Logfile of random's system information tool 1.08 (written by random/random)
Run by Jahoďáák at 2011-01-25 15:24:27
Microsoft Windows 7 Professional
System drive C: has 71 GB (71%) free of 100 GB
Total RAM: 4021 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:24:42, on 25.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
D:\Programy\RocketDock\RocketDock.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Programy\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\trend micro\Jahoďáák.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programy\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programy\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "D:\Programy\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKCU\..\Run: [RocketDock] "D:\Programy\RocketDock\RocketDock.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\Programy\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programy\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programy\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programy\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programy\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Programy\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Programy\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programy\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Programy\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7983 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Programy\Lavasoft\Ad-Aware\AAWService.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
"D:\Programy\ESET\ESET Smart Security\x86\ekrn.exe"
"D:\Programy\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"D:\Programy\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"D:\Programy\RocketDock\RocketDock.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Programy\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {95AA9D36-C9FC-4D08-8565-547323F0610D}
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
taskeng.exe {F7CDCB62-62FF-4710-AD45-2C5233BCB409}
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"D:\Plocha\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - D:\Programy\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Programy\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\Programy\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - D:\Programy\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-01-21 487424]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-22 2097960]
"egui"=D:\Programy\ESET\ESET Smart Security\egui.exe [2010-11-18 2919168]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=D:\Programy\RocketDock\RocketDock.exe [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programy\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\Programy\ICQ7.2\ICQ.exe [2011-01-22 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
D:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe [2010-12-06 1910152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"BCSSync"=D:\Programy\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Programy\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-01-25 15:20:55 ----D---- C:\rsit
2011-01-25 15:20:55 ----D---- C:\Program Files\trend micro
2011-01-25 00:38:20 ----SHD---- C:\Windows\SYSWOW64\%APPDATA%
2011-01-25 00:11:34 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-01-24 23:51:58 ----D---- C:\ProgramData\ALM
2011-01-24 23:39:16 ----D---- C:\Program Files (x86)\Adobe Media Player
2011-01-24 23:39:02 ----N---- C:\Windows\system32\drivers\PxHlpa64.sys
2011-01-24 23:39:02 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2011-01-24 23:39:02 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2011-01-24 23:39:02 ----D---- C:\Program Files (x86)\My Company Name
2011-01-24 23:36:52 ----D---- C:\Program Files\Common Files\Adobe
2011-01-24 23:36:51 ----D---- C:\Program Files\Adobe
2011-01-24 20:02:18 ----A---- C:\Windows\system32\lsdelete.exe
2011-01-24 19:57:04 ----D---- C:\ProgramData\AutoKMS
2011-01-24 19:55:36 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-24 19:55:36 ----A---- C:\Windows\system32\drivers\Lbd.sys
2011-01-24 19:36:55 ----HDC---- C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}
2011-01-24 19:36:49 ----D---- C:\ProgramData\Lavasoft
2011-01-24 19:22:28 ----D---- C:\Users\Uzivatel\AppData\Roaming\GetRightToGo
2011-01-24 17:32:31 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2011-01-24 17:31:40 ----D---- C:\Windows\PCHEALTH
2011-01-24 17:31:40 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2011-01-24 17:31:40 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-01-24 17:30:16 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-01-24 17:29:55 ----D---- C:\Program Files\Microsoft Office
2011-01-24 17:29:35 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-01-24 17:29:12 ----D---- C:\ProgramData\Microsoft Help
2011-01-23 22:07:35 ----A---- C:\Windows\system32\drivers\mod7700.sys
2011-01-23 22:07:35 ----A---- C:\Windows\system32\drivers\ewusbnet.sys
2011-01-23 22:07:35 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2011-01-23 22:07:35 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2011-01-23 21:01:43 ----D---- C:\Users\Uzivatel\AppData\Roaming\ESET
2011-01-23 21:00:42 ----D---- C:\ProgramData\ESET
2011-01-23 19:52:20 ----SHD---- C:\$RECYCLE.BIN
2011-01-23 17:20:02 ----A---- C:\ComboFix.txt
2011-01-23 17:13:27 ----A---- C:\Windows\zip.exe
2011-01-23 17:13:27 ----A---- C:\Windows\SWSC.exe
2011-01-23 17:13:27 ----A---- C:\Windows\SWREG.exe
2011-01-23 17:13:27 ----A---- C:\Windows\sed.exe
2011-01-23 17:13:27 ----A---- C:\Windows\PEV.exe
2011-01-23 17:13:27 ----A---- C:\Windows\NIRCMD.exe
2011-01-23 17:13:27 ----A---- C:\Windows\MBR.exe
2011-01-23 17:13:27 ----A---- C:\Windows\grep.exe
2011-01-23 17:13:24 ----D---- C:\Windows\ERDNT
2011-01-23 17:13:03 ----D---- C:\Qoobox
2011-01-23 17:12:43 ----A---- C:\Windows\SWXCACLS.exe
2011-01-23 14:22:18 ----A---- C:\Windows\SYSWOW64\zrfyt.txt
2011-01-23 14:21:28 ----D---- C:\Users\Uzivatel\AppData\Roaming\WinRAR
2011-01-22 21:58:22 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-01-22 21:58:22 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-01-22 21:58:22 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-01-22 21:58:22 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-01-22 21:58:22 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-01-22 21:58:22 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-01-22 21:58:21 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-01-22 21:58:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-01-22 21:58:21 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-01-22 21:58:21 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-01-22 21:58:20 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-01-22 21:58:20 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-01-22 21:58:20 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-01-22 21:58:20 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-01-22 21:58:20 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-01-22 21:58:20 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-01-22 21:58:19 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2011-01-22 21:58:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2011-01-22 21:58:19 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-01-22 21:58:19 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-01-22 21:58:18 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-01-22 21:58:18 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2011-01-22 21:58:18 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2011-01-22 21:58:18 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2011-01-22 21:58:18 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-01-22 21:58:18 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-01-22 21:58:18 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-01-22 21:58:18 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-01-22 21:58:17 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2011-01-22 21:58:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2011-01-22 21:58:17 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-01-22 21:58:17 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-01-22 21:58:16 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2011-01-22 21:58:16 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2011-01-22 21:58:16 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2011-01-22 21:58:16 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-01-22 21:58:16 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-01-22 21:58:16 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-01-22 21:58:15 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2011-01-22 21:58:15 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2011-01-22 21:58:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2011-01-22 21:58:15 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-01-22 21:58:15 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-01-22 21:58:15 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-01-22 21:58:14 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2011-01-22 21:58:14 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-01-22 21:58:14 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2011-01-22 21:58:14 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-01-22 21:58:14 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-01-22 21:58:14 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-01-22 21:58:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2011-01-22 21:58:13 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2011-01-22 21:58:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2011-01-22 21:58:13 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-01-22 21:58:13 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-01-22 21:58:13 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-01-22 21:58:12 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2011-01-22 21:58:12 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-01-22 21:58:11 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2011-01-22 21:58:11 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2011-01-22 21:58:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2011-01-22 21:58:11 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2011-01-22 21:58:11 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2011-01-22 21:58:11 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2011-01-22 21:58:11 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-01-22 21:58:11 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-01-22 21:58:11 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-01-22 21:58:11 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-01-22 21:58:11 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-01-22 21:58:11 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-01-22 21:58:10 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2011-01-22 21:58:10 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2011-01-22 21:58:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2011-01-22 21:58:10 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-01-22 21:58:10 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-01-22 21:58:10 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-01-22 21:58:09 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2011-01-22 21:58:09 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2011-01-22 21:58:09 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2011-01-22 21:58:09 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-01-22 21:58:09 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-01-22 21:58:09 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-01-22 21:58:08 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2011-01-22 21:58:08 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2011-01-22 21:58:08 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2011-01-22 21:58:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2011-01-22 21:58:08 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-01-22 21:58:08 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-01-22 21:58:08 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-01-22 21:58:08 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-01-22 21:58:06 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2011-01-22 21:58:06 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2011-01-22 21:58:06 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2011-01-22 21:58:06 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2011-01-22 21:58:06 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-01-22 21:58:06 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-01-22 21:58:06 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-01-22 21:58:06 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-01-22 21:58:05 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2011-01-22 21:58:05 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2011-01-22 21:58:05 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-01-22 21:58:05 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-01-22 21:58:04 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2011-01-22 21:58:04 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2011-01-22 21:58:04 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-01-22 21:58:04 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-01-22 21:58:03 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2011-01-22 21:58:03 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2011-01-22 21:58:03 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2011-01-22 21:58:03 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-01-22 21:58:03 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-01-22 21:58:03 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-01-22 21:58:02 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2011-01-22 21:58:02 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2011-01-22 21:58:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2011-01-22 21:58:02 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-01-22 21:58:02 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-01-22 21:58:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-01-22 21:58:01 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2011-01-22 21:58:01 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-01-22 21:58:00 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2011-01-22 21:58:00 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2011-01-22 21:58:00 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2011-01-22 21:58:00 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2011-01-22 21:58:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2011-01-22 21:58:00 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-01-22 21:58:00 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-01-22 21:58:00 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-01-22 21:58:00 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-01-22 21:58:00 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-01-22 21:57:59 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2011-01-22 21:57:59 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2011-01-22 21:57:59 ----A---- C:\Windows\system32\xinput1_3.dll
2011-01-22 21:57:59 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-01-22 21:57:58 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2011-01-22 21:57:58 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2011-01-22 21:57:58 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2011-01-22 21:57:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2011-01-22 21:57:58 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-01-22 21:57:58 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-01-22 21:57:58 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-01-22 21:57:58 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-01-22 21:57:57 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2011-01-22 21:57:57 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2011-01-22 21:57:57 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2011-01-22 21:57:57 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-01-22 21:57:57 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-01-22 21:57:57 ----A---- C:\Windows\system32\d3dx10.dll
2011-01-22 21:57:56 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2011-01-22 21:57:56 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2011-01-22 21:57:56 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2011-01-22 21:57:56 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2011-01-22 21:57:56 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-01-22 21:57:56 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-01-22 21:57:56 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-01-22 21:57:56 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-01-22 21:57:55 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2011-01-22 21:57:55 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2011-01-22 21:57:55 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2011-01-22 21:57:55 ----A---- C:\Windows\system32\xinput1_2.dll
2011-01-22 21:57:55 ----A---- C:\Windows\system32\xinput1_1.dll
2011-01-22 21:57:55 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-01-22 21:57:54 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2011-01-22 21:57:54 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-01-22 21:57:51 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2011-01-22 21:57:51 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-01-22 21:57:50 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2011-01-22 21:57:50 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2011-01-22 21:57:50 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2011-01-22 21:57:50 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-01-22 21:57:50 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-01-22 21:57:50 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-01-22 21:57:49 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2011-01-22 21:57:49 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-01-22 21:57:48 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2011-01-22 21:57:48 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2011-01-22 21:57:48 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2011-01-22 21:57:48 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-01-22 21:57:48 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-01-22 21:57:48 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-01-22 21:57:47 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2011-01-22 21:57:47 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-01-22 21:55:36 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-01-22 21:03:51 ----D---- C:\Users\Uzivatel\AppData\Roaming\Wireshark
2011-01-22 19:51:55 ----D---- C:\Users\Uzivatel\AppData\Roaming\Xfire
2011-01-22 19:51:53 ----D---- C:\ProgramData\Xfire
2011-01-22 18:50:23 ----D---- C:\Program Files (x86)\WinPcap
2011-01-22 18:44:33 ----D---- C:\Users\Uzivatel\AppData\Roaming\uTorrent
2011-01-22 18:05:31 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2011-01-22 18:05:29 ----D---- C:\ProgramData\ICQ
2011-01-22 18:04:50 ----D---- C:\Users\Uzivatel\AppData\Roaming\ICQ
2011-01-22 17:55:03 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-01-22 17:54:19 ----D---- C:\Users\Uzivatel\AppData\Roaming\DAEMON Tools Lite
2011-01-22 17:54:19 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-01-22 17:33:21 ----D---- C:\Users\Uzivatel\AppData\Roaming\Skype
2011-01-22 17:33:18 ----D---- C:\ProgramData\Skype
2011-01-22 15:44:50 ----D---- C:\Program Files\Dell Support Center
2011-01-22 15:18:55 ----D---- C:\ProgramData\PCDr
2011-01-22 15:18:46 ----D---- C:\Users\Uzivatel\AppData\Roaming\PCDr
2011-01-22 15:15:34 ----D---- C:\Program Files\Synaptics
2011-01-22 15:15:14 ----A---- C:\Windows\SYSWOW64\SynTPCOM.dll
2011-01-22 15:15:14 ----A---- C:\Windows\SYSWOW64\SynCtrl.dll
2011-01-22 15:15:14 ----A---- C:\Windows\SYSWOW64\SynCOM.dll
2011-01-22 15:15:14 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2011-01-22 15:15:14 ----A---- C:\Windows\system32\SynTPCo4.dll
2011-01-22 15:15:14 ----A---- C:\Windows\system32\SynTPAPI.dll
2011-01-22 15:15:14 ----A---- C:\Windows\system32\SynCtrl.dll
2011-01-22 15:15:14 ----A---- C:\Windows\system32\SynCOM.dll
2011-01-22 15:15:14 ----A---- C:\Windows\system32\drivers\SynTP.sys
2011-01-22 14:59:25 ----D---- C:\Users\Uzivatel\AppData\Roaming\Opera
2011-01-21 18:50:24 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-01-21 18:50:24 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-01-21 18:50:17 ----A---- C:\Windows\system32\drivers\msahci.sys
2011-01-21 18:50:05 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2011-01-21 18:50:05 ----A---- C:\Windows\system32\isoburn.exe
2011-01-21 18:49:56 ----A---- C:\Windows\system32\drivers\udfs.sys
2011-01-21 18:49:33 ----D---- C:\Program Files (x86)\Dell
2011-01-21 18:48:31 ----D---- C:\ProgramData\Dell
2011-01-21 18:48:29 ----D---- C:\Program Files\Dell
2011-01-21 16:49:52 ----A---- C:\Windows\system32\ctapo64.dll
2011-01-21 16:49:52 ----A---- C:\Windows\system32\ctapo32.dll
2011-01-21 16:49:52 ----A---- C:\Windows\system32\AESTEC64.dll
2011-01-21 16:49:52 ----A---- C:\Windows\system32\AESTAR64.dll
2011-01-21 16:49:52 ----A---- C:\Windows\system32\AESTAC64.dll
2011-01-21 16:49:51 ----A---- C:\Windows\system32\stlang64.dll
2011-01-21 16:49:51 ----A---- C:\Windows\system32\idt64mp1.exe
2011-01-21 16:49:51 ----A---- C:\Windows\system32\ctppld64.dll
2011-01-21 16:49:51 ----A---- C:\Windows\system32\AESTCo64.dll
2011-01-21 16:49:50 ----D---- C:\Windows\system32\SRSLabs
2011-01-21 16:49:26 ----N---- C:\Windows\system32\stapi64.dll
2011-01-21 16:49:26 ----A---- C:\Windows\system32\stcplx64.dll
2011-01-21 16:49:26 ----A---- C:\Windows\system32\stapo64.dll
2011-01-21 16:49:26 ----A---- C:\Windows\system32\st646267.dll
2011-01-21 16:49:26 ----A---- C:\Windows\system32\drivers\stwrt64.sys
2011-01-21 16:49:25 ----D---- C:\Program Files\IDT
2011-01-21 16:49:25 ----A---- C:\Windows\SYSWOW64\ctapo32.dll
2011-01-21 16:45:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-01-21 16:45:23 ----A---- C:\Windows\system32\snymsico.dll
2011-01-21 16:45:23 ----A---- C:\Windows\system32\rixdicon.dll
2011-01-21 16:45:23 ----A---- C:\Windows\system32\RiSDIcon.dll
2011-01-21 16:45:23 ----A---- C:\Windows\system32\RiMMCIcon.dll
2011-01-21 16:45:23 ----A---- C:\Windows\system32\drivers\rixdpe64.sys
2011-01-21 16:45:23 ----A---- C:\Windows\system32\drivers\risdpe64.sys
2011-01-21 16:45:23 ----A---- C:\Windows\system32\drivers\rimspe64.sys
2011-01-21 16:44:39 ----D---- C:\Program Files\DIFX
2011-01-21 16:44:19 ----A---- C:\Windows\system32\drivers\itecir.sys
2011-01-21 16:29:50 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-01-21 16:29:50 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-01-21 16:29:50 ----A---- C:\Windows\SYSWOW64\java.exe
2011-01-21 16:25:10 ----D---- C:\Program Files (x86)\Adobe
2011-01-21 16:10:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2011-01-21 16:10:38 ----A---- C:\Windows\system32\drivers\ks.sys
2011-01-21 16:02:25 ----A---- C:\Windows\system32\mshtml.dll
2011-01-21 16:02:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-01-21 16:02:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-01-21 16:02:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-01-21 16:02:23 ----A---- C:\Windows\system32\iertutil.dll
2011-01-21 16:02:23 ----A---- C:\Windows\system32\ieframe.dll
2011-01-21 16:02:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-01-21 16:02:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-01-21 16:02:22 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-01-21 16:02:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-01-21 16:02:22 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-01-21 16:02:22 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-01-21 16:02:22 ----A---- C:\Windows\system32\wininet.dll
2011-01-21 16:02:22 ----A---- C:\Windows\system32\urlmon.dll
2011-01-21 16:02:22 ----A---- C:\Windows\system32\mstime.dll
2011-01-21 16:02:22 ----A---- C:\Windows\system32\msfeeds.dll
2011-01-21 16:02:22 ----A---- C:\Windows\system32\licmgr10.dll
2011-01-21 16:02:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-01-21 16:02:21 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-01-21 16:02:21 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-01-21 16:02:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-01-21 16:02:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-01-21 16:02:21 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-01-21 16:02:21 ----A---- C:\Windows\system32\mshtmled.dll
2011-01-21 16:02:21 ----A---- C:\Windows\system32\msfeedssync.exe
2011-01-21 16:02:21 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-01-21 16:02:21 ----A---- C:\Windows\system32\jsproxy.dll
2011-01-21 16:02:21 ----A---- C:\Windows\system32\ieui.dll
2011-01-21 16:02:21 ----A---- C:\Windows\system32\iepeers.dll
2011-01-21 16:02:21 ----A---- C:\Windows\system32\iedkcs32.dll
2011-01-21 16:02:00 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-01-21 16:02:00 ----A---- C:\Windows\system32\msdri.dll
2011-01-21 16:02:00 ----A---- C:\Windows\system32\CPFilters.dll
2011-01-21 15:53:57 ----A---- C:\Windows\system32\wmp.dll
2011-01-21 15:53:56 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-01-21 15:53:56 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-01-21 15:53:55 ----A---- C:\Windows\system32\wmploc.DLL
2011-01-21 15:53:49 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-01-21 15:53:49 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-01-21 15:53:49 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-01-21 15:53:49 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-01-21 15:53:49 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-01-21 15:53:49 ----A---- C:\Windows\system32\taskschd.dll
2011-01-21 15:53:49 ----A---- C:\Windows\system32\taskeng.exe
2011-01-21 15:53:49 ----A---- C:\Windows\system32\taskcomp.dll
2011-01-21 15:53:49 ----A---- C:\Windows\system32\schtasks.exe
2011-01-21 15:53:49 ----A---- C:\Windows\system32\schedsvc.dll
2011-01-21 15:53:28 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2011-01-21 15:53:28 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2011-01-21 15:53:06 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-01-21 15:53:06 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-01-21 15:53:06 ----A---- C:\Windows\system32\atmlib.dll
2011-01-21 15:53:06 ----A---- C:\Windows\system32\atmfd.dll
2011-01-21 15:53:05 ----A---- C:\Windows\SYSWOW64\ole32.dll
2011-01-21 15:53:05 ----A---- C:\Windows\system32\ole32.dll
2011-01-21 15:52:34 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-01-21 15:52:34 ----A---- C:\Windows\system32\tzres.dll
2011-01-21 15:52:29 ----A---- C:\Windows\system32\win32k.sys
2011-01-21 15:52:11 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2011-01-21 15:52:11 ----A---- C:\Windows\system32\t2embed.dll
2011-01-21 15:52:00 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-01-21 15:52:00 ----A---- C:\Windows\system32\schannel.dll
2011-01-21 15:51:52 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-01-21 15:51:51 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2011-01-21 15:51:51 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-01-21 15:51:44 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2011-01-21 15:51:44 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2011-01-21 15:51:44 ----A---- C:\Windows\system32\wmpmde.dll
2011-01-21 15:51:44 ----A---- C:\Windows\system32\webio.dll
2011-01-21 15:51:44 ----A---- C:\Windows\system32\comctl32.dll
2011-01-21 15:51:43 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-01-21 15:51:38 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-01-21 15:51:38 ----A---- C:\Windows\system32\drivers\srv.sys
2011-01-21 15:51:37 ----A---- C:\Windows\SYSWOW64\sscore.dll
2011-01-21 15:51:37 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-21 15:51:37 ----A---- C:\Windows\system32\srvsvc.dll
2011-01-21 15:51:37 ----A---- C:\Windows\system32\odbc32.dll
2011-01-21 15:51:37 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-01-21 15:51:37 ----A---- C:\Windows\system32\consent.exe
2011-01-21 15:37:36 ----SD---- C:\Users\Uzivatel\AppData\Roaming\Microsoft
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\Thunderbird
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\OpenOffice.org
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\Mozilla
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\Macromedia
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\IrfanView
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\Identities
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\FreeCommander
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\Canneverbe Limited
2011-01-21 15:37:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\Adobe
2011-01-21 15:37:23 ----SHD---- C:\ProgramData\Šablony
2011-01-21 15:37:23 ----SHD---- C:\ProgramData\Plocha
2011-01-21 15:37:23 ----SHD---- C:\ProgramData\Oblíbené položky
2011-01-21 15:37:23 ----SHD---- C:\ProgramData\Nabídka Start
2011-01-21 15:37:23 ----SHD---- C:\ProgramData\Dokumenty
2011-01-21 15:37:23 ----SHD---- C:\ProgramData\Data aplikací
2011-01-21 15:37:23 ----D---- C:\Recovery
2011-01-21 15:37:12 ----D---- C:\Windows\SoftwareDistribution
2011-01-21 15:32:08 ----D---- C:\Windows\CSC
2011-01-21 15:31:40 ----SHD---- C:\System Volume Information
2011-01-21 15:31:40 ----ASH---- C:\pagefile.sys
2011-01-21 15:31:40 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 months======
2011-01-25 15:24:37 ----D---- C:\Windows\Temp
2011-01-25 15:20:55 ----RD---- C:\Program Files
2011-01-25 14:36:37 ----D---- C:\Windows\system32\config
2011-01-25 14:28:22 ----D---- C:\Windows\System32
2011-01-25 14:28:21 ----D---- C:\Windows\inf
2011-01-25 14:28:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-25 14:24:31 ----D---- C:\Windows\system32\Tasks
2011-01-25 09:50:14 ----D---- C:\Windows\Tasks
2011-01-25 08:01:02 ----SHD---- C:\Windows\Installer
2011-01-25 07:45:50 ----RSD---- C:\Windows\Fonts
2011-01-25 00:38:20 ----D---- C:\Windows\SysWOW64
2011-01-25 00:11:34 ----D---- C:\ProgramData
2011-01-25 00:11:31 ----D---- C:\ProgramData\Adobe
2011-01-24 23:39:16 ----RD---- C:\Program Files (x86)
2011-01-24 23:39:04 ----D---- C:\Windows\system32\catroot
2011-01-24 23:39:02 ----D---- C:\Windows\system32\drivers
2011-01-24 23:39:02 ----D---- C:\Program Files (x86)\Common Files
2011-01-24 23:38:56 ----D---- C:\Windows\winsxs
2011-01-24 23:36:52 ----D---- C:\Program Files\Common Files
2011-01-24 21:15:45 ----D---- C:\Windows
2011-01-24 20:58:16 ----D---- C:\Windows\debug
2011-01-24 20:57:40 ----D---- C:\Windows\system32\NDF
2011-01-24 19:14:09 ----RSD---- C:\Windows\assembly
2011-01-24 19:14:09 ----D---- C:\Windows\Microsoft.NET
2011-01-24 18:42:57 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-01-24 17:37:37 ----D---- C:\Windows\ShellNew
2011-01-24 17:37:22 ----D---- C:\Program Files (x86)\MSBuild
2011-01-24 17:31:40 ----SD---- C:\ProgramData\Microsoft
2011-01-24 17:31:40 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-01-24 17:30:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-24 17:30:00 ----A---- C:\Windows\win.ini
2011-01-23 22:16:30 ----D---- C:\Windows\ModemLogs
2011-01-23 22:07:35 ----D---- C:\Windows\system32\DriverStore
2011-01-23 21:33:01 ----D---- C:\Windows\Prefetch
2011-01-23 21:32:29 ----D---- C:\Windows\system32\wdi
2011-01-23 19:54:54 ----D---- C:\Windows\system32\catroot2
2011-01-23 17:18:22 ----A---- C:\Windows\system.ini
2011-01-23 17:17:47 ----D---- C:\Windows\SYSWOW64\drivers
2011-01-23 17:16:00 ----D---- C:\Windows\AppPatch
2011-01-23 15:38:34 ----HD---- C:\Windows\system32\GroupPolicyUsers
2011-01-23 15:37:05 ----HD---- C:\Windows\system32\GroupPolicy
2011-01-23 00:24:31 ----RD---- C:\Users
2011-01-22 21:57:11 ----D---- C:\Windows\Logs
2011-01-22 19:37:59 ----D---- C:\Windows\system32\LogFiles
2011-01-22 14:20:26 ----D---- C:\Windows\system32\appmgmt
2011-01-21 16:29:49 ----D---- C:\Program Files (x86)\Java
2011-01-21 16:21:41 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-01-21 16:21:41 ----D---- C:\Windows\system32\cs-CZ
2011-01-21 16:21:41 ----D---- C:\Program Files\Internet Explorer
2011-01-21 16:21:41 ----D---- C:\Program Files (x86)\Internet Explorer
2011-01-21 16:21:40 ----D---- C:\Windows\ehome
2011-01-21 16:21:40 ----D---- C:\Program Files\Windows Media Player
2011-01-21 16:21:40 ----D---- C:\Program Files\Windows Mail
2011-01-21 16:21:40 ----D---- C:\Program Files (x86)\Windows Media Player
2011-01-21 16:21:40 ----D---- C:\Program Files (x86)\Windows Mail
2011-01-21 16:21:39 ----D---- C:\Windows\SYSWOW64\migration
2011-01-21 16:21:39 ----D---- C:\Windows\system32\migration
2011-01-21 16:10:22 ----D---- C:\Windows\system32\restore
2011-01-21 15:38:21 ----D---- C:\Windows\rescache
2011-01-21 15:37:33 ----D---- C:\Windows\Panther
2011-01-21 15:37:23 ----D---- C:\Program Files\Windows NT
2011-01-21 15:32:52 ----D---- C:\Windows\system32\drivers\UMDF
2011-01-04 17:36:48 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-11-22 69152]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 171152]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 50624]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
R2 risdpcie;risdpcie; C:\Windows\system32\DRIVERS\risdpe64.sys [2009-07-01 80896]
R2 rixdpcie;rixdpcie; C:\Windows\system32\DRIVERS\rixdpe64.sys [2009-07-04 55808]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-08 2769400]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 254528]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 33632]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2009-03-09 60416]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-01-21 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-22 318000]
S0 rxpsra;rxpsra; C:\Windows\system32\drivers\duuu.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 E1G60;Intel(R) PRO/1000 NDIS 6 – ovladač adaptéru; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2008-09-26 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 115328]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\D:\Programy\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-11-22 17440]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; D:\Programy\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-18 810144]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Programy\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 2101640]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Programy\Lavasoft\Ad-Aware\AAWService.exe [2010-11-22 1375992]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [2010-01-21 244736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; D:\Programy\ESET\ESET Smart Security\EHttpSrv.exe [2010-11-18 42360]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Programy\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu. Díky
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu. Díky
Zdravim a pekny den preji 
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit
ComboFix 23.1.2011 jste spoustel na doporuceni nejakeho radce, byl jeho log dolusten a docisten pomoci skriptu 
Jsou s PC nejake problemy
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit ComboFix 23.1.2011 jste spoustel na doporuceni nejakeho radce, byl jeho log dolusten a docisten pomoci skriptu Jsou s PC nejake problemy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu. Díky
info.txt logfile of random's system information tool 1.08 2011-01-25 17:44:26
======Uninstall list======
-->MsiExec /X{F9835182-794B-4F24-902A-E2CA9D43380F}
µTorrent-->"D:\Programy\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware-->"C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}\Ad-AwareInstall.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}\Ad-AwareInstall.exe
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Suite 5 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}"
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Reader 9.4.1 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Aktualizace pro Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{E09910D9-C94A-410B-9ACB-6F350F2BF9E7}" "1029" "0"
Balíček ovladače systému Windows - ITE Tech.Inc. (itecir) HIDClass (05/01/2009 5.1.0000.1)-->C:\PROGRA~1\DIFX\9C0EB5A087EF219F\DPInstx64.exe /u C:\Windows\System32\DriverStore\FileRepository\itecir.inf_amd64_neutral_b15b10e2bbc1ec2c\itecir.inf
CCleaner-->"D:\Programy\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Codec Pack - All In 1 6.0.3.0-->C:\Windows\iun6002.exe "C:\Program Files (x86)\Codec Pack - All In 1\irunin.ini"
DAEMON Tools Lite-->D:\Programy\DAEMON Tools Lite\uninst.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{287B33BF-9EBA-4894-8C13-92D21412AF74}" "1029" "0"
Dell Support Center-->C:\PROGRA~1\DELLSU~1\uninst.exe
Dell Support Center-->MsiExec.exe /X{0090A87C-3E0E-43D4-AA71-A71B06563A4A}
Dell Touchpad-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
FreeCommander 2009.02-->"C:\Program Files (x86)\FreeCommander\unins000.exe"
ICQ7.2-->"C:\Program Files (x86)\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {CE4A3D0F-D1B0-47D1-BF99-3E957C548D12} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148-->MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
NVIDIA PhysX-->MsiExec.exe /X{F9835182-794B-4F24-902A-E2CA9D43380F}
O2 Mobilni internet-->D:\Programy\O2 Mobilni internet\uninst.exe
Opera 11.00-->"D:\Programy\Opera\Opera.exe" /uninstall
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PSPad editor-->"D:\Programy\PSPad editor\Uninst\unins000.exe"
PxMergeModule-->MsiExec.exe /I{024521CF-C07E-4F8E-8481-0D75695E03AF}
RICOH Media Driver ver.2.07.01.02-->"C:\Program Files (x86)\InstallShield Installation Information\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\setup.exe" -runfromtemp -l0x0005 anything -removeonly
RocketDock 1.3.5-->"D:\Programy\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1029" "0"
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
The KMPlayer (remove only)-->"D:\Programy\The KMPlayer\uninstall.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2433299)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{6C845127-B949-4D76-A732-BCB396AD9AA5}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}" "1029" "0"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinPcap 4.1.2-->C:\Program Files (x86)\WinPcap\uninstall.exe
WinRAR-->D:\Programy\WinRAR\uninstall.exe
Wireshark 1.4.3-->"D:\Programy\Wireshark\uninstall.exe"
Xfire (remove only)-->"D:\Programy\Xfire\uninst.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======System event log======
Computer Name: WIN-RJJRO2C8FSM
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: Zastaveno
Record Number: 3249
Source Name: Service Control Manager
Time Written: 20100924052702.171875-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z automatické spouštění na Zakázáno.
Record Number: 3248
Source Name: Service Control Manager
Time Written: 20100924052700.296875-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 3247
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100924052653.781250-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 3246
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100924052653.734375-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 3245
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100924052653.609375-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: WIN-RJJRO2C8FSM
Event Code: 6001
Message: Odběrateli oznámení přihlašování do systému Windows <GPClient> se nezdařilo provést událost oznámení.
Record Number: 875
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100924052750.000000-000
Event Type: Upozornění
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 12306
Message: Úspěšné obnovení aktivačního období pro ID aplikace = 55c92734-d682-4d71-983e-d6ec3f16059f, ID jednotky SKU = (null). Zbývající počet obnovení aktivačního období: 0
Record Number: 874
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100924052749.000000-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 1003
Message: Služba Windows Search byla spuštěna.
Record Number: 873
Source Name: Microsoft-Windows-Search
Time Written: 20100924052702.000000-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.
Record Number: 872
Source Name: Microsoft-Windows-Search
Time Written: 20100924052702.000000-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 103
Message: Windows (848) Windows: Databázový stroj zastavil instanci (0).
Record Number: 871
Source Name: ESENT
Time Written: 20100924052701.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: WIN-RJJRO2C8FSM
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-RJJRO2C8FSM$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x198
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924052704.234375-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924052702.343750-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-RJJRO2C8FSM$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x198
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1164
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924052702.343750-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 4738
Message: Byl změněn uživatelský účet.
Předmět:
ID zabezpečení: S-1-5-21-2548869893-4111537660-3791088525-500
Název účtu: Administrator
Doména účtu: WIN-RJJRO2C8FSM
ID přihlášení: 0x193a4
Cílový účet:
ID zabezpečení: S-1-5-21-2548869893-4111537660-3791088525-500
Název účtu: Administrator
Doména účtu: WIN-RJJRO2C8FSM
Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -
Další informace:
Oprávnění: -
Record Number: 1163
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924052659.593750-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2548869893-4111537660-3791088525-500
Název účtu: Administrator
Název domény: WIN-RJJRO2C8FSM
ID přihlášení: 0x193a4
Record Number: 1162
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100924052653.750000-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=2502
-----------------EOF-----------------
ComboFix jsem spouštěl, když jsem koukal na stránkách viry.cz ale nebyl doluštěn žádným scriptem.
Problémy s PC zatím nijak znatelné ale někdy se několikrát sekavě zassebou seká.
======Uninstall list======
-->MsiExec /X{F9835182-794B-4F24-902A-E2CA9D43380F}
µTorrent-->"D:\Programy\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware-->"C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}\Ad-AwareInstall.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}\Ad-AwareInstall.exe
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Suite 5 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}"
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Reader 9.4.1 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Aktualizace pro Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{E09910D9-C94A-410B-9ACB-6F350F2BF9E7}" "1029" "0"
Balíček ovladače systému Windows - ITE Tech.Inc. (itecir) HIDClass (05/01/2009 5.1.0000.1)-->C:\PROGRA~1\DIFX\9C0EB5A087EF219F\DPInstx64.exe /u C:\Windows\System32\DriverStore\FileRepository\itecir.inf_amd64_neutral_b15b10e2bbc1ec2c\itecir.inf
CCleaner-->"D:\Programy\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Codec Pack - All In 1 6.0.3.0-->C:\Windows\iun6002.exe "C:\Program Files (x86)\Codec Pack - All In 1\irunin.ini"
DAEMON Tools Lite-->D:\Programy\DAEMON Tools Lite\uninst.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{287B33BF-9EBA-4894-8C13-92D21412AF74}" "1029" "0"
Dell Support Center-->C:\PROGRA~1\DELLSU~1\uninst.exe
Dell Support Center-->MsiExec.exe /X{0090A87C-3E0E-43D4-AA71-A71B06563A4A}
Dell Touchpad-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
FreeCommander 2009.02-->"C:\Program Files (x86)\FreeCommander\unins000.exe"
ICQ7.2-->"C:\Program Files (x86)\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {CE4A3D0F-D1B0-47D1-BF99-3E957C548D12} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148-->MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
NVIDIA PhysX-->MsiExec.exe /X{F9835182-794B-4F24-902A-E2CA9D43380F}
O2 Mobilni internet-->D:\Programy\O2 Mobilni internet\uninst.exe
Opera 11.00-->"D:\Programy\Opera\Opera.exe" /uninstall
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PSPad editor-->"D:\Programy\PSPad editor\Uninst\unins000.exe"
PxMergeModule-->MsiExec.exe /I{024521CF-C07E-4F8E-8481-0D75695E03AF}
RICOH Media Driver ver.2.07.01.02-->"C:\Program Files (x86)\InstallShield Installation Information\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\setup.exe" -runfromtemp -l0x0005 anything -removeonly
RocketDock 1.3.5-->"D:\Programy\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1029" "0"
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
The KMPlayer (remove only)-->"D:\Programy\The KMPlayer\uninstall.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2433299)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{6C845127-B949-4D76-A732-BCB396AD9AA5}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}" "1029" "0"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinPcap 4.1.2-->C:\Program Files (x86)\WinPcap\uninstall.exe
WinRAR-->D:\Programy\WinRAR\uninstall.exe
Wireshark 1.4.3-->"D:\Programy\Wireshark\uninstall.exe"
Xfire (remove only)-->"D:\Programy\Xfire\uninst.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======System event log======
Computer Name: WIN-RJJRO2C8FSM
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: Zastaveno
Record Number: 3249
Source Name: Service Control Manager
Time Written: 20100924052702.171875-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z automatické spouštění na Zakázáno.
Record Number: 3248
Source Name: Service Control Manager
Time Written: 20100924052700.296875-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 3247
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100924052653.781250-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 3246
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100924052653.734375-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 3245
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100924052653.609375-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: WIN-RJJRO2C8FSM
Event Code: 6001
Message: Odběrateli oznámení přihlašování do systému Windows <GPClient> se nezdařilo provést událost oznámení.
Record Number: 875
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100924052750.000000-000
Event Type: Upozornění
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 12306
Message: Úspěšné obnovení aktivačního období pro ID aplikace = 55c92734-d682-4d71-983e-d6ec3f16059f, ID jednotky SKU = (null). Zbývající počet obnovení aktivačního období: 0
Record Number: 874
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100924052749.000000-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 1003
Message: Služba Windows Search byla spuštěna.
Record Number: 873
Source Name: Microsoft-Windows-Search
Time Written: 20100924052702.000000-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.
Record Number: 872
Source Name: Microsoft-Windows-Search
Time Written: 20100924052702.000000-000
Event Type: Informace
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 103
Message: Windows (848) Windows: Databázový stroj zastavil instanci (0).
Record Number: 871
Source Name: ESENT
Time Written: 20100924052701.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: WIN-RJJRO2C8FSM
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-RJJRO2C8FSM$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x198
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924052704.234375-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924052702.343750-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-RJJRO2C8FSM$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x198
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1164
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924052702.343750-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 4738
Message: Byl změněn uživatelský účet.
Předmět:
ID zabezpečení: S-1-5-21-2548869893-4111537660-3791088525-500
Název účtu: Administrator
Doména účtu: WIN-RJJRO2C8FSM
ID přihlášení: 0x193a4
Cílový účet:
ID zabezpečení: S-1-5-21-2548869893-4111537660-3791088525-500
Název účtu: Administrator
Doména účtu: WIN-RJJRO2C8FSM
Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -
Další informace:
Oprávnění: -
Record Number: 1163
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924052659.593750-000
Event Type: Úspěšný audit
User:
Computer Name: WIN-RJJRO2C8FSM
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2548869893-4111537660-3791088525-500
Název účtu: Administrator
Název domény: WIN-RJJRO2C8FSM
ID přihlášení: 0x193a4
Record Number: 1162
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100924052653.750000-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=2502
-----------------EOF-----------------
ComboFix jsem spouštěl, když jsem koukal na stránkách viry.cz ale nebyl doluštěn žádným scriptem.
Problémy s PC zatím nijak znatelné ale někdy se několikrát sekavě zassebou seká.
Re: Prosím o kontrolu logu. Díky
A urcite u toho bylo napsano ze CF se ma pouzivat jen na doporuceni - neni to hracka - vizte nize Nebezpeci CFka
- Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
- Maze stopy po haveti, takze v logu z RSIT neni nic videt
- Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
- CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
- CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
Predpokladam ze ten ESET Smart Security mate legalni = zakoupena licence Vlozte mi sem log z CF - C:\ComboFix.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu. Díky
Ano mám Licenci ESET.
ComboFix 11-01-22.03 - Jahoďáák 23.01.2011 17:14:24.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4021.2885 [GMT 1:00]
Spuštěný z: d:\plocha\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\PCDr\5744\Downloads\3f27aeb4-f0e2-4006-92ee-e1f5a49cf45f.dll
c:\programdata\PCDr\5744\Downloads\69282cc9-4087-49e4-b903-9638b4f63ccc.dll
c:\programdata\PCDr\5744\Downloads\ace5304d-f4d3-4e03-9b43-c1113c682910.dll
c:\windows\SysWow64\Drivers\duuu.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-23 do 2011-01-23 )))))))))))))))))))))))))))))))
.
2011-01-23 16:18 . 2011-01-23 16:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-22 23:24 . 2011-01-22 23:24 -------- d-----w- c:\users\Administrator
2011-01-22 20:57 . 2007-04-04 17:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-01-22 20:55 . 2011-01-22 20:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-22 18:51 . 2011-01-22 18:52 -------- d-----w- c:\programdata\Xfire
2011-01-22 17:50 . 2011-01-22 17:50 -------- d-----w- c:\program files (x86)\WinPcap
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\program files (x86)\ICQ6Toolbar
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\programdata\ICQ
2011-01-22 16:55 . 2011-01-22 16:55 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-22 16:54 . 2011-01-22 16:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-22 16:33 . 2011-01-22 16:33 -------- d-----w- c:\programdata\Skype
2011-01-22 14:44 . 2011-01-22 14:45 -------- d-----w- c:\program files\Dell Support Center
2011-01-22 14:18 . 2011-01-22 16:16 -------- d-----w- c:\programdata\PCDr
2011-01-22 14:15 . 2011-01-22 14:15 -------- d-----w- c:\program files\Synaptics
2011-01-22 14:15 . 2010-04-22 16:17 318000 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-01-22 14:15 . 2010-04-22 16:14 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2011-01-22 14:15 . 2010-04-22 16:14 214824 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-01-22 14:15 . 2010-04-22 16:14 147752 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-01-22 14:15 . 2010-04-22 16:14 265000 ----a-w- c:\windows\system32\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:14 210216 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:13 173352 ----a-w- c:\windows\SysWow64\SynCOM.dll
2011-01-22 14:15 . 2010-04-22 16:13 396584 ----a-w- c:\windows\system32\SynCOM.dll
2011-01-22 14:15 . 2009-08-07 08:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-01-21 17:50 . 2009-12-04 07:26 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-01-21 17:50 . 2009-12-04 07:26 51712 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-01-21 17:50 . 2009-11-14 22:38 30296 ----a-w- c:\windows\system32\drivers\msahci.sys
2011-01-21 17:50 . 2009-11-12 19:56 91648 ----a-w- c:\windows\system32\isoburn.exe
2011-01-21 17:50 . 2009-11-12 19:42 86528 ----a-w- c:\windows\SysWow64\isoburn.exe
2011-01-21 17:49 . 2009-10-07 02:34 327680 ----a-w- c:\windows\system32\drivers\udfs.sys
2011-01-21 17:49 . 2011-01-21 17:50 -------- d-----w- c:\program files (x86)\Dell
2011-01-21 17:48 . 2011-01-21 17:49 -------- d-----w- c:\programdata\Dell
2011-01-21 17:48 . 2011-01-21 17:48 -------- d-----w- c:\program files\Dell
2011-01-21 15:45 . 2011-01-22 17:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-01-21 15:45 . 2009-07-04 18:27 55808 ----a-w- c:\windows\system32\drivers\rixdpe64.sys
2011-01-21 15:45 . 2009-07-02 07:54 60416 ----a-w- c:\windows\system32\drivers\rimspe64.sys
2011-01-21 15:45 . 2009-07-01 17:31 80896 ----a-w- c:\windows\system32\drivers\risdpe64.sys
2011-01-21 15:45 . 2009-05-28 17:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll
2011-01-21 15:45 . 2009-05-28 17:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll
2011-01-21 15:45 . 2007-07-25 11:48 172032 ----a-w- c:\windows\system32\rixdicon.dll
2011-01-21 15:45 . 2004-09-04 02:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-01-21 15:44 . 2011-01-21 15:44 -------- d-----w- c:\program files\DIFX
2011-01-21 15:44 . 2009-03-09 15:58 60416 ----a-w- c:\windows\system32\drivers\itecir.sys
2011-01-21 15:25 . 2011-01-21 15:25 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-21 15:12 . 2011-01-20 09:39 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89BBD302-C3FD-4FA5-B3CB-8BA921D5F5CE}\mpengine.dll
2011-01-21 15:10 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-01-21 15:10 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-21 14:52 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-21 14:52 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-01-21 14:52 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
2011-01-21 14:52 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-01-21 14:52 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-01-21 14:52 . 2010-08-21 06:36 340992 ----a-w- c:\windows\system32\schannel.dll
2011-01-21 14:52 . 2010-08-21 05:36 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-01-21 14:37 . 2011-01-23 14:41 -------- d-----w- c:\users\Uzivatel
2011-01-21 14:33 . 2011-01-21 14:33 0 ----a-w- c:\windows\ativpsrm.bin
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-09-23 13:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R0 rxpsra;rxpsra;c:\windows\system32\drivers\duuu.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1255736]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\programy\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 2101640]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-07-01 80896]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-07-04 55808]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 254528]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-03-09 60416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
.
Obsah adresáře 'Naplánované úlohy'
2011-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job
- c:\users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 19:15]
2011-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job
- c:\users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 19:15]
2011-01-22 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
2011-01-23 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-06-09 3216544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-01-23 17:20:02
ComboFix-quarantined-files.txt 2011-01-23 16:20
Před spuštěním: Volných bajtů: 79 981 973 504
Po spuštění: Volných bajtů: 79 511 584 768
- - End Of File - - 10683C0850A69493884AF9F8ACF855DC
ComboFix 11-01-22.03 - Jahoďáák 23.01.2011 17:14:24.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4021.2885 [GMT 1:00]
Spuštěný z: d:\plocha\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\PCDr\5744\Downloads\3f27aeb4-f0e2-4006-92ee-e1f5a49cf45f.dll
c:\programdata\PCDr\5744\Downloads\69282cc9-4087-49e4-b903-9638b4f63ccc.dll
c:\programdata\PCDr\5744\Downloads\ace5304d-f4d3-4e03-9b43-c1113c682910.dll
c:\windows\SysWow64\Drivers\duuu.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-23 do 2011-01-23 )))))))))))))))))))))))))))))))
.
2011-01-23 16:18 . 2011-01-23 16:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-22 23:24 . 2011-01-22 23:24 -------- d-----w- c:\users\Administrator
2011-01-22 20:57 . 2007-04-04 17:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-01-22 20:55 . 2011-01-22 20:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-22 18:51 . 2011-01-22 18:52 -------- d-----w- c:\programdata\Xfire
2011-01-22 17:50 . 2011-01-22 17:50 -------- d-----w- c:\program files (x86)\WinPcap
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\program files (x86)\ICQ6Toolbar
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\programdata\ICQ
2011-01-22 16:55 . 2011-01-22 16:55 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-22 16:54 . 2011-01-22 16:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-22 16:33 . 2011-01-22 16:33 -------- d-----w- c:\programdata\Skype
2011-01-22 14:44 . 2011-01-22 14:45 -------- d-----w- c:\program files\Dell Support Center
2011-01-22 14:18 . 2011-01-22 16:16 -------- d-----w- c:\programdata\PCDr
2011-01-22 14:15 . 2011-01-22 14:15 -------- d-----w- c:\program files\Synaptics
2011-01-22 14:15 . 2010-04-22 16:17 318000 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-01-22 14:15 . 2010-04-22 16:14 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2011-01-22 14:15 . 2010-04-22 16:14 214824 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-01-22 14:15 . 2010-04-22 16:14 147752 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-01-22 14:15 . 2010-04-22 16:14 265000 ----a-w- c:\windows\system32\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:14 210216 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:13 173352 ----a-w- c:\windows\SysWow64\SynCOM.dll
2011-01-22 14:15 . 2010-04-22 16:13 396584 ----a-w- c:\windows\system32\SynCOM.dll
2011-01-22 14:15 . 2009-08-07 08:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-01-21 17:50 . 2009-12-04 07:26 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-01-21 17:50 . 2009-12-04 07:26 51712 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-01-21 17:50 . 2009-11-14 22:38 30296 ----a-w- c:\windows\system32\drivers\msahci.sys
2011-01-21 17:50 . 2009-11-12 19:56 91648 ----a-w- c:\windows\system32\isoburn.exe
2011-01-21 17:50 . 2009-11-12 19:42 86528 ----a-w- c:\windows\SysWow64\isoburn.exe
2011-01-21 17:49 . 2009-10-07 02:34 327680 ----a-w- c:\windows\system32\drivers\udfs.sys
2011-01-21 17:49 . 2011-01-21 17:50 -------- d-----w- c:\program files (x86)\Dell
2011-01-21 17:48 . 2011-01-21 17:49 -------- d-----w- c:\programdata\Dell
2011-01-21 17:48 . 2011-01-21 17:48 -------- d-----w- c:\program files\Dell
2011-01-21 15:45 . 2011-01-22 17:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-01-21 15:45 . 2009-07-04 18:27 55808 ----a-w- c:\windows\system32\drivers\rixdpe64.sys
2011-01-21 15:45 . 2009-07-02 07:54 60416 ----a-w- c:\windows\system32\drivers\rimspe64.sys
2011-01-21 15:45 . 2009-07-01 17:31 80896 ----a-w- c:\windows\system32\drivers\risdpe64.sys
2011-01-21 15:45 . 2009-05-28 17:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll
2011-01-21 15:45 . 2009-05-28 17:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll
2011-01-21 15:45 . 2007-07-25 11:48 172032 ----a-w- c:\windows\system32\rixdicon.dll
2011-01-21 15:45 . 2004-09-04 02:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-01-21 15:44 . 2011-01-21 15:44 -------- d-----w- c:\program files\DIFX
2011-01-21 15:44 . 2009-03-09 15:58 60416 ----a-w- c:\windows\system32\drivers\itecir.sys
2011-01-21 15:25 . 2011-01-21 15:25 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-21 15:12 . 2011-01-20 09:39 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89BBD302-C3FD-4FA5-B3CB-8BA921D5F5CE}\mpengine.dll
2011-01-21 15:10 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-01-21 15:10 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-21 14:52 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-21 14:52 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-01-21 14:52 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
2011-01-21 14:52 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-01-21 14:52 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-01-21 14:52 . 2010-08-21 06:36 340992 ----a-w- c:\windows\system32\schannel.dll
2011-01-21 14:52 . 2010-08-21 05:36 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-01-21 14:37 . 2011-01-23 14:41 -------- d-----w- c:\users\Uzivatel
2011-01-21 14:33 . 2011-01-21 14:33 0 ----a-w- c:\windows\ativpsrm.bin
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-09-23 13:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R0 rxpsra;rxpsra;c:\windows\system32\drivers\duuu.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1255736]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\programy\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 2101640]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-07-01 80896]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-07-04 55808]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 254528]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-03-09 60416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
.
Obsah adresáře 'Naplánované úlohy'
2011-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job
- c:\users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 19:15]
2011-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job
- c:\users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 19:15]
2011-01-22 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
2011-01-23 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-06-09 3216544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-01-23 17:20:02
ComboFix-quarantined-files.txt 2011-01-23 16:20
Před spuštěním: Volných bajtů: 79 981 973 504
Po spuštění: Volných bajtů: 79 511 584 768
- - End Of File - - 10683C0850A69493884AF9F8ACF855DC
Re: Prosím o kontrolu logu. Díky
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Folder:: C:\ProgramData\AutoKMS c:\program files (x86)\ICQ6Toolbar Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "AdobeCS5ServiceManager"=- "SwitchBoard"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=- Collect:: C:\ProgramData\regid.1986-12.com.adobe Driver:: rxpsra File:: c:\windows\system32\drivers\duuu.sys C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job C:\Windows\tasks\SystemToolsDailyTest.job RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu. Díky
ComboFix 11-01-24.02 - Jahoďáák 25.01.2011 19:13:58.2.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4021.2491 [GMT 1:00]
Spuštěný z: d:\plocha\ComboFix.exe
Použité ovládací přepínače :: d:\plocha\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
FILE ::
"c:\windows\system32\drivers\duuu.sys"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job"
"c:\windows\tasks\PCDoctorBackgroundMonitorTask.job"
"c:\windows\tasks\SystemToolsDailyTest.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files (x86)\ICQ6Toolbar
c:\program files (x86)\ICQ6Toolbar\config.xml
c:\program files (x86)\ICQ6Toolbar\Icons.bmp
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\ICQ6Toolbar\icq6Toolbar.ico
c:\program files (x86)\ICQ6Toolbar\ICQToolBar.dll
c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files (x86)\ICQ6Toolbar\logo_small.gif
c:\program files (x86)\ICQ6Toolbar\ServiceStarter.exe
c:\program files (x86)\ICQ6Toolbar\short.wav
c:\program files (x86)\ICQ6Toolbar\Version.txt
c:\program files (x86)\ICQ6Toolbar\voucher.bmp
c:\program files (x86)\ICQ6Toolbar\voucher2.bmp
c:\programdata\AutoKMS
c:\programdata\AutoKMS\AutoKMS.cmd
c:\programdata\AutoKMS\Resources\LicenseManagement\ospp.vbs
c:\programdata\AutoKMS\Resources\LicenseManagement\osppc.dll
c:\programdata\AutoKMS\Resources\LicenseManagement\slerror.xml
c:\programdata\AutoKMS\Resources\MSGBox\Messagebox.exe
c:\programdata\AutoKMS\Resources\StartX\StartX.exe
c:\programdata\PCDr\5744\Downloads\3f27aeb4-f0e2-4006-92ee-e1f5a49cf45f.dll
c:\programdata\PCDr\5744\Downloads\69282cc9-4087-49e4-b903-9638b4f63ccc.dll
c:\programdata\PCDr\5744\Downloads\ace5304d-f4d3-4e03-9b43-c1113c682910.dll
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job
c:\windows\tasks\PCDoctorBackgroundMonitorTask.job
c:\windows\tasks\SystemToolsDailyTest.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_rxpsra
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-25 do 2011-01-25 )))))))))))))))))))))))))))))))
.
2011-01-25 18:16 . 2011-01-25 18:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 16:57 . 2011-01-20 09:39 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FBE82C3-7D06-46C4-8B6E-C97E75082CFB}\mpengine.dll
2011-01-25 16:44 . 2011-01-25 16:44 -------- d-----w- C:\rsit
2011-01-25 14:20 . 2011-01-25 16:44 -------- d-----w- c:\program files\trend micro
2011-01-24 23:38 . 2011-01-24 23:38 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-01-24 23:11 . 2011-01-24 23:11 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-01-24 22:51 . 2011-01-24 22:51 -------- d-----w- c:\programdata\ALM
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\My Company Name
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-01-24 22:39 . 2009-07-09 02:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2011-01-24 22:39 . 2009-06-23 02:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2011-01-24 22:39 . 2009-06-23 02:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2011-01-24 22:36 . 2011-01-24 22:56 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-24 22:36 . 2011-01-24 22:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-01-24 19:02 . 2010-11-22 08:50 15880 ----a-w- c:\windows\system32\lsdelete.exe
2011-01-24 18:55 . 2011-01-24 18:55 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-24 18:55 . 2010-11-22 08:50 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-01-24 18:36 . 2011-01-24 18:36 -------- dc-h--w- c:\programdata\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}
2011-01-24 18:36 . 2011-01-24 18:55 -------- d-----w- c:\programdata\Lavasoft
2011-01-24 16:32 . 2011-01-24 16:32 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\windows\PCHEALTH
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-01-24 16:30 . 2011-01-24 16:30 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-01-24 16:29 . 2011-01-24 16:29 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-01-24 16:29 . 2011-01-25 07:00 -------- d-----w- c:\programdata\Microsoft Help
2011-01-23 21:07 . 2008-09-26 17:03 691712 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-01-23 21:07 . 2008-09-26 17:02 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-01-23 21:07 . 2008-09-26 17:02 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-01-23 21:07 . 2008-09-26 17:01 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-01-22 23:24 . 2011-01-23 21:12 -------- d-----w- c:\users\Administrator
2011-01-22 20:57 . 2007-04-04 17:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-01-22 20:55 . 2011-01-22 20:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-22 18:51 . 2011-01-22 18:52 -------- d-----w- c:\programdata\Xfire
2011-01-22 17:50 . 2011-01-22 17:50 -------- d-----w- c:\program files (x86)\WinPcap
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\programdata\ICQ
2011-01-22 16:55 . 2011-01-22 16:55 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-22 16:54 . 2011-01-22 16:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-22 16:33 . 2011-01-22 16:33 -------- d-----w- c:\programdata\Skype
2011-01-22 14:44 . 2011-01-22 14:45 -------- d-----w- c:\program files\Dell Support Center
2011-01-22 14:18 . 2011-01-22 16:16 -------- d-----w- c:\programdata\PCDr
2011-01-22 14:15 . 2011-01-22 14:15 -------- d-----w- c:\program files\Synaptics
2011-01-22 14:15 . 2010-04-22 16:17 318000 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-01-22 14:15 . 2010-04-22 16:14 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2011-01-22 14:15 . 2010-04-22 16:14 214824 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-01-22 14:15 . 2010-04-22 16:14 147752 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-01-22 14:15 . 2010-04-22 16:14 265000 ----a-w- c:\windows\system32\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:14 210216 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:13 173352 ----a-w- c:\windows\SysWow64\SynCOM.dll
2011-01-22 14:15 . 2010-04-22 16:13 396584 ----a-w- c:\windows\system32\SynCOM.dll
2011-01-22 14:15 . 2009-08-07 08:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-01-21 17:50 . 2009-12-04 07:26 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-01-21 17:50 . 2009-12-04 07:26 51712 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-01-21 17:50 . 2009-11-14 22:38 30296 ----a-w- c:\windows\system32\drivers\msahci.sys
2011-01-21 17:50 . 2009-11-12 19:56 91648 ----a-w- c:\windows\system32\isoburn.exe
2011-01-21 17:50 . 2009-11-12 19:42 86528 ----a-w- c:\windows\SysWow64\isoburn.exe
2011-01-21 17:49 . 2009-10-07 02:34 327680 ----a-w- c:\windows\system32\drivers\udfs.sys
2011-01-21 17:49 . 2011-01-21 17:50 -------- d-----w- c:\program files (x86)\Dell
2011-01-21 17:48 . 2011-01-21 17:49 -------- d-----w- c:\programdata\Dell
2011-01-21 17:48 . 2011-01-24 21:56 -------- d-----w- c:\program files\Dell
2011-01-21 15:45 . 2011-01-22 17:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-01-21 15:45 . 2009-07-04 18:27 55808 ----a-w- c:\windows\system32\drivers\rixdpe64.sys
2011-01-21 15:45 . 2009-07-02 07:54 60416 ----a-w- c:\windows\system32\drivers\rimspe64.sys
2011-01-21 15:45 . 2009-07-01 17:31 80896 ----a-w- c:\windows\system32\drivers\risdpe64.sys
2011-01-21 15:45 . 2009-05-28 17:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll
2011-01-21 15:45 . 2009-05-28 17:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll
2011-01-21 15:45 . 2007-07-25 11:48 172032 ----a-w- c:\windows\system32\rixdicon.dll
2011-01-21 15:45 . 2004-09-04 02:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-01-21 15:44 . 2011-01-21 15:44 -------- d-----w- c:\program files\DIFX
2011-01-21 15:44 . 2009-03-09 15:58 60416 ----a-w- c:\windows\system32\drivers\itecir.sys
2011-01-21 15:25 . 2011-01-24 22:48 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-21 15:10 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-01-21 15:10 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-21 14:52 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-21 14:52 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-01-21 14:52 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
2011-01-21 14:52 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-01-21 14:52 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-01-21 14:52 . 2010-08-21 06:36 340992 ----a-w- c:\windows\system32\schannel.dll
2011-01-21 14:52 . 2010-08-21 05:36 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-01-21 14:37 . 2011-01-23 14:41 -------- d-----w- c:\users\Uzivatel
2011-01-21 14:33 . 2011-01-21 14:33 0 ----a-w- c:\windows\ativpsrm.bin
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-09-23 13:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-01-23_16.18.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-17 20:42 . 2010-02-17 20:42 51584 c:\windows\SysWOW64\VBAME.DLL
+ 2010-02-20 16:20 . 2010-02-20 16:20 31616 c:\windows\SysWOW64\FM20ENU.DLL
+ 2011-01-24 16:44 . 2011-01-25 18:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:54 . 2011-01-25 18:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-25 18:18 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-25 18:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-24 20:07 . 2011-01-24 20:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
+ 2011-01-24 23:38 . 2011-01-25 07:00 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-31 13:29 . 2011-01-25 08:51 26854 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-25 13:26 45146 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-01-24 16:30 . 2010-03-29 19:30 60288 c:\windows\system32\spool\drivers\x64\SendToOneNoteUI.dll
+ 2011-01-24 16:30 . 2010-03-29 19:30 60288 c:\windows\system32\spool\drivers\x64\3\SendToOneNoteUI.dll
+ 2011-01-24 18:55 . 2010-11-22 08:50 69152 c:\windows\system32\DRVSTORE\lbd_2BFAE14A2571D592EE88E959EC890EF193C0C351\Lbd.sys
+ 2009-07-14 05:30 . 2011-01-23 21:16 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-01-22 21:07 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-01-23 21:06 . 2008-09-26 17:01 29696 c:\windows\system32\DriverStore\FileRepository\ewdcsc.inf_amd64_neutral_5adfcef2f9f73a10\ewdcsc.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 33632 c:\windows\system32\DriverStore\FileRepository\epfwndis.inf_amd64_neutral_d972e114a91e93d8\epfwndis.sys
+ 2010-07-07 10:26 . 2010-07-07 10:26 50696 c:\windows\system32\drivers\stflt.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 50624 c:\windows\system32\drivers\epfwwfp.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 33632 c:\windows\system32\drivers\epfwndis.sys
+ 2011-01-21 14:40 . 2011-01-25 18:54 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-21 14:40 . 2011-01-23 12:38 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-21 14:40 . 2011-01-23 12:38 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-01-21 14:40 . 2011-01-25 18:54 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-23 12:38 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-25 18:54 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-01-25 06:53 84576 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-10-31 13:14 . 2011-01-23 16:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-31 13:14 . 2011-01-25 13:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-31 13:14 . 2011-01-23 16:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-31 13:14 . 2011-01-25 13:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-24 22:39 . 2011-01-24 22:39 22528 c:\windows\Installer\7ee725.msi
+ 2011-01-24 22:36 . 2011-01-24 22:36 23040 c:\windows\Installer\7ee710.msi
+ 2011-01-24 22:36 . 2011-01-24 22:36 31232 c:\windows\Installer\7ee709.msi
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}\ARPPRODUCTICON.exe
+ 2011-01-24 23:10 . 2011-01-24 23:10 81920 c:\windows\Installer\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}\ARPPRODUCTICON.exe
+ 2011-01-24 22:36 . 2011-01-24 22:36 10134 c:\windows\Installer\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}\ARPPRODUCTICON.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}\ARPPRODUCTICON.exe
+ 2011-01-24 22:38 . 2011-01-24 22:38 10134 c:\windows\Installer\{925D058B-564A-443A-B4B2-7E90C6432E55}\ARPPRODUCTICON.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-24 22:36 . 2011-01-24 22:36 10134 c:\windows\Installer\{8557397C-A42D-486F-97B3-A2CBC2372593}\ARPPRODUCTICON.exe
+ 2011-01-24 22:40 . 2011-01-24 22:40 81920 c:\windows\Installer\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}\ARPPRODUCTICON.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe
+ 2011-01-23 20:00 . 2011-01-23 20:00 97384 c:\windows\Installer\{09AF5B93-E978-4597-9838-D393A8125A4F}\egui.exe
+ 2011-01-23 20:00 . 2011-01-23 20:00 10134 c:\windows\Installer\{09AF5B93-E978-4597-9838-D393A8125A4F}\callmsi.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
+ 2010-03-25 09:23 . 2010-03-25 09:23 31648 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SOCIALPROVIDER.DLL
+ 2010-02-28 01:22 . 2010-02-28 01:22 48504 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PUBTRAP.DLL
+ 2011-01-23 17:10 . 2011-01-23 17:10 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\83c64207e6517ef87908d7a8f7329217\System.Web.DynamicData.Design.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\327e4351187b26a668e82c2cb898bd5c\stdole.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 89088 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e5d19a095a085a841c98fc82b5c2044e\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 93696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\dfae97f933eefcca9acf8a9321a0446b\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 44544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\af3f974c41a0a6d286604f137124a91b\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 84480 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\a1cb3fcbc265ce987ea2980273a8fdbf\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\836ed534f6d844e6496bc04336870891\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\764cc14e94d80816a082c245ccb3da68\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 71680 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\673438edb3061ab2f2d3df31209a86b1\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 44032 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5c184a751e4017812680efca9ddc8d36\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 87040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\053884388b8a2549dfec77c12ab8ba6e\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-01-23 17:09 . 2011-01-23 17:09 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\895d760b0f30ebde7949dd96c8c38a58\LoadMxf.ni.exe
+ 2011-01-24 18:11 . 2011-01-24 18:11 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\c0609e0a5700bea77d81ba5240c2a972\stdole.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f6f25f1e8046b13064e8457ff3c423d8\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bebaf586a485445d635b10a9f88fc978\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ad8d2bc9637bac81dca2897ac44f52e4\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\aaeb9d9d4db496161bd2043e24a6e178\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a778c5fb19b65d22a02826063822e289\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 84992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6ef8fc34b37d0eb2f0ea46951be00cfe\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6e02b450be55f86dd985266269b18ecc\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\39085ffc4665917606e6a4cdcaa2c513\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2d0a966bb803036e6227c1d2e9032ab2\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0184548b91e6ba2544c8d7e89c6b6448\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2011-01-24 16:40 . 2011-01-24 16:40 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\14642f28528d469b68ab9a55cefe2aa6\Microsoft.Office.InfoPath.Permission.ni.dll
+ 2011-01-24 16:40 . 2011-01-24 16:40 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\ipdmctrl\c50a42454ab768ec5325f1ccfc430891\ipdmctrl.ni.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 38744 c:\windows\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 13392 c:\windows\assembly\GAC_MSIL\policy.3.5.System.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\policy.3.5.System.Data.SqlServerCe.dll
+ 2011-01-24 16:36 . 2011-01-24 16:36 13392 c:\windows\assembly\GAC_MSIL\policy.3.5.System.Data.SqlServerCe.Entity\3.5.0.0__89845dcd8080cc91\policy.3.5.System.Data.SqlServerCe.Entity.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 11104 c:\windows\assembly\GAC_MSIL\Policy.12.0.office\14.0.0.0__71e9bce111e9429c\Policy.12.0.Office.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11640 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Vbe.Interop.dll
+ 2011-01-24 16:35 . 2011-01-24 16:35 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Word\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Word.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.SmartTag\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.SmartTag.dll
+ 2011-01-24 16:34 . 2011-01-24 16:34 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Publisher\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Publisher.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.PowerPoint\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11672 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Outlook.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.InfoPath\14.0.0.0__71e9bce111e9429c\policy.12.0.Microsoft.Office.Interop.InfoPath.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.InfoPath.Xml\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Graph\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Graph.dll
+ 2011-01-24 16:38 . 2011-01-24 16:38 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Excel.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Access.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Access.Dao\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Access.Dao.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.InfoPath\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.InfoPath.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.InfoPath.Permission\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.InfoPath.Permission.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.InfoPath.FormControl\14.0.0.0__71e9bce111e9429c\policy.12.0.Microsoft.Office.InfoPath.FormControl.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.InfoPath.Client.Internal.Host\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.InfoPath.Client.Internal.Host.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 11104 c:\windows\assembly\GAC_MSIL\Policy.11.0.office\14.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11640 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2011-01-24 16:35 . 2011-01-24 16:35 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Word\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.SmartTag\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2011-01-24 16:34 . 2011-01-24 16:34 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Publisher\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.PowerPoint\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11672 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.InfoPath\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Graph\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2011-01-24 16:36 . 2011-01-24 16:36 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 86016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 65536 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 36864 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 77824 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 86016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 53248 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 36864 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 49152 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 65536 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 81920 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 77824 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 40960 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 71592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 38808 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 22016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 38832 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
+ 2011-01-24 16:35 . 2011-01-24 16:35 63336 c:\windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 95312 c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.SqlServerCe.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Outlook.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Outlook.v9.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 19320 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.SmartTag\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 25480 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 46968 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 16248 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 87936 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.InfoPath.Xml\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2011-01-24 16:35 . 2011-01-24 16:35 79744 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access.Dao\14.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 59248 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 34680 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\14.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 14224 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Permission\14.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 42880 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\14.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 51072 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.AutoGen\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.AutoGen.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 51072 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.Intl.dll
+ 2011-01-24 16:29 . 2011-01-24 16:29 51072 c:\windows\assembly\GAC_MSIL\microsoft.office.businessapplications.syncservices.intl.resources\14.0.0.0_cs_71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.Intl.Resources.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 79744 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.RuntimeUi.Intl.dll
+ 2011-01-24 16:29 . 2011-01-24 16:29 46976 c:\windows\assembly\GAC_MSIL\microsoft.office.businessapplications.runtimeui.intl.resources\14.0.0.0_cs_71e9bce111e9429c\Microsoft.Office.BusinessApplications.RuntimeUi.intl.resources.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 18304 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.Intl.dll
+ 2011-01-24 16:29 . 2011-01-24 16:29 19840 c:\windows\assembly\GAC_MSIL\microsoft.office.businessapplications.runtime.intl.resources\14.0.0.0_cs_71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.intl.resources.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 96128 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Diagnostics\14.0.0.0__71e9bce111e9429c\microsoft.office.businessapplications.diagnostics.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 30608 c:\windows\assembly\GAC_MSIL\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL
+ 2011-01-24 16:34 . 2011-01-24 16:34 16384 c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 13312 c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2011-01-21 15:54 . 2011-01-25 13:26 4852 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3410654921-2379246276-3220479279-1002_UserData.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 9560 c:\windows\system32\NetworkList\Icons\{F8396479-E2FB-4B12-8A6B-7B24D67793D1}_48.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 4280 c:\windows\system32\NetworkList\Icons\{F8396479-E2FB-4B12-8A6B-7B24D67793D1}_32.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 2456 c:\windows\system32\NetworkList\Icons\{F8396479-E2FB-4B12-8A6B-7B24D67793D1}_24.bin
+ 2011-01-23 16:22 . 2011-01-23 16:22 9560 c:\windows\system32\NetworkList\Icons\{F13E0550-C4A7-4C51-86CD-37AE9E108A09}_48.bin
+ 2011-01-23 16:22 . 2011-01-23 16:22 4280 c:\windows\system32\NetworkList\Icons\{F13E0550-C4A7-4C51-86CD-37AE9E108A09}_32.bin
+ 2011-01-23 16:22 . 2011-01-23 16:22 2456 c:\windows\system32\NetworkList\Icons\{F13E0550-C4A7-4C51-86CD-37AE9E108A09}_24.bin
+ 2011-01-24 13:19 . 2011-01-24 13:19 9560 c:\windows\system32\NetworkList\Icons\{BC270BF7-F4B3-4FAF-8DAF-63E10A2BE280}_48.bin
+ 2011-01-24 13:19 . 2011-01-24 13:19 4280 c:\windows\system32\NetworkList\Icons\{BC270BF7-F4B3-4FAF-8DAF-63E10A2BE280}_32.bin
+ 2011-01-24 13:19 . 2011-01-24 13:19 2456 c:\windows\system32\NetworkList\Icons\{BC270BF7-F4B3-4FAF-8DAF-63E10A2BE280}_24.bin
+ 2011-01-24 11:44 . 2011-01-24 11:44 9560 c:\windows\system32\NetworkList\Icons\{AFFFAA72-B070-47E0-95E2-B64A91ED006E}_48.bin
+ 2011-01-24 11:44 . 2011-01-24 11:44 4280 c:\windows\system32\NetworkList\Icons\{AFFFAA72-B070-47E0-95E2-B64A91ED006E}_32.bin
+ 2011-01-24 11:44 . 2011-01-24 11:44 2456 c:\windows\system32\NetworkList\Icons\{AFFFAA72-B070-47E0-95E2-B64A91ED006E}_24.bin
+ 2011-01-24 11:39 . 2011-01-24 11:39 9560 c:\windows\system32\NetworkList\Icons\{A318229C-95D0-4E35-9573-41362304CD52}_48.bin
+ 2011-01-24 11:39 . 2011-01-24 11:39 4280 c:\windows\system32\NetworkList\Icons\{A318229C-95D0-4E35-9573-41362304CD52}_32.bin
+ 2011-01-24 11:39 . 2011-01-24 11:39 2456 c:\windows\system32\NetworkList\Icons\{A318229C-95D0-4E35-9573-41362304CD52}_24.bin
+ 2011-01-23 21:16 . 2011-01-23 21:16 9560 c:\windows\system32\NetworkList\Icons\{A0C069EF-DEC0-4DA8-B25A-57B6F86EE7BB}_48.bin
+ 2011-01-23 21:16 . 2011-01-23 21:16 4280 c:\windows\system32\NetworkList\Icons\{A0C069EF-DEC0-4DA8-B25A-57B6F86EE7BB}_32.bin
+ 2011-01-23 21:16 . 2011-01-23 21:16 2456 c:\windows\system32\NetworkList\Icons\{A0C069EF-DEC0-4DA8-B25A-57B6F86EE7BB}_24.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 9560 c:\windows\system32\NetworkList\Icons\{709A7FD7-BC39-4384-89CD-FF5CABB6310C}_48.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 4280 c:\windows\system32\NetworkList\Icons\{709A7FD7-BC39-4384-89CD-FF5CABB6310C}_32.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 2456 c:\windows\system32\NetworkList\Icons\{709A7FD7-BC39-4384-89CD-FF5CABB6310C}_24.bin
+ 2011-01-23 19:04 . 2011-01-23 19:04 9560 c:\windows\system32\NetworkList\Icons\{12C7E43A-3CCD-427A-9D5E-467629A57AE2}_48.bin
+ 2011-01-23 19:04 . 2011-01-23 19:04 4280 c:\windows\system32\NetworkList\Icons\{12C7E43A-3CCD-427A-9D5E-467629A57AE2}_32.bin
+ 2011-01-23 19:04 . 2011-01-23 19:04 2456 c:\windows\system32\NetworkList\Icons\{12C7E43A-3CCD-427A-9D5E-467629A57AE2}_24.bin
+ 2011-01-24 19:40 . 2011-01-24 19:40 9560 c:\windows\system32\NetworkList\Icons\{09B04993-D664-4D6F-8260-DB7E1592D643}_48.bin
+ 2011-01-24 19:40 . 2011-01-24 19:40 4280 c:\windows\system32\NetworkList\Icons\{09B04993-D664-4D6F-8260-DB7E1592D643}_32.bin
+ 2011-01-24 19:40 . 2011-01-24 19:40 2456 c:\windows\system32\NetworkList\Icons\{09B04993-D664-4D6F-8260-DB7E1592D643}_24.bin
- 2011-01-23 15:56 . 2011-01-23 15:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-25 18:17 . 2011-01-25 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-25 18:17 . 2011-01-25 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-01-23 15:56 . 2011-01-23 15:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-24 16:32 . 2011-01-24 16:32 4096 c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 4608 c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2010-03-05 09:13 . 2010-03-05 09:13 947472 c:\windows\SysWOW64\msjava.dll
+ 2011-01-21 17:42 . 2011-01-25 10:37 128548 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-01-24 16:30 . 2009-07-14 01:30 762368 c:\windows\system32\spool\drivers\x64\unires.dll
+ 2011-01-24 16:30 . 2009-07-14 01:41 884224 c:\windows\system32\spool\drivers\x64\unidrvui.dll
+ 2011-01-24 16:30 . 2009-07-14 01:41 479232 c:\windows\system32\spool\drivers\x64\unidrv.dll
+ 2011-01-24 16:30 . 2010-03-29 19:30 114568 c:\windows\system32\spool\drivers\x64\SendToOneNoteFilter.dll
+ 2011-01-24 16:30 . 2009-07-14 01:41 715264 c:\windows\system32\spool\drivers\x64\mxdwdrv.dll
+ 2011-01-24 16:30 . 2010-03-29 19:30 114568 c:\windows\system32\spool\drivers\x64\3\SendToOneNoteFilter.dll
- 2009-07-14 02:36 . 2011-01-23 16:00 616008 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-01-25 15:48 616008 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-01-25 15:48 631292 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-01-23 16:00 631292 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-01-25 15:48 106388 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-01-23 16:00 106388 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2011-01-25 15:48 121914 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2011-01-23 16:00 121914 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:30 . 2011-01-23 21:16 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-01-22 21:07 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-01-23 21:07 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-01-22 16:55 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-01-23 21:06 . 2008-09-26 17:03 691712 c:\windows\system32\DriverStore\FileRepository\mod7700.inf_amd64_neutral_be95eabbd110b321\mod7700.sys
+ 2011-01-23 21:06 . 2008-09-26 17:02 115328 c:\windows\system32\DriverStore\FileRepository\ewser2k.inf_amd64_neutral_9748fe191fd1a725\ewusbmdm.sys
+ 2011-01-23 21:06 . 2008-09-26 17:02 133632 c:\windows\system32\DriverStore\FileRepository\ewnet.inf_amd64_neutral_2702b0551ac1628a\ewusbnet.sys
+ 2011-01-23 21:06 . 2008-09-26 17:02 115328 c:\windows\system32\DriverStore\FileRepository\ewmdm2k.inf_amd64_neutral_b0a01efcd487c7bd\ewusbmdm.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 171152 c:\windows\system32\drivers\epfw.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 141264 c:\windows\system32\drivers\ehdrv.sys
+ 2010-09-03 05:13 . 2010-09-03 05:13 170104 c:\windows\system32\drivers\eamonm.sys
- 2009-07-14 05:12 . 2011-01-23 12:38 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-01-24 19:59 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-22 14:48 . 2011-01-25 18:17 854696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-08-05 16:41 . 2010-08-05 16:41 127488 c:\windows\Installer\b9ab4c.msp
+ 2010-07-22 01:43 . 2010-07-22 01:43 257024 c:\windows\Installer\b9ab12.msp
+ 2010-07-22 17:28 . 2010-07-22 17:28 287232 c:\windows\Installer\b9aae2.msp
+ 2009-07-21 23:31 . 2009-07-21 23:31 209408 c:\windows\Installer\b9aab2.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 510976 c:\windows\Installer\7ee717.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 532992 c:\windows\Installer\7ee6fb.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 620032 c:\windows\Installer\7ee6ed.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 607744 c:\windows\Installer\7ee6d8.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 606208 c:\windows\Installer\7ee6d1.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 725504 c:\windows\Installer\7ee6bc.msi
+ 2008-08-31 19:35 . 2008-08-31 19:35 240128 c:\windows\Installer\5d69b2.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 651264 c:\windows\Installer\11edd0.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 656896 c:\windows\Installer\11edc8.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 663040 c:\windows\Installer\11edc0.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 654848 c:\windows\Installer\11edb8.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 653312 c:\windows\Installer\11edb0.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 654848 c:\windows\Installer\11eda0.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 571232 c:\windows\Installer\{90140000-006E-0405-0000-0000000FF1CE}\misc.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2010-03-01 03:56 . 2010-03-01 03:56 604024 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PUBCONV.DLL
+ 2010-01-09 20:50 . 2010-01-09 20:50 119160 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSCONV97.DLL
+ 2010-03-01 03:56 . 2010-03-01 03:56 457104 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MORPH9.DLL
+ 2010-02-28 01:19 . 2010-02-28 01:19 211320 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CLVIEW.EXE
+ 2011-01-24 18:13 . 2011-01-24 18:13 417280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\ca051cbe740273181b7c9bd399f81b11\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 302592 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\95d92a700a1fba76f89a30ab46864f10\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\02df6648ef501c7febb72ef9c59fab47\System.Web.Routing.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\41a3cd5d1a21e48f3abb9736e77664ae\System.Web.Entity.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\c859c4a6661db4ca62a5006df6427bc8\System.Web.Entity.Design.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\e96d65644a700fe5c931accdfa1fc319\System.Web.DynamicData.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c5e32b71231a8276885dbbedf1d8f9cd\System.Web.Abstractions.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d985950b9030c0d671ef0ddd114b345a\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 209920 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d9040c5a3133208eb85362e87945f6f5\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 226816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d7c7412e68df7d21df8663b9a41f5d1a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 390656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d5e6b0555dd62538d991296d61473e34\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\c54a42eb478000a161fbb696147427cd\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 970240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\c4309f27196970c335f0765916672d6b\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 494592 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\bb4aa9f080163996dd6fd5462041f67b\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 232448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\b84c6c7330f547c2b197646af02a1cf0\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 277504 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\93b394ff0f0bdfe94ee498898505a6e4\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 777728 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\84f1c6b247f114fdd0128716394a6c37\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\771116fb5665de5ebf36aa83c7368950\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\6e5cfdc531a46544de487c73ed4c69aa\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 499200 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\25fab27f4cbff94c4104be5e3494f2d9\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 226816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\186832f1fd33e1facf4b9d025f6785ac\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\161778b8473b8886f3c9f8c8a6a50940\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 202240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\12d7273cf1ec0dbb2c2e5a0c26a5a6cd\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\f2f21fe09881d0d4e7e88df620f83941\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\0fdf6298568d1383127c2b8eb922551a\Microsoft.Office.Tools.v9.0.ni.dll
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4021.2491 [GMT 1:00]
Spuštěný z: d:\plocha\ComboFix.exe
Použité ovládací přepínače :: d:\plocha\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
FILE ::
"c:\windows\system32\drivers\duuu.sys"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job"
"c:\windows\tasks\PCDoctorBackgroundMonitorTask.job"
"c:\windows\tasks\SystemToolsDailyTest.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files (x86)\ICQ6Toolbar
c:\program files (x86)\ICQ6Toolbar\config.xml
c:\program files (x86)\ICQ6Toolbar\Icons.bmp
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\ICQ6Toolbar\icq6Toolbar.ico
c:\program files (x86)\ICQ6Toolbar\ICQToolBar.dll
c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files (x86)\ICQ6Toolbar\logo_small.gif
c:\program files (x86)\ICQ6Toolbar\ServiceStarter.exe
c:\program files (x86)\ICQ6Toolbar\short.wav
c:\program files (x86)\ICQ6Toolbar\Version.txt
c:\program files (x86)\ICQ6Toolbar\voucher.bmp
c:\program files (x86)\ICQ6Toolbar\voucher2.bmp
c:\programdata\AutoKMS
c:\programdata\AutoKMS\AutoKMS.cmd
c:\programdata\AutoKMS\Resources\LicenseManagement\ospp.vbs
c:\programdata\AutoKMS\Resources\LicenseManagement\osppc.dll
c:\programdata\AutoKMS\Resources\LicenseManagement\slerror.xml
c:\programdata\AutoKMS\Resources\MSGBox\Messagebox.exe
c:\programdata\AutoKMS\Resources\StartX\StartX.exe
c:\programdata\PCDr\5744\Downloads\3f27aeb4-f0e2-4006-92ee-e1f5a49cf45f.dll
c:\programdata\PCDr\5744\Downloads\69282cc9-4087-49e4-b903-9638b4f63ccc.dll
c:\programdata\PCDr\5744\Downloads\ace5304d-f4d3-4e03-9b43-c1113c682910.dll
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job
c:\windows\tasks\PCDoctorBackgroundMonitorTask.job
c:\windows\tasks\SystemToolsDailyTest.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_rxpsra
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-25 do 2011-01-25 )))))))))))))))))))))))))))))))
.
2011-01-25 18:16 . 2011-01-25 18:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 16:57 . 2011-01-20 09:39 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FBE82C3-7D06-46C4-8B6E-C97E75082CFB}\mpengine.dll
2011-01-25 16:44 . 2011-01-25 16:44 -------- d-----w- C:\rsit
2011-01-25 14:20 . 2011-01-25 16:44 -------- d-----w- c:\program files\trend micro
2011-01-24 23:38 . 2011-01-24 23:38 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-01-24 23:11 . 2011-01-24 23:11 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-01-24 22:51 . 2011-01-24 22:51 -------- d-----w- c:\programdata\ALM
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\My Company Name
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-01-24 22:39 . 2009-07-09 02:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2011-01-24 22:39 . 2009-06-23 02:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2011-01-24 22:39 . 2009-06-23 02:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2011-01-24 22:36 . 2011-01-24 22:56 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-24 22:36 . 2011-01-24 22:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-01-24 19:02 . 2010-11-22 08:50 15880 ----a-w- c:\windows\system32\lsdelete.exe
2011-01-24 18:55 . 2011-01-24 18:55 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-24 18:55 . 2010-11-22 08:50 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-01-24 18:36 . 2011-01-24 18:36 -------- dc-h--w- c:\programdata\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}
2011-01-24 18:36 . 2011-01-24 18:55 -------- d-----w- c:\programdata\Lavasoft
2011-01-24 16:32 . 2011-01-24 16:32 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\windows\PCHEALTH
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-01-24 16:30 . 2011-01-24 16:30 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-01-24 16:29 . 2011-01-24 16:29 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-01-24 16:29 . 2011-01-25 07:00 -------- d-----w- c:\programdata\Microsoft Help
2011-01-23 21:07 . 2008-09-26 17:03 691712 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-01-23 21:07 . 2008-09-26 17:02 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-01-23 21:07 . 2008-09-26 17:02 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-01-23 21:07 . 2008-09-26 17:01 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-01-22 23:24 . 2011-01-23 21:12 -------- d-----w- c:\users\Administrator
2011-01-22 20:57 . 2007-04-04 17:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-01-22 20:55 . 2011-01-22 20:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-22 18:51 . 2011-01-22 18:52 -------- d-----w- c:\programdata\Xfire
2011-01-22 17:50 . 2011-01-22 17:50 -------- d-----w- c:\program files (x86)\WinPcap
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\programdata\ICQ
2011-01-22 16:55 . 2011-01-22 16:55 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-22 16:54 . 2011-01-22 16:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-22 16:33 . 2011-01-22 16:33 -------- d-----w- c:\programdata\Skype
2011-01-22 14:44 . 2011-01-22 14:45 -------- d-----w- c:\program files\Dell Support Center
2011-01-22 14:18 . 2011-01-22 16:16 -------- d-----w- c:\programdata\PCDr
2011-01-22 14:15 . 2011-01-22 14:15 -------- d-----w- c:\program files\Synaptics
2011-01-22 14:15 . 2010-04-22 16:17 318000 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-01-22 14:15 . 2010-04-22 16:14 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2011-01-22 14:15 . 2010-04-22 16:14 214824 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-01-22 14:15 . 2010-04-22 16:14 147752 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-01-22 14:15 . 2010-04-22 16:14 265000 ----a-w- c:\windows\system32\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:14 210216 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:13 173352 ----a-w- c:\windows\SysWow64\SynCOM.dll
2011-01-22 14:15 . 2010-04-22 16:13 396584 ----a-w- c:\windows\system32\SynCOM.dll
2011-01-22 14:15 . 2009-08-07 08:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-01-21 17:50 . 2009-12-04 07:26 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-01-21 17:50 . 2009-12-04 07:26 51712 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-01-21 17:50 . 2009-11-14 22:38 30296 ----a-w- c:\windows\system32\drivers\msahci.sys
2011-01-21 17:50 . 2009-11-12 19:56 91648 ----a-w- c:\windows\system32\isoburn.exe
2011-01-21 17:50 . 2009-11-12 19:42 86528 ----a-w- c:\windows\SysWow64\isoburn.exe
2011-01-21 17:49 . 2009-10-07 02:34 327680 ----a-w- c:\windows\system32\drivers\udfs.sys
2011-01-21 17:49 . 2011-01-21 17:50 -------- d-----w- c:\program files (x86)\Dell
2011-01-21 17:48 . 2011-01-21 17:49 -------- d-----w- c:\programdata\Dell
2011-01-21 17:48 . 2011-01-24 21:56 -------- d-----w- c:\program files\Dell
2011-01-21 15:45 . 2011-01-22 17:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-01-21 15:45 . 2009-07-04 18:27 55808 ----a-w- c:\windows\system32\drivers\rixdpe64.sys
2011-01-21 15:45 . 2009-07-02 07:54 60416 ----a-w- c:\windows\system32\drivers\rimspe64.sys
2011-01-21 15:45 . 2009-07-01 17:31 80896 ----a-w- c:\windows\system32\drivers\risdpe64.sys
2011-01-21 15:45 . 2009-05-28 17:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll
2011-01-21 15:45 . 2009-05-28 17:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll
2011-01-21 15:45 . 2007-07-25 11:48 172032 ----a-w- c:\windows\system32\rixdicon.dll
2011-01-21 15:45 . 2004-09-04 02:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-01-21 15:44 . 2011-01-21 15:44 -------- d-----w- c:\program files\DIFX
2011-01-21 15:44 . 2009-03-09 15:58 60416 ----a-w- c:\windows\system32\drivers\itecir.sys
2011-01-21 15:25 . 2011-01-24 22:48 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-21 15:10 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-01-21 15:10 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-21 14:52 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-21 14:52 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-01-21 14:52 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
2011-01-21 14:52 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-01-21 14:52 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-01-21 14:52 . 2010-08-21 06:36 340992 ----a-w- c:\windows\system32\schannel.dll
2011-01-21 14:52 . 2010-08-21 05:36 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-01-21 14:37 . 2011-01-23 14:41 -------- d-----w- c:\users\Uzivatel
2011-01-21 14:33 . 2011-01-21 14:33 0 ----a-w- c:\windows\ativpsrm.bin
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-09-23 13:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-01-23_16.18.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-17 20:42 . 2010-02-17 20:42 51584 c:\windows\SysWOW64\VBAME.DLL
+ 2010-02-20 16:20 . 2010-02-20 16:20 31616 c:\windows\SysWOW64\FM20ENU.DLL
+ 2011-01-24 16:44 . 2011-01-25 18:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:54 . 2011-01-25 18:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-25 18:18 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-25 18:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-24 20:07 . 2011-01-24 20:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
+ 2011-01-24 23:38 . 2011-01-25 07:00 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-31 13:29 . 2011-01-25 08:51 26854 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-25 13:26 45146 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-01-24 16:30 . 2010-03-29 19:30 60288 c:\windows\system32\spool\drivers\x64\SendToOneNoteUI.dll
+ 2011-01-24 16:30 . 2010-03-29 19:30 60288 c:\windows\system32\spool\drivers\x64\3\SendToOneNoteUI.dll
+ 2011-01-24 18:55 . 2010-11-22 08:50 69152 c:\windows\system32\DRVSTORE\lbd_2BFAE14A2571D592EE88E959EC890EF193C0C351\Lbd.sys
+ 2009-07-14 05:30 . 2011-01-23 21:16 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-01-22 21:07 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-01-23 21:06 . 2008-09-26 17:01 29696 c:\windows\system32\DriverStore\FileRepository\ewdcsc.inf_amd64_neutral_5adfcef2f9f73a10\ewdcsc.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 33632 c:\windows\system32\DriverStore\FileRepository\epfwndis.inf_amd64_neutral_d972e114a91e93d8\epfwndis.sys
+ 2010-07-07 10:26 . 2010-07-07 10:26 50696 c:\windows\system32\drivers\stflt.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 50624 c:\windows\system32\drivers\epfwwfp.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 33632 c:\windows\system32\drivers\epfwndis.sys
+ 2011-01-21 14:40 . 2011-01-25 18:54 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-21 14:40 . 2011-01-23 12:38 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-21 14:40 . 2011-01-23 12:38 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-01-21 14:40 . 2011-01-25 18:54 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-23 12:38 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-25 18:54 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-01-25 06:53 84576 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-10-31 13:14 . 2011-01-23 16:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-31 13:14 . 2011-01-25 13:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-31 13:14 . 2011-01-23 16:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-31 13:14 . 2011-01-25 13:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-24 22:39 . 2011-01-24 22:39 22528 c:\windows\Installer\7ee725.msi
+ 2011-01-24 22:36 . 2011-01-24 22:36 23040 c:\windows\Installer\7ee710.msi
+ 2011-01-24 22:36 . 2011-01-24 22:36 31232 c:\windows\Installer\7ee709.msi
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}\ARPPRODUCTICON.exe
+ 2011-01-24 23:10 . 2011-01-24 23:10 81920 c:\windows\Installer\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}\ARPPRODUCTICON.exe
+ 2011-01-24 22:36 . 2011-01-24 22:36 10134 c:\windows\Installer\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}\ARPPRODUCTICON.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}\ARPPRODUCTICON.exe
+ 2011-01-24 22:38 . 2011-01-24 22:38 10134 c:\windows\Installer\{925D058B-564A-443A-B4B2-7E90C6432E55}\ARPPRODUCTICON.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-24 22:36 . 2011-01-24 22:36 10134 c:\windows\Installer\{8557397C-A42D-486F-97B3-A2CBC2372593}\ARPPRODUCTICON.exe
+ 2011-01-24 22:40 . 2011-01-24 22:40 81920 c:\windows\Installer\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}\ARPPRODUCTICON.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}\ARPPRODUCTICON.exe
+ 2011-01-24 22:35 . 2011-01-24 22:35 10134 c:\windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe
+ 2011-01-23 20:00 . 2011-01-23 20:00 97384 c:\windows\Installer\{09AF5B93-E978-4597-9838-D393A8125A4F}\egui.exe
+ 2011-01-23 20:00 . 2011-01-23 20:00 10134 c:\windows\Installer\{09AF5B93-E978-4597-9838-D393A8125A4F}\callmsi.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2011-01-24 22:34 . 2011-01-24 22:34 10134 c:\windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
+ 2010-03-25 09:23 . 2010-03-25 09:23 31648 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SOCIALPROVIDER.DLL
+ 2010-02-28 01:22 . 2010-02-28 01:22 48504 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PUBTRAP.DLL
+ 2011-01-23 17:10 . 2011-01-23 17:10 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\83c64207e6517ef87908d7a8f7329217\System.Web.DynamicData.Design.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\327e4351187b26a668e82c2cb898bd5c\stdole.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 89088 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\e5d19a095a085a841c98fc82b5c2044e\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 93696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\dfae97f933eefcca9acf8a9321a0446b\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 44544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\af3f974c41a0a6d286604f137124a91b\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 84480 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\a1cb3fcbc265ce987ea2980273a8fdbf\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\836ed534f6d844e6496bc04336870891\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\764cc14e94d80816a082c245ccb3da68\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 71680 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\673438edb3061ab2f2d3df31209a86b1\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 44032 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\5c184a751e4017812680efca9ddc8d36\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 87040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\053884388b8a2549dfec77c12ab8ba6e\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-01-23 17:09 . 2011-01-23 17:09 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\895d760b0f30ebde7949dd96c8c38a58\LoadMxf.ni.exe
+ 2011-01-24 18:11 . 2011-01-24 18:11 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\c0609e0a5700bea77d81ba5240c2a972\stdole.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\f6f25f1e8046b13064e8457ff3c423d8\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\bebaf586a485445d635b10a9f88fc978\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 58368 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ad8d2bc9637bac81dca2897ac44f52e4\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\aaeb9d9d4db496161bd2043e24a6e178\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a778c5fb19b65d22a02826063822e289\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 84992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6ef8fc34b37d0eb2f0ea46951be00cfe\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6e02b450be55f86dd985266269b18ecc\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 54784 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\39085ffc4665917606e6a4cdcaa2c513\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 66560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2d0a966bb803036e6227c1d2e9032ab2\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.ni.dll
+ 2011-01-24 18:11 . 2011-01-24 18:11 28160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0184548b91e6ba2544c8d7e89c6b6448\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.ni.dll
+ 2011-01-24 16:40 . 2011-01-24 16:40 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\14642f28528d469b68ab9a55cefe2aa6\Microsoft.Office.InfoPath.Permission.ni.dll
+ 2011-01-24 16:40 . 2011-01-24 16:40 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\ipdmctrl\c50a42454ab768ec5325f1ccfc430891\ipdmctrl.ni.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 38744 c:\windows\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 13392 c:\windows\assembly\GAC_MSIL\policy.3.5.System.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\policy.3.5.System.Data.SqlServerCe.dll
+ 2011-01-24 16:36 . 2011-01-24 16:36 13392 c:\windows\assembly\GAC_MSIL\policy.3.5.System.Data.SqlServerCe.Entity\3.5.0.0__89845dcd8080cc91\policy.3.5.System.Data.SqlServerCe.Entity.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 11104 c:\windows\assembly\GAC_MSIL\Policy.12.0.office\14.0.0.0__71e9bce111e9429c\Policy.12.0.Office.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11640 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Vbe.Interop.dll
+ 2011-01-24 16:35 . 2011-01-24 16:35 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Word\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Word.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.SmartTag\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.SmartTag.dll
+ 2011-01-24 16:34 . 2011-01-24 16:34 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Publisher\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Publisher.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.PowerPoint\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11672 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Outlook.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.InfoPath\14.0.0.0__71e9bce111e9429c\policy.12.0.Microsoft.Office.Interop.InfoPath.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.InfoPath.Xml\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Graph\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Graph.dll
+ 2011-01-24 16:38 . 2011-01-24 16:38 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Excel.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11656 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Access.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.Interop.Access.Dao\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.Interop.Access.Dao.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.InfoPath\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.InfoPath.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.InfoPath.Permission\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.InfoPath.Permission.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.InfoPath.FormControl\14.0.0.0__71e9bce111e9429c\policy.12.0.Microsoft.Office.InfoPath.FormControl.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.12.0.Microsoft.Office.InfoPath.Client.Internal.Host\14.0.0.0__71e9bce111e9429c\Policy.12.0.Microsoft.Office.InfoPath.Client.Internal.Host.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 11104 c:\windows\assembly\GAC_MSIL\Policy.11.0.office\14.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11640 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2011-01-24 16:35 . 2011-01-24 16:35 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Word\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.SmartTag\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2011-01-24 16:34 . 2011-01-24 16:34 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Publisher\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.PowerPoint\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11672 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.InfoPath\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11664 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Graph\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2011-01-24 16:36 . 2011-01-24 16:36 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 11656 c:\windows\assembly\GAC_MSIL\Policy.11.0.Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 86016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 65536 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 36864 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 77824 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 86016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 53248 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 36864 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 49152 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 65536 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 81920 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 77824 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 40960 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 71592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 38808 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 22016 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 38832 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 45056 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
+ 2011-01-24 16:35 . 2011-01-24 16:35 63336 c:\windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop\14.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 95312 c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.SqlServerCe.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.v9.0.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Outlook.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Outlook.v9.0.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 19320 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.SmartTag\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 25480 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OutlookViewCtl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2011-01-24 16:33 . 2011-01-24 16:33 46968 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 16248 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 87936 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.InfoPath.Xml\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2011-01-24 16:35 . 2011-01-24 16:35 79744 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access.Dao\14.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 59248 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 34680 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\14.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 14224 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Permission\14.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 42880 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\14.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 51072 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.AutoGen\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.AutoGen.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 51072 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.Intl.dll
+ 2011-01-24 16:29 . 2011-01-24 16:29 51072 c:\windows\assembly\GAC_MSIL\microsoft.office.businessapplications.syncservices.intl.resources\14.0.0.0_cs_71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.Intl.Resources.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 79744 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.RuntimeUi.Intl.dll
+ 2011-01-24 16:29 . 2011-01-24 16:29 46976 c:\windows\assembly\GAC_MSIL\microsoft.office.businessapplications.runtimeui.intl.resources\14.0.0.0_cs_71e9bce111e9429c\Microsoft.Office.BusinessApplications.RuntimeUi.intl.resources.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 18304 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.Intl.dll
+ 2011-01-24 16:29 . 2011-01-24 16:29 19840 c:\windows\assembly\GAC_MSIL\microsoft.office.businessapplications.runtime.intl.resources\14.0.0.0_cs_71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.intl.resources.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 96128 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Diagnostics\14.0.0.0__71e9bce111e9429c\microsoft.office.businessapplications.diagnostics.dll
+ 2011-01-24 16:31 . 2011-01-24 16:31 30608 c:\windows\assembly\GAC_MSIL\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL
+ 2011-01-24 16:34 . 2011-01-24 16:34 16384 c:\windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2011-01-24 16:32 . 2011-01-24 16:32 13312 c:\windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2011-01-21 15:54 . 2011-01-25 13:26 4852 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3410654921-2379246276-3220479279-1002_UserData.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 9560 c:\windows\system32\NetworkList\Icons\{F8396479-E2FB-4B12-8A6B-7B24D67793D1}_48.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 4280 c:\windows\system32\NetworkList\Icons\{F8396479-E2FB-4B12-8A6B-7B24D67793D1}_32.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 2456 c:\windows\system32\NetworkList\Icons\{F8396479-E2FB-4B12-8A6B-7B24D67793D1}_24.bin
+ 2011-01-23 16:22 . 2011-01-23 16:22 9560 c:\windows\system32\NetworkList\Icons\{F13E0550-C4A7-4C51-86CD-37AE9E108A09}_48.bin
+ 2011-01-23 16:22 . 2011-01-23 16:22 4280 c:\windows\system32\NetworkList\Icons\{F13E0550-C4A7-4C51-86CD-37AE9E108A09}_32.bin
+ 2011-01-23 16:22 . 2011-01-23 16:22 2456 c:\windows\system32\NetworkList\Icons\{F13E0550-C4A7-4C51-86CD-37AE9E108A09}_24.bin
+ 2011-01-24 13:19 . 2011-01-24 13:19 9560 c:\windows\system32\NetworkList\Icons\{BC270BF7-F4B3-4FAF-8DAF-63E10A2BE280}_48.bin
+ 2011-01-24 13:19 . 2011-01-24 13:19 4280 c:\windows\system32\NetworkList\Icons\{BC270BF7-F4B3-4FAF-8DAF-63E10A2BE280}_32.bin
+ 2011-01-24 13:19 . 2011-01-24 13:19 2456 c:\windows\system32\NetworkList\Icons\{BC270BF7-F4B3-4FAF-8DAF-63E10A2BE280}_24.bin
+ 2011-01-24 11:44 . 2011-01-24 11:44 9560 c:\windows\system32\NetworkList\Icons\{AFFFAA72-B070-47E0-95E2-B64A91ED006E}_48.bin
+ 2011-01-24 11:44 . 2011-01-24 11:44 4280 c:\windows\system32\NetworkList\Icons\{AFFFAA72-B070-47E0-95E2-B64A91ED006E}_32.bin
+ 2011-01-24 11:44 . 2011-01-24 11:44 2456 c:\windows\system32\NetworkList\Icons\{AFFFAA72-B070-47E0-95E2-B64A91ED006E}_24.bin
+ 2011-01-24 11:39 . 2011-01-24 11:39 9560 c:\windows\system32\NetworkList\Icons\{A318229C-95D0-4E35-9573-41362304CD52}_48.bin
+ 2011-01-24 11:39 . 2011-01-24 11:39 4280 c:\windows\system32\NetworkList\Icons\{A318229C-95D0-4E35-9573-41362304CD52}_32.bin
+ 2011-01-24 11:39 . 2011-01-24 11:39 2456 c:\windows\system32\NetworkList\Icons\{A318229C-95D0-4E35-9573-41362304CD52}_24.bin
+ 2011-01-23 21:16 . 2011-01-23 21:16 9560 c:\windows\system32\NetworkList\Icons\{A0C069EF-DEC0-4DA8-B25A-57B6F86EE7BB}_48.bin
+ 2011-01-23 21:16 . 2011-01-23 21:16 4280 c:\windows\system32\NetworkList\Icons\{A0C069EF-DEC0-4DA8-B25A-57B6F86EE7BB}_32.bin
+ 2011-01-23 21:16 . 2011-01-23 21:16 2456 c:\windows\system32\NetworkList\Icons\{A0C069EF-DEC0-4DA8-B25A-57B6F86EE7BB}_24.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 9560 c:\windows\system32\NetworkList\Icons\{709A7FD7-BC39-4384-89CD-FF5CABB6310C}_48.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 4280 c:\windows\system32\NetworkList\Icons\{709A7FD7-BC39-4384-89CD-FF5CABB6310C}_32.bin
+ 2011-01-24 19:47 . 2011-01-24 19:47 2456 c:\windows\system32\NetworkList\Icons\{709A7FD7-BC39-4384-89CD-FF5CABB6310C}_24.bin
+ 2011-01-23 19:04 . 2011-01-23 19:04 9560 c:\windows\system32\NetworkList\Icons\{12C7E43A-3CCD-427A-9D5E-467629A57AE2}_48.bin
+ 2011-01-23 19:04 . 2011-01-23 19:04 4280 c:\windows\system32\NetworkList\Icons\{12C7E43A-3CCD-427A-9D5E-467629A57AE2}_32.bin
+ 2011-01-23 19:04 . 2011-01-23 19:04 2456 c:\windows\system32\NetworkList\Icons\{12C7E43A-3CCD-427A-9D5E-467629A57AE2}_24.bin
+ 2011-01-24 19:40 . 2011-01-24 19:40 9560 c:\windows\system32\NetworkList\Icons\{09B04993-D664-4D6F-8260-DB7E1592D643}_48.bin
+ 2011-01-24 19:40 . 2011-01-24 19:40 4280 c:\windows\system32\NetworkList\Icons\{09B04993-D664-4D6F-8260-DB7E1592D643}_32.bin
+ 2011-01-24 19:40 . 2011-01-24 19:40 2456 c:\windows\system32\NetworkList\Icons\{09B04993-D664-4D6F-8260-DB7E1592D643}_24.bin
- 2011-01-23 15:56 . 2011-01-23 15:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-25 18:17 . 2011-01-25 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-25 18:17 . 2011-01-25 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-01-23 15:56 . 2011-01-23 15:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-24 16:32 . 2011-01-24 16:32 4096 c:\windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2011-01-24 16:37 . 2011-01-24 16:37 4608 c:\windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2010-03-05 09:13 . 2010-03-05 09:13 947472 c:\windows\SysWOW64\msjava.dll
+ 2011-01-21 17:42 . 2011-01-25 10:37 128548 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-01-24 16:30 . 2009-07-14 01:30 762368 c:\windows\system32\spool\drivers\x64\unires.dll
+ 2011-01-24 16:30 . 2009-07-14 01:41 884224 c:\windows\system32\spool\drivers\x64\unidrvui.dll
+ 2011-01-24 16:30 . 2009-07-14 01:41 479232 c:\windows\system32\spool\drivers\x64\unidrv.dll
+ 2011-01-24 16:30 . 2010-03-29 19:30 114568 c:\windows\system32\spool\drivers\x64\SendToOneNoteFilter.dll
+ 2011-01-24 16:30 . 2009-07-14 01:41 715264 c:\windows\system32\spool\drivers\x64\mxdwdrv.dll
+ 2011-01-24 16:30 . 2010-03-29 19:30 114568 c:\windows\system32\spool\drivers\x64\3\SendToOneNoteFilter.dll
- 2009-07-14 02:36 . 2011-01-23 16:00 616008 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-01-25 15:48 616008 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-01-25 15:48 631292 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-01-23 16:00 631292 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-01-25 15:48 106388 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-01-23 16:00 106388 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2011-01-25 15:48 121914 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2011-01-23 16:00 121914 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:30 . 2011-01-23 21:16 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-01-22 21:07 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-01-23 21:07 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-01-22 16:55 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-01-23 21:06 . 2008-09-26 17:03 691712 c:\windows\system32\DriverStore\FileRepository\mod7700.inf_amd64_neutral_be95eabbd110b321\mod7700.sys
+ 2011-01-23 21:06 . 2008-09-26 17:02 115328 c:\windows\system32\DriverStore\FileRepository\ewser2k.inf_amd64_neutral_9748fe191fd1a725\ewusbmdm.sys
+ 2011-01-23 21:06 . 2008-09-26 17:02 133632 c:\windows\system32\DriverStore\FileRepository\ewnet.inf_amd64_neutral_2702b0551ac1628a\ewusbnet.sys
+ 2011-01-23 21:06 . 2008-09-26 17:02 115328 c:\windows\system32\DriverStore\FileRepository\ewmdm2k.inf_amd64_neutral_b0a01efcd487c7bd\ewusbmdm.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 171152 c:\windows\system32\drivers\epfw.sys
+ 2010-07-29 11:31 . 2010-07-29 11:31 141264 c:\windows\system32\drivers\ehdrv.sys
+ 2010-09-03 05:13 . 2010-09-03 05:13 170104 c:\windows\system32\drivers\eamonm.sys
- 2009-07-14 05:12 . 2011-01-23 12:38 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-01-24 19:59 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-22 14:48 . 2011-01-25 18:17 854696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-08-05 16:41 . 2010-08-05 16:41 127488 c:\windows\Installer\b9ab4c.msp
+ 2010-07-22 01:43 . 2010-07-22 01:43 257024 c:\windows\Installer\b9ab12.msp
+ 2010-07-22 17:28 . 2010-07-22 17:28 287232 c:\windows\Installer\b9aae2.msp
+ 2009-07-21 23:31 . 2009-07-21 23:31 209408 c:\windows\Installer\b9aab2.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 510976 c:\windows\Installer\7ee717.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 532992 c:\windows\Installer\7ee6fb.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 620032 c:\windows\Installer\7ee6ed.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 607744 c:\windows\Installer\7ee6d8.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 606208 c:\windows\Installer\7ee6d1.msi
+ 2010-04-13 04:39 . 2010-04-13 04:39 725504 c:\windows\Installer\7ee6bc.msi
+ 2008-08-31 19:35 . 2008-08-31 19:35 240128 c:\windows\Installer\5d69b2.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 651264 c:\windows\Installer\11edd0.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 656896 c:\windows\Installer\11edc8.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 663040 c:\windows\Installer\11edc0.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 654848 c:\windows\Installer\11edb8.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 653312 c:\windows\Installer\11edb0.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 654848 c:\windows\Installer\11eda0.msi
+ 2011-01-24 16:29 . 2011-01-24 16:29 571232 c:\windows\Installer\{90140000-006E-0405-0000-0000000FF1CE}\misc.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-24 16:38 . 2011-01-25 07:00 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2010-03-01 03:56 . 2010-03-01 03:56 604024 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PUBCONV.DLL
+ 2010-01-09 20:50 . 2010-01-09 20:50 119160 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSCONV97.DLL
+ 2010-03-01 03:56 . 2010-03-01 03:56 457104 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MORPH9.DLL
+ 2010-02-28 01:19 . 2010-02-28 01:19 211320 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CLVIEW.EXE
+ 2011-01-24 18:13 . 2011-01-24 18:13 417280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\ca051cbe740273181b7c9bd399f81b11\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 302592 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\95d92a700a1fba76f89a30ab46864f10\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\02df6648ef501c7febb72ef9c59fab47\System.Web.Routing.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\41a3cd5d1a21e48f3abb9736e77664ae\System.Web.Entity.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\c859c4a6661db4ca62a5006df6427bc8\System.Web.Entity.Design.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\e96d65644a700fe5c931accdfa1fc319\System.Web.DynamicData.ni.dll
+ 2011-01-23 17:10 . 2011-01-23 17:10 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c5e32b71231a8276885dbbedf1d8f9cd\System.Web.Abstractions.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d985950b9030c0d671ef0ddd114b345a\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 209920 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d9040c5a3133208eb85362e87945f6f5\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 226816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d7c7412e68df7d21df8663b9a41f5d1a\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 390656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d5e6b0555dd62538d991296d61473e34\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\c54a42eb478000a161fbb696147427cd\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 970240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\c4309f27196970c335f0765916672d6b\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 494592 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\bb4aa9f080163996dd6fd5462041f67b\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 232448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\b84c6c7330f547c2b197646af02a1cf0\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 277504 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\93b394ff0f0bdfe94ee498898505a6e4\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 777728 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\84f1c6b247f114fdd0128716394a6c37\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\771116fb5665de5ebf36aa83c7368950\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\6e5cfdc531a46544de487c73ed4c69aa\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 499200 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\25fab27f4cbff94c4104be5e3494f2d9\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 226816 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\186832f1fd33e1facf4b9d025f6785ac\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\161778b8473b8886f3c9f8c8a6a50940\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 202240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\12d7273cf1ec0dbb2c2e5a0c26a5a6cd\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll
+ 2011-01-24 18:13 . 2011-01-24 18:13 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\f2f21fe09881d0d4e7e88df620f83941\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2011-01-24 18:12 . 2011-01-24 18:12 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\0fdf6298568d1383127c2b8eb922551a\Microsoft.Office.Tools.v9.0.ni.dll
Re: Prosím o kontrolu logu. Díky
\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll + 2011-01-24 16:32 . 2011-01-24 16:32 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.dll + 2011-01-24 16:37 . 2011-01-24 16:37 212992 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.dll + 2011-01-24 16:31 . 2011-01-24 16:31 143360 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.dll + 2011-01-24 16:37 . 2011-01-24 16:37 176128 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.dll + 2011-01-24 16:37 . 2011-01-24 16:37 329632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.dll + 2011-01-24 16:31 . 2011-01-24 16:31 104368 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll + 2011-01-24 16:37 . 2011-01-24 16:37 210848 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.dll + 2011-01-24 16:37 . 2011-01-24 16:37 286720 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.dll + 2011-01-24 16:31 . 2011-01-24 16:31 374640 c:\windows\assembly\GAC_MSIL\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll + 2011-01-24 16:37 . 2011-01-24 16:37 115744 c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data\1.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.dll + 2011-01-24 16:31 . 2011-01-24 16:31 115744 c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.Server\1.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.Server.dll + 2011-01-24 16:37 . 2011-01-24 16:37 206720 c:\windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.BusinessData.Administration.Client.Intl.dll + 2011-01-24 16:37 . 2011-01-24 16:37 299008 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Word.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Word.v9.0.dll + 2011-01-24 16:31 . 2011-01-24 16:31 438272 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Excel.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Excel.v9.0.dll + 2011-01-24 16:31 . 2011-01-24 16:31 356352 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Tools.Common.v9.0\9.0.0.0__b03f5f7f11d50a3a\Microsoft.Office.Tools.Common.v9.0.dll + 2011-01-24 16:37 . 2011-01-24 16:37 907120 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Word\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2011-01-24 16:37 . 2011-01-24 16:37 247680 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Publisher\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll + 2011-01-24 16:37 . 2011-01-24 16:37 386944 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.PowerPoint\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll + 2011-01-24 16:37 . 2011-01-24 16:37 972664 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Outlook\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll + 2011-01-24 16:37 . 2011-01-24 16:37 161656 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.InfoPath\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll + 2011-01-24 16:31 . 2011-01-24 16:31 407440 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll + 2011-01-24 16:31 . 2011-01-24 16:31 149368 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Graph\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2011-01-24 16:37 . 2011-01-24 16:37 546704 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll + 2011-01-24 16:31 . 2011-01-24 16:31 206720 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessData.Intl\14.0.0.0__71e9bce111e9429c\microsoft.office.businessdata.intl.dll + 2011-01-24 16:29 . 2011-01-24 16:29 214912 c:\windows\assembly\GAC_MSIL\microsoft.office.businessdata.intl.resources\14.0.0.0_cs_71e9bce111e9429c\Microsoft.Office.BusinessData.Intl.Resources.dll + 2011-01-24 16:32 . 2011-01-24 16:32 427904 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.dll + 2011-01-24 16:37 . 2011-01-24 16:37 169856 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Tools.Intl\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Tools.Intl.dll + 2011-01-24 16:31 . 2011-01-24 16:31 665472 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.RuntimeUi\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.RuntimeUi.dll + 2011-01-24 16:31 . 2011-01-24 16:31 567168 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.Runtime\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.Runtime.dll + 2011-01-24 16:36 . 2011-01-24 16:36 116632 c:\windows\assembly\GAC_MSIL\Microsoft.BusinessData\14.0.0.0__71e9bce111e9429c\Microsoft.BusinessData.dll + 2011-01-24 16:37 . 2011-01-24 16:37 370608 c:\windows\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll + 2011-01-24 16:31 . 2011-01-24 16:31 518016 c:\windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.BusinessData.Administration.Client.dll + 2011-01-24 16:31 . 2011-01-24 16:31 120744 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 2011-01-24 16:37 . 2011-01-24 16:37 960384 c:\windows\assembly\GAC_32\Microsoft.Office.BusinessData\14.0.0.0__71e9bce111e9429c\microsoft.office.businessdata.dll + 2011-01-24 16:35 . 2011-01-24 16:35 136624 c:\windows\assembly\GAC_32\Microsoft.Office.Access.BusinessDataCatalog\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Access.BusinessDataCatalog.DLL + 2011-01-24 16:32 . 2011-01-24 16:32 229376 c:\windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL + 2011-01-24 16:31 . 2011-01-24 16:31 110592 c:\windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll + 2010-02-20 16:20 . 2010-02-20 16:20 1207144 c:\windows\SysWOW64\FM20.DLL + 2011-01-24 16:30 . 2009-07-14 01:41 1576448 c:\windows\system32\spool\drivers\x64\XpsSvcs.dll + 2009-07-14 04:45 . 2011-01-25 06:46 5005048 c:\windows\system32\FNTCACHE.DAT - 2009-07-14 04:45 . 2011-01-23 00:27 3897544 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2009-07-14 04:45 . 2011-01-24 23:12 3897544 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2010-11-11 11:54 . 2010-11-11 11:54 1002496 c:\windows\Installer\da17c.msp + 2010-11-11 11:54 . 2010-11-11 11:54 1121792 c:\windows\Installer\da17b.msp + 2010-11-11 11:54 . 2010-11-11 11:54 1310720 c:\windows\Installer\da17a.msp + 2010-08-05 16:41 . 2010-08-05 16:41 1502208 c:\windows\Installer\b9ab43.msp + 2010-10-23 01:13 . 2010-10-23 01:13 9177600 c:\windows\Installer\b9ab2a.msp + 2010-12-15 04:16 . 2010-12-15 04:16 3460608 c:\windows\Installer\b9aafa.msp + 2010-10-08 21:12 . 2010-10-08 21:12 8354304 c:\windows\Installer\b9aaaa.msp + 2010-04-13 04:34 . 2010-04-13 04:34 3576832 c:\windows\Installer\a07b8e.msi + 2010-04-13 04:34 . 2010-04-13 04:34 3613696 c:\windows\Installer\7ee733.msi + 2010-04-13 04:37 . 2010-04-13 04:37 2258944 c:\windows\Installer\7ee72c.msi + 2010-04-13 04:39 . 2010-04-13 04:39 1388032 c:\windows\Installer\7ee71e.msi + 2010-04-13 04:39 . 2010-04-13 04:39 9998336 c:\windows\Installer\7ee702.msi + 2010-04-13 04:39 . 2010-04-13 04:39 3123200 c:\windows\Installer\7ee6f4.msi + 2010-04-13 04:39 . 2010-04-13 04:39 1911808 c:\windows\Installer\7ee6e6.msi + 2010-04-13 04:39 . 2010-04-13 04:39 1528320 c:\windows\Installer\7ee6df.msi + 2010-04-13 04:39 . 2010-04-13 04:39 3670016 c:\windows\Installer\7ee6c3.msi + 2010-04-13 04:39 . 2010-04-13 04:39 2211328 c:\windows\Installer\7ee6b5.msi + 2010-04-13 04:39 . 2010-04-13 04:39 1997312 c:\windows\Installer\7ee6ae.msi + 2011-01-24 18:36 . 2011-01-24 18:36 1869312 c:\windows\Installer\5d69c2.msi + 2011-01-24 16:29 . 2011-01-24 16:29 3025408 c:\windows\Installer\11ee02.msi + 2011-01-24 16:29 . 2011-01-24 16:29 1821696 c:\windows\Installer\11edf9.msi + 2011-01-24 16:29 . 2011-01-24 16:29 1811968 c:\windows\Installer\11edf1.msi + 2011-01-24 16:29 . 2011-01-24 16:29 1815552 c:\windows\Installer\11ede9.msi + 2011-01-24 16:29 . 2011-01-24 16:29 1801728 c:\windows\Installer\11ede0.msi + 2011-01-24 16:29 . 2011-01-24 16:29 2416128 c:\windows\Installer\11edd8.msi + 2011-01-24 16:29 . 2011-01-24 16:29 2117120 c:\windows\Installer\11eda8.msi + 2011-01-24 16:29 . 2011-01-24 16:29 1806336 c:\windows\Installer\11ed98.msi + 2011-01-24 16:29 . 2011-01-24 16:29 1801728 c:\windows\Installer\11ed90.msi + 2011-01-24 16:28 . 2011-01-24 16:28 1804288 c:\windows\Installer\11ed88.msi + 2011-01-24 16:28 . 2011-01-24 16:28 2861568 c:\windows\Installer\11ed80.msi + 2011-01-24 16:38 . 2011-01-25 07:00 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2011-01-24 16:38 . 2011-01-25 07:00 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2011-01-24 16:38 . 2011-01-25 07:00 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2011-01-24 16:38 . 2011-01-25 07:00 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2010-03-27 07:45 . 2010-03-27 07:45 5460312 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WRD12CNV.DLL + 2010-03-24 19:28 . 2010-03-24 19:28 1858400 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WORDICON.EXE + 2010-03-27 07:38 . 2010-03-27 07:38 1422168 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WINWORD.EXE + 2010-03-25 09:23 . 2010-03-25 09:23 1707904 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SOCIALCONNECTOR.DLL + 2009-07-23 09:01 . 2009-07-23 09:01 3670016 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OUTLFLTR.DAT + 2010-03-30 07:29 . 2010-03-30 07:29 9182056 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONMAIN.DLL + 2010-03-01 04:20 . 2010-03-01 04:20 2323840 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GKWORD.DLL + 2010-03-01 04:20 . 2010-03-01 04:20 2102656 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GKPOWERPOINT.DLL + 2010-03-01 04:20 . 2010-03-01 04:20 3355008 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GKEXCEL.DLL + 2011-01-24 18:13 . 2011-01-24 18:13 1836544 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\514084a953865c2734695d533d3eb2cc\Microsoft.VisualBasic.Compatibility.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 1137664 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e95f51d720705725942dda0017055464\Microsoft.VisualBasic.Compatibility.ni.dll + 2011-01-23 17:10 . 2011-01-23 17:10 1817600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\079464502044f67e5faca79c8b9ae845\System.WorkflowServices.ni.dll + 2011-01-23 17:10 . 2011-01-23 17:10 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\2a93c1b65fcd65d5ac8bc70ee3345980\System.Web.Mobile.ni.dll + 2011-01-23 17:10 . 2011-01-23 17:10 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\a9f6a435824423acb5008f7d47a6fb29\System.Web.Extensions.Design.ni.dll + 2011-01-23 17:10 . 2011-01-23 17:10 3041792 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\47659b19dff2f4aa280266cb15598663\System.Web.Extensions.ni.dll + 2011-01-23 17:10 . 2011-01-23 17:10 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\b2a2a4fac227c6a58fc3e088d5dab67c\System.ServiceModel.Web.ni.dll + 2011-01-23 17:08 . 2011-01-23 17:08 1433088 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\9b1ee10609a0ab1c8a8aa7873e63cd1f\System.IdentityModel.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 1846272 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\68e422101e69b43e80836fa3cf60f3df\System.Data.Services.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\28cdeef8684c6e89513184acaa34eb4b\System.Data.Entity.Design.ni.dll + 2011-01-23 17:08 . 2011-01-23 17:08 7966208 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\dbb8eb73740f0996a7133b8ee4bbf7a5\MIGUIControls.ni.dll + 2011-01-24 18:13 . 2011-01-24 18:13 1877504 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\769287a3fce7099a89268a82bfe1753d\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1f03b7bea2b4a9902b8261b37dcf1fce\Microsoft.VisualBasic.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 2175488 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\02f868da68a342ea7ccd26004237dcb6\Microsoft.PowerShell.Commands.Utility.ni.dll + 2011-01-24 18:13 . 2011-01-24 18:13 1093632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\85da38152c0ce75d11c6a0f9a6b3d0d5\Microsoft.Office.Tools.Common.v9.0.ni.dll + 2011-01-24 18:13 . 2011-01-24 18:13 1875456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\4b66f4db2ae371770930e9a1ac01d6f3\Microsoft.Office.Tools.Excel.v9.0.ni.dll + 2011-01-24 18:13 . 2011-01-24 18:13 1186304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\0babd2de0b0c5ee2ade4d71728216e23\Microsoft.Office.Tools.Word.v9.0.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f34c32d080dc9dc444df48a4fc34f555\Microsoft.MediaCenter.Bml.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 5054976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\e3f690239b0ae877ac9b99e8146d3ef8\Microsoft.GroupPolicy.Reporting.ni.dll + 2011-01-24 18:13 . 2011-01-24 18:13 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\ae155ce3d320566c76599ec972efbdad\ehiVidCtl.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 1300992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\13b80714378f8a4bd8e573f8c98bc35f\Microsoft.VisualStudio.Tools.Applications.Adapter.v9.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\e98415ebc3e36151b8291c9c8ac2be67\Microsoft.Office.Tools.Excel.v9.0.ni.dll + 2011-01-24 16:40 . 2011-01-24 16:40 1787904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\cc519577202c428d1857b99ce4cfdc87\Microsoft.Office.InfoPath.Client.Internal.Host.ni.dll + 2011-01-24 16:40 . 2011-01-24 16:40 1183744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\2aa4da593239c8ff2bb5af08601da6f4\Microsoft.Office.Interop.InfoPath.SemiTrust.ni.dll + 2011-01-24 16:39 . 2011-01-24 16:39 1563136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\e61257b6969f0186b514618f4744c8d2\Microsoft.Office.BusinessApplications.Runtime.ni.dll + 2011-01-24 16:39 . 2011-01-24 16:39 3235840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\e23b69bfc602e704e0a354f39491f378\Microsoft.Office.BusinessData.ni.dll + 2011-01-24 16:40 . 2011-01-24 16:40 4751360 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\d00c5421b217e0eecfae613b2c736949\Microsoft.Office.BusinessApplications.SyncServices.ni.dll + 2011-01-24 16:39 . 2011-01-24 16:39 2091008 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\a1b8d3f98e9ddfd55bc99cec4359800a\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll + 2011-01-24 16:31 . 2011-01-24 16:31 1550200 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Excel\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2011-01-24 16:35 . 2011-01-24 16:35 1857400 c:\windows\assembly\GAC_MSIL\Microsoft.Office.Interop.Access\14.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll + 2011-01-24 16:32 . 2011-01-24 16:32 1689472 c:\windows\assembly\GAC_MSIL\Microsoft.Office.BusinessApplications.SyncServices\14.0.0.0__71e9bce111e9429c\Microsoft.Office.BusinessApplications.SyncServices.dll + 2011-01-24 16:32 . 2011-01-24 16:32 8007680 c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll + 2009-07-14 02:34 . 2011-01-25 18:37 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT - 2009-07-14 02:34 . 2011-01-23 12:07 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2010-08-13 13:08 . 2010-08-13 13:08 41272320 c:\windows\Installer\da197.msp + 2010-11-11 11:52 . 2010-11-11 11:52 13486592 c:\windows\Installer\b9aaca.msp + 2010-04-13 04:39 . 2010-04-13 04:39 12719104 c:\windows\Installer\7ee6ca.msi + 2011-01-23 19:49 . 2011-01-23 19:49 51162624 c:\windows\Installer\3eaec9.msi + 2011-01-24 16:29 . 2011-01-24 16:29 24809472 c:\windows\Installer\11ee11.msi + 2010-03-27 07:38 . 2010-03-27 07:38 19370840 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WWLIB.DLL + 2010-03-01 03:56 . 2010-03-01 03:56 10272104 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSPUB.EXE . -- Snímek resetován k současnému datu -- . (((((((((((((((((((((((((((((((((( Spouštěcí body v registru ))))))))))))))))))))))))))))))))))))))))))))) . . *Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="d:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="d:\programy\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2008-09-26 29696] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\programy\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1255736] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-11-22 69152] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104] S2 ekrn;ESET Service;d:\programy\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-18 810144] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 50624] S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\programy\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 2101640] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;d:\programy\Lavasoft\Ad-Aware\AAWService.exe [2010-11-22 1375992] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344] S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416] S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-07-01 80896] S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-07-04 55808] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 254528] S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-03-09 60416] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848] S3 Lavasoft Kernexplorer;Lavasoft helper driver;d:\programy\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-11-22 17440] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "combofix"="c:\combofix\CF4336.cfxxe" [X] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424] "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU] "egui"="d:\programy\ESET\ESET Smart Security\egui.exe" [2010-11-18 2919168] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] . ------- Doplňkový sken ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://start.icq.com/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office14\EXCEL.EXE/3000 IE: Od&eslat do aplikace OneNote - d:\programy\MICROS~1\Office14\ONBttnIE.dll/105 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL . - - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- ZAMKNUTÉ KLÍČE V REGISTRU --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Jiné spuštené procesy ------------------------ . c:\program files (x86)\CDBurnerXP\NMSAccessU.exe d:\programy\Lavasoft\Ad-Aware\AAWTray.exe . ************************************************************************** . Celkový čas: 2011-01-25 20:12:55 - počítač byl restartován ComboFix-quarantined-files.txt 2011-01-25 19:12 ComboFix2.txt 2011-01-23 16:20 Před spuštěním: Volných bajtů: 74 533 965 824 Po spuštění: Volných bajtů: 73 949 392 896 - - End Of File - - A1249299E60E1120E0AE367F9AA82461+ 2011-01-24 18:13 . 2011-01-24 18:13 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\91766d4eec3608b7ef0771e2a27aa2c4\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\115fdf172f33d1df8900274b4c1cb89e\mcplayerinterop.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\f149369b85744622d1090253886f6a6d\mcGlidHostObj.ni.dll + 2011-01-23 17:09 . 2011-01-23 17:09 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\ecb8a1e2ecdba4f896c7e259603cb480\MCESidebarCtrl.ni.dll + 2011-01-24 18:13 . 2011-01-24 18:13 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\d2b9c24ece4568e6d050cd44628ec2f6\ehiActivScp.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\fa33b51e61d8fc4b6c474781e9679f98\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 303104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e06325f80108b3fa9c038b55104f2687\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 184320 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\df0425d44900321cf8294d8f520c9b25\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 663552 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d66d4eb76f031d0528db22601f9b5468\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 365056 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d618315fa5cb0815e54f9ccde4af8ebb\Microsoft.VisualStudio.Tools.Applications.Hosting.v10.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 337408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d24233bf279f0fcf4bfd2353d455af98\Microsoft.VisualStudio.Tools.Applications.ServerDocument.v9.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 191488 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d15e782aeab2582eb938a0565ae45ec9\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cc7cc576b30a4c7ebf333aba88dd4cd3\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 161792 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b6384c8a8d7fa269cb4e59148ecd9336\Microsoft.VisualStudio.Tools.Office.Excel.AddInProxy.v9.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6e66ee9f92ab0552f0ae6efe9ef801e8\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 112128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\293365f408099c17918bdbe0f56fe64f\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 133120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\267a1d40fb7d26b72e0ed702772ec422\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\25fa9d864b901d24e92e5ef205caab64\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\24498474b4b0e9947c1b02d245b049d8\Microsoft.VisualStudio.Tools.Applications.Hosting.v9.0.ni.dll + 2011-01-24 18:12 . 2011-01-24 18:12 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\017855b6678a4e3c75519ec53636a4da\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\fe16331e5fe4fb81657cdb64fcd2e15a\Microsoft.Office.Tools.Common.v9.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\e811d5279e5816f389a292628ac65637\Microsoft.Office.Tools.v9.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\d593d94f930d27603ac9b085446f1922\Microsoft.Office.Tools.Outlook.v9.0.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\0e36ce22a28d0152c0fe0118861e0774\Microsoft.Office.Tools.Word.v9.0.ni.dll + 2011-01-24 16:40 . 2011-01-24 16:40 114688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\93d19f86736883028ca15aea178e7249\Microsoft.Office.InfoPath.ni.dll + 2011-01-24 16:40 . 2011-01-24 16:40 375808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\8c33b96052ce9dd90c8645f805593f31\Microsoft.Office.Interop.InfoPath.ni.dll + 2011-01-24 16:40 . 2011-01-24 16:40 206848 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\33a67f2168e0a856d2a18a1baed9fbdb\Microsoft.Office.InfoPath.Client.Internal.Host.Interop.ni.dll + 2011-01-24 16:39 . 2011-01-24 16:39 268800 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\64f5c6aba6275c6deb68d087aa51bcf3\Microsoft.Office.BusinessApplications.Diagnostics.ni.dll + 2011-01-24 16:39 . 2011-01-24 16:39 343552 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessD#\ea0a552c7b9c938aad801fd1a9d6cea9\Microsoft.BusinessData.ni.dll + 2011-01-24 18:11 . 2011-01-24 18:11 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\e3eee4794703cc5b617f27172df1ee10\ehiVidCtl.ni.dll + 2011-01-24 16:37 . 2011-01-24 16:37 271440 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.dll + 2011-01-24 16:37 . 2011-01-24 16:37 271440 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\System.Data.SqlServerCe.dll + 2011-01-24 16:31 . 2011-01-24 16:31 230480 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe.Entity\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.Entity.dll + 2011-01-24 16:37 . 2011-01-24 16:37 448360 c:\windows\assembly\GAC_MSIL\office\14.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2011-01-24 16:37 . 2011-01-24 16:37 385024 c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll + 2011-01-24 16:31 . 2011-01-24 16:31 131072 c:\windows\assembly\GAC_MSIL
Re: Prosím o kontrolu logu. Díky
Log neni cely Mate legalni produkt Microsoft Office "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu. Díky
Zde máte přibalený Log z ComboFix... MS Office mám též originální.
- Přílohy
-
- ComboFix Full Log.rar
- (15.52 KiB) Staženo 33 x
Re: Prosím o kontrolu logu. Díky
Jeste jeden skript pro ComboFix - postup je stejny
Kód: Vybrat vše
DeQuarantune::
c:\Qoobox\c\programdata\AutoKMS
DDS::
uStart Page = hxxp://start.icq.com/
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu. Díky
ComboFix 11-01-25.05 - Jahoďáák 26.01.2011 16:21:55.3.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4021.2509 [GMT 1:00]
Spuštěný z: d:\plocha\ComboFix.exe
Použité ovládací přepínače :: d:\plocha\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-26 do 2011-01-26 )))))))))))))))))))))))))))))))
.
2011-01-26 15:25 . 2011-01-26 15:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 16:57 . 2011-01-20 09:39 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FBE82C3-7D06-46C4-8B6E-C97E75082CFB}\mpengine.dll
2011-01-25 16:44 . 2011-01-25 16:44 -------- d-----w- C:\rsit
2011-01-25 14:20 . 2011-01-25 16:44 -------- d-----w- c:\program files\trend micro
2011-01-24 23:38 . 2011-01-24 23:38 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-01-24 23:11 . 2011-01-24 23:11 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-01-24 22:51 . 2011-01-24 22:51 -------- d-----w- c:\programdata\ALM
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\My Company Name
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-01-24 22:39 . 2009-07-09 02:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2011-01-24 22:39 . 2009-06-23 02:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2011-01-24 22:39 . 2009-06-23 02:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2011-01-24 22:36 . 2011-01-24 22:56 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-24 22:36 . 2011-01-24 22:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-01-24 19:02 . 2010-11-22 08:50 15880 ----a-w- c:\windows\system32\lsdelete.exe
2011-01-24 18:55 . 2011-01-24 18:55 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-24 18:55 . 2010-11-22 08:50 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-01-24 18:36 . 2011-01-24 18:36 -------- dc-h--w- c:\programdata\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}
2011-01-24 18:36 . 2011-01-24 18:55 -------- d-----w- c:\programdata\Lavasoft
2011-01-24 16:32 . 2011-01-24 16:32 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\windows\PCHEALTH
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-01-24 16:30 . 2011-01-24 16:30 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-01-24 16:29 . 2011-01-24 16:29 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-01-24 16:29 . 2011-01-25 07:00 -------- d-----w- c:\programdata\Microsoft Help
2011-01-23 21:07 . 2008-09-26 17:03 691712 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-01-23 21:07 . 2008-09-26 17:02 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-01-23 21:07 . 2008-09-26 17:02 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-01-23 21:07 . 2008-09-26 17:01 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-01-22 23:24 . 2011-01-23 21:12 -------- d-----w- c:\users\Administrator
2011-01-22 20:57 . 2007-04-04 17:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-01-22 20:55 . 2011-01-22 20:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-22 18:51 . 2011-01-22 18:52 -------- d-----w- c:\programdata\Xfire
2011-01-22 17:50 . 2011-01-22 17:50 -------- d-----w- c:\program files (x86)\WinPcap
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\programdata\ICQ
2011-01-22 16:55 . 2011-01-22 16:55 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-22 16:54 . 2011-01-22 16:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-22 16:33 . 2011-01-22 16:33 -------- d-----w- c:\programdata\Skype
2011-01-22 14:44 . 2011-01-22 14:45 -------- d-----w- c:\program files\Dell Support Center
2011-01-22 14:18 . 2011-01-22 16:16 -------- d-----w- c:\programdata\PCDr
2011-01-22 14:15 . 2011-01-22 14:15 -------- d-----w- c:\program files\Synaptics
2011-01-22 14:15 . 2010-04-22 16:17 318000 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-01-22 14:15 . 2010-04-22 16:14 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2011-01-22 14:15 . 2010-04-22 16:14 214824 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-01-22 14:15 . 2010-04-22 16:14 147752 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-01-22 14:15 . 2010-04-22 16:14 265000 ----a-w- c:\windows\system32\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:14 210216 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:13 173352 ----a-w- c:\windows\SysWow64\SynCOM.dll
2011-01-22 14:15 . 2010-04-22 16:13 396584 ----a-w- c:\windows\system32\SynCOM.dll
2011-01-22 14:15 . 2009-08-07 08:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-01-21 17:50 . 2009-12-04 07:26 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-01-21 17:50 . 2009-12-04 07:26 51712 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-01-21 17:50 . 2009-11-14 22:38 30296 ----a-w- c:\windows\system32\drivers\msahci.sys
2011-01-21 17:50 . 2009-11-12 19:56 91648 ----a-w- c:\windows\system32\isoburn.exe
2011-01-21 17:50 . 2009-11-12 19:42 86528 ----a-w- c:\windows\SysWow64\isoburn.exe
2011-01-21 17:49 . 2009-10-07 02:34 327680 ----a-w- c:\windows\system32\drivers\udfs.sys
2011-01-21 17:49 . 2009-09-11 03:29 41472 ----a-w- c:\windows\system32\drivers\winusb.sys
2011-01-21 17:49 . 2011-01-21 17:50 -------- d-----w- c:\program files (x86)\Dell
2011-01-21 17:48 . 2011-01-21 17:49 -------- d-----w- c:\programdata\Dell
2011-01-21 17:48 . 2011-01-24 21:56 -------- d-----w- c:\program files\Dell
2011-01-21 15:45 . 2011-01-22 17:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-01-21 15:45 . 2009-07-04 18:27 55808 ----a-w- c:\windows\system32\drivers\rixdpe64.sys
2011-01-21 15:45 . 2009-07-02 07:54 60416 ----a-w- c:\windows\system32\drivers\rimspe64.sys
2011-01-21 15:45 . 2009-07-01 17:31 80896 ----a-w- c:\windows\system32\drivers\risdpe64.sys
2011-01-21 15:45 . 2009-05-28 17:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll
2011-01-21 15:45 . 2009-05-28 17:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll
2011-01-21 15:45 . 2007-07-25 11:48 172032 ----a-w- c:\windows\system32\rixdicon.dll
2011-01-21 15:45 . 2004-09-04 02:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-01-21 15:44 . 2011-01-21 15:44 -------- d-----w- c:\program files\DIFX
2011-01-21 15:44 . 2009-03-09 15:58 60416 ----a-w- c:\windows\system32\drivers\itecir.sys
2011-01-21 15:25 . 2011-01-24 22:48 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-21 15:10 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-01-21 15:10 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-21 14:52 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-21 14:52 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-01-21 14:52 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
2011-01-21 14:52 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-01-21 14:52 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-01-21 14:52 . 2010-08-21 06:36 340992 ----a-w- c:\windows\system32\schannel.dll
2011-01-21 14:52 . 2010-08-21 05:36 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-01-21 14:37 . 2011-01-23 14:41 -------- d-----w- c:\users\Uzivatel
2011-01-21 14:33 . 2011-01-21 14:33 0 ----a-w- c:\windows\ativpsrm.bin
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-09-23 13:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
((((((((((((((((((((((((((((( SnapShot_2011-01-25_19.10.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-01-24 16:44 . 2011-01-25 18:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-24 16:44 . 2011-01-26 14:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2011-01-25 18:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-26 14:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-26 14:54 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-25 18:18 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-26 14:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-25 18:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 00:21 . 2009-07-14 01:41 88064 c:\windows\system32\WpdMtpUS.dll
+ 2009-10-31 13:29 . 2011-01-26 06:43 27456 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-26 14:59 45186 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:30 . 2011-01-26 09:59 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-01-23 21:16 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-01-21 15:54 . 2011-01-26 14:59 4900 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3410654921-2379246276-3220479279-1002_UserData.bin
+ 2011-01-26 14:54 . 2011-01-26 14:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-25 18:17 . 2011-01-25 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-25 18:17 . 2011-01-25 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-26 14:54 . 2011-01-26 14:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 00:21 . 2009-07-14 01:41 297984 c:\windows\system32\WpdMtp.dll
+ 2011-01-26 08:41 . 2011-01-26 10:45 134362 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-01-21 17:42 . 2011-01-26 11:39 155690 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:30 . 2011-01-23 21:16 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-01-26 09:59 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2011-01-22 14:48 . 2011-01-25 23:53 854696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-01-22 14:48 . 2011-01-25 18:17 854696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
+ 2009-07-14 02:34 . 2011-01-26 15:06 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2011-01-25 18:37 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="d:\programy\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2008-09-26 29696]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\programy\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1255736]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-11-22 69152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
S2 ekrn;ESET Service;d:\programy\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-18 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 50624]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\programy\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 2101640]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;d:\programy\Lavasoft\Ad-Aware\AAWService.exe [2010-11-22 1375992]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-07-01 80896]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-07-04 55808]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 254528]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-03-09 60416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;d:\programy\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-11-22 17440]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - LAVASOFT_KERNEXPLORER
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"egui"="d:\programy\ESET\ESET Smart Security\egui.exe" [2010-11-18 2919168]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - d:\programy\MICROS~1\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
Celkový čas: 2011-01-26 16:28:04
ComboFix-quarantined-files.txt 2011-01-26 15:28
ComboFix2.txt 2011-01-25 19:12
ComboFix3.txt 2011-01-23 16:20
Před spuštěním: Volných bajtů: 73 230 196 736
Po spuštění: Volných bajtů: 73 164 328 960
- - End Of File - - 52088BC3F85BF84D66437CEADBB515F7
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4021.2509 [GMT 1:00]
Spuštěný z: d:\plocha\ComboFix.exe
Použité ovládací přepínače :: d:\plocha\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-26 do 2011-01-26 )))))))))))))))))))))))))))))))
.
2011-01-26 15:25 . 2011-01-26 15:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 16:57 . 2011-01-20 09:39 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FBE82C3-7D06-46C4-8B6E-C97E75082CFB}\mpengine.dll
2011-01-25 16:44 . 2011-01-25 16:44 -------- d-----w- C:\rsit
2011-01-25 14:20 . 2011-01-25 16:44 -------- d-----w- c:\program files\trend micro
2011-01-24 23:38 . 2011-01-24 23:38 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-01-24 23:11 . 2011-01-24 23:11 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-01-24 22:51 . 2011-01-24 22:51 -------- d-----w- c:\programdata\ALM
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\My Company Name
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2011-01-24 22:39 . 2011-01-24 22:39 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-01-24 22:39 . 2009-07-09 02:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2011-01-24 22:39 . 2009-06-23 02:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2011-01-24 22:39 . 2009-06-23 02:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2011-01-24 22:36 . 2011-01-24 22:56 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-24 22:36 . 2011-01-24 22:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-01-24 19:02 . 2010-11-22 08:50 15880 ----a-w- c:\windows\system32\lsdelete.exe
2011-01-24 18:55 . 2011-01-24 18:55 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-24 18:55 . 2010-11-22 08:50 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-01-24 18:36 . 2011-01-24 18:36 -------- dc-h--w- c:\programdata\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}
2011-01-24 18:36 . 2011-01-24 18:55 -------- d-----w- c:\programdata\Lavasoft
2011-01-24 16:32 . 2011-01-24 16:32 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\windows\PCHEALTH
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-01-24 16:31 . 2011-01-24 16:31 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-01-24 16:30 . 2011-01-24 16:30 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-01-24 16:29 . 2011-01-24 16:29 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-01-24 16:29 . 2011-01-25 07:00 -------- d-----w- c:\programdata\Microsoft Help
2011-01-23 21:07 . 2008-09-26 17:03 691712 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-01-23 21:07 . 2008-09-26 17:02 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-01-23 21:07 . 2008-09-26 17:02 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-01-23 21:07 . 2008-09-26 17:01 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-01-22 23:24 . 2011-01-23 21:12 -------- d-----w- c:\users\Administrator
2011-01-22 20:57 . 2007-04-04 17:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-01-22 20:55 . 2011-01-22 20:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-22 18:51 . 2011-01-22 18:52 -------- d-----w- c:\programdata\Xfire
2011-01-22 17:50 . 2011-01-22 17:50 -------- d-----w- c:\program files (x86)\WinPcap
2011-01-22 17:05 . 2011-01-22 17:05 -------- d-----w- c:\programdata\ICQ
2011-01-22 16:55 . 2011-01-22 16:55 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-22 16:54 . 2011-01-22 16:54 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-22 16:33 . 2011-01-22 16:33 -------- d-----w- c:\programdata\Skype
2011-01-22 14:44 . 2011-01-22 14:45 -------- d-----w- c:\program files\Dell Support Center
2011-01-22 14:18 . 2011-01-22 16:16 -------- d-----w- c:\programdata\PCDr
2011-01-22 14:15 . 2011-01-22 14:15 -------- d-----w- c:\program files\Synaptics
2011-01-22 14:15 . 2010-04-22 16:17 318000 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-01-22 14:15 . 2010-04-22 16:14 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2011-01-22 14:15 . 2010-04-22 16:14 214824 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-01-22 14:15 . 2010-04-22 16:14 147752 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-01-22 14:15 . 2010-04-22 16:14 265000 ----a-w- c:\windows\system32\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:14 210216 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2011-01-22 14:15 . 2010-04-22 16:13 173352 ----a-w- c:\windows\SysWow64\SynCOM.dll
2011-01-22 14:15 . 2010-04-22 16:13 396584 ----a-w- c:\windows\system32\SynCOM.dll
2011-01-22 14:15 . 2009-08-07 08:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-01-21 17:50 . 2009-12-04 07:26 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-01-21 17:50 . 2009-12-04 07:26 51712 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-01-21 17:50 . 2009-11-14 22:38 30296 ----a-w- c:\windows\system32\drivers\msahci.sys
2011-01-21 17:50 . 2009-11-12 19:56 91648 ----a-w- c:\windows\system32\isoburn.exe
2011-01-21 17:50 . 2009-11-12 19:42 86528 ----a-w- c:\windows\SysWow64\isoburn.exe
2011-01-21 17:49 . 2009-10-07 02:34 327680 ----a-w- c:\windows\system32\drivers\udfs.sys
2011-01-21 17:49 . 2009-09-11 03:29 41472 ----a-w- c:\windows\system32\drivers\winusb.sys
2011-01-21 17:49 . 2011-01-21 17:50 -------- d-----w- c:\program files (x86)\Dell
2011-01-21 17:48 . 2011-01-21 17:49 -------- d-----w- c:\programdata\Dell
2011-01-21 17:48 . 2011-01-24 21:56 -------- d-----w- c:\program files\Dell
2011-01-21 15:45 . 2011-01-22 17:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-01-21 15:45 . 2009-07-04 18:27 55808 ----a-w- c:\windows\system32\drivers\rixdpe64.sys
2011-01-21 15:45 . 2009-07-02 07:54 60416 ----a-w- c:\windows\system32\drivers\rimspe64.sys
2011-01-21 15:45 . 2009-07-01 17:31 80896 ----a-w- c:\windows\system32\drivers\risdpe64.sys
2011-01-21 15:45 . 2009-05-28 17:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll
2011-01-21 15:45 . 2009-05-28 17:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll
2011-01-21 15:45 . 2007-07-25 11:48 172032 ----a-w- c:\windows\system32\rixdicon.dll
2011-01-21 15:45 . 2004-09-04 02:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-01-21 15:44 . 2011-01-21 15:44 -------- d-----w- c:\program files\DIFX
2011-01-21 15:44 . 2009-03-09 15:58 60416 ----a-w- c:\windows\system32\drivers\itecir.sys
2011-01-21 15:25 . 2011-01-24 22:48 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-21 15:10 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-01-21 15:10 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-21 14:52 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-21 14:52 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-01-21 14:52 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
2011-01-21 14:52 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-01-21 14:52 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-01-21 14:52 . 2010-08-21 06:36 340992 ----a-w- c:\windows\system32\schannel.dll
2011-01-21 14:52 . 2010-08-21 05:36 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-01-21 14:37 . 2011-01-23 14:41 -------- d-----w- c:\users\Uzivatel
2011-01-21 14:33 . 2011-01-21 14:33 0 ----a-w- c:\windows\ativpsrm.bin
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-12 17:53 . 2010-09-23 13:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
((((((((((((((((((((((((((((( SnapShot_2011-01-25_19.10.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-01-24 16:44 . 2011-01-25 18:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-01-24 16:44 . 2011-01-26 14:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2011-01-25 18:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-26 14:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-26 14:54 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-25 18:18 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-26 14:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-25 18:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 00:21 . 2009-07-14 01:41 88064 c:\windows\system32\WpdMtpUS.dll
+ 2009-10-31 13:29 . 2011-01-26 06:43 27456 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-26 14:59 45186 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:30 . 2011-01-26 09:59 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-01-23 21:16 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-01-21 15:54 . 2011-01-26 14:59 4900 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3410654921-2379246276-3220479279-1002_UserData.bin
+ 2011-01-26 14:54 . 2011-01-26 14:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-25 18:17 . 2011-01-25 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-25 18:17 . 2011-01-25 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-26 14:54 . 2011-01-26 14:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 00:21 . 2009-07-14 01:41 297984 c:\windows\system32\WpdMtp.dll
+ 2011-01-26 08:41 . 2011-01-26 10:45 134362 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-01-21 17:42 . 2011-01-26 11:39 155690 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:30 . 2011-01-23 21:16 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-01-26 09:59 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2011-01-22 14:48 . 2011-01-25 23:53 854696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-01-22 14:48 . 2011-01-25 18:17 854696 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 00:22 . 2009-07-14 01:41 1195008 c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
+ 2009-07-14 02:34 . 2011-01-26 15:06 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2011-01-25 18:37 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="d:\programy\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2008-09-26 29696]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\programy\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1255736]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-11-22 69152]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
S2 ekrn;ESET Service;d:\programy\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-18 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 50624]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\programy\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 2101640]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;d:\programy\Lavasoft\Ad-Aware\AAWService.exe [2010-11-22 1375992]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-07-01 80896]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-07-04 55808]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-22 254528]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-03-09 60416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;d:\programy\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-11-22 17440]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - LAVASOFT_KERNEXPLORER
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"egui"="d:\programy\ESET\ESET Smart Security\egui.exe" [2010-11-18 2919168]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - d:\programy\MICROS~1\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
Celkový čas: 2011-01-26 16:28:04
ComboFix-quarantined-files.txt 2011-01-26 15:28
ComboFix2.txt 2011-01-25 19:12
ComboFix3.txt 2011-01-23 16:20
Před spuštěním: Volných bajtů: 73 230 196 736
Po spuštění: Volných bajtů: 73 164 328 960
- - End Of File - - 52088BC3F85BF84D66437CEADBB515F7
Re: Prosím o kontrolu logu. Díky
Vlozte mi sem prosim log ComboFix-quarantined-files.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu. Díky
2011-01-25 18:16:05 . 2011-01-25 18:16:05 54,906 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Service_rxpsra.reg.dat
2011-01-25 18:13:48 . 2011-01-26 15:21:46 99 ----a-w- C:\Qoobox\Quarantine\catchme.txt
2011-01-24 18:57:11 . 2010-07-06 16:03:18 127,232 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\LicenseManagement\osppc.dll.vir
2011-01-24 18:57:11 . 2008-11-12 04:18:54 229,376 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\StartX\StartX.exe.vir
2011-01-24 18:57:10 . 2001-01-13 00:15:44 54,272 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe.vir
2011-01-24 18:57:06 . 2010-07-06 16:03:18 49,377 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\LicenseManagement\ospp.vbs.vir
2011-01-24 18:57:05 . 2010-07-06 16:19:47 33,019 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\LicenseManagement\slerror.xml.vir
2011-01-24 18:57:04 . 2010-07-11 03:41:43 1,482 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\AutoKMS.cmd.vir
2011-01-23 16:19:05 . 2011-01-23 16:19:05 161 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SynTPEnh.reg.dat
2011-01-23 16:19:05 . 2011-01-26 15:27:00 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440}.reg.dat
2011-01-23 16:16:48 . 2011-01-26 15:24:35 12,818 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2011-01-23 16:13:24 . 2011-01-26 15:20:30 153 ----a-w- C:\Qoobox\Quarantine\catchme.log
2011-01-23 13:22:18 . 2011-01-23 13:22:18 61,440 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\drivers\duuu.sys.vir
2011-01-22 19:15:18 . 2011-01-25 17:20:00 974 ----a-w- C:\Qoobox\Quarantine\C\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job.vir
2011-01-22 19:15:18 . 2011-01-24 19:20:00 922 ----a-w- C:\Qoobox\Quarantine\C\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 19,238 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\voucher2.bmp.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 19,238 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\voucher.bmp.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 550 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\config.xml.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 28,662 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\icq6Toolbar.ico.vir
2011-01-22 17:05:31 . 2010-09-06 17:56:44 122,168 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 7 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\Version.txt.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 2,307 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\short.wav.vir
2011-01-22 17:05:31 . 2010-09-06 17:56:40 145,720 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\ServiceStarter.exe.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 1,209 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\logo_small.gif.vir
2011-01-22 17:05:31 . 2010-09-06 17:56:40 1,048,888 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll.vir
2011-01-22 17:05:31 . 2010-09-06 17:56:38 247,096 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 31,672 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\Icons.bmp.vir
2011-01-22 14:45:16 . 2011-01-22 15:21:06 564 ----a-w- C:\Qoobox\Quarantine\C\Windows\Tasks\PCDoctorBackgroundMonitorTask.job.vir
2011-01-22 14:45:14 . 2011-01-25 18:13:18 422 ----a-w- C:\Qoobox\Quarantine\C\Windows\Tasks\SystemToolsDailyTest.job.vir
2011-01-13 23:07:00 . 2011-01-13 23:07:00 26,192 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\PCDr\5744\Downloads\3f27aeb4-f0e2-4006-92ee-e1f5a49cf45f.dll.vir
2011-01-13 18:15:14 . 2011-01-13 18:15:14 39,504 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\PCDr\5744\Downloads\ace5304d-f4d3-4e03-9b43-c1113c682910.dll.vir
2011-01-10 17:56:25 . 2011-01-10 17:56:25 26,192 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\PCDr\5744\Downloads\69282cc9-4087-49e4-b903-9638b4f63ccc.dll.vir
2011-01-25 18:13:48 . 2011-01-26 15:21:46 99 ----a-w- C:\Qoobox\Quarantine\catchme.txt
2011-01-24 18:57:11 . 2010-07-06 16:03:18 127,232 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\LicenseManagement\osppc.dll.vir
2011-01-24 18:57:11 . 2008-11-12 04:18:54 229,376 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\StartX\StartX.exe.vir
2011-01-24 18:57:10 . 2001-01-13 00:15:44 54,272 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe.vir
2011-01-24 18:57:06 . 2010-07-06 16:03:18 49,377 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\LicenseManagement\ospp.vbs.vir
2011-01-24 18:57:05 . 2010-07-06 16:19:47 33,019 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\Resources\LicenseManagement\slerror.xml.vir
2011-01-24 18:57:04 . 2010-07-11 03:41:43 1,482 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\AutoKMS\AutoKMS.cmd.vir
2011-01-23 16:19:05 . 2011-01-23 16:19:05 161 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SynTPEnh.reg.dat
2011-01-23 16:19:05 . 2011-01-26 15:27:00 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440}.reg.dat
2011-01-23 16:16:48 . 2011-01-26 15:24:35 12,818 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2011-01-23 16:13:24 . 2011-01-26 15:20:30 153 ----a-w- C:\Qoobox\Quarantine\catchme.log
2011-01-23 13:22:18 . 2011-01-23 13:22:18 61,440 ----a-w- C:\Qoobox\Quarantine\C\Windows\SysWOW64\drivers\duuu.sys.vir
2011-01-22 19:15:18 . 2011-01-25 17:20:00 974 ----a-w- C:\Qoobox\Quarantine\C\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002UA.job.vir
2011-01-22 19:15:18 . 2011-01-24 19:20:00 922 ----a-w- C:\Qoobox\Quarantine\C\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3410654921-2379246276-3220479279-1002Core.job.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 19,238 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\voucher2.bmp.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 19,238 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\voucher.bmp.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 550 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\config.xml.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 28,662 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\icq6Toolbar.ico.vir
2011-01-22 17:05:31 . 2010-09-06 17:56:44 122,168 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 7 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\Version.txt.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 2,307 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\short.wav.vir
2011-01-22 17:05:31 . 2010-09-06 17:56:40 145,720 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\ServiceStarter.exe.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 1,209 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\logo_small.gif.vir
2011-01-22 17:05:31 . 2010-09-06 17:56:40 1,048,888 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll.vir
2011-01-22 17:05:31 . 2010-09-06 17:56:38 247,096 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe.vir
2011-01-22 17:05:31 . 2010-09-06 17:53:16 31,672 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\ICQ6Toolbar\Icons.bmp.vir
2011-01-22 14:45:16 . 2011-01-22 15:21:06 564 ----a-w- C:\Qoobox\Quarantine\C\Windows\Tasks\PCDoctorBackgroundMonitorTask.job.vir
2011-01-22 14:45:14 . 2011-01-25 18:13:18 422 ----a-w- C:\Qoobox\Quarantine\C\Windows\Tasks\SystemToolsDailyTest.job.vir
2011-01-13 23:07:00 . 2011-01-13 23:07:00 26,192 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\PCDr\5744\Downloads\3f27aeb4-f0e2-4006-92ee-e1f5a49cf45f.dll.vir
2011-01-13 18:15:14 . 2011-01-13 18:15:14 39,504 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\PCDr\5744\Downloads\ace5304d-f4d3-4e03-9b43-c1113c682910.dll.vir
2011-01-10 17:56:25 . 2011-01-10 17:56:25 26,192 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\PCDr\5744\Downloads\69282cc9-4087-49e4-b903-9638b4f63ccc.dll.vir
Re: Prosím o kontrolu logu. Díky
Takze jeste jeden skript pro ComboFix - snad posledni 
Kód: Vybrat vše
DeQuarantine::
C:\Qoobox\Quarantine\C\ProgramData\AutoKMS
Quit::
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?