.PowerShell.Security.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1e510aa4de5a90cd44ee2443ae45e097\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\f3deb153b5be9e7c1474aa4a497d6783\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\cd9194dff99c11abae543e12059f7c56\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\58a8452f9bf9f47e742eeed9d951d4cd\Microsoft.Office.Tools.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\3b1442ae3959af1bc1695305ef78a777\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\9658825555dc2c9af1a8ce12e6da2cd7\Microsoft.ManagementConsole.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 286208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\ca4fc1503283c934c8000cd0ebe9b90a\Microsoft.GroupPolicy.Interop.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 455168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\02b2dc0d65a44379fa11870638cf894e\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c52f2b0958be337e88f37a141e18be78\Microsoft.Build.Utilities.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\3f194ebe9a0c1e0903b32f663cb53556\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\e62aa0d898b65d0d831c11b4f56c0785\Microsoft.Build.Engine.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\78fb000aaaba73f34dfa9028b7caef8c\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 587776 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\d6cddb8db9dbcc8c9e38cb2d56d2122d\Microsoft.ApplicationId.RuleWizard.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 316928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\7cf4b92ac03e856eb30772c80ffd31f3\Microsoft.ApplicationId.Framework.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\fe969316614223634cba1c5544f4e3dd\mcstoredb.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\31231127c783eddf25c3d21761e1a15c\EventViewer.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\aceba77dc2230519296726c4a1ce9518\ehRecObj.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\85464949c28a523e3b6cf24679a9776c\ehiVidCtl.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\2ddabd185f08f72237aaa70edaffa6cc\ehiProxy.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\536082f3ff1f0f6fcd7bd58878098071\ehiExtens.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\42621a148e3691a5a992816cb49bee0a\ehExtHost32.ni.exe
+ 2011-08-12 09:29 . 2011-08-12 09:29 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d17a5e7b3e9c6ea0f5c66093771b35eb\CustomMarshalers.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a28cd0923e6ff03f952950eb713f03b3\ComSvcConfig.ni.exe
+ 2011-08-12 09:29 . 2011-08-12 09:29 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\482f9bd79c20ab87b6fa0fa2737d6aa3\BDATunePIA.ni.dll
- 2011-05-24 16:15 . 2011-08-11 15:57 6572904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2227245731-3193272954-811429164-1001-8192.dat
+ 2011-05-24 16:15 . 2011-08-12 11:59 6572904 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2227245731-3193272954-811429164-1001-8192.dat
+ 2011-08-12 10:31 . 2011-08-12 10:31 5176320 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\5202133e255ce05947b8afe895e3f76f\WindowsBase.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\a9bf6deb79fd9d2b2541a950ab75a70f\UIAutomationClientsideProviders.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 7038976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml\1ac4e05bc3b2813ddadb59ba9f0fd961\System.Xml.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 2447360 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\37ecfcc3de7bdc36ba1c3dfb7ee6a6d5\System.Xaml.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1590272 c:\windows\assembly\NativeImages_v4.0.30319_64\System.WorkflowServ#\fbe2ba64347969428cdb4b44b7a60b70\System.WorkflowServices.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 2884096 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Run#\9e028e746b445086627029bcf48089fb\System.Workflow.Runtime.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 5906432 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Com#\88e29a2b2fed720ec84bae72faade29f\System.Workflow.ComponentModel.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 3742208 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Act#\e9bdcbb56cf9748638fb2d482b8ab52d\System.Workflow.Activities.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 5627392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\66beb5e0938298c2812c188925644c94\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 2270720 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\0de9c94ffb0f87fa109f80d3585293c6\System.Web.Services.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 2955776 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Mobile\1c2e4f125d7a937843660a6541928db0\System.Web.Mobile.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1095680 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\c5776a40ae450cfe439229d78603bfad\System.Web.Extensions.Design.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 3758080 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\ba57499f1d8069a7b065754621897357\System.Web.Extensions.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 5595648 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\59e6263d191855509c91fb276f0953a4\System.Web.DataVisualization.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 2733568 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\23e8fddabb602c3efb1e0a66f37fab2f\System.Speech.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 1475584 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\bedac84f554b8fd44b56a93a45b57c67\System.ServiceModel.Web.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1561600 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\713b393e8d7075bd1a3683f9e6f6b268\System.ServiceModel.Discovery.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1904640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\49d303c42b9b694447a3ba6e2a1548cf\System.ServiceModel.Activities.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 3404288 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\6c1acbeb3e61475007b5d20745cad8e8\System.Runtime.Serialization.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 1346560 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\12d17462d5e3ba196e299bb0f1f0b20d\System.Runtime.DurableInstancing.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 1422336 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\ed79f8685b97f5520a3169860c8df9f8\System.Printing.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\58696f56812c7ea9dc5fde8baa3a4b2a\System.Management.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\ad8f2f562edccb394180c80e54ddfb21\System.IdentityModel.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 1096704 c:\windows\assembly\NativeImages_v4.0.30319_64\System.EnterpriseSe#\df0ac9043e9b88bcafa5b378994d8365\System.EnterpriseServices.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 2290688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\058e1143c689861be149cf7c1fcf597a\System.Drawing.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\eb5e94ddc12db438063a90394e46f070\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 1622016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\0cf67c3a77fd159d0af43d16663b1a65\System.DirectoryServices.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 2400256 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\39ccef129f4a96c17b6406678d53c87b\System.Deployment.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 8580608 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data\fc45ad58e3a025051ededa0efbae404f\System.Data.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 3386880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.SqlXml\ed5027c747ed64957ac313befd47e345\System.Data.SqlXml.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 2691584 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Services\5a6f3925547464ba12ecf96b55f564e3\System.Data.Services.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 1791488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\c6f24f3171576104e80b12c4f4254ed2\System.Data.Services.Client.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 1498112 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.OracleC#\df4c3306f4d3a1320396f232deea114a\System.Data.OracleClient.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 3380736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\5f31190f3c1a0ec0518782618b804517\System.Data.Linq.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 1726976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity.#\ec4f3d6399aa106303065b86cbf8847a\System.Data.Entity.Design.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 1255424 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\fcf22c02eb60f8d045daa4386bb604f3\System.Configuration.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 1002496 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\6f848e806caa9545c09866dd0950d853\System.ComponentModel.Composition.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 5680640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\c073f492e366b50d599e8f1447579946\System.Activities.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 4887040 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\6f2faf3f19358776373922b510603a8f\System.Activities.Presentation.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 2005504 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\9a2609f428f731670b3a730cb3f88dd4\System.Activities.Core.Presentation.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 4127232 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\dbe098606014df542c37b96962fd8717\ReachFramework.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 2032128 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\00416e9efbc68509f113692996b45e75\PresentationUI.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 1890304 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationBuildTa#\ec0a15599921f73b7a56051e9b7afb93\PresentationBuildTasks.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 2314752 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\d83a6fc3a6bd96beaa9845201290f292\Microsoft.VisualBasic.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 1622528 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\c386ff5a7c5bfa6b1dfdc6f53119b3a6\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 1828864 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\6bf044858d9641f9b24c4554076e5ae7\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 1510400 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Transacti#\e174701b531de21d8a96ea8ea5975000\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 3312128 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\9f986e23b6ecb48281324d51fdb6e799\Microsoft.JScript.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 2009088 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.CSharp\5046c55b7feb9c9156d18fe1d4735480\Microsoft.CSharp.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 5997056 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build\abe1be45214fd65637bfcad0f5885b02\Microsoft.Build.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 3804672 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Tas#\5a229d6ec80ae687c61556b4934d8e84\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 2518528 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Eng#\97fc5d998a224b1a4c1f5c5db583635c\Microsoft.Build.Engine.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 1003008 c:\windows\assembly\NativeImages_v4.0.30319_64\AspNetMMCExt\5f0dd07c65f51bfbb6df9fa4aa0a4cb8\AspNetMMCExt.ni.dll
+ 2011-08-12 10:30 . 2011-08-12 10:30 5848576 c:\windows\assembly\NativeImages_v4.0.30319_64\AdWindows\1f2b3a76856d577ba1b737e2e7727f10\AdWindows.ni.dll
+ 2011-08-12 09:58 . 2011-08-12 09:58 2971648 c:\windows\assembly\NativeImages_v4.0.30319_64\AcWindows\d5f4a5cc33a8cbd2d263e4062a848240\AcWindows.ni.dll
+ 2011-08-12 09:58 . 2011-08-12 09:58 7764992 c:\windows\assembly\NativeImages_v4.0.30319_64\Acmgd\7b9785c1c12615ca347687e860219719\Acmgd.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 1775104 c:\windows\assembly\NativeImages_v4.0.30319_64\AcLayer\e8cc249a03638aa32aa9083e76016e88\AcLayer.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 2181120 c:\windows\assembly\NativeImages_v4.0.30319_64\AcCui\3f9497dc2270009714e370106e6a8434\AcCui.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 1057792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\7589c9739d52787b05c68a143d20dcee\UIAutomationClientsideProviders.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1781760 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3aa498d229252ab540482ccecaab8f85\System.Xaml.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 1208320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\cdce42cd0fad501dd2a2e7ac4c081011\System.WorkflowServices.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 1968640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\0536647f474b56b39cc12842ec8ace5c\System.Workflow.Runtime.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 4461568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\f31c346bdaaf54581b5139c2a815e9f6\System.Workflow.ComponentModel.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 2870272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\ebd981550d00eead9ac4381d56ec4722\System.Workflow.Activities.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\4742ebf18e4d1f9f6a464afb3f2e884d\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1895424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\dc7b1ab0894c561302c96a091a7ab043\System.Web.Services.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 2328576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\e25a5334f7e500342842780ee1999ca1\System.Web.Mobile.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 3087872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\587c770a0d980876e0aee2265a623be5\System.Web.Extensions.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 4531712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\f8bf3bd8913bb46cb94e669d85cb5b01\System.Web.DataVisualization.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 2011136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\36b38adc49360fcc35892ab7fb15c9d8\System.Speech.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 1128960 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e2abacbaf2e4786339eba541d3d5596c\System.ServiceModel.Discovery.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 1387520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0f9b303dde68998490e8b5be32c6147a\System.ServiceModel.Activities.ni.dll
+ 2011-08-12 10:35 . 2011-08-12 10:35 1050624 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0d6672e2f8038c5349f39c713b5c7697\System.ServiceModel.Web.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 2637312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\020ccbaa78022e92722e98d1c677bfed\System.Runtime.Serialization.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1020928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\65c22515c57fbe4a3c3a6382986d7192\System.Runtime.DurableInstancing.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1050112 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\16fb985d0651d7c5d25aa06de7921eee\System.Printing.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\2c94c3a30c2464d14c3edb1ef5ad9c18\System.Management.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 1072128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\0d26f913a3620a32aac1bf34e380ede0\System.IdentityModel.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\9e98b2fb9d6c6bfd22331a3612e1ae77\System.DirectoryServices.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1878016 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\738bd15095d25b3df67f7574274e3480\System.Deployment.ni.dll
+ 2011-08-12 10:35 . 2011-08-12 10:35 2018304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\f1b6e47d1a5e82107040c7f2bccdd6d6\System.Data.Services.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 1338880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\392366875f6c71fdd16e1db79062ebb1\System.Data.Services.Client.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1189376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\8afe7e1f3addab301258557ba93e2e7a\System.Data.OracleClient.ni.dll
+ 2011-08-12 10:35 . 2011-08-12 10:35 1408000 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\666ce0126ec98e32ee09ffc4afb7fcce\System.Data.Entity.Design.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 4121088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\9bbcd5e6d245a8b7799b5425b2b2b302\System.Activities.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 3713024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\276bef59e43e2fa5b005d47b1a898d80\System.Activities.Presentation.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1518080 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\2899fc096074503091d61f6744c11845\System.Activities.Core.Presentation.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 2859008 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\56e13dd851c3818cad1ae86777baedda\ReachFramework.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1630208 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\5e48f32fa425c2e822776c54d4a98093\PresentationUI.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1478144 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationBuildTa#\02df60e4acfdc10925f537588039412b\PresentationBuildTasks.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\5753643b5768a762ff52c1a3e86437a8\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1836544 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\3a35d8c95c2a851e1175cc02d3ad3e50\Microsoft.VisualBasic.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1138688 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\0881c19254cb2f023624305d6fe13290\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1082368 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\ba6e30d4928b782b24606e333d72e9bd\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\6fb9478d3774d431ccd29f7524446f18\Microsoft.JScript.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 4243456 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\6616791409caec4be479e47443a5588e\Microsoft.Build.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 2868736 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\70b026614b7d7d5ab97ef704de534849\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 1929216 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Eng#\ec5058d9e0f6a13ec4c46448f7c23618\Microsoft.Build.Engine.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\b8bf364f0522a662055f670bf4e86c8f\UIAutomationClientsideProviders.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\394711b95ef17f6a7314eca2aba756e7\System.WorkflowServices.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\fe69339f03e5b94b558c688512246a5e\System.Web.Mobile.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\b513632337cadf6b2a8f8b6975c7d96f\System.Web.Extensions.Design.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 3042304 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\9c1f2e29f7b5f1d398405640ef4b1c7c\System.Web.Extensions.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\31bbf607c61e3b9aeced14cb984ea9f6\System.Speech.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\667a561422e2ccf10daef0a5dc6c8043\System.ServiceModel.Web.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\50faf7f472bfc6d562696341df45b3c9\System.Runtime.Serialization.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\36723de72c78b2791de226253580f107\System.Management.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\df0cb96e6d087500c9210b33be2c91c9\System.IdentityModel.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\11a932eb07432edfc6f9de22753337ba\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\f7483e84119e0be9074377e731ffbe0c\System.Data.Services.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\16932309d9a552f362c85ac0adfe1607\System.Data.Services.Client.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\82b491f0b4a55a29d4de0e7648a43707\System.Data.Linq.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\22600cdf0f670e44b03b243af68cd76d\System.Data.Entity.Design.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\5f7c48b31971fee1af48dd20c7dd7033\System.Core.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 1530368 c:\windows\assembly\NativeImages_v2.0.50727_64\SrpUxSnapIn\bed44cd7a336e0d8cf98e84b3d0fef60\SrpUxSnapIn.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\ff71ee8681938634786fac49359c8b15\PresentationBuildTasks.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\2f9ac667c184e068523d6047153f2d91\Narrator.ni.exe
+ 2011-08-12 09:56 . 2011-08-12 09:56 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\92414dfe464e98f09057245b6dd04d05\MMCEx.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\c66470a9076fc188a35ec7643aa1ee2e\MIGUIControls.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 1877504 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5f7d20769d7707bf07110afe96a3289a\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\4b85c3384fdda12490074283615d4723\Microsoft.VisualBasic.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\deae3fdab784ca275290c02a3288a33d\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f1cc6b5a2520e6b946198cd51498dff9\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b1d791e971f5c23b5ab0bf61bcfe60a0\Microsoft.PowerShell.Editor.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\42c4e6bd35af9d592663de61cb8c8108\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\332067cce1149bb2008d5af79ef8024d\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 1093632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\c3c2acebdcbc2d03003d5724db74ea22\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 1186304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\ad52422c41d84e02ebeb46de9256567e\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 1875456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\9187a3737d4e2bd1993b3ffa4ee4655f\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\fc417f7e196b7d7d5e717cb892f16144\Microsoft.MediaCenter.UI.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ce834b9729a66c3ef9ec5c4350e6ab59\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cc0f76a8214ddc88b56c6c14146c2555\Microsoft.MediaCenter.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\8f1d674c4309a0c29fb708ba7a5e54c4\Microsoft.MediaCenter.Shell.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\52e7f067d8a3358baeb77ac8cd988c0e\Microsoft.MediaCenter.Bml.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\95184c861c38e940aeadc4276a8596e6\Microsoft.JScript.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\0e8c24abc2dbbafc9519f64571a39433\Microsoft.Ink.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 5054976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\e10acf1afed34b2048e526c94537392c\Microsoft.GroupPolicy.Reporting.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\638f3afd3c310ed7d048e60cc1daf57e\Microsoft.Build.Tasks.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\58e96fd5359c0f3d6ed8f350ff721f87\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\f2ae54183322e3710c0344c44fd512d8\Microsoft.Build.Engine.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\37c906e0ea6325e55c1f222aa4a5462b\Microsoft.Build.Engine.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\c0018e4aaaa7eebb4fadaf5220854fe8\mcstore.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\0d18e8a503ef9e5bc676d89c7d508d7f\mcepg.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\864ef3de707640f5a889efc4425e5c40\ehiVidCtl.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\60b7bccb6de4c8d42f2eaf1d0e7a9216\ehiProxy.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 5746688 c:\windows\assembly\NativeImages_v2.0.50727_64\AdWindows\50e94c750a27b53a49d14161f480a1c5\AdWindows.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 2653184 c:\windows\assembly\NativeImages_v2.0.50727_64\AcWindows\a4efa20cd51aef8b845283b477263303\AcWindows.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 7745024 c:\windows\assembly\NativeImages_v2.0.50727_64\acmgd\d3177ff4a671a9d47bd10d9bc3b99d27\acmgd.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\AcLayer\1e96f1c94c27c04090f71cec4d76dcfc\AcLayer.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 2170368 c:\windows\assembly\NativeImages_v2.0.50727_64\AcCui\6407bfb2de9e87620c148a0b30265c28\AcCui.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ea9a1c2394a99526c4022be3bcf3dd91\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1285632 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d559619451978927e2cfb063be33a866\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cd894de864d0e5d306e81bb53b449338\WindowsLive.Writer.Localization.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 7026176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\945ef5fdf1b7522f18037e3777584423\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\92104881c09380b6b86ec656e8c502f6\UIAutomationClientsideProviders.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\a6409b4be5018e5cbad7ef197d4237e1\System.WorkflowServices.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4de6ad3bad2dc4fbbbd33b16b1a7b219\System.Web.Mobile.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\871d3f0cc83d73a106151257ee74a4aa\System.Web.Extensions.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2c7c32228442440e4c23f772fd64b24b\System.Speech.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0139ae05cabaf2ac25cc85279e187e0a\System.ServiceModel.Web.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e285e2af5e0e8ac7d91936b2cb18542f\System.Runtime.Serialization.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f2b1857a7db371f0417a84e8ca25f450\System.Management.Automation.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\5ab23d203c8bfade7160ea915719c730\System.IdentityModel.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\bdd5f48d4c93c961f25bd819e367894f\System.Data.Services.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3da17a7980d13fae329f2c3a77797b08\System.Data.Services.Client.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1992ecfb8eb3318820e3d28df55bee6a\System.Data.Linq.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\301160f0d81368efb2f79e9b714ec505\System.Data.Entity.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1351168 c:\windows\assembly\NativeImages_v2.0.50727_32\SrpUxSnapIn\ae885d628f85ede263e593688ef1caaf\SrpUxSnapIn.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\c16377318357fb4fcda87c1015815a76\PresentationBuildTasks.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\ca760a3cb6cabbdf11c1aa42e5b79ee9\Narrator.ni.exe
+ 2011-08-12 09:30 . 2011-08-12 09:30 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\97051ca60f5e2ea7927adebcb2af9097\MMCEx.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\40f947b2a4ecb8ba656104c3f77bb79b\MIGUIControls.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1300992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0e8e6ead7f4a6b149f12335a81660a83\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\47a4b624c147aae197214d4ee5f0661b\Microsoft.VisualBasic.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\0d7a48003dd32151b3518b3ee7f13350\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\79af41ccc6bdc25ede7b249ae32f0101\Microsoft.PowerShell.Editor.ni.dll
+ 2011-08-12 09:30 . 2011-08-12 09:30 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\348ff55789cc23b72b19036f01903b63\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\21f675cbc3d058e68f7f6371644da25f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\72330d1836050b7535fea60871b4bdc9\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ffec5408d56ba9fb311518d6ec521691\Microsoft.MediaCenter.UI.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\81359c52225ae557ddf7dbdf3c0bf048\Microsoft.MediaCenter.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\35138a36b7d07f4d37adf96745ef80cb\Microsoft.JScript.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\9c17eb4bfbca7719a4f10bbd3473d07d\Microsoft.Ink.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 4071424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\5b6b82df7c502cf24eeab34e034de5a3\Microsoft.GroupPolicy.Reporting.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\4b45a3a1f24d0d773f9f8fb2d8ce8164\Microsoft.Build.Tasks.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\01de5c2808a0c30578614dae24c5d591\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\db9750e8aae34d7bd25b76564f2cebd5\Microsoft.Build.Engine.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\9004890e93911c7612aa5f218c474618\mcstore.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\e0683c0b9e68c44011a1f4b70b85239f\mcepg.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 17288192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e0091eb98fa841649b6fad17bb0e7262\System.Windows.Forms.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 15656448 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web\60073206bd3904cfc625e0913b9ccdef\System.Web.ni.dll
+ 2011-08-12 10:34 . 2011-08-12 10:34 24483840 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\a73197785f07721fd89b02713b6f0b86\System.ServiceModel.ni.dll
+ 2011-08-12 10:32 . 2011-08-12 10:32 13255680 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Design\f8b5a462bf7492c95d2dd823db7e8ffc\System.Design.ni.dll
+ 2011-08-12 10:33 . 2011-08-12 10:33 18434048 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\fe4d47d9ba672ae77c737bb7ad518324\System.Data.Entity.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 10422272 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Core\4ef06cf2c3950f4d4b9037b841c05914\System.Core.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 23242240 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\9b38883339d48793df2b27d247e73971\PresentationFramework.ni.dll
+ 2011-08-12 10:31 . 2011-08-12 10:31 15102976 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\7b4a4ec0cae68a2c165b0a73be99105d\PresentationCore.ni.dll
+ 2011-08-12 09:57 . 2011-08-12 09:57 14148608 c:\windows\assembly\NativeImages_v4.0.30319_64\Acdbmgd\5aec35cc5e642795b3b9d3c53c1db9e0\Acdbmgd.ni.dll
+ 2011-08-12 09:31 . 2011-08-12 09:31 11993088 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\2893ce1fc4f7bff9fba4bf550944d4eb\System.Web.ni.dll
+ 2011-08-12 10:36 . 2011-08-12 10:36 17996800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\af95bce9a5fcfe3119fc175cc9b0b3d5\System.ServiceModel.ni.dll
+ 2011-08-12 10:35 . 2011-08-12 10:35 13325312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\ce6c51d21159048033141cfc37c74aa2\System.Data.Entity.ni.dll
+ 2011-08-12 09:54 . 2011-08-12 09:54 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\962330ba0685ac1176b611bc052d0ca7\System.ServiceModel.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\34d1eab899a35bb7a0075c0b0b3d5938\System.Management.Automation.ni.dll
+ 2011-08-12 09:56 . 2011-08-12 09:56 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\7bf5c7476d8c8255a30a4cda0c9f43be\System.Data.Entity.ni.dll
+ 2011-08-12 09:55 . 2011-08-12 09:55 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\857d393b4e25062d5ba400f3422b74e6\ehshell.ni.dll
+ 2011-08-12 09:53 . 2011-08-12 09:53 14932480 c:\windows\assembly\NativeImages_v2.0.50727_64\acdbmgd\bd967a8e8c0ab1a656ee1613ef3538de\acdbmgd.ni.dll
+ 2011-08-12 09:29 . 2011-08-12 09:29 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\052fc9c848a7f4630980ae0fd7a282e0\System.ServiceModel.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-12 5466496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-01-11 303104]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 is3srv;is3srv;c:\windows\SySWOW64\drivers\is3srv64.sys [x]
R0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 ALSysIO;ALSysIO;c:\users\ondra\AppData\Local\Temp\ALSysIO64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-08-08 1431888]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 136176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-12 139648]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 08:13]
.
2011-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-14 08:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-14 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-14 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-14 418328]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.daemon-search.com/startpage
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 195.113.144.194 94.74.228.228
FF - ProfilePath - c:\users\ondra\AppData\Roaming\Mozilla\Firefox\Profiles\rt9bhkxu.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2227245731-3193272954-811429164-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jbr"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2011-08-12 14:03:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-12 12:03
ComboFix2.txt 2011-08-12 09:07
.
Před spuštěním: Volných bajtů: 654 213 918 720
Po spuštění: Volných bajtů: 653 765 386 240
.
- - End Of File - - AFA22BE415FD4876669629ACA4B17555

[stell]

Ok, Malwarebytes, blokuje Dajaku Svedsku IP adresu

IP: 93.158.114.94
Decimal: 1570665054
Hostname: 93.158.114.94
ISP: Phonera Networks AB
Organization: Sweden Dedicated

Stahni OTListIt2>> OTL
do okna >vloz zeleny text a klik Klikn na tlačítko Opravit
Po dokončení, sem vlož logy log

Kód: Vybrat vše

:Files 
ipconfig /flushdns /c 
:Commands 
[purity] 
[resethosts] 
[CreateRestorePoint] 
[emptytemp] 
[start explorer]
[Reboot]

[osc]

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Konfigurace protokolu IP syst‚mu Windows
MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.
C:\Users\ondra\Desktop\cmd.bat deleted successfully.
C:\Users\ondra\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: ondra
->Temp folder emptied: 4993 bytes
->Temporary Internet Files folder emptied: 1766771 bytes
->Java cache emptied: 16712 bytes
->FireFox cache emptied: 44941521 bytes
->Google Chrome cache emptied: 111640707 bytes
->Flash cache emptied: 1928 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1017856 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1586 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 239684773 bytes

Total Files Cleaned = 381,00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 08122011_145135

Files\Folders moved on Reboot...
C:\Users\ondra\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

[stell]

Noo, ako je na tom pc??odskusaj a napis.

[osc]

ahoj,
zkousim, zkousim a zda se, ze je to OK !
Co to bylo, jak se to ke me dostalo ?

Velmi dekuji za pomoc !
ondrej

[stell]

No,este len uvidime ze ci bude ok, Malwarebytes blokoval, svedske odchadzajuce IP, teda mohol si to mat,ci v HOSTS, v medzi pamati,alebo v cache FF,IE,, takze sme vsetko vyprazdnili a uvidime ci bude ok, inak tam nevidim uz smejda, ale uvidime,,vsetko moze byt.