Win32:Rootkit-gen [Rtk]

Zpráva

r4v · #1 Příspěvek od **r4v** » 18 úno 2010 08:14

Dobrý den od rána se mi objevují hlášky o tomto viru, většina hlášek jde ze system32/drivers/jméno.sys

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lapacek at 2010-02-18 08:07:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 31 GB (62%) free of 50 GB
Total RAM: 1919 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:08:33, on 18.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\ASScrPro.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\Údržba\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Lapacek.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Lapacek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Lapacek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Standard\MediaDetector.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: monnid32.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 1488203015
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 12231 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Lapacek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-07-12 225280]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-07-03 7708672]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-12-12 16859136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-10-23 376921]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"ASUSTPE"=C:\WINDOWS\system32\ASUSTPE.exe [2007-01-16 106496]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-07-10 851968]
"ASUS Camera ScreenSaver"=C:\WINDOWS\ASScrProlog.exe [2008-09-15 37232]
"ASUS Screen Saver Protector"=C:\WINDOWS\ASScrPro.exe [2008-09-15 33136]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-30 13594624]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-30 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BlazeServoTool"=C:\Program Files\BlazeVideo\BlazeDVD 5 Standard\MediaDetector.exe []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Documents and Settings\Lapacek\Nabídka Start\Programy\Po spuštění
monnid32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtPCS.exe"="C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtPCS.exe:*:Enabled:Bluetooth PAN Client"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\games\Valve\hl.exe"="D:\games\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\games\Valve\Counter-Strike\hl.exe"="D:\games\Valve\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\games\Non-steam\Valve\hl.exe"="D:\games\Non-steam\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\games\CCP\EVE\bin\ExeFile.exe"="D:\games\CCP\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Lapacek\temp\TeamViewer\Version5\TeamViewer.exe"="C:\Documents and Settings\Lapacek\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2010-02-18 08:07:59 ----D---- C:\rsit
2010-02-18 08:05:46 ----D---- C:\WINDOWS\LastGood
2010-02-18 08:04:40 ----A---- C:\WINDOWS\system32\fjhdyfhsn.bat
2010-02-15 02:00:20 ----D---- C:\Program Files\EVEMon
2010-02-10 19:19:29 ----D---- C:\Documents and Settings\Lapacek\Data aplikací\TeamViewer
2010-02-07 10:00:51 ----A---- C:\WINDOWS\system32\SysInfo.dll
2010-02-07 10:00:33 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-02-07 09:45:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
2010-02-07 09:45:08 ----A---- C:\WINDOWS\system32\systeminfo.dll
2010-02-05 18:36:06 ----D---- C:\Program Files\ICQ6Toolbar
2010-02-05 18:35:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-02-05 18:35:09 ----D---- C:\Documents and Settings\Lapacek\Data aplikací\ICQ
2010-02-05 18:34:33 ----D---- C:\Program Files\ICQ7.0
2010-02-02 09:48:54 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-27 22:11:03 ----D---- C:\Program Files\Combined Community Codec Pack
2010-01-27 20:52:19 ----A---- C:\WINDOWS\system32\unrar.dll
2010-01-27 20:52:08 ----D---- C:\Program Files\K-Lite Codec Pack
2010-01-23 13:37:03 ----D---- C:\Program Files\QIP

======List of files/folders modified in the last 1 months======

2010-02-18 08:08:17 ----D---- C:\Program Files\Mozilla Firefox
2010-02-18 08:08:11 ----D---- C:\WINDOWS\Prefetch
2010-02-18 08:08:02 ----D---- C:\Program Files\Trend Micro
2010-02-18 08:06:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-18 08:06:51 ----D---- C:\WINDOWS\system32\drivers
2010-02-18 08:05:46 ----D---- C:\WINDOWS
2010-02-18 08:04:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-18 08:04:40 ----D---- C:\WINDOWS\system32
2010-02-18 08:04:38 ----D---- C:\WINDOWS\Temp
2010-02-18 08:00:33 ----HD---- C:\WINDOWS\inf
2010-02-18 02:30:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-18 02:21:23 ----D---- C:\Documents and Settings\Lapacek\Data aplikací\EVEMon
2010-02-15 02:00:20 ----RD---- C:\Program Files
2010-02-12 23:35:54 ----D---- C:\Documents and Settings\Lapacek\Data aplikací\Skype
2010-02-12 20:54:44 ----D---- C:\Documents and Settings\Lapacek\Data aplikací\skypePM
2010-02-06 02:37:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-02-05 18:36:02 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-03 10:59:38 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-02 09:48:57 ----SHD---- C:\WINDOWS\Installer
2010-01-20 11:41:38 ----RSD---- C:\WINDOWS\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 GearAspiWDM;GearAspiWDM; C:\WINDOWS\system32\drivers\GearAspiWDM.sys [2004-07-29 14384]
R1 PQIMount;PQIMount; C:\WINDOWS\system32\drivers\PQIMount.sys [2004-07-29 46779]
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-01-11 25400]
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-09 191544]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-09-17 278984]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-09-17 25416]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-10-26 549184]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-12-12 4635648]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-30 6250848]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-05-04 46720]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-05-04 19968]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2007-01-15 34816]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-05-25 1743232]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-07-03 57344]
S3 a6m52dsn;a6m52dsn; C:\WINDOWS\system32\drivers\a6m52dsn.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070110.052\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070110.052\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-01-11 247608]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-01-11 276792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-09 27576]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2007-10-23 364629]
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-07 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 GEARSecurity;GEARSecurity; C:\WINDOWS\System32\GEARSec.exe [2004-07-29 53248]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 Norton Ghost;Norton Ghost; C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe [2004-07-29 1269760]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-30 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-04-17 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-09-07 189672]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-01-05 47712]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
R3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]

-----------------EOF-----------------

Unlimited_Killer

Něco tam bude...

1) ComboFix

Stáhněte a uložte na Plochu ComboFix.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Spusťte ho s administrátorským oprávněním.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'.
Budete také dotázáni na instalaci konzole pro zotavení, taktéž klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat.
Váš PC bude pravděpodobně restartován, tak se toho nelekněte.
Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu (či následném restartu) na Vás 'vypadne' log, který vkopírujete ve formě textu sem.
Pokud žádný log 'nevypadne', naleznete jej v umístění C:\ComboFix.txt

r4v · #3 Příspěvek od **r4v** » 18 úno 2010 13:03

Zde je log z Conbofix
ComboFix 10-02-17.01 - Lapacek 18.02.2010 12:50:49.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1452 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lapacek\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100218-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\INSTALL.LOG
c:\windows\system32\SysInfo.dll
c:\windows\system32\systeminfo.dll
c:\windows\system32\twain_32.dll
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-18 do 2010-02-18 )))))))))))))))))))))))))))))))
.

2010-02-18 07:07 . 2010-02-18 07:08 -------- d-----w- C:\rsit
2010-02-18 07:06 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-02-18 07:06 . 2008-04-13 23:11 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-18 07:04 . 2010-02-18 07:04 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2010-02-15 01:00 . 2010-02-15 01:00 -------- d-----w- c:\program files\EVEMon
2010-02-10 18:19 . 2010-02-10 18:19 -------- d-----w- c:\documents and settings\Lapacek\temp
2010-02-07 09:00 . 2007-12-01 16:10 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2010-02-05 17:36 . 2010-02-05 17:36 -------- d-----w- c:\program files\ICQ6Toolbar
2010-02-05 17:34 . 2010-02-05 17:37 -------- d-----w- c:\program files\ICQ7.0
2010-02-02 08:48 . 2010-02-02 08:48 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-27 21:11 . 2010-01-27 21:11 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-01-27 19:52 . 2009-12-12 14:15 178176 ----a-w- c:\windows\system32\unrar.dll
2010-01-27 19:52 . 2010-01-27 21:08 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-23 12:37 . 2010-01-23 12:37 -------- d-----w- c:\program files\QIP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-18 07:08 . 2008-12-15 16:15 -------- d-----w- c:\program files\Trend Micro
2010-02-05 17:36 . 2008-09-15 12:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-17 18:14 . 2008-10-01 17:10 -------- d-----w- c:\program files\Mv2Player
2010-01-12 03:47 . 2010-01-12 03:47 -------- d-----w- c:\program files\Registry Clean Expert
2010-01-12 03:46 . 2010-01-12 03:46 -------- d-----w- c:\program files\AML Products
2009-11-24 23:54 . 2008-09-15 12:39 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-09-15 12:39 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2008-09-15 12:39 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-09-15 12:39 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-09-15 12:39 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-09-15 12:39 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 17:54 . 2008-10-11 15:38 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2003-12-18 10:33 . 2009-11-16 22:14 20102 ----a-w- c:\program files\Readme.txt
2003-09-03 06:46 . 2009-11-16 22:14 10960 ----a-w- c:\program files\EULA.txt
2009-10-05 17:34 . 2009-11-12 08:06 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
2009-10-06 03:06 . 2009-10-04 21:23 68790304 --sha-w- c:\windows\system32\drivers\fidbox.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"= "c:\documents and settings\Lapacek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll" [2009-07-14 150768]

[HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[HKEY_CLASSES_ROOT\TypeLib\{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 16:14 150768 ----a-w- c:\documents and settings\Lapacek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2007-12-12 16859136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-10-23 376921]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-01-16 106496]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-09-15 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-09-15 33136]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13594624]
"nwiz"="nwiz.exe" [2009-01-30 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 86016]

c:\documents and settings\Lapacek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
monnid32.exe [2008-4-14 28160]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-1 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe"
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtPCS.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\games\\Valve\\hl.exe"=
"d:\\games\\Valve\\Counter-Strike\\hl.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\games\\Non-steam\\Valve\\hl.exe"=
"d:\\games\\CCP\\EVE\\bin\\ExeFile.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Lapacek\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20984:TCP"= 20984:TCP:BitComet 20984 TCP
"20984:UDP"= 20984:UDP:BitComet 20984 UDP
"6112:TCP"= 6112:TCP:Blizzard Downloader
"10821:TCP"= 10821:TCP:BitComet 10821 TCP
"10821:UDP"= 10821:UDP:BitComet 10821 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 0 (0x0)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowRedirect"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [16.9.2008 22:16 5248]
R0 PQV2i;PQV2i;c:\windows\system32\drivers\PQV2i.sys [29.7.2004 2:33 138780]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [15.9.2008 13:39 114768]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.3.2008 16:52 33800]
R1 PQIMount;PQIMount;c:\windows\system32\drivers\PQIMount.sys [29.7.2004 3:13 46779]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [28.12.2008 12:35 120320]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.9.2008 13:39 20560]
S0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [16.9.2008 22:16 160640]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.9.2008 11:31 685816]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
Trusted Zone: centrum.cz\xchat
Trusted Zone: pomernac.cz\vsd
FF - ProfilePath - c:\documents and settings\Lapacek\Data aplikací\Mozilla\Firefox\Profiles\krm6nmlq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.chon.biz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q=
FF - component: c:\program files\Mozilla Firefox\components\qippipe.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-BlazeServoTool - c:\program files\BlazeVideo\BlazeDVD 5 Standard\MediaDetector.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 12:58
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

C:\ADSM_PData_0150

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-220523388-583907252-1801674531-1004\Software\SecuROM\License information*]
"datasecu"=hex:15,1f,51,72,21,d2,bd,14,fe,1f,00,2a,33,9e,67,a4,61,3b,a0,eb,b8,
28,00,b3,5a,e6,ab,5f,9d,65,0f,e3,cb,33,aa,41,3b,c4,b3,96,fd,09,8e,6b,e9,91,\
"rkeysecu"=hex:39,8e,b4,03,43,b1,cb,7f,cd,57,48,f4,e3,f0,30,67
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1708)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
.
Celkový čas: 2010-02-18 13:01:08
ComboFix-quarantined-files.txt 2010-02-18 12:01

Před spuštěním: Volných bajtů: 32 500 428 800
Po spuštění: Volných bajtů: 32 472 358 912

- - End Of File - - 8A3BF7EB2E12235FDADCC9F941011AD6

Unlimited_Killer

Omlouvám se za zdržení.

1) Skript do ComboFix-u

Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].

Do něj vkopírujte následující text:

Kód: Vybrat vše

KillAll::

Collect::
c:\windows\system32\fjhdyfhsn.bat
c:\documents and settings\Lapacek\Nabídka Start\Programy\Po spuštění\monnid32.exe

File::
C:\Documents and Settings\Lapacek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

Folder::
c:\program files\ICQ6Toolbar

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
[-HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[-HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[-HKEY_CLASSES_ROOT\TypeLib\{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[-HKEY_CLASSES_ROOT\qipbar.QIPBHO]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"=-
"RemoteControl"=-
"Adobe Reader Speed Launcher"=-

Extra::

DDS::
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe

FireFox::
FF - ProfilePath - c:\documents and settings\Lapacek\Data aplikací\Mozilla\Firefox\Profiles\krm6nmlq.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.1&q=
FF - component: c:\program files\Mozilla Firefox\components\qippipe.dll

Reboot::

Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
Přetáhněte tento soubor nad ComboFix a pusťte ho.
I tento soubor, i ComboFix musí být na Ploše!
ComboFix se spustí a vykoná příkazy ze skriptu.
Počítač bude pravděpodobně restartován.
Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.

2) VirusTotal

Otestujte na VirusTotal soubory:
Kód: Vybrat vše
```
c:\windows\system32\drivers\PQV2i.sys
```
Jednoduše tam vkopírujete cesty, co jsem napsal do code.
Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
Poté jsem vložíte linky (odkazy) na jednotlivé testy.

r4v · #5 Příspěvek od **r4v** » 19 úno 2010 00:15

Nemusíte se omlouvat to já jsem chtěl vaši pomoct a nic z toho nemáte takže bych se měl omluvit spíše já nevědomí člověk který musí tahat vás znalé od vaší práce

Zde je link na soubor
http://www.virustotal.com/cs/analisis/1 ... 1266534427

Combofix log po provedení akce
ComboFix 10-02-18.06 - Lapacek 18.02.2010 23:48:47.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1396 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lapacek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lapacek\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100218-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\documents and settings\Lapacek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll"

file zipped: c:\documents and settings\Lapacek\Nabídka Start\Programy\Po spuštění\monnid32.exe
file zipped: c:\windows\system32\fjhdyfhsn.bat
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Lapacek\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
c:\documents and settings\Lapacek\Nabídka Start\Programy\Po spuštění\monnid32.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\Mozilla Firefox\components\qippipe.dll
c:\windows\system32\drivers\hamachi.sys
c:\windows\system32\fjhdyfhsn.bat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-18 do 2010-02-18 )))))))))))))))))))))))))))))))
.

2010-02-18 07:07 . 2010-02-18 07:08 -------- d-----w- C:\rsit
2010-02-18 07:06 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-02-18 07:06 . 2008-04-13 23:11 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-15 01:00 . 2010-02-15 01:00 -------- d-----w- c:\program files\EVEMon
2010-02-10 18:19 . 2010-02-10 18:19 -------- d-----w- c:\documents and settings\Lapacek\temp
2010-02-07 09:00 . 2007-12-01 16:10 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2010-02-05 17:34 . 2010-02-05 17:37 -------- d-----w- c:\program files\ICQ7.0
2010-02-02 08:48 . 2010-02-02 08:48 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-27 21:11 . 2010-01-27 21:11 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-01-27 19:52 . 2009-12-12 14:15 178176 ----a-w- c:\windows\system32\unrar.dll
2010-01-27 19:52 . 2010-01-27 21:08 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-23 12:37 . 2010-01-23 12:37 -------- d-----w- c:\program files\QIP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-18 07:08 . 2008-12-15 16:15 -------- d-----w- c:\program files\Trend Micro
2010-02-05 17:36 . 2008-09-15 12:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-17 18:14 . 2008-10-01 17:10 -------- d-----w- c:\program files\Mv2Player
2010-01-12 03:47 . 2010-01-12 03:47 -------- d-----w- c:\program files\Registry Clean Expert
2010-01-12 03:46 . 2010-01-12 03:46 -------- d-----w- c:\program files\AML Products
2009-11-24 23:54 . 2008-09-15 12:39 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-09-15 12:39 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2008-09-15 12:39 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-09-15 12:39 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-09-15 12:39 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-09-15 12:39 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 17:54 . 2008-10-11 15:38 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2003-12-18 10:33 . 2009-11-16 22:14 20102 ----a-w- c:\program files\Readme.txt
2003-09-03 06:46 . 2009-11-16 22:14 10960 ----a-w- c:\program files\EULA.txt
2009-10-06 03:06 . 2009-10-04 21:23 68790304 --sha-w- c:\windows\system32\drivers\fidbox.dat
.

------- Sigcheck -------

[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\atapi.sys
[-] 2008-04-14 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-02-18_11.58.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-18 22:56 . 2010-02-18 22:56 16384 c:\windows\temp\Perflib_Perfdata_50c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2007-12-12 16859136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-10-23 376921]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-01-16 106496]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-09-15 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-09-15 33136]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13594624]
"nwiz"="nwiz.exe" [2009-01-30 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 86016]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-1 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe"
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtPCS.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\games\\Valve\\hl.exe"=
"d:\\games\\Valve\\Counter-Strike\\hl.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\games\\Non-steam\\Valve\\hl.exe"=
"d:\\games\\CCP\\EVE\\bin\\ExeFile.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Lapacek\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20984:TCP"= 20984:TCP:BitComet 20984 TCP
"20984:UDP"= 20984:UDP:BitComet 20984 UDP
"6112:TCP"= 6112:TCP:Blizzard Downloader
"10821:TCP"= 10821:TCP:BitComet 10821 TCP
"10821:UDP"= 10821:UDP:BitComet 10821 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 0 (0x0)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowRedirect"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [16.9.2008 22:16 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [16.9.2008 22:16 5248]
R0 PQV2i;PQV2i;c:\windows\system32\drivers\PQV2i.sys [29.7.2004 2:33 138780]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.9.2008 11:31 685816]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [15.9.2008 13:39 114768]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.3.2008 16:52 33800]
R1 PQIMount;PQIMount;c:\windows\system32\drivers\PQIMount.sys [29.7.2004 3:13 46779]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [28.12.2008 12:35 120320]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.9.2008 13:39 20560]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
Trusted Zone: centrum.cz\xchat
Trusted Zone: pomernac.cz\vsd
FF - ProfilePath - c:\documents and settings\Lapacek\Data aplikací\Mozilla\Firefox\Profiles\krm6nmlq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.chon.biz/
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 23:56
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

C:\ADSM_PData_0150

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x89F496E8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80fcf28
\Driver\ACPI -> ACPI.sys @ 0xb7e55cb8
\Driver\atapi -> 0x89f496e8
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: NVIDIA nForce Networking Controller -> SendCompleteHandler -> NDIS.sys @ 0xb7cf0bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7cdfa0d
SendHandler -> NDIS.sys @ 0xb7cf3b40
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-220523388-583907252-1801674531-1004\Software\SecuROM\License information*]
"datasecu"=hex:15,1f,51,72,21,d2,bd,14,fe,1f,00,2a,33,9e,67,a4,61,3b,a0,eb,b8,
28,00,b3,5a,e6,ab,5f,9d,65,0f,e3,cb,33,aa,41,3b,c4,b3,96,fd,09,8e,6b,e9,91,\
"rkeysecu"=hex:39,8e,b4,03,43,b1,cb,7f,cd,57,48,f4,e3,f0,30,67
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1668)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(3184)
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\acs.exe
c:\windows\System32\GEARSec.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\ACEngSvr.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
.
**************************************************************************
.
Celkový čas: 2010-02-19 00:01:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-18 23:01
ComboFix2.txt 2010-02-18 12:01

Před spuštěním: Volných bajtů: 32 442 658 816
Po spuštění: Volných bajtů: 32 398 614 528

- - End Of File - - 6D0F806CDC359A56DCB446729557CD3E

Unlimited_Killer

0K.

1) Skript do ComboFix-u

Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].

Do něj vkopírujte následující text:

Kód: Vybrat vše

FCopy::
c:\windows\erdnt\cache\atapi.sys | c:\windows\system32\drivers\atapi.sys

Reboot::

Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
Přetáhněte tento soubor nad ComboFix a pusťte ho.
I tento soubor, i ComboFix musí být na Ploše!
ComboFix se spustí a vykoná příkazy ze skriptu.
Počítač bude pravděpodobně restartován.
Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.

2) Odinstalace virtuálních mechanik

Odinstalujte všechny virtuální mechaniky - například Alcohol, DeamonTools atd.

3) Odinstalace SPTD

Přejděte na tento odkaz.
Zde si stáhněte verzi SPTD dle Vašeho operačního systému (XP/Vista/W7 - 32/64bit).
Stažený soubor dvojklikem spusťte.
Klikněte na prostřední tlačítko 'Uninstall'.
Restartujte PC.

4) MBR.exe

Stáhněte MBR.exe na Plochu.
Proklikejte se na Start → Spustit [Win+R] a zadejte či vkopírujte následující text:
Kód: Vybrat vše
```
"%userprofile%\plocha\mbr" -t
```
Nyní stiskněte 'Enter'.
Na Ploše by se měl vytvořit soubor MBR.log, jehož obsah mi sem vkopírujete ve formě textu.

5) GMER

Stáhněte GMER, rozbalte ho na Plochu a dvojklikem ho spusťte.
Několik sekund bude skenovat.
Až sken dokončí, klikněte na 'Save' - to vygeneruje první log, který mi vložíte ve formě textu sem.
Poté vytvořte druhý log, přičemž se budete řídit tímto návodem - tento log mi sem taktéž vložíte.

r4v · #7 Příspěvek od **r4v** » 19 úno 2010 22:46

Než budu pokračovat dále návodem mám menší problém po testu s CF jsem zjistil,že v systému se mi vyskytl problém s ovladačem k Microsoft kernel acoustic canceller. Je to to pod Řadiči zvuku, videa a herní zařízení. Myslíte,že to mohla způsobit předešlá akce combofixu? Co se týče ovladače snažil jsem se najít nějaký driver na internetu,ale bez úspěchu všude už byla url neunkční a nevím kde hledat daný driver

Unlimited_Killer

Vyřešíme to po odvíření, 0K?

r4v · #9 Příspěvek od **r4v** » 20 úno 2010 20:06

Part 1
ComboFix 10-02-19.04 - Lapacek 20.02.2010 15:48:56.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1408 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lapacek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lapacek\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100220-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
--------------- FCopy ---------------

c:\windows\erdnt\cache\atapi.sys --> c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-20 do 2010-02-20 )))))))))))))))))))))))))))))))
.

2010-02-19 12:05 . 2010-02-19 12:05 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-19 12:05 . 2010-02-19 12:05 -------- d-----w- c:\program files\MSBuild
2010-02-19 12:05 . 2010-02-19 12:05 -------- d-----w- c:\program files\Reference Assemblies
2010-02-19 12:04 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-19 12:04 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-19 12:04 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-19 12:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-19 12:04 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-19 12:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-19 12:04 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-19 12:04 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-19 12:04 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-19 12:04 . 2010-02-19 12:04 -------- d-----w- C:\4cfbcaec4d02e462252dc07176
2010-02-19 11:03 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-19 10:41 . 2010-02-19 10:41 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-02-19 10:37 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-19 10:27 . 2009-12-09 10:11 2191360 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-19 10:27 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-19 10:27 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-18 07:07 . 2010-02-18 07:08 -------- d-----w- C:\rsit
2010-02-18 07:06 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-02-18 07:06 . 2008-04-13 23:11 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-15 01:00 . 2010-02-15 01:00 -------- d-----w- c:\program files\EVEMon
2010-02-10 18:19 . 2010-02-10 18:19 -------- d-----w- c:\documents and settings\Lapacek\temp
2010-02-07 09:00 . 2007-12-01 16:10 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2010-02-05 17:34 . 2010-02-05 17:37 -------- d-----w- c:\program files\ICQ7.0
2010-02-02 08:48 . 2010-02-02 08:48 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-27 21:11 . 2010-01-27 21:11 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-01-27 19:52 . 2009-12-12 14:15 178176 ----a-w- c:\windows\system32\unrar.dll
2010-01-27 19:52 . 2010-01-27 21:08 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-23 12:37 . 2010-01-23 12:37 -------- d-----w- c:\program files\QIP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 21:38 . 2008-04-14 12:00 82570 ----a-w- c:\windows\system32\perfc005.dat
2010-02-19 21:38 . 2008-04-14 12:00 437796 ----a-w- c:\windows\system32\perfh005.dat
2010-02-18 07:08 . 2008-12-15 16:15 -------- d-----w- c:\program files\Trend Micro
2010-02-05 17:36 . 2008-09-15 12:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-17 18:14 . 2008-10-01 17:10 -------- d-----w- c:\program files\Mv2Player
2010-01-12 03:47 . 2010-01-12 03:47 -------- d-----w- c:\program files\Registry Clean Expert
2010-01-12 03:46 . 2010-01-12 03:46 -------- d-----w- c:\program files\AML Products
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2009-02-22 13:36 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2025984 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2008-09-15 12:39 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-09-15 12:39 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2008-09-15 12:39 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-09-15 12:39 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-09-15 12:39 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-09-15 12:39 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-23 17:54 . 2008-10-11 15:38 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2003-12-18 10:33 . 2009-11-16 22:14 20102 ----a-w- c:\program files\Readme.txt
2003-09-03 06:46 . 2009-11-16 22:14 10960 ----a-w- c:\program files\EULA.txt
2009-10-06 03:06 . 2009-10-04 21:23 68790304 --sha-w- c:\windows\system32\drivers\fidbox.dat
.

r4v · #10 Příspěvek od **r4v** » 20 úno 2010 20:10

Part 2
------- Sigcheck -------

[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\atapi.sys
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-02-18_11.58.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 18:41 . 2009-07-11 18:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2010-02-20 14:59 . 2010-02-20 14:59 16384 c:\windows\temp\Perflib_Perfdata_504.dat
+ 2010-02-20 14:39 . 2010-02-20 14:39 16384 c:\windows\temp\Perflib_Perfdata_1a0.dat
+ 2008-09-15 15:33 . 2009-08-06 18:24 44768 c:\windows\system32\wups2.dll
+ 2008-09-15 11:39 . 2009-08-06 18:24 35552 c:\windows\system32\wups.dll
+ 2008-09-15 11:39 . 2009-08-06 18:24 53472 c:\windows\system32\wuauclt.exe
+ 2008-04-14 12:00 . 2009-06-25 08:27 54272 c:\windows\system32\wdigest.dll
+ 2008-04-14 12:00 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2008-07-29 20:10 . 2008-07-29 20:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2008-04-14 12:00 . 2009-06-15 10:45 78336 c:\windows\system32\telnet.exe
+ 2008-04-14 12:00 . 2009-10-21 05:40 75776 c:\windows\system32\strmfilt.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 75776 c:\windows\system32\strmfilt.dll
+ 2008-09-15 15:37 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe
+ 2008-09-15 16:01 . 2007-11-30 12:39 17272 c:\windows\system32\spmsg.dll
+ 2010-02-19 09:42 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2010-02-19 09:42 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2008-04-14 12:00 . 2009-06-25 08:27 56832 c:\windows\system32\secur32.dll
+ 2008-04-14 12:00 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
- 2008-04-14 12:00 . 2008-04-14 12:00 79872 c:\windows\system32\raschap.dll
+ 2008-04-14 12:00 . 2009-10-12 13:40 79872 c:\windows\system32\raschap.dll
+ 2008-07-29 18:59 . 2008-07-29 18:59 43544 c:\windows\system32\PresentationHostProxy.dll
+ 2008-04-14 12:00 . 2010-02-19 21:38 71258 c:\windows\system32\perfc009.dat
+ 2008-07-25 10:17 . 2008-07-25 10:17 15360 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 91648 c:\windows\system32\mtxoci.dll
- 2008-09-15 11:37 . 2008-04-14 12:00 91648 c:\windows\system32\mtxoci.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 66560 c:\windows\system32\mtxclu.dll
+ 2008-04-14 12:00 . 2008-06-12 14:24 66560 c:\windows\system32\mtxclu.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 58880 c:\windows\system32\msdtclog.dll
- 2008-09-15 11:37 . 2008-04-14 12:00 58880 c:\windows\system32\msdtclog.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 83968 c:\windows\system32\mscories.dll
+ 2008-04-14 12:00 . 2009-09-04 21:05 58880 c:\windows\system32\msasn1.dll
+ 2008-07-29 18:24 . 2008-07-29 18:24 97800 c:\windows\system32\infocardapi.dll
+ 2008-07-29 18:24 . 2008-07-29 18:24 11264 c:\windows\system32\icardres.dll
+ 2008-04-14 12:00 . 2009-10-21 05:40 25088 c:\windows\system32\httpapi.dll
+ 2008-04-14 12:00 . 2009-10-15 16:32 81920 c:\windows\system32\fontsub.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 73720 c:\windows\system32\dxva2.dll
+ 2008-04-14 12:00 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2008-09-15 11:39 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2008-09-15 11:39 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2008-04-14 12:00 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2008-04-14 12:00 . 2009-06-15 10:45 78336 c:\windows\system32\dllcache\telnet.exe
- 2008-04-14 12:00 . 2008-04-14 12:00 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2008-04-14 12:00 . 2009-10-21 05:40 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2008-04-14 12:00 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll
+ 2008-04-14 12:00 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
- 2008-04-14 12:00 . 2008-04-14 12:00 79872 c:\windows\system32\dllcache\raschap.dll
+ 2008-04-14 12:00 . 2009-10-12 13:40 79872 c:\windows\system32\dllcache\raschap.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 91648 c:\windows\system32\dllcache\mtxoci.dll
- 2008-09-15 11:37 . 2008-04-14 12:00 91648 c:\windows\system32\dllcache\mtxoci.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2008-04-14 12:00 . 2008-06-12 14:24 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2008-04-14 08:51 . 2009-11-27 17:14 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2008-04-14 12:00 . 2009-11-27 16:09 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2008-04-14 12:00 . 2009-11-27 16:09 11264 c:\windows\system32\dllcache\msrle32.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 58880 c:\windows\system32\dllcache\msdtclog.dll
- 2008-09-15 11:37 . 2008-04-14 12:00 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2008-04-14 12:00 . 2009-09-04 21:05 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2008-04-14 12:00 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2008-04-14 08:51 . 2009-11-27 16:09 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2008-04-14 12:00 . 2009-10-21 05:40 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2008-04-14 12:00 . 2009-10-15 16:32 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2008-04-14 12:00 . 2009-12-14 07:10 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2008-04-14 12:00 . 2009-11-27 16:09 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2008-04-14 12:00 . 2009-07-17 19:04 58880 c:\windows\system32\dllcache\atl.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 58880 c:\windows\system32\dllcache\atl.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 96760 c:\windows\system32\dfshim.dll
+ 2008-04-14 12:00 . 2009-08-06 18:24 96480 c:\windows\system32\cdm.dll
+ 2008-04-14 12:00 . 2009-07-17 19:04 58880 c:\windows\system32\atl.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 58880 c:\windows\system32\atl.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 20:10 . 2008-07-29 20:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 18:59 . 2008-07-29 18:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 18:32 . 2008-07-29 18:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 10:17 . 2008-07-25 10:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 05:28 . 2005-09-23 05:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 05:28 . 2005-09-23 05:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2005-09-23 05:28 . 2005-09-23 05:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2005-09-23 05:28 . 2005-09-23 05:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2005-09-23 05:28 . 2005-09-23 05:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-04-13 01:21 . 2007-04-13 01:21 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2005-09-23 05:28 . 2005-09-23 05:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2009-06-24 18:56 . 2009-06-24 18:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-13 18:58 . 2007-04-13 18:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 18:57 . 2007-04-13 18:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 18:57 . 2007-04-13 18:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 19:30 . 2007-04-13 19:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-28 00:30 . 2008-05-28 00:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-29 20:07 . 2008-07-29 20:07 23040 c:\windows\Installer\391315.msp
+ 2010-02-19 12:03 . 2010-02-19 12:03 88576 c:\windows\Installer\35aa6c.msi
+ 2008-10-10 16:57 . 2009-11-27 17:14 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2010-02-19 10:53 . 2010-02-19 10:53 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c5e8eb5c\System.Drawing.Design.dll
+ 2010-02-19 10:53 . 2010-02-19 10:53 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_84a8b528\CustomMarshalers.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2010-02-19 12:16 . 2010-02-19 12:16 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2010-02-19 12:09 . 2010-02-19 12:09 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2010-02-19 12:13 . 2010-02-19 12:13 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2010-02-19 12:05 . 2010-02-19 12:05 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-05-05 06:25 . 2008-05-05 06:25 3072 c:\windows\system32\xpsp4res.dll
+ 2001-10-24 12:25 . 2009-11-27 16:09 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2005-09-23 05:29 . 2005-09-23 05:29 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-04-13 01:21 . 2007-04-13 01:21 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2007-04-13 01:20 . 2007-04-13 01:20 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-11-27 16:09 . 2009-11-27 16:09 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-09-15 16:41 . 2008-09-15 16:41 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 01:19 . 2007-11-07 01:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 01:19 . 2007-11-07 01:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 20:23 . 2007-11-06 20:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-29 20:26 . 2008-07-29 20:26 301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2008-09-15 11:39 . 2009-08-06 18:23 209624 c:\windows\system32\wuweb.dll
+ 2008-09-15 11:39 . 2009-08-06 18:24 327896 c:\windows\system32\wucltui.dll
+ 2008-09-15 11:39 . 2009-08-06 18:23 575704 c:\windows\system32\wuapi.dll
+ 2008-04-14 12:00 . 2009-04-01 22:02 604160 c:\windows\system32\wmspdmod.dll
+ 2008-04-14 12:00 . 2009-07-13 22:43 286208 c:\windows\system32\wmpdxm.dll
+ 2008-04-14 12:00 . 2008-06-18 04:03 938496 c:\windows\system32\WMNetmgr.dll
+ 2008-04-14 12:00 . 2009-06-10 06:16 132096 c:\windows\system32\wkssvc.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 132096 c:\windows\system32\wkssvc.dll
+ 2008-04-14 12:00 . 2009-08-25 09:19 354816 c:\windows\system32\winhttp.dll
+ 2008-09-15 11:37 . 2009-02-06 10:10 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2008-09-15 11:37 . 2009-02-09 10:56 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-09-15 11:37 . 2009-02-09 10:56 473600 c:\windows\system32\wbem\fastprox.dll
+ 2008-07-29 18:59 . 2008-07-29 18:59 161296 c:\windows\system32\UIAutomationCore.dll
+ 2008-04-14 12:00 . 2009-10-15 16:32 119808 c:\windows\system32\t2embed.dll
+ 2008-04-14 12:00 . 2009-08-26 08:02 247326 c:\windows\system32\strmdll.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2010-02-19 12:04 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2010-02-19 09:42 . 2009-08-06 18:23 575704 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.4.7600.226\wuapi.dll
+ 2008-04-14 12:00 . 2009-06-25 08:27 147456 c:\windows\system32\schannel.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 474112 c:\windows\system32\shlwapi.dll
+ 2008-04-14 12:00 . 2009-12-08 09:25 474112 c:\windows\system32\shlwapi.dll
+ 2008-04-14 12:00 . 2009-02-09 11:25 111104 c:\windows\system32\services.exe
+ 2008-04-14 12:00 . 2009-02-09 10:56 401408 c:\windows\system32\rpcss.dll
+ 2008-04-14 12:00 . 2009-04-15 14:54 585216 c:\windows\system32\rpcrt4.dll
+ 2006-08-24 15:15 . 2006-08-24 15:15 150808 c:\windows\system32\rgb9rast_2.dll
+ 2008-04-14 12:00 . 2009-10-12 13:40 150016 c:\windows\system32\rastls.dll
+ 2008-07-29 18:59 . 2008-07-29 18:59 781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2008-07-29 19:35 . 2008-07-29 19:35 326160 c:\windows\system32\PresentationHost.exe
+ 2008-07-29 18:59 . 2008-07-29 18:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2008-04-14 12:00 . 2010-02-19 21:38 441322 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2009-03-06 14:23 284160 c:\windows\system32\pdh.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 284160 c:\windows\system32\pdh.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 271360 c:\windows\system32\oakley.dll
+ 2008-04-14 12:00 . 2009-10-13 10:34 271360 c:\windows\system32\oakley.dll
+ 2008-04-14 12:00 . 2009-02-09 10:56 709632 c:\windows\system32\ntdll.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 337408 c:\windows\system32\netapi32.dll
+ 2008-04-14 12:00 . 2008-10-15 16:38 337408 c:\windows\system32\netapi32.dll
+ 2009-08-06 18:23 . 2009-08-06 18:23 215904 c:\windows\system32\muweb.dll
+ 2008-04-14 12:00 . 2009-08-05 09:01 205312 c:\windows\system32\mswebdvd.dll
+ 2008-04-14 12:00 . 2009-09-11 14:19 136192 c:\windows\system32\msv1_0.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 161792 c:\windows\system32\msdtcuiu.dll
- 2008-09-15 11:37 . 2008-04-14 12:00 161792 c:\windows\system32\msdtcuiu.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 956928 c:\windows\system32\msdtctm.dll
- 2008-09-15 11:37 . 2008-04-14 12:00 956928 c:\windows\system32\msdtctm.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 428032 c:\windows\system32\msdtcprx.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 158720 c:\windows\system32\mscorier.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 282112 c:\windows\system32\mscoree.dll
+ 2008-04-14 12:00 . 2009-06-25 08:27 729088 c:\windows\system32\lsasrv.dll
+ 2008-04-14 12:00 . 2008-06-18 00:09 100864 c:\windows\system32\logagent.exe
- 2008-04-14 12:00 . 2006-10-18 18:03 100864 c:\windows\system32\logagent.exe
+ 2008-04-14 12:00 . 2009-05-07 15:33 346624 c:\windows\system32\localspl.dll
+ 2008-04-14 12:00 . 2009-03-21 14:09 988160 c:\windows\system32\kernel32.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 988160 c:\windows\system32\kernel32.dll
+ 2008-04-14 12:00 . 2009-06-25 08:27 301568 c:\windows\system32\kerberos.dll
- 2008-04-14 12:00 . 2008-05-09 10:56 512000 c:\windows\system32\jscript.dll
+ 2008-04-14 12:00 . 2009-08-13 15:24 512000 c:\windows\system32\jscript.dll
+ 2008-07-29 18:24 . 2008-07-29 18:24 622080 c:\windows\system32\icardagt.exe
+ 2008-04-14 12:00 . 2008-10-23 12:42 286720 c:\windows\system32\gdi32.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 493048 c:\windows\system32\evr.dll
+ 2008-04-14 12:00 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys
- 2008-04-14 12:00 . 2008-06-20 11:40 138496 c:\windows\system32\drivers\afd.sys
+ 2008-04-14 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2008-09-15 11:39 . 2009-08-06 18:23 209624 c:\windows\system32\dllcache\wuweb.dll
+ 2008-09-15 11:39 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2008-09-15 11:39 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2009-02-22 13:36 . 2008-04-21 21:15 216576 c:\windows\system32\dllcache\wordpad.exe
+ 2008-04-14 12:00 . 2009-04-01 22:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2008-04-14 12:00 . 2009-07-13 22:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
+ 2008-04-14 12:00 . 2008-06-18 04:03 938496 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2008-09-15 11:37 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2008-09-15 11:37 . 2009-02-09 10:56 453120 c:\windows\system32\dllcache\wmiprvsd.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2008-04-14 12:00 . 2009-06-10 06:16 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2008-04-14 12:00 . 2009-08-25 09:19 354816 c:\windows\system32\dllcache\winhttp.dll
- 2008-09-15 11:39 . 2008-04-14 12:00 153088 c:\windows\system32\dllcache\triedit.dll
+ 2008-09-15 11:39 . 2009-06-21 21:48 153088 c:\windows\system32\dllcache\triedit.dll
+ 2008-04-14 12:00 . 2009-10-15 16:32 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-04-14 12:00 . 2009-08-26 08:02 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-04-14 12:00 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys
+ 2008-04-14 12:00 . 2009-06-25 08:27 147456 c:\windows\system32\dllcache\schannel.dll
+ 2008-04-14 12:00 . 2009-12-08 09:25 474112 c:\windows\system32\dllcache\shlwapi.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-04-14 12:00 . 2009-02-09 11:25 111104 c:\windows\system32\dllcache\services.exe
+ 2008-04-14 12:00 . 2009-02-09 10:56 401408 c:\windows\system32\dllcache\rpcss.dll
+ 2008-04-14 12:00 . 2009-04-15 14:54 585216 c:\windows\system32\dllcache\rpcrt4.dll
+ 2008-04-14 12:00 . 2009-10-12 13:40 150016 c:\windows\system32\dllcache\rastls.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 284160 c:\windows\system32\dllcache\pdh.dll
+ 2008-04-14 12:00 . 2009-03-06 14:23 284160 c:\windows\system32\dllcache\pdh.dll
+ 2008-04-14 12:00 . 2009-10-13 10:34 271360 c:\windows\system32\dllcache\oakley.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 271360 c:\windows\system32\dllcache\oakley.dll
+ 2008-04-14 12:00 . 2009-02-09 10:56 709632 c:\windows\system32\dllcache\ntdll.dll
+ 2008-04-14 12:00 . 2008-10-15 16:38 337408 c:\windows\system32\dllcache\netapi32.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2008-04-14 12:00 . 2009-08-05 09:01 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2008-04-14 12:00 . 2009-09-11 14:19 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-02-22 13:36 . 2008-04-14 12:00 343552 c:\windows\system32\dllcache\mspaint.exe
+ 2009-02-22 13:36 . 2009-12-17 07:42 343552 c:\windows\system32\dllcache\mspaint.exe
- 2008-09-15 11:37 . 2008-04-14 12:00 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 161792 c:\windows\system32\dllcache\msdtcuiu.dll
- 2008-09-15 11:37 . 2008-04-14 12:00 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2008-09-15 11:37 . 2008-06-12 14:24 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2008-04-14 12:00 . 2009-06-25 08:27 729088 c:\windows\system32\dllcache\lsasrv.dll
- 2008-04-14 12:00 . 2006-10-18 18:03 100864 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 12:00 . 2008-06-18 00:09 100864 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 12:00 . 2009-05-07 15:33 346624 c:\windows\system32\dllcache\localspl.dll
+ 2008-04-14 12:00 . 2009-03-21 14:09 988160 c:\windows\system32\dllcache\kernel32.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 988160 c:\windows\system32\dllcache\kernel32.dll
+ 2008-04-14 12:00 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-04-14 12:00 . 2009-08-13 15:24 512000 c:\windows\system32\dllcache\jscript.dll
- 2008-04-14 12:00 . 2008-05-09 10:56 512000 c:\windows\system32\dllcache\jscript.dll
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2008-04-14 12:00 . 2008-10-23 12:42 286720 c:\windows\system32\dllcache\gdi32.dll
+ 2008-09-15 11:37 . 2009-02-09 10:56 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2008-04-14 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
- 2008-04-14 12:00 . 2008-06-20 11:40 138496 c:\windows\system32\dllcache\afd.sys
+ 2008-04-14 12:00 . 2009-02-09 10:56 684032 c:\windows\system32\dllcache\advapi32.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 684032 c:\windows\system32\dllcache\advapi32.dll
+ 2008-04-14 12:00 . 2009-11-21 16:03 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2008-04-14 12:00 . 2009-02-09 10:56 684032 c:\windows\system32\advapi32.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 684032 c:\windows\system32\advapi32.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-29 22:40 . 2008-07-29 22:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 17:47 . 2008-07-29 17:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 17:47 . 2008-07-29 17:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 22:15 . 2008-07-29 22:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-29 22:40 . 2008-07-29 22:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-29 19:35 . 2008-07-29 19:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-29 18:59 . 2008-07-29 18:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 18:16 . 2008-07-29 18:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 18:24 . 2008-07-29 18:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 18:16 . 2008-07-29 18:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 03:59 . 2008-11-25 03:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727

r4v · #11 Příspěvek od **r4v** » 20 úno 2010 20:12

part 3
- 2007-04-13 01:21 . 2007-04-13 01:21 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-04-13 01:21 . 2007-04-13 01:21 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2007-04-13 01:21 . 2007-04-13 01:21 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-04-13 01:21 . 2007-04-13 01:21 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2005-09-23 05:29 . 2005-09-23 05:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 05:29 . 2005-09-23 05:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-04-13 01:21 . 2007-04-13 01:21 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-04-13 01:20 . 2007-04-13 01:20 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 05:28 . 2005-09-23 05:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 10:16 . 2008-07-25 10:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 10:17 . 2008-07-25 10:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 18:58 . 2007-04-13 18:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 18:56 . 2007-04-13 18:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2007-04-13 19:30 . 2007-04-13 19:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-02-19 10:43 . 2010-02-19 10:43 248832 c:\windows\Installer\498a3c.msi
+ 2010-02-19 10:41 . 2010-02-19 10:41 470528 c:\windows\Installer\498a36.msi
+ 2008-12-13 08:58 . 2008-12-13 08:58 754688 c:\windows\Installer\3a088d.msp
+ 2010-02-19 12:06 . 2010-02-19 12:06 648192 c:\windows\Installer\3a0867.msi
+ 2008-07-29 20:23 . 2008-07-29 20:23 250880 c:\windows\Installer\39131e.msp
+ 2008-07-29 20:28 . 2008-07-29 20:28 278016 c:\windows\Installer\39131c.msp
+ 2008-07-29 18:40 . 2008-07-29 18:40 291840 c:\windows\Installer\39131a.msp
+ 2010-02-19 12:05 . 2010-02-19 12:05 137728 c:\windows\Installer\391314.msi
+ 2008-07-29 16:35 . 2008-07-29 16:35 553472 c:\windows\Installer\35aa71.msp
+ 2008-07-29 16:33 . 2008-07-29 16:33 506368 c:\windows\Installer\35aa6f.msp
+ 2008-07-29 16:37 . 2008-07-29 16:37 911360 c:\windows\Installer\35aa6e.msp
+ 2010-02-19 12:04 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2010-02-19 10:37 . 2009-12-04 18:22 455424 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys
+ 2010-02-19 10:54 . 2010-02-19 10:54 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_a9cfae70\System.Drawing.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2010-02-19 12:11 . 2010-02-19 12:11 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2010-02-19 12:16 . 2010-02-19 12:16 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2010-02-19 12:13 . 2010-02-19 12:13 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2010-02-19 12:10 . 2010-02-19 12:10 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2010-02-19 12:13 . 2010-02-19 12:13 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2010-02-19 12:13 . 2010-02-19 12:13 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-09-15 16:41 . 2008-09-15 16:41 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

r4v · #12 Příspěvek od **r4v** » 20 úno 2010 20:14

part 4
+ 2010-02-19 12:08 . 2010-02-19 12:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-04-14 12:00 . 2009-11-21 16:03 471552 c:\windows\AppPatch\aclayers.dll
+ 2010-02-19 10:34 . 2009-08-13 13:56 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2008-09-15 11:39 . 2009-08-06 18:23 1929952 c:\windows\system32\wuaueng.dll
+ 2008-04-14 12:00 . 2009-05-20 03:56 2458112 c:\windows\system32\WMVCore.dll
+ 2008-04-14 12:00 . 2009-08-14 15:15 1850624 c:\windows\system32\win32k.sys
+ 2010-02-19 12:04 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2010-02-19 12:04 . 2008-07-06 16:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2010-02-19 12:04 . 2008-07-06 16:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2010-02-19 12:04 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 8465408 c:\windows\system32\shell32.dll
+ 2008-04-14 12:00 . 2008-06-17 19:02 8465408 c:\windows\system32\shell32.dll
+ 2008-04-14 12:00 . 2009-07-17 16:17 1437696 c:\windows\system32\query.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 1437696 c:\windows\system32\query.dll
+ 2008-04-14 12:00 . 2009-07-31 09:05 1372672 c:\windows\system32\msxml6.dll
+ 2008-04-14 12:00 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2008-09-15 11:37 . 2009-06-10 08:21 2066432 c:\windows\system32\mstscax.dll
+ 2008-09-15 19:17 . 2010-02-19 21:37 1451504 c:\windows\system32\FNTCACHE.DAT
+ 2008-09-15 11:39 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2008-04-14 12:00 . 2009-05-20 03:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-04-14 12:00 . 2009-08-14 15:15 1850624 c:\windows\system32\dllcache\win32k.sys
+ 2008-04-14 12:00 . 2008-06-17 19:02 8465408 c:\windows\system32\dllcache\shell32.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 8465408 c:\windows\system32\dllcache\shell32.dll
+ 2008-04-14 12:00 . 2009-07-17 16:17 1437696 c:\windows\system32\dllcache\query.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 1437696 c:\windows\system32\dllcache\query.dll
+ 2008-04-14 12:00 . 2009-11-27 17:14 1294336 c:\windows\system32\dllcache\quartz.dll
+ 2009-02-10 18:09 . 2009-12-09 10:11 2068224 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-04-14 12:00 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-14 12:00 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-06-10 08:21 . 2009-06-10 08:21 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2008-09-15 11:39 . 2009-07-10 13:28 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 17:47 . 2008-07-29 17:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 17:47 . 2008-07-29 17:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-29 22:40 . 2008-07-29 22:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 18:35 . 2008-12-05 18:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-05 19:12 . 2008-12-05 19:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 03:59 . 2008-11-25 03:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 10:17 . 2008-07-25 10:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 10:16 . 2008-07-25 10:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 19:35 . 2007-04-13 19:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 19:35 . 2007-04-13 19:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 18:57 . 2007-04-13 18:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 18:57 . 2007-04-13 18:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 18:50 . 2007-04-13 18:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-27 23:43 . 2008-05-27 23:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-12-13 08:57 . 2008-12-13 08:57 8397824 c:\windows\Installer\3a0876.msp
+ 2008-07-29 18:26 . 2008-07-29 18:26 1043456 c:\windows\Installer\39131d.msp
+ 2008-07-29 19:37 . 2008-07-29 19:37 2679808 c:\windows\Installer\39131b.msp
+ 2008-07-29 20:15 . 2008-07-29 20:15 3697664 c:\windows\Installer\391319.msp
+ 2008-07-29 18:34 . 2008-07-29 18:34 1448448 c:\windows\Installer\391318.msp
+ 2008-07-29 19:22 . 2008-07-29 19:22 4137984 c:\windows\Installer\391317.msp
+ 2008-07-29 18:18 . 2008-07-29 18:18 3376640 c:\windows\Installer\391316.msp
+ 2008-07-29 16:45 . 2008-07-29 16:45 2543616 c:\windows\Installer\35aa75.msp
+ 2008-07-29 16:29 . 2008-07-29 16:29 2926080 c:\windows\Installer\35aa74.msp
+ 2008-07-29 16:41 . 2008-07-29 16:41 6487040 c:\windows\Installer\35aa73.msp
+ 2008-07-29 16:39 . 2008-07-29 16:39 3403264 c:\windows\Installer\35aa72.msp
+ 2008-07-29 16:43 . 2008-07-29 16:43 1013248 c:\windows\Installer\35aa70.msp
+ 2008-07-29 16:31 . 2008-07-29 16:31 6083072 c:\windows\Installer\35aa6d.msp
+ 2010-02-19 10:27 . 2009-12-09 10:11 2191360 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-02-19 10:27 . 2009-12-09 10:11 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-10 18:09 . 2009-12-09 10:11 2068224 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-02-19 10:27 . 2009-12-09 10:11 2147328 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-02-19 10:53 . 2010-02-19 10:53 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_7c2cf9bd\System.dll
+ 2010-02-19 10:54 . 2010-02-19 10:54 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_825ed38c\System.Xml.dll
+ 2010-02-19 10:54 . 2010-02-19 10:54 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_4bcc598f\System.Windows.Forms.dll
+ 2010-02-19 10:54 . 2010-02-19 10:54 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_806bd108\System.Design.dll
+ 2010-02-19 10:54 . 2010-02-19 10:54 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2c9bb243\mscorlib.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2010-02-19 12:16 . 2010-02-19 12:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2010-02-19 12:16 . 2010-02-19 12:16 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2010-02-19 12:16 . 2010-02-19 12:16 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2010-02-19 12:16 . 2010-02-19 12:16 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2010-02-19 12:16 . 2010-02-19 12:16 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2010-02-19 12:14 . 2010-02-19 12:14 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-02-19 12:06 . 2010-02-19 12:06 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-02-19 12:05 . 2010-02-19 12:05 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-02-19 12:08 . 2010-02-19 12:08 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-02-19 10:53 . 2010-02-19 10:53 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2008-09-15 17:01 . 2008-09-15 17:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2008-09-15 17:01 . 2008-09-15 17:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-19 10:53 . 2010-02-19 10:53 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-04-14 12:00 . 2009-07-13 22:43 10841088 c:\windows\system32\wmp.dll
+ 2008-09-15 16:14 . 2010-02-01 10:26 30364104 c:\windows\system32\MRT.exe
+ 2008-04-14 12:00 . 2009-07-13 22:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-08-10 20:08 . 2009-08-10 20:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-10 13:09 . 2009-08-10 13:09 17254912 c:\windows\Installer\498a53.msp
+ 2008-12-13 09:21 . 2008-12-13 09:21 10473472 c:\windows\Installer\3a0881.msp
+ 2010-02-19 12:07 . 2010-02-19 12:07 14320128 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B3.tmp\PresentationFramework.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2010-02-19 12:15 . 2010-02-19 12:15 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2010-02-19 12:13 . 2010-02-19 12:13 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2010-02-19 12:11 . 2010-02-19 12:11 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2010-02-19 12:10 . 2010-02-19 12:10 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2010-02-19 12:09 . 2010-02-19 12:09 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2007-12-12 16859136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-10-23 376921]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-01-16 106496]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-09-15 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-09-15 33136]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13594624]
"nwiz"="nwiz.exe" [2009-01-30 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 86016]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-1 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe"
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtPCS.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\games\\Valve\\hl.exe"=
"d:\\games\\Valve\\Counter-Strike\\hl.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\games\\Non-steam\\Valve\\hl.exe"=
"d:\\games\\CCP\\EVE\\bin\\ExeFile.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Lapacek\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20984:TCP"= 20984:TCP:BitComet 20984 TCP
"20984:UDP"= 20984:UDP:BitComet 20984 UDP
"6112:TCP"= 6112:TCP:Blizzard Downloader
"10821:TCP"= 10821:TCP:BitComet 10821 TCP
"10821:UDP"= 10821:UDP:BitComet 10821 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 0 (0x0)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)
"AllowRedirect"= 0 (0x0)
"AllowOutboundPacketTooBig"= 0 (0x0)

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [16.9.2008 22:16 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [16.9.2008 22:16 5248]
R0 PQV2i;PQV2i;c:\windows\system32\drivers\PQV2i.sys [29.7.2004 2:33 138780]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.9.2008 11:31 685816]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [15.9.2008 13:39 114768]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.3.2008 16:52 33800]
R1 PQIMount;PQIMount;c:\windows\system32\drivers\PQIMount.sys [29.7.2004 3:13 46779]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [28.12.2008 12:35 120320]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.9.2008 13:39 20560]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
Trusted Zone: centrum.cz\xchat
Trusted Zone: pomernac.cz\vsd
FF - ProfilePath - c:\documents and settings\Lapacek\Data aplikací\Mozilla\Firefox\Profiles\krm6nmlq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.chon.biz/
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-20 16:01
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

C:\ADSM_PData_0150

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A18B2F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80fcf28
\Driver\ACPI -> ACPI.sys @ 0xb7e55cb8
\Driver\atapi -> 0x8a18b2f8
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: NVIDIA nForce Networking Controller -> SendCompleteHandler -> NDIS.sys @ 0xb7cf0bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7cdfa0d
SendHandler -> NDIS.sys @ 0xb7cf3b40
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-220523388-583907252-1801674531-1004\Software\SecuROM\License information*]
"datasecu"=hex:15,1f,51,72,21,d2,bd,14,fe,1f,00,2a,33,9e,67,a4,61,3b,a0,eb,b8,
28,00,b3,5a,e6,ab,5f,9d,65,0f,e3,cb,33,aa,41,3b,c4,b3,96,fd,09,8e,6b,e9,91,\
"rkeysecu"=hex:39,8e,b4,03,43,b1,cb,7f,cd,57,48,f4,e3,f0,30,67
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1668)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(4064)
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\acs.exe
c:\windows\System32\GEARSec.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\ACEngSvr.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
.
**************************************************************************
.
Celkový čas: 2010-02-20 16:05:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-20 15:05
ComboFix2.txt 2010-02-18 23:01
ComboFix3.txt 2010-02-18 12:01

Před spuštěním: Volných bajtů: 30 786 097 152
Po spuštění: Volných bajtů: 30 742 495 232

- - End Of File - - D3415B00ABE8C212EE1AB36277D66E2B

Unlimited_Killer

0K, pokračujte dalšími kroky.

r4v · #14 Příspěvek od **r4v** » 20 úno 2010 20:43

Bohužel Gmer z nějakého důvodu nevyjede první log a k druhému scanu se nedostanu. Program samovolně spustí scan a po skenu se vypne a nikde jsem nenašel nikde žádný log file a zkoušel jsem stáhnout Program i ze linku na návod a tam se spustil scan který po necelých dvou minutách skolaboval a program zamrzl. Momentálně už nevím kudy by vedla cesta zkoušel jsem vypnout anitivir, ale bez úpěchu tak doufám, že budete chytřejší než-li já

r4v · #15 Příspěvek od **r4v** » 20 úno 2010 20:50

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A0AF938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x8a0af938
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !

VIRY.CZ

Win32:Rootkit-gen [Rtk]

Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]

Re: Win32:Rootkit-gen [Rtk]