Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zřejmě zasifleno

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: Zřejmě zasifleno

#31 Příspěvek od cernohous13 »

výsledek AVPTool by nebyl?
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#32 Příspěvek od AndySue »

Byl:

Automatická kontrola: dokončeno před 4 hod. (události: 10, objekty: 1384672, čas: 04:10:08)
23.4.2011 21:52:11 Úloha byla spuštěna
23.4.2011 21:52:36 Zjištěno: MEM:Backdoor.Win32.Sinowal.cx Neznámá aplikace
23.4.2011 21:52:36 Nelze zálohovat: MEM:Backdoor.Win32.Sinowal.cx Neznámá aplikace
23.4.2011 22:06:28 Zjištěno: MEM:Backdoor.Win32.Sinowal.cx System Memory
23.4.2011 23:20:50 Neošetřeno: MEM:Backdoor.Win32.Sinowal.cx System Memory Nelze dezinfikovat
23.4.2011 23:20:50 Neošetřeno: MEM:Backdoor.Win32.Sinowal.cx System Memory Nelze dezinfikovat
23.4.2011 23:21:55 Zjištěno: MEM:Backdoor.Win32.Sinowal.cx System Memory
23.4.2011 23:22:15 Neošetřeno: MEM:Backdoor.Win32.Sinowal.cx System Memory Nelze dezinfikovat
23.4.2011 23:22:15 Neošetřeno: MEM:Backdoor.Win32.Sinowal.cx System Memory Nelze dezinfikovat
24.4.2011 2:02:19 Úloha byla dokončena
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#33 Příspěvek od AndySue »

Je to druhé projetí AVP systémem, první jsem nezachytil. Ten Sinowal mi nešel dezinfikovat ani léčit :-(
Nahoru
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: Zřejmě zasifleno

#34 Příspěvek od cernohous13 »

:o Použijeme kolegův návod
Marek-26 píše:Stáhněte TDSSKiller a uložte ho na plochu.
Poté spusťte TDSSKiller.exe a poté klikněte na Start Scan.
Obrázek

Až to najde infikované soubory klikněte na tlačítko Continue.

Nejspíše po Vás aplikace bude chtít povolit restartovat počítač. Klikněte tedy na tlačítko Reboot Now. Log poté najdete zde: C:\TDSSKiller\_log.txt
Obrázek

Pokud nebude požadovat restart klikněte na Report a vložte sem obsah logu.
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#35 Příspěvek od AndySue »

Na poprvní spuštění TDS jsem nezmáčkl reboot, napodruhé už to nenabídlo. Tak jsem to restartoval ručně. Každopádně log tu:

2011/04/25 16:30:18.0968 3896 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/25 16:30:19.0156 3896 ================================================================================
2011/04/25 16:30:19.0156 3896 SystemInfo:
2011/04/25 16:30:19.0156 3896
2011/04/25 16:30:19.0156 3896 OS Version: 5.1.2600 ServicePack: 3.0
2011/04/25 16:30:19.0156 3896 Product type: Workstation
2011/04/25 16:30:19.0156 3896 ComputerName: SUCHOMEL-296172
2011/04/25 16:30:19.0156 3896 UserName: Ondra
2011/04/25 16:30:19.0156 3896 Windows directory: C:\WINDOWS
2011/04/25 16:30:19.0156 3896 System windows directory: C:\WINDOWS
2011/04/25 16:30:19.0156 3896 Processor architecture: Intel x86
2011/04/25 16:30:19.0156 3896 Number of processors: 2
2011/04/25 16:30:19.0156 3896 Page size: 0x1000
2011/04/25 16:30:19.0156 3896 Boot type: Normal boot
2011/04/25 16:30:19.0156 3896 ================================================================================
2011/04/25 16:30:19.0609 3896 Initialize success
2011/04/25 16:31:10.0453 5564 ================================================================================
2011/04/25 16:31:10.0453 5564 Scan started
2011/04/25 16:31:10.0453 5564 Mode: Manual;
2011/04/25 16:31:10.0453 5564 ================================================================================
2011/04/25 16:31:10.0812 5564 12762681 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\WINDOWS\system32\DRIVERS\12762681.sys
2011/04/25 16:31:10.0843 5564 12762682 (a305fad3719c5db0c13d1c2bfd08a04d) C:\WINDOWS\system32\DRIVERS\12762682.sys
2011/04/25 16:31:10.0921 5564 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/25 16:31:10.0968 5564 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/25 16:31:11.0000 5564 actser (6463d1db354b13e6ced4d67f6e4910f4) C:\WINDOWS\system32\drivers\actser.sys
2011/04/25 16:31:11.0062 5564 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/25 16:31:11.0109 5564 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/04/25 16:31:11.0156 5564 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/04/25 16:31:11.0250 5564 akshasp (4ed4ce78a42070cb041c208ca53ed70a) C:\WINDOWS\system32\DRIVERS\akshasp.sys
2011/04/25 16:31:11.0296 5564 aksusb (2fa8cbcbd795014267be5f60bb8474c0) C:\WINDOWS\system32\DRIVERS\aksusb.sys
2011/04/25 16:31:11.0390 5564 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2011/04/25 16:31:11.0437 5564 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/04/25 16:31:11.0531 5564 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/25 16:31:11.0562 5564 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/25 16:31:11.0609 5564 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/25 16:31:11.0640 5564 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/25 16:31:11.0687 5564 b57w2k (58911390115465bf6d8048f21f48655a) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/04/25 16:31:11.0750 5564 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/04/25 16:31:11.0796 5564 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/25 16:31:11.0859 5564 btaudio (8893ae0b6b9b60e0521a60e8b2160216) C:\WINDOWS\system32\drivers\btaudio.sys
2011/04/25 16:31:11.0906 5564 BTDriver (fde318e3569f57264af74b7e431f60ae) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/04/25 16:31:11.0953 5564 btkrnl (9c3c8b9e2eda516eb44b51dab81dbd68) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/04/25 16:31:12.0000 5564 BTSERIAL (089f7526ff41c17b0a43896d0553d5a2) C:\WINDOWS\system32\drivers\btserial.sys
2011/04/25 16:31:12.0031 5564 BTWDNDIS (28531ab3183f498e58d93d585e6a6b70) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/04/25 16:31:12.0078 5564 btwhid (c5c0e21c67089f053b964e0a8b8adbac) C:\WINDOWS\system32\DRIVERS\btwhid.sys
2011/04/25 16:31:12.0125 5564 btwmodem (7d295223c172ab4d61dc256721b2f09e) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
2011/04/25 16:31:12.0156 5564 BTWUSB (56c701580f2891952761362ba7594b3d) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/04/25 16:31:12.0218 5564 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/25 16:31:12.0265 5564 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/04/25 16:31:12.0312 5564 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/25 16:31:12.0375 5564 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/25 16:31:12.0390 5564 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/25 16:31:12.0437 5564 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/04/25 16:31:12.0500 5564 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/04/25 16:31:12.0609 5564 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/25 16:31:12.0687 5564 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/25 16:31:12.0718 5564 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/25 16:31:12.0750 5564 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/25 16:31:12.0796 5564 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/25 16:31:12.0843 5564 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/25 16:31:12.0890 5564 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/04/25 16:31:12.0937 5564 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/04/25 16:31:12.0984 5564 epfw (73411c14a8c6062bb6a510772cf2f38c) C:\WINDOWS\system32\DRIVERS\epfw.sys
2011/04/25 16:31:13.0015 5564 Epfwndis (490329bf80f333e788df9596a752a915) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
2011/04/25 16:31:13.0046 5564 epfwtdi (bdde7dd8fcdb1de7e879bb320b0605c0) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
2011/04/25 16:31:13.0125 5564 ewusbnet (9032405f762f1afa92dfef99cb078306) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
2011/04/25 16:31:13.0171 5564 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/25 16:31:13.0187 5564 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/04/25 16:31:13.0234 5564 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/25 16:31:13.0265 5564 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/04/25 16:31:13.0296 5564 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/04/25 16:31:13.0328 5564 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/25 16:31:13.0343 5564 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/25 16:31:13.0390 5564 gHidPnp (9a8c0eb871370a410487e70ce4ef3aba) C:\WINDOWS\system32\Drivers\gHidPnp.Sys
2011/04/25 16:31:13.0437 5564 gMouPS2 (9503a7ced3959cbf23bad230e05b1b73) C:\WINDOWS\system32\DRIVERS\gMouPS2.sys
2011/04/25 16:31:13.0453 5564 gMouUsb (810072609cc1615bb3fd843b551e523f) C:\WINDOWS\system32\DRIVERS\gMouUsb.sys
2011/04/25 16:31:13.0500 5564 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/25 16:31:13.0546 5564 Hardlock (d64a40b94602158e40527ae95e7a9193) C:\WINDOWS\system32\drivers\hardlock.sys
2011/04/25 16:31:13.0609 5564 Haspnt (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys
2011/04/25 16:31:13.0656 5564 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/04/25 16:31:13.0687 5564 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/25 16:31:13.0750 5564 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/25 16:31:13.0812 5564 hwdatacard (60aec3f4ec355d9f46d545a0fa08ce87) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/04/25 16:31:13.0843 5564 hwusbfake (b93d3c81ef1d372dc5bd5e6275362e1a) C:\WINDOWS\system32\DRIVERS\ewusbfake.sys
2011/04/25 16:31:13.0906 5564 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/25 16:31:13.0968 5564 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/04/25 16:31:13.0984 5564 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/25 16:31:14.0078 5564 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/25 16:31:14.0093 5564 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/04/25 16:31:14.0140 5564 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/25 16:31:14.0171 5564 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/25 16:31:14.0203 5564 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/25 16:31:14.0234 5564 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/25 16:31:14.0265 5564 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/25 16:31:14.0312 5564 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/25 16:31:14.0328 5564 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/25 16:31:14.0359 5564 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/04/25 16:31:14.0390 5564 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/25 16:31:14.0421 5564 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/25 16:31:14.0484 5564 LUMDriver (a83ca48076a3c43c3b71175095838d69) C:\WINDOWS\system32\drivers\LUMDriver.sys
2011/04/25 16:31:14.0515 5564 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/25 16:31:14.0562 5564 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/25 16:31:14.0593 5564 motccgp (1088f75c09ebb0a8b0f13b886fd67c52) C:\WINDOWS\system32\DRIVERS\motccgp.sys
2011/04/25 16:31:14.0640 5564 motccgpfl (b812da6605caf02641312f1f65c75419) C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
2011/04/25 16:31:14.0671 5564 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\WINDOWS\system32\DRIVERS\motodrv.sys
2011/04/25 16:31:14.0734 5564 motmodem (8f408e9ed2feb8a8b8837c380faf7ad6) C:\WINDOWS\system32\DRIVERS\motmodem.sys
2011/04/25 16:31:14.0765 5564 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/25 16:31:14.0781 5564 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/04/25 16:31:14.0812 5564 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/25 16:31:14.0843 5564 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/25 16:31:14.0906 5564 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/25 16:31:14.0953 5564 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/25 16:31:15.0000 5564 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/25 16:31:15.0031 5564 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/25 16:31:15.0062 5564 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/25 16:31:15.0093 5564 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/25 16:31:15.0125 5564 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/04/25 16:31:15.0140 5564 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/25 16:31:15.0171 5564 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/04/25 16:31:15.0203 5564 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/25 16:31:15.0234 5564 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/04/25 16:31:15.0265 5564 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/25 16:31:15.0296 5564 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/25 16:31:15.0296 5564 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/25 16:31:15.0343 5564 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/25 16:31:15.0359 5564 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/25 16:31:15.0375 5564 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/25 16:31:15.0406 5564 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/04/25 16:31:15.0453 5564 nmwcd (357ddb51e03cae598c096d95497373d0) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/04/25 16:31:15.0484 5564 nmwcdc (7cd443f9d36c80e152fadb274089577a) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/04/25 16:31:15.0500 5564 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/25 16:31:15.0531 5564 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/25 16:31:15.0578 5564 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/25 16:31:15.0781 5564 nv (e036d93b0e073650cf6cf826cd9e1fbe) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/04/25 16:31:15.0859 5564 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/25 16:31:15.0890 5564 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/25 16:31:15.0921 5564 OEM02Dev (9d20fa5d8875f6063aa5e1c44446f698) C:\WINDOWS\system32\DRIVERS\OEM02Dev.sys
2011/04/25 16:31:15.0953 5564 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\WINDOWS\system32\DRIVERS\OEM02Vfx.sys
2011/04/25 16:31:15.0984 5564 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/04/25 16:31:16.0015 5564 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
2011/04/25 16:31:16.0031 5564 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/25 16:31:16.0062 5564 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/25 16:31:16.0109 5564 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/04/25 16:31:16.0125 5564 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/25 16:31:16.0156 5564 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/04/25 16:31:16.0187 5564 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/25 16:31:16.0296 5564 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/25 16:31:16.0328 5564 psadd (271f3e304cf2a467188ef393c8fbd2b7) C:\WINDOWS\system32\DRIVERS\psadd.sys
2011/04/25 16:31:16.0328 5564 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/25 16:31:16.0343 5564 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/25 16:31:16.0375 5564 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/04/25 16:31:16.0468 5564 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/25 16:31:16.0500 5564 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/25 16:31:16.0515 5564 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/25 16:31:16.0531 5564 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/25 16:31:16.0562 5564 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/25 16:31:16.0593 5564 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/25 16:31:16.0609 5564 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/25 16:31:16.0640 5564 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/25 16:31:16.0656 5564 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/25 16:31:16.0718 5564 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2011/04/25 16:31:16.0750 5564 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2011/04/25 16:31:16.0781 5564 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
2011/04/25 16:31:16.0796 5564 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/04/25 16:31:16.0843 5564 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2011/04/25 16:31:16.0906 5564 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/04/25 16:31:16.0937 5564 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/25 16:31:16.0984 5564 Sentinel (aebba7428a6c40cce3c5abde45190b24) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
2011/04/25 16:31:17.0015 5564 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/25 16:31:17.0031 5564 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
2011/04/25 16:31:17.0062 5564 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/04/25 16:31:17.0078 5564 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/04/25 16:31:17.0109 5564 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/25 16:31:17.0156 5564 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/04/25 16:31:17.0281 5564 SNP2UVC (a1a7acf56747dc31aba892ca7690143a) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
2011/04/25 16:31:17.0359 5564 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/25 16:31:17.0421 5564 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
2011/04/25 16:31:17.0468 5564 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/25 16:31:17.0515 5564 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/25 16:31:17.0593 5564 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
2011/04/25 16:31:17.0640 5564 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/04/25 16:31:17.0671 5564 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/25 16:31:17.0687 5564 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/25 16:31:17.0796 5564 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/25 16:31:17.0828 5564 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/25 16:31:17.0875 5564 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/25 16:31:17.0921 5564 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/25 16:31:17.0937 5564 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/25 16:31:18.0000 5564 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/25 16:31:18.0062 5564 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/25 16:31:18.0109 5564 upperdev (15629e4d65f97ab5432d6d9597cf6a33) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/04/25 16:31:18.0156 5564 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/04/25 16:31:18.0187 5564 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/04/25 16:31:18.0203 5564 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/25 16:31:18.0250 5564 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/25 16:31:18.0296 5564 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/04/25 16:31:18.0343 5564 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/04/25 16:31:18.0390 5564 UsbserFilt (5c17e6a11aa8be53f79fd364ba19f0ce) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/25 16:31:18.0421 5564 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/25 16:31:18.0484 5564 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/25 16:31:18.0546 5564 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/04/25 16:31:18.0593 5564 VBoxDrv (9b7d30e837c80ec406676c0fe784107f) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
2011/04/25 16:31:18.0640 5564 VBoxNetAdp (e34cb1e4756b465cc832354162dfcef0) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
2011/04/25 16:31:18.0656 5564 VBoxNetFlt (c7519f03685f5d0291b233310bcf34b1) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
2011/04/25 16:31:18.0671 5564 VBoxUSB (d11e6ba88bccb871ade6e06136bdd8aa) C:\WINDOWS\system32\Drivers\VBoxUSB.sys
2011/04/25 16:31:18.0703 5564 VBoxUSBMon (a2229877303764021c088e6400b3e063) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
2011/04/25 16:31:18.0734 5564 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/25 16:31:18.0781 5564 vmm (e41fef9e3056fe88c71e411f705be41e) C:\WINDOWS\system32\Drivers\vmm.sys
2011/04/25 16:31:18.0828 5564 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/25 16:31:18.0875 5564 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
2011/04/25 16:31:18.0906 5564 vsbus (1c8a783e90c34d205596f1ab4a97e261) C:\WINDOWS\system32\DRIVERS\vsb.sys
2011/04/25 16:31:18.0937 5564 vserial (3377daa1cb8cac46a538c236f5f3d58f) C:\WINDOWS\system32\DRIVERS\vserial.sys
2011/04/25 16:31:18.0968 5564 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/25 16:31:19.0000 5564 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
2011/04/25 16:31:19.0062 5564 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/04/25 16:31:19.0109 5564 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/25 16:31:19.0171 5564 WmBEnum (38932c4649f8baad6ce1000ac6503d5b) C:\WINDOWS\system32\drivers\WmBEnum.sys
2011/04/25 16:31:19.0203 5564 WmFilter (58b3adab903fa1a78c86e6a42b80fe76) C:\WINDOWS\system32\drivers\WmFilter.sys
2011/04/25 16:31:19.0250 5564 WmHidLo (be1951c6919efb86e95f8ef331e39c50) C:\WINDOWS\system32\drivers\WmHidLo.sys
2011/04/25 16:31:19.0281 5564 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/04/25 16:31:19.0312 5564 WmVirHid (e45f01f4014d7ab13b8a0c41ebf48a3d) C:\WINDOWS\system32\drivers\WmVirHid.sys
2011/04/25 16:31:19.0328 5564 WmXlCore (0398265dd65aae2ece180fa9d1e7b5bb) C:\WINDOWS\system32\drivers\WmXlCore.sys
2011/04/25 16:31:19.0359 5564 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/04/25 16:31:19.0437 5564 yukonwxp (67331fd053f97a874a60374be6b59523) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/04/25 16:31:19.0687 5564 \HardDisk0 - detected Rootkit.Win32.BackBoot.gen (1)
2011/04/25 16:31:19.0687 5564 ================================================================================
2011/04/25 16:31:19.0687 5564 Scan finished
2011/04/25 16:31:19.0687 5564 ================================================================================
2011/04/25 16:31:19.0703 5224 Detected object count: 1
2011/04/25 16:31:23.0421 5224 Rootkit.Win32.BackBoot.gen(\HardDisk0) - User select action: Skip
2011/04/25 16:31:31.0859 6136 Deinitialize success
Nahoru
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: Zřejmě zasifleno

#36 Příspěvek od cernohous13 »

:arrow: Stáhni a rozbal na plochu
http://www.esagelab.com/files/bootkit_remover.rar
spusť remover.exe

po ukončení klik pravým do černého okna -> Vybrat vše -> Ctrl+C
do své odpovědi zde vložit Ctrl+V
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#37 Příspěvek od AndySue »

Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000002`87e00000

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Controlled by rootkit!

Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]


Done;
Press any key to quit...
Nahoru
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: Zřejmě zasifleno

#38 Příspěvek od cernohous13 »

Teď je nutné, aby byl Bootkit Remover na ploše

Jdi Start -> Spustit... a vlož tento příkaz
"%userprofile%\Plocha\remover.exe" fix \\.\PhysicalDrive0

Po restartu spustíš znovu remover a zkopíruješ nález
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#39 Příspěvek od AndySue »

Takto ? :


Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000002`87e00000
Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#40 Příspěvek od AndySue »

Přikládám i obsáhlejší log:
.\debug.cpp(238) : Debug log started at 27.04.2011 - 11:31:48
.\boot_cleaner.cpp(527) : Bootkit Remover
.\boot_cleaner.cpp(528) : (c) 2009 eSage Lab
.\boot_cleaner.cpp(529) : www.esagelab.com
.\boot_cleaner.cpp(533) : Program version: 1.2.0.0
.\boot_cleaner.cpp(540) : OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)
.\debug.cpp(248) : **********************************************
.\debug.cpp(249) : *** [ LOADED MODULES INFORMATION ] ***********
.\debug.cpp(250) : **********************************************
.\debug.cpp(256) : 0x804d7000 0x0020e000 "\WINDOWS\system32\ntkrnlpa.exe"
.\debug.cpp(256) : 0x806e5000 0x00020d00 "\WINDOWS\system32\hal.dll"
.\debug.cpp(256) : 0xba5a8000 0x00002000 "\WINDOWS\system32\KDCOM.DLL"
.\debug.cpp(256) : 0xba4b8000 0x00003000 "\WINDOWS\system32\BOOTVID.dll"
.\debug.cpp(256) : 0xb9f79000 0x0002e000 "ACPI.sys"
.\debug.cpp(256) : 0xba5aa000 0x00002000 "\WINDOWS\system32\DRIVERS\WMILIB.SYS"
.\debug.cpp(256) : 0xb9f68000 0x00011000 "pci.sys"
.\debug.cpp(256) : 0xba0a8000 0x00010000 "ohci1394.sys"
.\debug.cpp(256) : 0xba0b8000 0x0000e000 "\WINDOWS\system32\DRIVERS\1394BUS.SYS"
.\debug.cpp(256) : 0xba0c8000 0x0000a000 "isapnp.sys"
.\debug.cpp(256) : 0xba4bc000 0x00003000 "compbatt.sys"
.\debug.cpp(256) : 0xba4c0000 0x00004000 "\WINDOWS\system32\DRIVERS\BATTC.SYS"
.\debug.cpp(256) : 0xba670000 0x00001000 "pciide.sys"
.\debug.cpp(256) : 0xba328000 0x00007000 "\WINDOWS\system32\DRIVERS\PCIIDEX.SYS"
.\debug.cpp(256) : 0xba0d8000 0x0000b000 "MountMgr.sys"
.\debug.cpp(256) : 0xb9f49000 0x0001f000 "ftdisk.sys"
.\debug.cpp(256) : 0xba5ac000 0x00002000 "dmload.sys"
.\debug.cpp(256) : 0xb9f23000 0x00026000 "dmio.sys"
.\debug.cpp(256) : 0xba330000 0x00005000 "PartMgr.sys"
.\debug.cpp(256) : 0xba0e8000 0x0000d000 "VolSnap.sys"
.\debug.cpp(256) : 0xb9f0b000 0x00018000 "atapi.sys"
.\debug.cpp(256) : 0xb9e31000 0x000da000 "iaStor.sys"
.\debug.cpp(256) : 0xba0f8000 0x00009000 "disk.sys"
.\debug.cpp(256) : 0xba108000 0x0000d000 "\WINDOWS\system32\DRIVERS\CLASSPNP.SYS"
.\debug.cpp(256) : 0xb9e11000 0x00020000 "fltmgr.sys"
.\debug.cpp(256) : 0xb9dff000 0x00012000 "sr.sys"
.\debug.cpp(256) : 0xba118000 0x0000a000 "PxHelp20.sys"
.\debug.cpp(256) : 0xb9de8000 0x00017000 "KSecDD.sys"
.\debug.cpp(256) : 0xb9d5b000 0x0008d000 "Ntfs.sys"
.\debug.cpp(256) : 0xb9d2e000 0x0002d000 "NDIS.sys"
.\debug.cpp(256) : 0xb9d14000 0x0001a000 "Mup.sys"
.\debug.cpp(256) : 0xba128000 0x0000d000 "12762682.sys"
.\debug.cpp(256) : 0xba168000 0x0000a000 "\SystemRoot\system32\DRIVERS\intelppm.sys"
.\debug.cpp(256) : 0xb7fa6000 0x0063f000 "\SystemRoot\system32\DRIVERS\nv4_mini.sys"
.\debug.cpp(256) : 0xb7f92000 0x00014000 "\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS"
.\debug.cpp(256) : 0xba410000 0x00006000 "\SystemRoot\system32\DRIVERS\usbuhci.sys"
.\debug.cpp(256) : 0xb7f6e000 0x00024000 "\SystemRoot\system32\DRIVERS\USBPORT.SYS"
.\debug.cpp(256) : 0xba418000 0x00008000 "\SystemRoot\system32\DRIVERS\usbehci.sys"
.\debug.cpp(256) : 0xb7f46000 0x00028000 "\SystemRoot\system32\DRIVERS\HDAudBus.sys"
.\debug.cpp(256) : 0xb7f05000 0x00041000 "\SystemRoot\system32\DRIVERS\yk51x86.sys"
.\debug.cpp(256) : 0xb7df2000 0x00113000 "\SystemRoot\system32\DRIVERS\bcmwl5.sys"
.\debug.cpp(256) : 0xba178000 0x00010000 "\SystemRoot\system32\DRIVERS\nic1394.sys"
.\debug.cpp(256) : 0xb7dde000 0x00014000 "\SystemRoot\system32\DRIVERS\sdbus.sys"
.\debug.cpp(256) : 0xba188000 0x0000f000 "\SystemRoot\system32\DRIVERS\rimmptsk.sys"
.\debug.cpp(256) : 0xb7dca000 0x00014000 "\SystemRoot\system32\DRIVERS\rimsptsk.sys"
.\debug.cpp(256) : 0xb7d79000 0x00051000 "\SystemRoot\system32\DRIVERS\rixdptsk.sys"
.\debug.cpp(256) : 0xba198000 0x0000d000 "\SystemRoot\system32\DRIVERS\i8042prt.sys"
.\debug.cpp(256) : 0xba1a8000 0x0000a000 "\SystemRoot\system32\DRIVERS\gMouPS2.sys"
.\debug.cpp(256) : 0xba420000 0x00006000 "\SystemRoot\system32\DRIVERS\mouclass.sys"
.\debug.cpp(256) : 0xba428000 0x00006000 "\SystemRoot\system32\DRIVERS\kbdclass.sys"
.\debug.cpp(256) : 0xba1b8000 0x0000b000 "\SystemRoot\system32\DRIVERS\imapi.sys"
.\debug.cpp(256) : 0xba1c8000 0x00010000 "\SystemRoot\system32\DRIVERS\cdrom.sys"
.\debug.cpp(256) : 0xb8951000 0x0000f000 "\SystemRoot\system32\DRIVERS\redbook.sys"
.\debug.cpp(256) : 0xb7d56000 0x00023000 "\SystemRoot\system32\DRIVERS\ks.sys"
.\debug.cpp(256) : 0xb9ca7000 0x00004000 "\SystemRoot\system32\DRIVERS\CmBatt.sys"
.\debug.cpp(256) : 0xb9ca3000 0x00003000 "\SystemRoot\system32\DRIVERS\wmiacpi.sys"
.\debug.cpp(256) : 0xb7c8a000 0x000cc000 "\SystemRoot\system32\DRIVERS\btkrnl.sys"
.\debug.cpp(256) : 0xb8941000 0x0000f000 "\SystemRoot\system32\DRIVERS\VMNetSrv.sys"
.\debug.cpp(256) : 0xb8931000 0x0000b000 "\SystemRoot\system32\DRIVERS\Epfwndis.sys"
.\debug.cpp(256) : 0xba7de000 0x00001000 "\SystemRoot\system32\DRIVERS\audstub.sys"
.\debug.cpp(256) : 0xba5f0000 0x00002000 "\SystemRoot\System32\Drivers\RootMdm.sys"
.\debug.cpp(256) : 0xba430000 0x00008000 "\SystemRoot\System32\Drivers\Modem.SYS"
.\debug.cpp(256) : 0xb8921000 0x0000d000 "\SystemRoot\system32\DRIVERS\rasl2tp.sys"
.\debug.cpp(256) : 0xb9c9b000 0x00003000 "\SystemRoot\system32\DRIVERS\ndistapi.sys"
.\debug.cpp(256) : 0xb7c73000 0x00017000 "\SystemRoot\system32\DRIVERS\ndiswan.sys"
.\debug.cpp(256) : 0xb8911000 0x0000b000 "\SystemRoot\system32\DRIVERS\raspppoe.sys"
.\debug.cpp(256) : 0xb8901000 0x0000c000 "\SystemRoot\system32\DRIVERS\raspptp.sys"
.\debug.cpp(256) : 0xba438000 0x00005000 "\SystemRoot\system32\DRIVERS\TDI.SYS"
.\debug.cpp(256) : 0xb7c62000 0x00011000 "\SystemRoot\system32\DRIVERS\psched.sys"
.\debug.cpp(256) : 0xb88f1000 0x00009000 "\SystemRoot\system32\DRIVERS\msgpc.sys"
.\debug.cpp(256) : 0xba440000 0x00005000 "\SystemRoot\system32\DRIVERS\ptilink.sys"
.\debug.cpp(256) : 0xba448000 0x00005000 "\SystemRoot\system32\DRIVERS\raspti.sys"
.\debug.cpp(256) : 0xb7b80000 0x00017000 "\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys"
.\debug.cpp(256) : 0xb7875000 0x00030000 "\SystemRoot\system32\DRIVERS\rdpdr.sys"
.\debug.cpp(256) : 0xba238000 0x0000a000 "\SystemRoot\system32\DRIVERS\termdd.sys"
.\debug.cpp(256) : 0xba498000 0x00007000 "\SystemRoot\system32\DRIVERS\psadd.sys"
.\debug.cpp(256) : 0xb7833000 0x0001a000 "\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys"
.\debug.cpp(256) : 0xba5f8000 0x00002000 "\SystemRoot\system32\DRIVERS\swenum.sys"
.\debug.cpp(256) : 0xb77d5000 0x0005e000 "\SystemRoot\system32\DRIVERS\update.sys"
.\debug.cpp(256) : 0xb8609000 0x00004000 "\SystemRoot\system32\DRIVERS\mssmbios.sys"
.\debug.cpp(256) : 0xb8605000 0x00004000 "\SystemRoot\system32\drivers\WmBEnum.sys"
.\debug.cpp(256) : 0xba268000 0x0000b000 "\SystemRoot\system32\drivers\WmXlCore.sys"
.\debug.cpp(256) : 0xb8601000 0x00004000 "\SystemRoot\system32\DRIVERS\vsb.sys"
.\debug.cpp(256) : 0xb5a1f000 0x0004e000 "\SystemRoot\system32\drivers\btaudio.sys"
.\debug.cpp(256) : 0xb59fb000 0x00024000 "\SystemRoot\system32\drivers\portcls.sys"
.\debug.cpp(256) : 0xba298000 0x0000f000 "\SystemRoot\system32\drivers\drmk.sys"
.\debug.cpp(256) : 0xba2a8000 0x0000a000 "\SystemRoot\System32\Drivers\NDProxy.SYS"
.\debug.cpp(256) : 0xba2b8000 0x0000f000 "\SystemRoot\system32\DRIVERS\usbhub.sys"
.\debug.cpp(256) : 0xba628000 0x00002000 "\SystemRoot\system32\DRIVERS\USBD.SYS"
.\debug.cpp(256) : 0xb3bc3000 0x0011e000 "\SystemRoot\system32\drivers\sthda.sys"
.\debug.cpp(256) : 0xb3e47000 0x00002000 "\SystemRoot\System32\Drivers\Fs_Rec.SYS"
.\debug.cpp(256) : 0xba7a8000 0x00001000 "\SystemRoot\System32\Drivers\Null.SYS"
.\debug.cpp(256) : 0xb3e45000 0x00002000 "\SystemRoot\System32\Drivers\Beep.SYS"
.\debug.cpp(256) : 0xb0d33000 0x0001f000 "\SystemRoot\system32\DRIVERS\ehdrv.sys"
.\debug.cpp(256) : 0xb6e48000 0x00007000 "\SystemRoot\system32\DRIVERS\HIDPARSE.SYS"
.\debug.cpp(256) : 0xb6e38000 0x00006000 "\SystemRoot\System32\drivers\vga.sys"
.\debug.cpp(256) : 0xb3e43000 0x00002000 "\SystemRoot\System32\Drivers\mnmdd.SYS"
.\debug.cpp(256) : 0xb3e41000 0x00002000 "\SystemRoot\System32\DRIVERS\RDPCDD.sys"
.\debug.cpp(256) : 0xb6e30000 0x00005000 "\SystemRoot\System32\Drivers\Msfs.SYS"
.\debug.cpp(256) : 0xba380000 0x00008000 "\SystemRoot\System32\Drivers\Npfs.SYS"
.\debug.cpp(256) : 0xb719b000 0x00003000 "\SystemRoot\system32\DRIVERS\rasacd.sys"
.\debug.cpp(256) : 0xb0d00000 0x00013000 "\SystemRoot\system32\DRIVERS\ipsec.sys"
.\debug.cpp(256) : 0xb0ca7000 0x00059000 "\SystemRoot\system32\DRIVERS\tcpip.sys"
.\debug.cpp(256) : 0xb0c95000 0x00012000 "\SystemRoot\system32\DRIVERS\epfwtdi.sys"
.\debug.cpp(256) : 0xb0c6f000 0x00026000 "\SystemRoot\system32\DRIVERS\ipnat.sys"
.\debug.cpp(256) : 0xb0c47000 0x00028000 "\SystemRoot\system32\DRIVERS\netbt.sys"
.\debug.cpp(256) : 0xb0c25000 0x00022000 "\SystemRoot\System32\drivers\afd.sys"
.\debug.cpp(256) : 0xb49c3000 0x00009000 "\SystemRoot\system32\DRIVERS\netbios.sys"
.\debug.cpp(256) : 0xb49b3000 0x00009000 "\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys"
.\debug.cpp(256) : 0xb0c03000 0x00022000 "\SystemRoot\system32\DRIVERS\VBoxDrv.sys"
.\debug.cpp(256) : 0xb0bd8000 0x0002b000 "\SystemRoot\system32\DRIVERS\rdbss.sys"
.\debug.cpp(256) : 0xb49a3000 0x00009000 "\SystemRoot\system32\DRIVERS\wanarp.sys"
.\debug.cpp(256) : 0xb0b68000 0x00070000 "\SystemRoot\system32\DRIVERS\mrxsmb.sys"
.\debug.cpp(256) : 0xb4993000 0x0000b000 "\SystemRoot\System32\Drivers\Fips.SYS"
.\debug.cpp(256) : 0xb4983000 0x0000f000 "\SystemRoot\system32\DRIVERS\arp1394.sys"
.\debug.cpp(256) : 0xba388000 0x00008000 "\SystemRoot\system32\DRIVERS\usbccgp.sys"
.\debug.cpp(256) : 0xb0b2e000 0x0003a000 "\SystemRoot\system32\DRIVERS\OEM02Dev.sys"
.\debug.cpp(256) : 0xb3e3d000 0x00002000 "\SystemRoot\system32\DRIVERS\OEM02Vfx.sys"
.\debug.cpp(256) : 0xb060e000 0x00520000 "\SystemRoot\system32\DRIVERS\12762681.sys"
.\debug.cpp(256) : 0xb4953000 0x00010000 "\SystemRoot\System32\Drivers\Cdfs.SYS"
.\debug.cpp(256) : 0xb0534000 0x000da000 "\SystemRoot\System32\Drivers\dump_iaStor.sys"
.\debug.cpp(256) : 0xbf800000 0x001c6000 "\SystemRoot\System32\win32k.sys"
.\debug.cpp(256) : 0xb17f9000 0x00003000 "\SystemRoot\System32\drivers\Dxapi.sys"
.\debug.cpp(256) : 0xba3d8000 0x00005000 "\SystemRoot\System32\watchdog.sys"
.\debug.cpp(256) : 0xbf000000 0x00012000 "\SystemRoot\System32\drivers\dxg.sys"
.\debug.cpp(256) : 0xba6ea000 0x00001000 "\SystemRoot\System32\drivers\dxgthk.sys"
.\debug.cpp(256) : 0xb3df1000 0x0000a000 "\SystemRoot\System32\Drivers\gHidPnp.Sys"
.\debug.cpp(256) : 0xba570000 0x00003000 "\SystemRoot\system32\DRIVERS\hidusb.sys"
.\debug.cpp(256) : 0xb3de1000 0x00009000 "\SystemRoot\system32\DRIVERS\HIDCLASS.SYS"
.\debug.cpp(256) : 0xb85fd000 0x00003000 "\SystemRoot\system32\DRIVERS\gMouUsb.sys"
.\debug.cpp(256) : 0xb85f9000 0x00003000 "\SystemRoot\system32\DRIVERS\mouhid.sys"
.\debug.cpp(256) : 0xb3da1000 0x00010000 "\SystemRoot\System32\Drivers\btwusb.sys"
.\debug.cpp(256) : 0xb85f1000 0x00004000 "\SystemRoot\system32\DRIVERS\kbdhid.sys"
.\debug.cpp(256) : 0xbf012000 0x005f7000 "\SystemRoot\System32\nv4_disp.dll"
.\debug.cpp(256) : 0xbf609000 0x00047000 "\SystemRoot\System32\ATMFD.DLL"
.\debug.cpp(256) : 0xae1b5000 0x000a7000 "\SystemRoot\system32\DRIVERS\eamon.sys"
.\debug.cpp(256) : 0xae193000 0x00022000 "\SystemRoot\system32\DRIVERS\epfw.sys"
.\debug.cpp(256) : 0xba460000 0x00005000 "\SystemRoot\system32\DRIVERS\AegisP.sys"
.\debug.cpp(256) : 0xb3ce9000 0x00004000 "\SystemRoot\system32\DRIVERS\ndisuio.sys"
.\debug.cpp(256) : 0xb3ce1000 0x00004000 "\SystemRoot\system32\DRIVERS\s24trans.sys"
.\debug.cpp(256) : 0xae04e000 0x0002d000 "\SystemRoot\system32\DRIVERS\mrxdav.sys"
.\debug.cpp(256) : 0xb4963000 0x0000c000 "\??\C:\WINDOWS\system32\drivers\Haspnt.sys"
.\debug.cpp(256) : 0xb4752000 0x00006000 "\??\C:\WINDOWS\system32\drivers\btserial.sys"
.\debug.cpp(256) : 0xadf47000 0x000a4000 "\??\C:\WINDOWS\system32\drivers\hardlock.sys"
.\debug.cpp(256) : 0xadefb000 0x00024000 "\SystemRoot\System32\Drivers\Fastfat.SYS"
.\debug.cpp(256) : 0xadea3000 0x00058000 "\SystemRoot\system32\DRIVERS\srv.sys"
.\debug.cpp(256) : 0xadd26000 0x00015000 "\SystemRoot\system32\drivers\wdmaud.sys"
.\debug.cpp(256) : 0xaddf3000 0x0000f000 "\SystemRoot\system32\drivers\sysaudio.sys"
.\debug.cpp(256) : 0xb401d000 0x00006000 "\SystemRoot\System32\Drivers\TDTCP.SYS"
.\debug.cpp(256) : 0xad70d000 0x00023000 "\SystemRoot\System32\Drivers\RDPWD.SYS"
.\debug.cpp(256) : 0xacd91000 0x00041000 "\SystemRoot\System32\Drivers\HTTP.sys"
.\debug.cpp(256) : 0x7c900000 0x000b1000 "\WINDOWS\system32\ntdll.dll"
.\debug.cpp(263) : **********************************************
.\debug.cpp(307) : *** [ DEVICE OBJECTS INFORMATION ] ***********
.\debug.cpp(308) : **********************************************
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{D282F74B-6F08-4903-B5C4-F39D344FDC8A}"
.\debug.cpp(400) : Destination "\Device\{D282F74B-6F08-4903-B5C4-F39D344FDC8A}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\D:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDIS"
.\debug.cpp(400) : Destination "\Device\Ndis"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2832&SUBSYS_022E1028&REV_02#3&61aaa01&0&EA#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0011"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&2f35364c&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1180&DEV_0852&SUBSYS_022E1028&REV_12#4&28d6de3b&0&4CF0#{58b90d02-b4b0-4504-9bea-52b93082ddf6}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0022"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&2a9e15cd&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY1"
.\debug.cpp(400) : Destination "\Device\Video0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0004#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000050"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ffbb6e3f-ccfe-4d84-90d9-421418b03a8e}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SUN_VBOXNETFLTMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000059"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY2"
.\debug.cpp(400) : Destination "\Device\Video1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{71985f4a-1ca1-11d3-9cc8-00c04f7971e0}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{6B6EA162-3084-48AD-8F3A-44F0A59FDCC6}"
.\debug.cpp(400) : Destination "\Device\{6B6EA162-3084-48AD-8F3A-44F0A59FDCC6}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000004a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_1#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000064"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2829&SUBSYS_022E1028&REV_02#3&61aaa01&0&FA#{2accfe60-c130-11d2-b082-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0016"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmIoDaemon"
.\debug.cpp(400) : Destination "\Device\DmControl\DmIoDaemon"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0C#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\00000069"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ip"
.\debug.cpp(400) : Destination "\Device\Ip"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY3"
.\debug.cpp(400) : Destination "\Device\Video2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2830&SUBSYS_022E1028&REV_02#3&61aaa01&0&E8#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0009"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\E:"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ehdrv"
.\debug.cpp(400) : Destination "\Device\ehdrv"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPSECDev"
.\debug.cpp(400) : Destination "\Device\IPSEC"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_05a9&Pid_2640&MI_00#6&34c52002&0&0000#{6994ad05-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\000000ae"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY4"
.\debug.cpp(400) : Destination "\Device\Video3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ESET_EPFWNDISMP#0004#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000000e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000049"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0D#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\00000068"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DISPLAY5"
.\debug.cpp(400) : Destination "\Device\Video4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9aa4a2cc-81e0-4cfd-802f-0f74526d2bd3}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VSPControl"
.\debug.cpp(400) : Destination "\Device\VSPControl"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CDR4_XP"
.\debug.cpp(400) : Destination "\Device\PxHelperDevice0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_0a5c&Pid_4503#6&52fd601&0&3#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-12"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_413c&Pid_8126#6&52fd601&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-10"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VPCNetS2_{4F20AE2C-B224-44AA-8EE5-CCCB39347F5D}"
.\debug.cpp(400) : Destination "\Device\VPCNetS2_{4F20AE2C-B224-44AA-8EE5-CCCB39347F5D}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3c0d501a-140b-11d1-b40f-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{fd0a5af4-b41d-11d2-9c95-00c04f7971e0}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MODEM#0000#{2c7089aa-2e0e-11d1-b114-00c04fc2aae4}"
.\debug.cpp(400) : Destination "\Device\00000047"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\RdpDrDvMgr"
.\debug.cpp(400) : Destination "\Device\RdpDrDvMgr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{47e96bd7-70c1-11e0-be59-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomOptiarc_DVD+-RW_AD-7640A________________JD05____#4e434b3033394337383636383835423631305a59#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T0L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2834&SUBSYS_022E1028&REV_02#3&61aaa01&0&D0#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0A#1#{72631e54-78a4-11d0-bcf7-00aa00b7b32a}"
.\debug.cpp(400) : Destination "\Device\0000006c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PsaDev"
.\debug.cpp(400) : Destination "\Device\PsaDD0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CompositeBattery"
.\debug.cpp(400) : Destination "\Device\CompositeBattery"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WMIDataDevice"
.\debug.cpp(400) : Destination "\Device\WMIDataDevice"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0458&Pid_0087&Col03#6&1774371b&0&0002#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\000000b4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\EPFW"
.\debug.cpp(400) : Destination "\Device\Epfw"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{dff220f3-f70f-11d0-b917-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SUN_VBOXNETFLTMP#0002#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000005a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_10DE&DEV_0407&SUBSYS_022E1028&REV_A1#4&15f4a1be&0&0008#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0023"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#GenuineIntel_-_x86_Family_6_Model_23#_0#{97fadb10-4e33-40ae-359c-8bef029dbdd0}"
.\debug.cpp(400) : Destination "\Device\00000063"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PIPE"
.\debug.cpp(400) : Destination "\Device\NamedPipe"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{36DD61CC-B34E-4BF5-9174-F6EB0BE4E425}"
.\debug.cpp(400) : Destination "\Device\{36DD61CC-B34E-4BF5-9174-F6EB0BE4E425}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTKRNL"
.\debug.cpp(400) : Destination "\Device\BTKRNL"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c5066e-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{2eb07ea0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0a5c&Pid_4502#7&1d93fac9&0&0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\000000b6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0458&Pid_0087&Col01#6&1774371b&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\000000b2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&1ad68f5f&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1180&DEV_0592&SUBSYS_022E1028&REV_12#4&28d6de3b&0&4BF0#{d2d3b8e3-2400-448c-8c0d-79abecfcfda3}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0021"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTWUSB-0"
.\debug.cpp(400) : Destination "\Device\BTWUSB-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0a5c&Pid_4502#7&1d93fac9&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\000000b6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PSched"
.\debug.cpp(400) : Destination "\Device\PSched"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\UNC"
.\debug.cpp(400) : Destination "\Device\Mup"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPNAT"
.\debug.cpp(400) : Destination "\Device\IPNAT"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2831&SUBSYS_022E1028&REV_02#3&61aaa01&0&E9#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0010"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VBoxNetFlt"
.\debug.cpp(400) : Destination "\Device\VBoxNetFlt"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{0a4252a0-7e70-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{20BE1C61-90B8-4CC8-9727-1F9C7FB9FCF8}"
.\debug.cpp(400) : Destination "\Device\{20BE1C61-90B8-4CC8-9727-1F9C7FB9FCF8}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD0"
.\debug.cpp(400) : Destination "\Device\USBFDO-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomOptiarc_DVD+-RW_AD-7640A________________JD05____#4e434b3033394337383636383835423631305a59#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T0L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Tcp"
.\debug.cpp(400) : Destination "\Device\Tcp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgrMsg"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgrMsg"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}#BTWAUDIO#1&30ee4ad&0&1000000030001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000098"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0F13#4&2f94427b&0#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000088"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\LCD"
.\debug.cpp(400) : Destination "\Device\VideoPdo0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&25a8bfe7&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ESET_EPFWNDISMP#0003#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000000d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD1"
.\debug.cpp(400) : Destination "\Device\USBFDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PTIMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000052"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_05a9&Pid_2640&MI_00#6&34c52002&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\000000ae"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{47e96bd6-70c1-11e0-be59-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PhysicalDrive0"
.\debug.cpp(400) : Destination "\Device\Harddisk0\DR0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}#BTWAUDIO#1&30ee4ad&0&1000000030001#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination "\Device\00000098"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PRN"
.\debug.cpp(400) : Destination "\DosDevices\LPT1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_05a9&Pid_2640#5&161a1bcb&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000004d"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD2"
.\debug.cpp(400) : Destination "\Device\USBFDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{cf1dda2c-9743-11d0-a3ee-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{53172480-4791-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0458&Pid_0087&Col01#6&1774371b&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\000000b2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureBA58BA58Offset7E00000Length280000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}#BTAUDIO#1&30ee4ad&0&1000000030000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000097"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\sysaudio"
.\debug.cpp(400) : Destination "\Device\sysaudio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\fsWrap"
.\debug.cpp(400) : Destination "\Device\FsWrap"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD3"
.\debug.cpp(400) : Destination "\Device\USBFDO-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0002#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000004e"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#CNTX_VPCNETS2_MP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000004"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{97ebaacb-95bd-11d0-a3ea-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000004c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\CdRom0"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\BTSERIAL"
.\debug.cpp(400) : Destination "\Device\BTSERIAL"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD4"
.\debug.cpp(400) : Destination "\Device\USBFDO-4"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{5f6b13e4-6814-4fb4-bf50-84cbb4297800}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{FF6F0FB9-4153-4162-AE54-E54EC285F2A9}"
.\debug.cpp(400) : Destination "\Device\{FF6F0FB9-4153-4162-AE54-E54EC285F2A9}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\S24TRANS_S24TRANS.SYS"
.\debug.cpp(400) : Destination "\Device\S24Trans.sys"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VBoxUSBMon"
.\debug.cpp(400) : Destination "\Device\VBoxUSBMon"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD5"
.\debug.cpp(400) : Destination "\Device\USBFDO-5"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Global"
.\debug.cpp(400) : Destination "\GLOBAL??"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2835&SUBSYS_022E1028&REV_02#3&61aaa01&0&D1#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0003"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Siemens GPRS via Bluetooth.\debug.cpp(400) : Destination "\Device\00000047"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{3A7B8DE9-84C9-4E59-9CF5-F82BA4876F82}"
.\debug.cpp(400) : Destination "\Device\{3A7B8DE9-84C9-4E59-9CF5-F82BA4876F82}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Epfwndis"
.\debug.cpp(400) : Destination "\Device\Epfwndis"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_0a5c&Pid_4500#5&354054e1&0&2#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-9"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HCD6"
.\debug.cpp(400) : Destination "\Device\USBFDO-6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1180&DEV_0843&SUBSYS_022E1028&REV_12#4&28d6de3b&0&4AF0#{ba39d8e2-30c9-11d4-b3cd-d916bda91711}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0020"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VPCNetS2"
.\debug.cpp(400) : Destination "\Device\VPCNetS2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PxHelperDevice0"
.\debug.cpp(400) : Destination "\Device\PxHelperDevice0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50671-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0303#4&2f94427b&0#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000089"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_14E4&DEV_4328&SUBSYS_000A1028&REV_03#4&ab208e&0&00E1#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0025"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{C90095E1-2C47-4B20-824D-BA1FFB7429E9}"
.\debug.cpp(400) : Destination "\Device\{C90095E1-2C47-4B20-824D-BA1FFB7429E9}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VPCNetS2_{36DD61CC-B34E-4BF5-9174-F6EB0BE4E425}"
.\debug.cpp(400) : Destination "\Device\VPCNetS2_{36DD61CC-B34E-4BF5-9174-F6EB0BE4E425}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#ThermalZone#THM_#{4afa3d51-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\00000065"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Volume{5bd8a786-c639-11dd-b7ec-806d6172696f}"
.\debug.cpp(400) : Destination "\Device\CdRom0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{3e227e76-690d-11d2-8161-0000f8775bf1}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}#BTWAUDIO#1&30ee4ad&0&1000000030001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000098"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad809c00-7b88-11d0-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{9ea331fa-b91b-45f8-9285-bd2bc77afcde}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VPCNetS2_{3A7B8DE9-84C9-4E59-9CF5-F82BA4876F82}"
.\debug.cpp(400) : Destination "\Device\VPCNetS2_{3A7B8DE9-84C9-4E59-9CF5-F82BA4876F82}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#NET#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000053"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{9122BE9C-AED7-4A94-B9F2-68643A225BAE}"
.\debug.cpp(400) : Destination "\Device\{9122BE9C-AED7-4A94-B9F2-68643A225BAE}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ARP1394"
.\debug.cpp(400) : Destination "\Device\ARP1394"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_2836&SUBSYS_022E1028&REV_02#3&61aaa01&0&EF#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0012"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{07dad660-22f1-11d1-a9f4-00c04fbbde8f}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\gHidPnp"
.\debug.cpp(400) : Destination "\Device\gHidPnp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}#BTAUDIO#1&30ee4ad&0&1000000030000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000097"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{3194A701-620C-4D0F-BF30-17F9192DA106}"
.\debug.cpp(400) : Destination "\Device\{3194A701-620C-4D0F-BF30-17F9192DA106}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#CNTX_VPCNETS2_MP#0002#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000005"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB20#4&5112df9&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ESET_EPFWNDISMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000000b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{ac7e9cf6-d199-450d-bedf-8a35b000442d}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_05a9&Pid_2640&MI_00#6&34c52002&0&0000#{6bdd1fc6-810f-11d0-bec7-08002be2092f}"
.\debug.cpp(400) : Destination "\Device\000000ae"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HL:"
.\debug.cpp(400) : Destination "\Device\HLVol"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MountPointManager"
.\debug.cpp(400) : Destination "\Device\MountPointManager"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{d6c50674-72c1-11d2-9755-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}#BTAUDIO#1&30ee4ad&0&1000000030000#{dda54a40-1e4c-11d1-a050-405705c10000}"
.\debug.cpp(400) : Destination "\Device\00000097"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{9C1B4988-7B11-4B70-BFD3-D8E9C276C9B4}"
.\debug.cpp(400) : Destination "\Device\{9C1B4988-7B11-4B70-BFD3-D8E9C276C9B4}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{F5D80589-37F4-4DDA-9697-9A6152914386}"
.\debug.cpp(400) : Destination "\Device\{F5D80589-37F4-4DDA-9697-9A6152914386}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0003#{a530a220-8e1d-11d3-87a1-00104be390af}"
.\debug.cpp(400) : Destination "\Device\0000005f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000048"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MbDlDp32"
.\debug.cpp(400) : Destination "\Device\PxHelperDevice0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmConfig"
.\debug.cpp(400) : Destination "\Device\DmControl\DmConfig"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\ACPI#PNP0C0E#2&daba3ff&0#{4afa3d53-74a7-11d0-be5e-00a0c9062857}"
.\debug.cpp(400) : Destination "\Device\0000006a"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Eamon"
.\debug.cpp(400) : Destination "\Device\Eamon"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#DiskWDC_WD3200BEVT-75ZCT1___________________11.01A11#4&396934cd&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\Ide\IAAStorageDevice-0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\WanArp"
.\debug.cpp(400) : Destination "\Device\WANARP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{cb0b7def-63d0-44d6-bcd7-a5e6d1f8b362}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ftdisk#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\00000010"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}#BTWAUDIO#1&30ee4ad&0&1000000030001#{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000098"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{493C4605-7A44-44B8-92BE-066866CC3CDA}"
.\debug.cpp(400) : Destination "\Device\{493C4605-7A44-44B8-92BE-066866CC3CDA}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0003#{be472025-8177-11d3-87a1-00104be390af}"
.\debug.cpp(400) : Destination "\Device\0000005f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmTrace"
.\debug.cpp(400) : Destination "\Device\DmControl\DmTrace"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_1180&DEV_0832&SUBSYS_022E1028&REV_05#4&28d6de3b&0&48F0#{6bdd1fc1-810f-11d0-bec7-08002be2092f}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0018"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IDE#CdRomOptiarc_DVD+-RW_AD-7640A________________JD05____#4e434b3033394337383636383835423631305a59#{1186654d-47b8-48b9-beb9-7df113ae3c67}"
.\debug.cpp(400) : Destination "\Device\Ide\IdeDeviceP0T0L0-3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#dmio#0000#{53f5630e-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\00000009"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NDISWANIP"
.\debug.cpp(400) : Destination "\Device\NdisWanIp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{4F20AE2C-B224-44AA-8EE5-CCCB39347F5D}"
.\debug.cpp(400) : Destination "\Device\{4F20AE2C-B224-44AA-8EE5-CCCB39347F5D}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{bf963d80-c559-11d0-8a2b-00a0c9255ac1}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}"
.\debug.cpp(400) : Destination "\Device\KSENUM#00000002"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AegisP"
.\debug.cpp(400) : Destination "\Device\AegisP"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi0:"
.\debug.cpp(400) : Destination "\Device\Ide\IdePort0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_11AB&DEV_4354&SUBSYS_022E1028&REV_12#4&541b6e0&0&00E0#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0024"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\gMouPS2"
.\debug.cpp(400) : Destination "\Device\gMouPS2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{2EBBAA1A-2C67-4F84-AAA9-58683595E57E}"
.\debug.cpp(400) : Destination "\Device\{2EBBAA1A-2C67-4F84-AAA9-58683595E57E}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\1394BUS0"
.\debug.cpp(400) : Destination "\Device\1394BUS0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\STORAGE#Volume#1&30a96598&0&SignatureBA58BA58Offset287E00000Length475DDFF000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{4747b320-62ce-11cf-a5d6-28db04c10000}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VBoxNetAdp"
.\debug.cpp(400) : Destination "\Device\VBoxNetAdp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#MS_PPTPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000004b"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK1"
.\debug.cpp(400) : Destination "\Device\ParTechInc0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#SYSTEM#0000#{a7c7a5b1-5af3-11d1-9ced-00a024bf0407}"
.\debug.cpp(400) : Destination "\Device\0000005c"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&37ef9a81&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-6"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\S24Trans.sys"
.\debug.cpp(400) : Destination "\Device\S24Trans.sys"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Scsi1:"
.\debug.cpp(400) : Destination "\Device\Ide\iaStor0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\IPMULTICAST"
.\debug.cpp(400) : Destination "\Device\IPMULTICAST"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{8E422C4C-3C79-434C-B641-4115CA228EE9}"
.\debug.cpp(400) : Destination "\Device\{8E422C4C-3C79-434C-B641-4115CA228EE9}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NdisWan"
.\debug.cpp(400) : Destination "\Device\NdisWan"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK2"
.\debug.cpp(400) : Destination "\Device\ParTechInc1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmLoader"
.\debug.cpp(400) : Destination "\Device\DmLoader"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Shadow"
.\debug.cpp(400) : Destination "\Device\LanmanRedirector"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{1DCEC5EC-790A-4951-AF56-31179F48FEB8}"
.\debug.cpp(400) : Destination "\Device\{1DCEC5EC-790A-4951-AF56-31179F48FEB8}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PTILINK3"
.\debug.cpp(400) : Destination "\Device\ParTechInc2"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0a5c&Pid_4503&Col01#7&56e9f90&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\000000b7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FEnteDev"
.\debug.cpp(400) : Destination "\Device\FNT0"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{61B13CF8-7B5B-4B13-A793-02C4C432DE36}"
.\debug.cpp(400) : Destination "\Device\{61B13CF8-7B5B-4B13-A793-02C4C432DE36}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#ESET_EPFWNDISMP#0005#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\0000000f"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FltMgr"
.\debug.cpp(400) : Destination "\FileSystem\Filters\FltMgr"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\FtControl"
.\debug.cpp(400) : Destination "\Device\FtControl"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\C:"
.\debug.cpp(400) : Destination "\Device\HarddiskVolume3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0458&Pid_0087&Col02#6&1774371b&0&0001#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\000000b3"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\MAILSLOT"
.\debug.cpp(400) : Destination "\Device\MailSlot"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\gMouUsb"
.\debug.cpp(400) : Destination "\Device\gMouUsb"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Epfwtdi"
.\debug.cpp(400) : Destination "\Device\Epfwtdi"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\AUX"
.\debug.cpp(400) : Destination "\DosDevices\COM1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{08C24E0F-50F3-40A8-9013-C48F825A2474}"
.\debug.cpp(400) : Destination "\Device\{08C24E0F-50F3-40A8-9013-C48F825A2474}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{5919EFF8-B75F-4BEB-AF70-E3B075EA6A12}"
.\debug.cpp(400) : Destination "\Device\{5919EFF8-B75F-4BEB-AF70-E3B075EA6A12}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{ba0afe40-6d0a-4d2c-954f-6f7b82187a14}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HDAUDIO#FUNC_01&VEN_8384&DEV_7616&SUBSYS_1028022E&REV_1004#4&1ec92b6d&0&0201#{f6c58c1f-7d44-4dd1-b240-dee24d44fd91}"
.\debug.cpp(400) : Destination "\Device\000000a1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#ROOT_HUB#4&1420907a&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"
.\debug.cpp(400) : Destination "\Device\USBPDO-1"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{DBCB2566-1CEC-4416-86AC-31ABE0DEFF8A}"
.\debug.cpp(400) : Destination "\Device\{DBCB2566-1CEC-4416-86AC-31ABE0DEFF8A}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\V1394#NIC1394#19267070484fc000#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000085"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0a5c&Pid_4503&Col02#7&56e9f90&0&0001#{4d1e55b2-f16f-11cf-88cb-001111000030}"
.\debug.cpp(400) : Destination "\Device\000000b8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\GLOBALROOT"
.\debug.cpp(400) : Destination ""
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\NUL"
.\debug.cpp(400) : Destination "\Device\Null"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Ndisuio"
.\debug.cpp(400) : Destination "\Device\Ndisuio"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HASP"
.\debug.cpp(400) : Destination "\Device\hasp"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_MOU#0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000056"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_0a5c&Pid_4502#6&52fd601&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-11"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\VBoxDrv"
.\debug.cpp(400) : Destination "\Device\VBoxDrv"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{B4860E2F-FF6A-4DF4-96A8-F4E979B23BFB}"
.\debug.cpp(400) : Destination "\Device\{B4860E2F-FF6A-4DF4-96A8-F4E979B23BFB}"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\PCI#VEN_8086&DEV_283A&SUBSYS_022E1028&REV_02#3&61aaa01&0&D7#{3abf6f2d-71c4-462a-8a92-1e6861e6af27}"
.\debug.cpp(400) : Destination "\Device\NTPNP_PCI0004"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\{95C7A0A0-3094-11D7-A202-00508B9D7D5A}#BTAUDIO#1&30ee4ad&0&1000000030000#{65e8773e-8f56-11d0-a3b9-00a0c9223196}"
.\debug.cpp(400) : Destination "\Device\00000097"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#RDP_KBD#0000#{884b96c3-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\00000055"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\12762681"
.\debug.cpp(400) : Destination "\Device\12762681"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\HID#Vid_0a5c&Pid_4503&Col01#7&56e9f90&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}"
.\debug.cpp(400) : Destination "\Device\000000b7"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\USB#Vid_0458&Pid_0087#5&3a0d7845&0&1#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
.\debug.cpp(400) : Destination "\Device\USBPDO-8"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\Root#CNTX_VPCNETS2_MP#0003#{ad498944-762f-11d0-8dcb-00c04fc3358c}"
.\debug.cpp(400) : Destination "\Device\00000006"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\12762682"
.\debug.cpp(400) : Destination "\Device\12762682"
.\debug.cpp(409) : --
.\debug.cpp(369) : SymbolicLink "\GLOBAL??\DmInfo"
.\debug.cpp(400) : Destination "\Device\DmControl\DmInfo"
.\debug.cpp(409) : --
.\debug.cpp(453) : **********************************************
.\boot_cleaner.cpp(565) : System volume is \\.\C:
.\boot_cleaner.cpp(600) : \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000002`87e00000
.\boot_cleaner.cpp(276) : Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd
.\boot_cleaner.cpp(1060) :
.\boot_cleaner.cpp(1061) : Size Device Name MBR Status
.\boot_cleaner.cpp(1062) : --------------------------------------------
.\boot_cleaner.cpp(1106) : 298 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)
.\boot_cleaner.cpp(1112) :
.\boot_cleaner.cpp(1151) : Done;
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#41 Příspěvek od AndySue »

A ještě něco - Po restartu mi XP zahlásili, že požadují další restart z důvodu instalace nových zařízení či co.

Je to normální a mám znova restartovat?
Nahoru
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: Zřejmě zasifleno

#42 Příspěvek od cernohous13 »

Udělej novou kontrolu ComboFix-em a log dej sem.

Restartovat můžeš potom
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#43 Příspěvek od AndySue »

ComboFix 11-04-26.03 - Ondra 27.04.2011 14:49:57.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.2020 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ondra\Plocha\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-27 do 2011-04-27 )))))))))))))))))))))))))))))))
.
.
2011-04-23 19:46 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\12762682.sys
2011-04-23 19:46 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\12762681.sys
2011-04-22 11:18 . 2011-03-18 17:55 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-04-22 11:18 . 2011-03-18 17:55 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-04-22 11:18 . 2011-03-18 17:55 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-04-22 11:18 . 2011-03-18 17:55 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-04-22 11:18 . 2011-03-18 17:55 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-04-22 11:18 . 2011-03-18 17:55 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-04-22 11:18 . 2011-03-18 17:55 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-04-22 11:18 . 2011-03-18 17:55 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-04-21 09:48 . 2011-04-21 09:48 -------- d-----w- C:\found.000
2011-04-20 15:00 . 2011-04-20 15:05 -------- d-----w- C:\inst
2011-04-20 14:49 . 2011-04-20 14:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-04-20 14:49 . 2011-04-20 14:52 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-16 12:14 . 2011-04-17 18:58 -------- d-----w- c:\documents and settings\Ondra\.freemind
2011-04-16 12:14 . 2011-04-16 12:14 -------- d-----w- c:\program files\FreeMind
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-04-04 22:30 . 2011-04-11 17:20 -------- d-----w- c:\program files\Defraggler
2011-04-04 10:39 . 2011-04-04 10:39 -------- d-----w- c:\documents and settings\Ondra\Data aplikací\Foxit Software
2011-04-04 09:14 . 2011-04-04 09:14 75208 ----a-w- c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
2011-04-04 08:35 . 2011-04-04 08:35 -------- d-----w- C:\_OTM
2011-04-02 16:23 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-02 16:23 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-02 16:23 . 2011-04-02 16:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-02 10:04 . 2010-09-29 15:13 24064 ----a-w- c:\windows\system32\drivers\motmodem.sys
2011-04-02 10:04 . 2010-12-03 12:03 20352 ----a-w- c:\windows\system32\drivers\motccgp.sys
2011-04-02 10:04 . 2009-01-29 14:18 8320 ----a-w- c:\windows\system32\drivers\motccgpfl.sys
2011-04-02 10:04 . 2007-11-02 12:51 6400 ----a-w- c:\windows\system32\drivers\motswch.sys
2011-04-02 10:04 . 2009-12-21 11:42 15616 ----a-w- c:\windows\system32\mot_ci.dll
2011-04-02 10:04 . 2009-05-08 08:56 42752 ----a-w- c:\windows\system32\drivers\motodrv.sys
2011-04-02 10:04 . 2011-04-02 10:04 -------- d-----w- c:\program files\Common Files\Motorola Shared
2011-04-02 10:04 . 2011-04-02 10:15 -------- d-----w- c:\program files\Motorola
2011-04-01 07:29 . 2011-04-01 07:29 -------- d-----w- C:\spoolerlogs
2011-03-30 17:57 . 2011-04-01 21:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\lDi28604gNpNk28604
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-24 21:00 . 2011-03-24 21:00 304640 ----a-w- c:\windows\system32\hlvdd.dll
2011-03-24 21:00 . 2011-03-24 21:00 6656 ----a-w- c:\windows\system32\haspvdd.dll
2011-03-24 21:00 . 2011-03-24 21:00 47616 ----a-w- c:\windows\system32\drivers\Haspnt.sys
2011-03-07 05:33 . 2008-12-09 20:51 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2004-08-18 11:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2004-08-18 11:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:08 . 2004-08-18 11:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 2004-08-18 11:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:08 . 2004-08-18 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2004-08-18 11:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2004-08-18 11:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-08-18 11:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2004-08-18 11:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2004-08-18 11:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-18 11:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2004-08-18 11:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2004-08-18 11:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58 . 2008-12-09 20:50 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-03-18 17:55 . 2011-04-22 11:18 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-04-15_20.29.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-10 21:03 . 2011-01-10 21:03 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_189d6662\vcomp.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80KOR.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80JPN.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ITA.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHT.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHS.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80FRA.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ESP.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ENU.dll
+ 2011-01-10 20:32 . 2011-01-10 20:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80DEU.dll
+ 2011-01-11 02:05 . 2011-01-11 02:05 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80u.dll
+ 2011-01-11 02:23 . 2011-01-11 02:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80.dll
+ 2011-01-10 19:21 . 2011-01-10 19:21 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_7837863c\ATL80.dll
+ 2011-04-27 11:28 . 2011-04-27 11:28 16384 c:\windows\temp\Perflib_Perfdata_678.dat
+ 2004-08-18 11:00 . 2011-04-17 18:04 69164 c:\windows\system32\perfc009.dat
- 2004-08-18 11:00 . 2011-04-04 08:35 69164 c:\windows\system32\perfc009.dat
+ 2004-08-18 11:00 . 2011-04-17 18:04 80156 c:\windows\system32\perfc005.dat
- 2004-08-18 11:00 . 2011-04-04 08:35 80156 c:\windows\system32\perfc005.dat
+ 2004-08-18 11:00 . 2011-02-22 23:08 66560 c:\windows\system32\mshtmled.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 66560 c:\windows\system32\mshtmled.dll
- 2007-08-13 17:54 . 2010-12-20 23:52 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:54 . 2011-02-22 23:08 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 25600 c:\windows\system32\jsproxy.dll
+ 2010-08-03 10:28 . 2010-08-03 10:28 55256 c:\windows\system32\drivers\epfwtdi.sys
+ 2010-12-21 11:47 . 2010-12-21 11:47 33120 c:\windows\system32\drivers\epfwndis.sys
- 2009-06-10 17:35 . 2010-12-20 23:52 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-06-10 17:35 . 2011-02-22 23:08 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2008-12-18 19:11 . 2010-12-20 23:52 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-12-18 19:11 . 2011-02-22 23:08 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-04-06 09:20 . 2011-04-25 18:38 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2011-04-06 09:20 . 2011-04-14 09:46 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-12-09 20:57 . 2011-04-14 09:46 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-09 20:57 . 2011-04-25 18:38 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-04-20 07:46 . 2011-04-25 18:38 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-02-13 14:56 . 2011-04-14 09:46 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-04-20 15:07 . 2011-04-20 15:07 97384 c:\windows\Installer\{F1E1BA46-6167-4A33-95F0-A4A4475DC499}\egui.exe
+ 2011-04-20 15:07 . 2011-04-20 15:07 10134 c:\windows\Installer\{F1E1BA46-6167-4A33-95F0-A4A4475DC499}\callmsi.exe
- 2009-04-19 20:23 . 2010-12-19 19:04 35088 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-04-19 20:23 . 2011-04-17 18:00 35088 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-04-19 20:23 . 2010-12-19 19:04 18704 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-04-19 20:23 . 2011-04-17 18:00 18704 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-04-19 20:23 . 2010-12-19 19:04 20240 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-04-19 20:23 . 2011-04-17 18:00 20240 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-06-06 18:00 . 2011-04-21 09:23 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-06 18:00 . 2011-02-20 19:28 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
+ 2011-04-17 18:47 . 2011-04-17 18:47 98816 c:\windows\assembly\NativeImages_v2.0.50727_32\VSLangProj\64a1f75e367236147119cf83e62922de\VSLangProj.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c\UIAutomationProvider.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d\System.Windows.Presentation.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852\System.Web.DynamicData.Design.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d\System.AddIn.Contract.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\71dcc547ae50add5362ad99644336b29\stdole.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\SldServiceClients\8fc569144f1a91ab1c138a9d7b179587\SldServiceClients.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\SldService\11dbbc019041914b5bc18d2b389cbf8c\SldService.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 40960 c:\windows\assembly\NativeImages_v2.0.50727_32\SldJobs\3d35f1ee3d3810d9e61571d58efd61e7\SldJobs.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 76288 c:\windows\assembly\NativeImages_v2.0.50727_32\SketchWPF\c8f3c8df45277ca1ba070c18254a52fe\SketchWPF.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 45568 c:\windows\assembly\NativeImages_v2.0.50727_32\SketchUI\e3d84537a91c212c117f8ee231b1354e\SketchUI.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 22528 c:\windows\assembly\NativeImages_v2.0.50727_32\SketchOperation\cb3851e547efb52f495f633870fd16a4\SketchOperation.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 62464 c:\windows\assembly\NativeImages_v2.0.50727_32\SheetMetalWPF\af08fb8e1261473e1f9a07f3b47f55c3\SheetMetalWPF.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 77312 c:\windows\assembly\NativeImages_v2.0.50727_32\SheetMetalUi\b667e99c3f10cfd92080d441e50ed39a\SheetMetalUi.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\SheetMetalOperation\643233732cce3daa42ed59a0c1c49e3f\SheetMetalOperation.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 68608 c:\windows\assembly\NativeImages_v2.0.50727_32\RefPlaneWPF\66e3cbad83af4bda3f85601364ad9335\RefPlaneWPF.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 74240 c:\windows\assembly\NativeImages_v2.0.50727_32\RefGeomUI\c5515328d32dc044f3c1c51978973da3\RefGeomUI.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\RefGeomOperation\79112028ada8b470603ca9a25bbcb446\RefGeomOperation.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c\PresentationFontCache.ni.exe
+ 2011-04-17 18:05 . 2011-04-17 18:05 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650\PresentationCFFRasterizer.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 38912 c:\windows\assembly\NativeImages_v2.0.50727_32\OperationBase\acea3c7cca8e773f31a265e78f8635d4\OperationBase.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Microsoft.Vsa.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 22016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1ffac374c7b0714eb3df4f5986f258d3\Microsoft.VisualStudio.Designer.Interfaces.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\61ae638a8173b053fc3e6dde41df25a3\Microsoft.VisualC.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\65f0e57dabf2c0b120561f89158f08fc\Microsoft.SqlServer.CustomControls.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24\Microsoft.Build.Framework.ni.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc\Microsoft.Build.Framework.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Manipulator\b11fc40ef2420880f5f0ba58d8e8dbb0\Manipulator.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 78336 c:\windows\assembly\NativeImages_v2.0.50727_32\FeatureWPF\5b348ce1ab37b3c7be6e2b02d0a8c1d3\FeatureWPF.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 51712 c:\windows\assembly\NativeImages_v2.0.50727_32\FeatureUI\a5d3da98f019359fdf74906214f9c8e0\FeatureUI.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 20480 c:\windows\assembly\NativeImages_v2.0.50727_32\FeatureOperation\49d058c381c6c144c64528281d83e48f\FeatureOperation.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 31744 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvironmentWPF\4d75342b04b32fff1058fe8fb3dda38e\EnvironmentWPF.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 22528 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvironmentUI\32f865bfce662bacc3325bed47aa7698\EnvironmentUI.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvironmentOperation\d8ef94d3252e961f58dc280b9554c04c\EnvironmentOperation.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 64512 c:\windows\assembly\NativeImages_v2.0.50727_32\environmentcplu\301003ed0335a6b290646476d29ccc4e\environmentcplu.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 29696 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvironmentCore\ccb66f09a84e53d36184811adf51c8a3\EnvironmentCore.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\eDrawingsGraphicsCa#\e60ce47c03966c48f43cdf4c8e56c30c\eDrawingsGraphicsCardClient.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\DveSupport\928ae5253b6fde0a56a47fb6eba864ab\DveSupport.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-04-17 18:43 . 2011-04-17 18:43 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\DebugControls\129786868b37cd9902bb8872182cd2e4\DebugControls.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 40448 c:\windows\assembly\NativeImages_v2.0.50727_32\CoreInterface\1019f0989b2c48e3085cbab83404f1d0\CoreInterface.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\ContentWPF\884044354a5bae19f1a8b865defa3538\ContentWPF.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\ContentUI\9909e7fe2b48a04ca939d815e46c393e\ContentUI.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 18432 c:\windows\assembly\NativeImages_v2.0.50727_32\ContentOperation\8b098d39c9f8e9c51aca1c8425e6522e\ContentOperation.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 72192 c:\windows\assembly\NativeImages_v2.0.50727_32\clrloadu\18a1cd4178662a3f0b5aba8e57e1c28c\clrloadu.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 40448 c:\windows\assembly\NativeImages_v2.0.50727_32\asmfeaturewpf\f140f88d6d6491443c0fc16dec09fbcc\asmfeaturewpf.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 27648 c:\windows\assembly\NativeImages_v2.0.50727_32\asmfeatureui\00e6035a4184f829fd5e37e06f722468\asmfeatureui.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\AsmFeatureOperation\f9f4c2b4f22a9472e15e251f4e26f599\AsmFeatureOperation.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 20992 c:\windows\assembly\NativeImages_v2.0.50727_32\AnnotationUI\eb19f29d67c84f2c4a038ca850854e93\AnnotationUI.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\AnnotationOperation\e2d73caadd5fdd55ebb1439a2afb673f\AnnotationOperation.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-01-11 02:27 . 2011-01-11 02:27 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll
+ 2011-01-11 02:24 . 2011-01-11 02:24 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcp80.dll
+ 2011-01-11 02:08 . 2011-01-11 02:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcm80.dll
- 2004-08-18 11:00 . 2011-04-04 08:35 436268 c:\windows\system32\perfh009.dat
+ 2004-08-18 11:00 . 2011-04-17 18:04 436268 c:\windows\system32\perfh009.dat
- 2004-08-18 11:00 . 2011-04-04 08:35 434192 c:\windows\system32\perfh005.dat
+ 2004-08-18 11:00 . 2011-04-17 18:04 434192 c:\windows\system32\perfh005.dat
+ 2004-08-18 11:00 . 2011-02-22 23:08 206848 c:\windows\system32\occache.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 206848 c:\windows\system32\occache.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 611840 c:\windows\system32\mstime.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 611840 c:\windows\system32\mstime.dll
- 2007-08-13 17:54 . 2010-12-20 23:52 602112 c:\windows\system32\msfeeds.dll
+ 2007-08-13 17:54 . 2011-02-22 23:08 602112 c:\windows\system32\msfeeds.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 184320 c:\windows\system32\iepeers.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 184320 c:\windows\system32\iepeers.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-18 11:00 . 2011-02-18 11:50 173568 c:\windows\system32\ie4uinit.exe
- 2004-08-18 11:00 . 2010-12-20 12:55 173568 c:\windows\system32\ie4uinit.exe
- 2008-12-09 21:43 . 2011-04-15 16:53 393872 c:\windows\system32\FNTCACHE.DAT
+ 2008-12-09 21:43 . 2011-04-17 19:15 393872 c:\windows\system32\FNTCACHE.DAT
+ 2010-12-21 11:47 . 2010-12-21 11:47 134000 c:\windows\system32\drivers\epfw.sys
+ 2010-07-29 11:31 . 2010-12-21 13:04 115008 c:\windows\system32\drivers\ehdrv.sys
+ 2010-08-04 09:50 . 2010-12-21 13:04 141264 c:\windows\system32\drivers\eamon.sys
- 2004-08-18 11:00 . 2010-12-20 23:52 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 611840 c:\windows\system32\dllcache\mstime.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-12-18 19:11 . 2011-02-22 23:08 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2008-12-18 19:11 . 2010-12-20 23:52 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-11 13:20 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2008-12-11 13:20 . 2010-06-09 07:45 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-06-10 17:35 . 2011-02-22 23:08 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-06-10 17:35 . 2010-12-20 23:52 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-10 10:41 . 2010-12-20 23:52 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-10 10:41 . 2011-02-22 23:08 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-18 11:00 . 2010-12-20 12:55 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-18 11:00 . 2011-02-18 11:50 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 459264 c:\windows\Installer\a71ab31.msi
+ 2011-04-20 15:07 . 2011-04-20 15:07 977920 c:\windows\Installer\1b5ed05.msi
+ 2009-04-19 20:23 . 2011-04-17 18:00 239376 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\pj11icon.exe
- 2009-04-19 20:23 . 2010-12-19 19:04 239376 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\pj11icon.exe
+ 2009-04-19 20:23 . 2011-04-17 18:00 217864 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\misc.exe
- 2009-04-19 20:23 . 2010-12-19 19:04 217864 c:\windows\Installer\{91120000-003B-0000-0000-0000000FF1CE}\misc.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-04-17 18:05 . 2010-12-20 23:52 916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
+ 2011-04-17 18:05 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
+ 2011-04-17 18:05 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
+ 2011-04-17 18:05 . 2010-12-20 23:52 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
+ 2011-04-17 18:05 . 2010-12-20 12:55 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
+ 2011-04-17 18:45 . 2011-04-17 18:45 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\95de80b860252231b46014f58226e473\WsatConfig.ni.exe
+ 2011-04-17 18:43 . 2011-04-17 18:43 213504 c:\windows\assembly\NativeImages_v2.0.50727_32\wpfsupport\955084b85a251ff721ff74ab81b3f31b\wpfsupport.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 460288 c:\windows\assembly\NativeImages_v2.0.50727_32\WPFRes\54c9292826070de8c0d42e296a5b6ddf\WPFRes.ni.dll
+ 2011-04-17 18:09 . 2011-04-17 18:09 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\715710f5a31a494ed5c0ec0874dafe3e\WindowsFormsIntegration.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\UiBase\d2d1fa15f6f6e7dfeb8f3dd7388ecb98\UiBase.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\017be0e6c5f1810f15a696157cd5e2c2\UIAutomationTypes.ni.dll
+ 2011-04-17 18:09 . 2011-04-17 18:09 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bec5b0a93df12eb26c02c877a4eae678\UIAutomationClient.ni.dll
+ 2011-04-17 18:47 . 2011-04-17 18:47 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3d8f787002439f4942c33f376cfd8555\System.Xml.Linq.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4b746fea8062a10ccc6e5331914e7dad\System.Web.Routing.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\103956fdb019bce8a173fe9cb9da3e02\System.Web.RegularExpressions.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c0a156fbf46ad272ac262e45eaa998f4\System.Web.Extensions.Design.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e3651e13567ce4e3fa7bb2fbab737d9a\System.Web.Entity.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\834d7769f39e4d937eda1ad3707d4716\System.Web.Entity.Design.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\032c96c6206b53bca122d1fbaf5f8ca2\System.Web.DynamicData.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6ce0e4fb33afcfcce43c427e82b987db\System.Web.Abstractions.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\990d96810a21e0fa95f916ffc66f3a94\System.Transactions.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e0d56c0582316e9ecb4c18186e37217c\System.ServiceProcess.ni.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\9e91cca51a5ed6fb13b67558109d2726\System.Security.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1d03df7f7548613e8beab2cc21e57910\System.Runtime.Remoting.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\6194eb4bc1e0133d0183d086b747f512\System.Net.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\fd6bd402916af28b2c2fa49ebb8a76d1\System.Messaging.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d6ae8171ae6fd4fe83add34e6d70e5b5\System.Management.Instrumentation.ni.dll
+ 2011-04-17 18:42 . 2011-04-17 18:42 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\abd5a61d39e474f12b30ccbbe6277667\System.IO.Log.ni.dll
+ 2011-04-17 18:42 . 2011-04-17 18:42 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\12c4dba6d4ff0278d208c283d9ed7670\System.IdentityModel.Selectors.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.Wrapper.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e6b7128278d8c0e8382a5685f5b196c6\System.Drawing.Design.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ef56bf47fc2fc4204e0fcc1f32bab01\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\447d7b4a7d0add13f8d2086088bcc41c\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ce2afe8854ee9cdc834b6f392348c882\System.Data.Services.Design.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\03d4658290e300e437e745ef4a613b59\System.Data.Services.Client.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\7ce21a2855bb7731de4dab797e69f3f6\System.Data.Entity.Design.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ea57694aea47c05853516c9bb2ad54b4\System.Data.DataSetExtensions.ni.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f312bb844670ebc7458fec9e6b2568b3\System.Configuration.Install.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\afd9595f07a8c68b26e81cf995957f56\System.AddIn.ni.dll
+ 2011-04-17 18:09 . 2011-04-17 18:09 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\2b73a63d3b6e331db1224173b25f9148\sysglobl.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3a42b2fbafe93d7b9395e328bea35afa\SMSvcHost.ni.exe
+ 2011-04-17 18:43 . 2011-04-17 18:43 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\97ff96d3fc8d0b10ea294f320acf821e\SMDiagnostics.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 392192 c:\windows\assembly\NativeImages_v2.0.50727_32\Sketchcplu\bc37524457385a17d34497cb60ae84c7\Sketchcplu.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 250880 c:\windows\assembly\NativeImages_v2.0.50727_32\sheetmetalcplu\67eecaea3f3eba9c6b66aad5e14ae7db\sheetmetalcplu.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\28ed0e9efd938b05b4f53e0d90046701\ServiceModelReg.ni.exe
+ 2011-04-17 18:44 . 2011-04-17 18:44 146944 c:\windows\assembly\NativeImages_v2.0.50727_32\refgeomcplu\6a020620317da903c751dc7a422bf85f\refgeomcplu.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ffe13679e6b3e36e5cb6c47f8c4faf9c\PresentationFramework.Aero.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbb40299379f2009c140ddadb04231b4\PresentationFramework.Classic.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a34cd33cec1bdfebe4a3910bceb8723b\PresentationFramework.Royale.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 963072 c:\windows\assembly\NativeImages_v2.0.50727_32\office\d010530d7d3c45e8a574dccad3ca1af5\office.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5670e74887ef1025c6a8c056ffe86b38\MSBuild.ni.exe
+ 2011-04-17 18:45 . 2011-04-17 18:45 819712 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\fb643a430742040450fe892abf2d28a9\Microsoft.VisualStudio.Windows.Forms.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 664576 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e6543c61cd8d626967be0e678763a877\Microsoft.VisualStudio.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 823808 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d2d0ad74210afb3a6827f422519105b5\Microsoft.VisualStudio.Shell.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 306176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ba4a0cbd6ab504517c043b394fcfd31c\Microsoft.VisualStudio.OLE.Interop.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 369664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6f1ce46b0c51528c7685bffb2b96b07c\Microsoft.VisualStudio.Shell.Interop.8.0.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 220160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\28207c2b86c54813ebf73587e3b946dd\Microsoft.VisualStudio.Configuration.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 595968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\245d1433288b22e209363c66c77f0ff4\Microsoft.VisualStudio.Shell.Design.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vbe.Inter#\9e686be570a8d8bf6f81551bdc320942\Microsoft.Vbe.Interop.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\653732002ebf5c68f69150a60e145e6a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 989184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\634d70969cb6132322c9eae493fd60a8\Microsoft.SqlServer.WizardFrameworkLite.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 530432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1b63d758eda13fdad8f0a603767c158a\Microsoft.SqlServer.GridControl.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\105292a8c8e6fae0346d5de4767295ee\Microsoft.SqlServer.Setup.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 231936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.NetEnterp#\6ae02ddc74370818d5b1e342ec3c189e\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cc62770393640302bd4d7e442b1e49a4\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\352bff1ee71ce114e225f849038dc48d\Microsoft.Build.Utilities.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\7345f4d2d7157bf49de4158e8f2b6847\Microsoft.Build.Engine.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d7dba901ddd410ca1a0156d0f2a27533\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 171520 c:\windows\assembly\NativeImages_v2.0.50727_32\featurecplu\727302f4ea54d1bf629ce500b646b19d\featurecplu.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 276480 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE80\2fd27df2eafd9a7b05d716033fad2159\EnvDTE80.ni.dll
+ 2011-04-17 18:42 . 2011-04-17 18:42 573440 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE\082be188009bfb69a39e7341caa42bbb\EnvDTE.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\010552e529d130ce914765b0801e2367\CustomMarshalers.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 836096 c:\windows\assembly\NativeImages_v2.0.50727_32\couplingBase\cbb888189c89eb8f447ca6f8f59bba81\couplingBase.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 441344 c:\windows\assembly\NativeImages_v2.0.50727_32\Controls\08cd9ad50d9d23f815a16714fba512ff\Controls.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 325120 c:\windows\assembly\NativeImages_v2.0.50727_32\contentcplu\7ad7217439434894f4351e428ef90a19\contentcplu.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\ContentBase\fc60530aab963c8cab975e12ac9900e9\ContentBase.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\6861f639b13967e9b014b44bbb7c5d4c\ComSvcConfig.ni.exe
+ 2011-04-17 18:43 . 2011-04-17 18:43 154112 c:\windows\assembly\NativeImages_v2.0.50727_32\CmdInterface\22903f9c1516ae8b5387647c2646d26a\CmdInterface.ni.dll
+ 2011-04-17 18:42 . 2011-04-17 18:42 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\800da7dec567fadf3392091e9f01ecb9\AspNetMMCExt.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 332800 c:\windows\assembly\NativeImages_v2.0.50727_32\asmfeaturecplu\c34e770c3ecdf3d2c93051bd1e03b987\asmfeaturecplu.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 784384 c:\windows\assembly\NativeImages_v2.0.50727_32\apicoupleru\cba49ba4f0f0e43626bbd34becef73e7\apicoupleru.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 163328 c:\windows\assembly\NativeImages_v2.0.50727_32\AnnotationWPF\a7faa634d774860f67744e2d6a544bb3\AnnotationWPF.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 200704 c:\windows\assembly\NativeImages_v2.0.50727_32\annotationcplu\92cebde1ba7e62b9861a1ef0655ff89f\annotationcplu.ni.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-04-13 12:55 . 2010-10-23 00:47 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2011-01-10 20:50 . 2011-01-10 20:50 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80u.dll
+ 2011-01-10 20:50 . 2011-01-10 20:50 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80.dll
- 2004-08-18 11:00 . 2010-12-20 23:52 1210880 c:\windows\system32\urlmon.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 1210880 c:\windows\system32\urlmon.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 5962240 c:\windows\system32\mshtml.dll
+ 2007-08-13 17:34 . 2011-02-22 23:08 1991680 c:\windows\system32\iertutil.dll
- 2007-08-13 17:34 . 2010-12-20 23:52 1991680 c:\windows\system32\iertutil.dll
+ 2008-12-11 13:21 . 2011-03-03 13:53 1857920 c:\windows\system32\dllcache\win32k.sys
- 2004-08-18 11:00 . 2010-12-20 23:52 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-18 11:00 . 2011-02-22 23:08 5962240 c:\windows\system32\dllcache\mshtml.dll
- 2008-12-18 19:11 . 2010-12-20 23:52 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2008-12-18 19:11 . 2011-02-22 23:08 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 5813072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-03-17 18:05 . 2011-03-17 18:05 4989440 c:\windows\Installer\a71ab5e.msp
+ 2011-01-11 15:49 . 2011-01-11 15:49 9003008 c:\windows\Installer\a71ab47.msp
+ 2010-11-20 21:32 . 2010-11-20 21:32 4165120 c:\windows\Installer\a71ab29.msp
+ 2011-04-14 14:46 . 2011-04-14 14:46 3854848 c:\windows\Installer\3fa489d.msp
- 2009-04-16 22:06 . 2011-04-15 14:51 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-04-16 22:06 . 2011-04-17 18:07 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2009-04-16 22:06 . 2011-04-15 14:51 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-04-17 18:05 . 2010-12-20 23:52 1210880 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 5961216 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
+ 2011-04-17 18:05 . 2010-12-20 23:52 1991680 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll
+ 2011-04-17 18:09 . 2011-04-17 18:09 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9e022c95e79f2b6f383a501ad99f08a9\UIAutomationClientsideProviders.ni.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
+ 2011-04-17 18:47 . 2011-04-17 18:47 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6346221cecf631e5c0b754d842aad102\System.WorkflowServices.ni.dll
+ 2011-04-17 18:47 . 2011-04-17 18:47 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\1fbcd203ff8d77d561df8bf806417ab6\System.Workflow.Runtime.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\efbaf3696c44fd7d4b3cd925e0437b36\System.Workflow.ComponentModel.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\52a9bc5dd1fa497af7c7f4600bd8e6d1\System.Workflow.Activities.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\92d6b75e3b63b528d4069bf4ee01983a\System.Web.Mobile.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\02d53154634c8000382942e0f43ead41\System.Web.Extensions.ni.dll
+ 2011-04-17 18:09 . 2011-04-17 18:09 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\dd128c8e21e7fa14c12b71df9892d046\System.Speech.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8b0bb430bb6af96c18b43e3c54cfafe8\System.ServiceModel.Web.ni.dll
+ 2011-04-17 18:42 . 2011-04-17 18:42 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\85a7a7aace114e78fc6c9b219bcd5551\System.Printing.ni.dll
+ 2011-04-17 18:42 . 2011-04-17 18:42 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\86c59378e9a43bf101a10ad452a4bb8e\System.IdentityModel.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c05d9332116964104c721e97f7ce1058\System.DirectoryServices.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0118c0c73ea5c77bda7b10b188102ab6\System.Deployment.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\1337829e3df6888464a17aab78bb9b8f\System.Data.ni.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ba3ca7a93e227c32ce7b50d0a7ba935f\System.Data.SqlXml.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de52be5da96059651b5bec800cb4605\System.Data.Services.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\5018d7d39ee99a18c2c17d68837a7a6d\System.Data.OracleClient.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\11f1306e0e311a0d0cbd139fb2fa4c36\System.Data.Linq.ni.dll
+ 2011-04-17 18:46 . 2011-04-17 18:46 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c91e83e85c030bc914ecc302fa9b2c60\System.Data.Entity.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 4286976 c:\windows\assembly\NativeImages_v2.0.50727_32\sldcoreu\84989a331f73837288e5a65abc432b29\sldcoreu.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\12efddabe6fe35be21246c88ed9bf8ab\ReachFramework.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 1329664 c:\windows\assembly\NativeImages_v2.0.50727_32\propertiesManagerWPF\a05cc528cda48e4aca25d8d571f45e5c\propertiesManagerWPF.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\257c9327ba9cc5cd87f58de224aa2e0d\PresentationUI.ni.dll
+ 2011-04-17 18:05 . 2011-04-17 18:05 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b117bf63daa7e587f1bb2d975dccb4af\PresentationBuildTasks.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 3929600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c82f6d734e2500ebf874c34778724293\Microsoft.VisualStudio.Editors.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 1116160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b5840fc78f81ed8267cd72b87c739051\Microsoft.VisualStudio.Design.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 1831936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1ac10f575ffbba04bcc14a37c2f29723\Microsoft.VisualStudio.CommonIDE.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\269103939243ec6929739c8b9a645c0d\Microsoft.VisualBasic.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\bf7bd26d2828e35156814018939ce4f6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-04-17 18:44 . 2011-04-17 18:44 2926592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\f1d324dcaf90ad6ea19b09a5893559ca\Microsoft.Office.Interop.Excel.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\6594c17d7e112b0507b701d5b8a67bba\Microsoft.JScript.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f5eb1e42ccd0f67f7496b94a31949cd0\Microsoft.Build.Tasks.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cc7f05675a5cd8014222be1483d6beaf\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-04-17 18:45 . 2011-04-17 18:45 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\41cf95aa4ff5765b515d3252abc6353b\Microsoft.Build.Engine.ni.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-03 18:01 . 2010-10-03 18:01 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-04-17 18:03 . 2011-04-17 18:03 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-10-03 18:02 . 2011-04-17 18:03 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-10-03 18:02 . 2010-10-03 18:02 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2007-08-13 17:54 . 2011-02-22 23:08 11080704 c:\windows\system32\ieframe.dll
- 2007-08-13 17:54 . 2010-12-20 10:52 11080704 c:\windows\system32\ieframe.dll
+ 2008-12-18 19:11 . 2011-02-22 23:08 11080704 c:\windows\system32\dllcache\ieframe.dll
- 2008-12-18 19:11 . 2010-12-20 10:52 11080704 c:\windows\system32\dllcache\ieframe.dll
+ 2011-02-11 18:47 . 2011-02-11 18:47 12028928 c:\windows\Installer\a71ab11.msp
+ 2011-04-21 09:23 . 2011-04-21 09:23 20314624 c:\windows\Installer\5a2137c.msp
+ 2011-04-17 18:05 . 2010-12-20 10:52 11080704 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll
+ 2011-04-17 18:43 . 2011-04-17 18:43 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b5f24d96334ea08b99350421450d3ba4\System.ServiceModel.ni.dll
+ 2011-04-17 18:08 . 2011-04-17 18:08 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\5aeadb9ff9a86f49130de5976a9f1744\System.Design.ni.dll
+ 2011-04-17 18:07 . 2011-04-17 18:07 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll
+ 2011-04-17 18:06 . 2011-04-17 18:06 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll
+ 2011-04-17 18:04 . 2011-04-17 18:04 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="c:\program files\hotkeyp\HotkeyP.exe" [2008-07-15 65536]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-20 26192680]
"Alt+S Override"="c:\program files\Alt+S Override\Alt+S Override.exe" [2009-10-08 154112]
"EasyPHP"="c:\program files\EasyPHP-5.3.1\EasyPHP-5.3.1.exe" [2010-02-15 277504]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-07 13529088]
"nwiz"="nwiz.exe" [2008-05-07 1630208]
"NVHotkey"="nvHotkey.dll" [2008-05-07 86016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-07 86016]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-07-25 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-07-25 974848]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-10-25 167936]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-10-09 2183168]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2007-01-19 61440]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-06 202256]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
.
c:\documents and settings\Ondra\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Z stupce - miranda32.exe.lnk - c:\program files\Miranda IM\miranda32.exe [2011-1-21 817760]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CLS2009.01.lnk - c:\program files\Edgecam\Cam\cls.exe [2011-3-24 782336]
.
Nahoru
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Zřejmě zasifleno

#44 Příspěvek od AndySue »

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Desktop Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Desktop Search.lnk
backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Ondra^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Ondra\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Ondra^Nabídka Start^Programy^Po spuštění^Jádro Plánovače úloh SolidWorks.lnk]
path=c:\documents and settings\Ondra\Nabídka Start\Programy\Po spuštění\Jádro Plánovače úloh SolidWorks.lnk
backup=c:\windows\pss\Jádro Plánovače úloh SolidWorks.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Ondra^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Ondra\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-09-13 10:12 139264 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mumservice]
2011-02-02 14:45 1066304 ----a-w- c:\program files\Motorola\Software Update\mumservice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartSync - ScheduleSync]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2008-04-04 10:38 88584 ----a-w- c:\program files\Logitech\Gaming Software\LWEMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-06 13:37 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BBDemon"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"mnmsrvc"=3 (0x3)
"ERSvc"=2 (0x2)
"TapiSrv"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\LowRateVoip\\LowRateVoip.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Python25\\pythonw.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\rFactor\\rFactor.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Motorola\\Software Update\\msu.exe"=
"c:\\Program Files\\Motorola\\Software Update\\mumapp.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"7328:TCP"= 7328:TCP:Services
"7329:TCP"= 7329:TCP:Services
"9880:TCP"= 9880:TCP:Services
"9881:TCP"= 9881:TCP:Services
"5804:TCP"= 5804:TCP:Services
"5507:TCP"= 5507:TCP:Services
"9677:TCP"= 9677:TCP:Services
"8008:TCP"= 8008:TCP:Services
"4960:TCP"= 4960:TCP:Services
"5369:TCP"= 5369:TCP:Services
"2225:TCP"= 2225:TCP:Services
"6991:TCP"= 6991:TCP:Services
"4507:TCP"= 4507:TCP:Services
"7514:TCP"= 7514:TCP:Services
"1694:TCP"= 1694:TCP:Services
"7912:TCP"= 7912:TCP:Services
"2460:TCP"= 2460:TCP:Services
"9271:TCP"= 9271:TCP:Services
"2413:TCP"= 2413:TCP:Services
"9334:TCP"= 9334:TCP:Services
"4975:TCP"= 4975:TCP:Services
"8818:TCP"= 8818:TCP:Services
"3960:TCP"= 3960:TCP:Services
"7959:TCP"= 7959:TCP:Services
"2491:TCP"= 2491:TCP:Services
"9099:TCP"= 9099:TCP:Services
"1725:TCP"= 1725:TCP:Services
"9474:TCP"= 9474:TCP:Services
"9521:TCP"= 9521:TCP:Services
"9943:TCP"= 9943:TCP:Services
"1897:TCP"= 1897:TCP:Services
"3054:TCP"= 3054:TCP:Services
"4539:TCP"= 4539:TCP:Services
"2850:TCP"= 2850:TCP:Services
"2038:TCP"= 2038:TCP:Services
"7287:TCP"= 7287:TCP:Services
"5802:TCP"= 5802:TCP:Services
"1788:TCP"= 1788:TCP:Services
"7490:TCP"= 7490:TCP:Services
"3585:TCP"= 3585:TCP:Services
"7151:TCP"= 7151:TCP:Services
"7152:TCP"= 7152:TCP:Services
"9254:TCP"= 9254:TCP:Services
"1796:TCP"= 1796:TCP:Services
"1648:TCP"= 1648:TCP:Services
"1882:TCP"= 1882:TCP:Services
.
R0 12762682;12762682 Boot Guard Driver;c:\windows\system32\drivers\12762682.sys [23.4.2011 21:46 37392]
R1 12762681;12762681;c:\windows\system32\drivers\12762681.sys [23.4.2011 21:46 128016]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 13:31 115008]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [1.11.2010 18:08 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [1.11.2010 18:08 41936]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [3.12.2010 1:48 218432]
R2 Remote Solver for Flow Simulation 2010;Remote Solver for Flow Simulation 2010;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [23.11.2009 20:48 71464]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [22.5.2009 18:47 16384]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [22.5.2009 18:47 17408]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [22.5.2009 18:47 9856]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [8.10.2010 16:57 100560]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [8.10.2010 16:57 111568]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [13.10.2006 22:53 14912]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [20.1.2010 1:59 87336]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [21.11.2010 16:11 112640]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [21.11.2010 19:43 100480]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2.4.2011 12:04 20352]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2.4.2011 12:04 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2.4.2011 12:04 42752]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [1.11.2010 18:08 31888]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [27.1.2010 12:22 11520]
S3 xcpip;Ovladač protokolu TCP/IP;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
S3 xpsec;Ovladač IPSEC;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23.9.2005 8:01 2799808]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.12.2008 19:02 721904]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1275210071-1284227242-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2011-04-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1275210071-1284227242-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2011-04-27 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2009-01-01 05:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.lide.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: {D282F74B-6F08-4903-B5C4-F39D344FDC8A} = 77.78.80.211,213.46.172.36
FF - ProfilePath - c:\documents and settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\h74hq88m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.startup.homepage - hxxp://localhost/to-do-list.php
FF - prefs.js: keyword.URL - hxxp://www.google.co.in/search?btnG=Google+Search&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-27 14:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2716)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2011-04-27 15:01:38
ComboFix-quarantined-files.txt 2011-04-27 13:01
ComboFix2.txt 2010-02-11 17:13
.
Před spuštěním: Volných bajtů: 53 555 396 608
Po spuštění: Volných bajtů: 53 880 131 584
.
- - End Of File - - CF92231574868925D4632D8702492F3A
Nahoru
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: Zřejmě zasifleno

#45 Příspěvek od cernohous13 »

Nový script pro ComboFix (postup už znáš)

Kód: Vybrat vše

KillAll::

Driver::
12762682
12762681

File::
c:\windows\system32\drivers\12762682.sys
c:\windows\system32\drivers\12762681.sys

Folder::
c:\documents and settings\All Users\Data aplikací\lDi28604gNpNk28604

Registry::
[HKLM\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"=-
"65533:TCP"=-
"52344:TCP"=-
"7328:TCP"=-
"7329:TCP"=-
"9880:TCP"=-
"9881:TCP"=-
"5804:TCP"=-
"5507:TCP"=-
"9677:TCP"=-
"8008:TCP"=-
"4960:TCP"=-
"5369:TCP"=-
"2225:TCP"=-
"6991:TCP"=-
"4507:TCP"=-
"7514:TCP"=-
"1694:TCP"=-
"7912:TCP"=-
"2460:TCP"=-
"9271:TCP"=-
"2413:TCP"=-
"9334:TCP"=-
"4975:TCP"=-
"8818:TCP"=-
"3960:TCP"=-
"7959:TCP"=-
"2491:TCP"=-
"9099:TCP"=-
"1725:TCP"=-
"9474:TCP"=-
"9521:TCP"=-
"9943:TCP"=-
"1897:TCP"=-
"3054:TCP"=-
"4539:TCP"=-
"2850:TCP"=-
"2038:TCP"=-
"7287:TCP"=-
"5802:TCP"=-
"1788:TCP"=-
"7490:TCP"=-
"3585:TCP"=-
"7151:TCP"=-
"7152:TCP"=-
"9254:TCP"=-
"1796:TCP"=-
"1648:TCP"=-
"1882:TCP"=-
:arrow: Jak se chová PC?
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“