VIRY.CZ

Dobry vecer. Prosim o radu.

Vo Win XP sa pravidelne otvara skodlivy url lkckclckl1i1i.com, co zatial vzdy zablokoval Avast antivirus. Problem tiez je, ze Windows Defender nevie stiahnut aktualizaciu. Obcas sa Otvori varovanie Avastu, ze heuristicka analyza odhalila rootkit objekt.
Dakujem a prikladam log (v prilohe aj DDS a Attach):

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-05-04 22:51:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 16 GB (21%) free of 76 GB
Total RAM: 895 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:51:34, on 4. 5. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\program files\sysinternals\diamondcs\regprot.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Servant Salamander\salamand.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\user\Plocha\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [RegProt] c:\program files\sysinternals\diamondcs\regprot.exe /start
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Cm106Sound] RunDll32 cm106.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O15 - Trusted IP range: http://87.197.159.179
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 5372 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2471605727-1364656345-2468163455-1005Core1cc04a46ca4ae42.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-14 90112]
"RegProt"=c:\program files\sysinternals\diamondcs\regprot.exe [2001-09-13 19614]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-02-23 106496]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Cm106Sound"=RunDll32 cm106.cpl,CMICtrlWnd []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2006-02-21 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2006-03-08 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Control Center]
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2005-09-13 1668096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2008-05-07 16862208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\WINDOWS\sm56hlpr.exe [2006-01-19 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-21 761945]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 2]
C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ASUS ChkMail.lnk]
C:\PROGRA~1\Asus\ASUSCH~1\ChkMail.exe [2003-09-12 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^MultiFrame.lnk]
C:\PROGRA~1\ASUS\ASUSMU~1\MULTIF~1.EXE [2006-06-01 491520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^viphone communicator.lnk]
C:\PROGRA~1\VIPHON~1\VIPHON~1.EXE [2008-03-11 1792000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"navapsvc"=2
"JavaQuickStarterService"=2
"ccSetMgr"=2
"ccProxy"=2
"ccEvtMgr"=2
"aawservice"=2
"a2free"=2
"SPBBCSvc"=3
"SNDSrvc"=3
"SBService"=2
"ccPwdSvc"=3
"ServiceLayer"=3
"SAVScan"=3
"ISSVC"=3
"idsvc"=3
"AcrSch2Svc"=2

C:\Documents and Settings\user\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-08 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=0x00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\fxsclnt.exe"="C:\WINDOWS\System32\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
"C:\INSTALL\webserver\babyweb.exe"="C:\INSTALL\webserver\babyweb.exe:*:Enabled:Baby Web Server"
"C:\install\team\TeamViewer.exe"="C:\install\team\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\JLC's Software\Internet TV\Internet TV.exe"="C:\Program Files\JLC's Software\Internet TV\Internet TV.exe:*:Disabled:Internet TV"
"C:\Program Files\viphone communicator\viphone communicator.exe"="C:\Program Files\viphone communicator\viphone communicator.exe:*:Enabled:viphone communicator"
"C:\Program Files\Java\JRE6\BIN\javaw.exe"="C:\Program Files\Java\JRE6\BIN\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\INSTALL\viphone communicator\ZOIPER\Zoiper.exe"="C:\INSTALL\viphone communicator\ZOIPER\Zoiper.exe:*:Enabled:Zoiper"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\SKFON\qtwengophone.exe"="C:\Program Files\SKFON\qtwengophone.exe:*:Enabled:WengoPhone"
"C:\Documents and Settings\USER\Local Settings\Temp\Dočasný adresár 1 pre diax0910f.zip\diax.exe"="C:\Documents and Settings\USER\Local Settings\Temp\Dočasný adresár 1 pre diax0910f.zip\diax.exe:*:Enabled:Dante's IAX Phone"
"C:\Program Files\XtremePhone\XtremePhone.exe"="C:\Program Files\XtremePhone\XtremePhone.exe:*:Enabled:IaxTeleFon 2.1"
"C:\Documents and Settings\USER\Local Settings\Temp\Dočasný adresár 2 pre diax0910f.zip\diax.exe"="C:\Documents and Settings\USER\Local Settings\Temp\Dočasný adresár 2 pre diax0910f.zip\diax.exe:*:Enabled:Dante's IAX Phone"
"C:\Program Files\VideoLAN\VLC\VLC.EXE"="C:\Program Files\VideoLAN\VLC\VLC.EXE:*:Disabled:VLC media player"
"C:\Program Files\Elnec_sw\Programmer\Pg4uwMC.exe"="C:\Program Files\Elnec_sw\Programmer\Pg4uwMC.exe:*:Enabled:Pg4uwMC"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\user\Local Settings\Temp\7zS79.tmp\SymNRT.exe"="C:\Documents and Settings\user\Local Settings\Temp\7zS79.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-05-04 22:51:25 ----D---- C:\rsit
2011-05-04 22:46:28 ----D---- C:\Program Files\Ultimate Process Manager
2011-05-04 20:20:40 ----D---- C:\Program Files\Trend Micro
2011-05-04 18:55:39 ----D---- C:\Documents and Settings\user\Data aplikací\SUPERAntiSpyware.com
2011-05-04 18:55:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-05-04 18:55:28 ----D---- C:\Program Files\SUPERAntiSpyware
2011-04-21 15:50:43 ----HD---- C:\Documents and Settings\user\Data aplikací\Microchip
2011-04-21 15:49:40 ----D---- C:\Program Files\Microchip
2011-04-16 13:03:56 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-04-16 13:03:56 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-04-16 13:03:53 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-04-16 13:03:53 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-04-16 13:03:52 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-04-16 13:03:52 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-04-16 13:03:52 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-04-16 13:03:52 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-04-16 13:03:33 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-04-16 13:03:27 ----D---- C:\Program Files\AVAST Software
2011-04-16 13:03:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-04-16 08:55:22 ----D---- C:\Program Files\Windows Defender
2011-04-15 07:36:21 ----A---- C:\WINDOWS\system32\javaws.exe
2011-04-15 07:36:21 ----A---- C:\WINDOWS\system32\javaw.exe
2011-04-15 07:36:21 ----A---- C:\WINDOWS\system32\java.exe
2011-04-05 00:00:57 ----D---- C:\Documents and Settings\user\Data aplikací\Malwarebytes
2011-04-05 00:00:24 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-04-05 00:00:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-04-05 00:00:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-04-05 00:00:20 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

======List of files/folders modified in the last 1 months======

2011-05-04 21:29:38 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Data Fax Modem.txt
2011-05-04 21:27:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-30 13:04:32 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-16 14:27:54 ----ASH---- C:\boot.ini
2011-04-16 14:27:54 ----A---- C:\WINDOWS\win.ini
2011-04-16 14:27:54 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 risdptsk;risdptsk; C:\WINDOWS\system32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-10-17 15781]
R2 pardrv;pardrv; C:\WINDOWS\system32\drivers\pardrv.sys [2008-01-23 9728]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-08 1506816]
R3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-07 4739072]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2011-02-19 27632]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-01-19 862340]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-02 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-29 8064]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-21 191936]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 SSPORT;SSPORT; C:\WINDOWS\system32\drivers\SSPORT.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2011-02-19 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2011-02-19 25512]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 CH341SER;CH341SER; C:\WINDOWS\System32\Drivers\CH341SER.SYS [2007-09-24 37488]
S3 ipswuio;ipswuio; C:\WINDOWS\System32\DRIVERS\ipswuio.sys [2006-01-24 34944]
S3 mbr;mbr; \??\C:\DOCUME~1\user\LOCALS~1\Temp\mbr.sys []
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\PCAMPR5.sys []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2011-02-08 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2011-02-08 58496]
S3 slabbus;CP2101 USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\slabbus.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\WINDOWS\system32\drivers\CM106.sys [2008-10-13 1506304]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-08 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 820520]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]

-----------------EOF-----------------

Zdravim a pekny vecer preji

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  motji píše: Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Ted nerestartujte PC - prisli byste o ucinek RKillu

Pri stahovani ComboFixu - navod nize - jej ulozte jako Beruska.com

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Dakujam za info. Vsetky pokyny som vykonal a tu je log CF:

ComboFix 11-05-04.03 - user . 05. 2011 9:48.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1029.18.895.573 [GMT 2:00]
Running from: c:\documents and settings\user\Plocha\beruska.com.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\user\Dokumenty\ocrdict.dus
c:\documents and settings\user\Dokumenty\Readiris.DUS
c:\documents and settings\user\WINDOWS
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\shimg.dll
c:\windows\system32\Temp
c:\windows\system32\Temp\log08-04-02 22.21.39.390.txt
c:\windows\system32\Temp\log08-04-02 22.22.54.78.txt
c:\windows\system32\Temp\log08-04-02 22.23.56.843.txt
c:\windows\system32\Temp\protocol.txt
c:\windows\system32\uninstall.exe
c:\windows\system32\zlibwapi.dll
.
.
\\.\PhysicalDrive0 - Bootkit TDL4 was found and disinfected
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Files Created from 2011-04-05 to 2011-05-05 )))))))))))))))))))))))))))))))
.
.
2011-05-04 20:51 . 2011-05-04 20:51 -------- d-----w- C:\rsit
2011-05-04 20:46 . 2011-05-04 20:46 -------- d-----w- c:\program files\Ultimate Process Manager
2011-05-04 18:20 . 2011-05-04 18:20 388096 ----a-r- c:\documents and settings\user\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-04 18:20 . 2011-05-04 18:20 -------- d-----w- c:\program files\Trend Micro
2011-05-04 16:55 . 2011-05-04 16:55 -------- d-----w- c:\documents and settings\user\Data aplikací\SUPERAntiSpyware.com
2011-05-04 16:55 . 2011-05-04 16:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-05-04 16:55 . 2011-05-04 16:55 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-05-02 13:58 . 2011-05-02 14:02 113 ----a-w- C:\vmusic2.bin
2011-04-30 13:02 . 2011-04-30 13:12 47 ----a-w- C:\vmusic.bin
2011-04-21 13:50 . 2011-04-21 13:50 -------- d--h--w- c:\documents and settings\user\Data aplikací\Microchip
2011-04-21 13:49 . 2011-04-21 13:49 -------- d-----w- c:\program files\Microchip
2011-04-16 11:03 . 2011-02-23 13:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-16 11:03 . 2011-02-23 13:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-16 11:03 . 2011-02-23 13:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-16 11:03 . 2011-02-23 13:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-16 11:03 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-16 11:03 . 2011-02-23 13:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-16 11:03 . 2011-02-23 13:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-16 11:03 . 2011-02-23 13:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-16 11:03 . 2011-02-23 14:04 40648 ----a-w- c:\windows\avastSS.scr
2011-04-16 11:03 . 2011-02-23 14:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-16 11:03 . 2011-04-16 11:03 -------- d-----w- c:\program files\AVAST Software
2011-04-16 11:03 . 2011-04-16 11:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-04-16 06:55 . 2007-03-09 09:25 2321288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-04-16 06:55 . 2011-04-14 14:30 6792528 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{2F4644A9-74DB-4230-966D-ACD8D7ECC355}\mpengine.dll
2011-04-16 06:55 . 2011-04-16 06:55 -------- d-----w- c:\program files\Windows Defender
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-19 13:51 . 2011-02-19 13:51 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2011-02-19 13:51 . 2011-02-19 13:51 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-02-19 13:51 . 2011-02-19 13:51 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-02-18 14:36 . 2011-03-17 10:31 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 14:36 . 2011-03-17 10:31 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-09 12:53 . 2004-11-20 09:14 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 12:53 . 2004-11-20 09:14 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 12:13 . 2011-03-04 14:43 58496 ----a-w- c:\windows\system32\drivers\silabser.sys
2011-02-08 12:13 . 2011-03-04 14:43 47176 ----a-w- c:\windows\system32\drivers\silabenm.sys
2011-02-08 12:13 . 2011-03-04 14:43 1461992 ----a-w- c:\windows\system32\WdfCoinstaller01009.dll
2011-02-07 09:52 . 2011-02-07 09:52 2113536 ----a-w- c:\windows\system32\mppython.dll
2011-02-07 09:48 . 2011-02-07 09:48 81920 ----a-w- c:\windows\system32\MPMapTrace.dll
2011-02-07 09:09 . 2011-02-07 09:09 364544 ----a-w- c:\windows\system32\mpPathan.dll
2011-02-07 09:08 . 2011-02-07 09:08 1753088 ----a-w- c:\windows\system32\mpxerces-c_2_7.dll
2010-01-30 21:27 . 2010-01-30 21:27 516247 ----a-w- c:\program files\opera\program\plugins\axvlc.dll
2010-01-30 21:27 . 2010-01-30 21:27 114176 ----a-w- c:\program files\opera\program\plugins\libvlc.dll
2010-01-30 21:27 . 2010-01-30 21:27 2183680 ----a-w- c:\program files\opera\program\plugins\libvlccore.dll
2011-04-14 17:01 . 2011-03-22 18:22 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]
"RegProt"="c:\program files\sysinternals\diamondcs\regprot.exe" [2001-09-13 19614]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-02-23 106496]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
c:\documents and settings\user\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ASUS ChkMail.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^MultiFrame.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^viphone communicator.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\viphone communicator.lnk
backup=c:\windows\pss\viphone communicator.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43 69632 ----a-w- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
2006-02-21 13:20 180224 ----a-w- c:\program files\Asus\ASUS Live Update\ALU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2006-03-08 19:05 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Control Center]
2005-09-13 19:55 1668096 ----a-w- c:\program files\Asus\WLAN Card Utilities\Center.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 18:24 32768 ----a-w- c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-05-07 13:39 16862208 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-01-19 21:34 544768 ----a-r- c:\windows\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-07-25 03:23 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-10-21 00:26 761945 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 2]
2005-10-17 15:09 987136 ----a-w- c:\program files\Wireless Console 2\wcourier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"navapsvc"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccProxy"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"aawservice"=2 (0x2)
"a2free"=2 (0x2)
"SPBBCSvc"=3 (0x3)
"SNDSrvc"=3 (0x3)
"SBService"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ServiceLayer"=3 (0x3)
"SAVScan"=3 (0x3)
"ISSVC"=3 (0x3)
"idsvc"=3 (0x3)
"AcrSch2Svc"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"c:\\Program Files\\Opera\\Opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\System32\\fxsclnt.exe"=
"c:\\INSTALL\\webserver\\babyweb.exe"=
"c:\\install\\team\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\viphone communicator\\viphone communicator.exe"=
"c:\\Program Files\\Java\\JRE6\\BIN\\javaw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\SKFON\\qtwengophone.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\VLC.EXE"=
"c:\\Program Files\\Elnec_sw\\Programmer\\Pg4uwMC.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5060:UDP"= 5060:UDP:voip
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16. 4. 2011 13:03 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16. 4. 2011 13:03 301528]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 20:41 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16. 4. 2011 13:03 19544]
R2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [21. 12. 2010 18:02 9728]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3. 11. 2006 19:19 13592]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [19. 2. 2011 15:51 27632]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [17. 10. 2006 3:29 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [17. 10. 2006 3:29 8064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16 130384]
S2 SSPORT;SSPORT; [x]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [19. 2. 2011 15:51 13224]
S3 ipswuio;ipswuio;c:\windows\system32\drivers\ipswuio.sys [17. 10. 2006 3:22 34944]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [19. 3. 2010 17:37 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [19. 3. 2010 17:37 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [27. 9. 2008 23:02 32377]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [4. 3. 2011 16:43 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [4. 3. 2011 16:43 58496]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [31. 3. 2011 21:52 1506304]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16 753504]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - uphcleanhlp
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-05 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.orange.sk/
uInternet Settings,ProxyOverride = *.local
IE: Send To &Bluetooth - c:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\user\Data aplikací\Mozilla\Firefox\Profiles\y91djhrr.default\
FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Cm106Sound - cm106.cpl
HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
MSConfigStartUp-SSC_UserPrompt - c:\program files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-05 10:03
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(620)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3492)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Altap Salamander 2.5\plugins\salamext.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RunDll32.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\UPHClean\uphclean.exe
c:\windows\system32\wscntfy.exe
c:\windows\ATK0100\ATKOSD.exe
.
**************************************************************************
.
Completion time: 2011-05-05 10:07:55 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-05 08:07
.
Pre-Run: Volných bajtů: 17 062 297 600
Post-Run: Volných bajtů: 18 203 869 184
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - C7AC27BA1ABCACA239D852E928B97CDB

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
• Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
• Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
• Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
• Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
• Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Odpovedate rychlo ako blesk. Nenasiel ziadnu infekciu Tu je log:

2011/05/05 10:21:44.0312 3172 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/05 10:21:44.0609 3172 ================================================================================
2011/05/05 10:21:44.0609 3172 SystemInfo:
2011/05/05 10:21:44.0609 3172
2011/05/05 10:21:44.0609 3172 OS Version: 5.1.2600 ServicePack: 3.0
2011/05/05 10:21:44.0609 3172 Product type: Workstation
2011/05/05 10:21:44.0609 3172 ComputerName: N-1FEC5085576B4
2011/05/05 10:21:44.0609 3172 UserName: user
2011/05/05 10:21:44.0609 3172 Windows directory: C:\WINDOWS
2011/05/05 10:21:44.0609 3172 System windows directory: C:\WINDOWS
2011/05/05 10:21:44.0609 3172 Processor architecture: Intel x86
2011/05/05 10:21:44.0609 3172 Number of processors: 1
2011/05/05 10:21:44.0609 3172 Page size: 0x1000
2011/05/05 10:21:44.0609 3172 Boot type: Normal boot
2011/05/05 10:21:44.0609 3172 ================================================================================
2011/05/05 10:21:44.0906 3172 Initialize success
2011/05/05 10:21:53.0796 2304 ================================================================================
2011/05/05 10:21:53.0796 2304 Scan started
2011/05/05 10:21:53.0796 2304 Mode: Manual;
2011/05/05 10:21:53.0796 2304 ================================================================================
2011/05/05 10:21:54.0484 2304 Aavmker4 (83631291adf2887cffc786d034d3fa15) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/05/05 10:21:55.0140 2304 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/05/05 10:21:55.0234 2304 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/05/05 10:21:55.0656 2304 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/05/05 10:21:55.0906 2304 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/05/05 10:21:59.0109 2304 ASNDIS5 (05a56c3156e1b6cc7bbd8e1d54d491f2) C:\WINDOWS\system32\ASNDIS5.SYS
2011/05/05 10:21:59.0390 2304 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/05/05 10:21:59.0593 2304 aswMon2 (452d0ecd14fa02f9b061f42c8a30dd49) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/05/05 10:21:59.0812 2304 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/05/05 10:22:00.0000 2304 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/05/05 10:22:00.0187 2304 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\WINDOWS\system32\drivers\aswSP.sys
2011/05/05 10:22:00.0375 2304 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/05/05 10:22:00.0468 2304 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/05/05 10:22:00.0593 2304 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/05/05 10:22:01.0125 2304 ati2mtag (fd6d77a3070a57308d87a7d57144aae0) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/05/05 10:22:01.0359 2304 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/05/05 10:22:01.0546 2304 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/05/05 10:22:01.0796 2304 BCM43XX (e7debb46b9ef1f28932e533be4a3d1a9) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/05/05 10:22:01.0906 2304 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/05/05 10:22:02.0656 2304 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/05/05 10:22:02.0828 2304 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
2011/05/05 10:22:03.0031 2304 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/05/05 10:22:03.0234 2304 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/05/05 10:22:03.0453 2304 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/05/05 10:22:04.0375 2304 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/05/05 10:22:04.0500 2304 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/05/05 10:22:04.0828 2304 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/05/05 10:22:04.0953 2304 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/05/05 10:22:05.0078 2304 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/05/05 10:22:05.0265 2304 CH341SER (e9fcc96798ab3b38a88c09475e6fea52) C:\WINDOWS\system32\Drivers\CH341SER.SYS
2011/05/05 10:22:05.0703 2304 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/05/05 10:22:06.0093 2304 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/05/05 10:22:07.0140 2304 DgiVecp (770471de2550820feeb7e5d24bf2e273) C:\WINDOWS\system32\Drivers\DgiVecp.sys
2011/05/05 10:22:07.0250 2304 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/05/05 10:22:07.0406 2304 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/05/05 10:22:07.0546 2304 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/05/05 10:22:07.0609 2304 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/05/05 10:22:07.0765 2304 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/05/05 10:22:08.0156 2304 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/05/05 10:22:08.0312 2304 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/05/05 10:22:08.0421 2304 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/05/05 10:22:08.0562 2304 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/05/05 10:22:08.0656 2304 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/05/05 10:22:08.0859 2304 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/05/05 10:22:08.0968 2304 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/05/05 10:22:09.0046 2304 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/05/05 10:22:09.0281 2304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/05/05 10:22:09.0562 2304 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
2011/05/05 10:22:09.0781 2304 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
2011/05/05 10:22:09.0906 2304 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/05/05 10:22:10.0078 2304 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/05/05 10:22:10.0296 2304 HidBth (0d349dc78c6ee16e655557e325a67d9c) C:\WINDOWS\system32\DRIVERS\hidbth.sys
2011/05/05 10:22:10.0437 2304 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/05/05 10:22:10.0859 2304 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/05/05 10:22:11.0812 2304 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/05/05 10:22:11.0921 2304 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/05/05 10:22:12.0718 2304 IntcAzAudAddService (12cd9f66b64b25cbe18f1bb2c6f54832) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/05/05 10:22:13.0406 2304 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/05/05 10:22:13.0578 2304 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/05/05 10:22:13.0640 2304 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/05/05 10:22:13.0781 2304 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/05/05 10:22:13.0921 2304 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/05/05 10:22:14.0062 2304 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/05/05 10:22:14.0250 2304 ipswuio (ee8cc26924a6f07972bbf04487ebd552) C:\WINDOWS\system32\DRIVERS\ipswuio.sys
2011/05/05 10:22:14.0343 2304 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/05/05 10:22:14.0453 2304 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/05/05 10:22:14.0609 2304 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2011/05/05 10:22:14.0734 2304 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/05/05 10:22:14.0843 2304 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/05/05 10:22:14.0953 2304 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/05/05 10:22:15.0078 2304 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/05/05 10:22:15.0234 2304 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/05/05 10:22:16.0015 2304 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
2011/05/05 10:22:16.0078 2304 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/05/05 10:22:16.0250 2304 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/05/05 10:22:16.0328 2304 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/05/05 10:22:16.0578 2304 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/05/05 10:22:16.0750 2304 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/05/05 10:22:17.0125 2304 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/05/05 10:22:17.0406 2304 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/05/05 10:22:17.0531 2304 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/05/05 10:22:17.0640 2304 MSIRCOMM (95c6432151ccff8617352f8e616a1aa4) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
2011/05/05 10:22:17.0765 2304 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/05/05 10:22:17.0843 2304 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/05/05 10:22:17.0921 2304 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/05/05 10:22:18.0109 2304 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/05/05 10:22:18.0218 2304 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/05/05 10:22:18.0375 2304 MTsensor (e333010a50bf603acc350f6019e9ce02) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
2011/05/05 10:22:18.0500 2304 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/05/05 10:22:18.0625 2304 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/05/05 10:22:18.0781 2304 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/05/05 10:22:18.0859 2304 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/05/05 10:22:18.0984 2304 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/05/05 10:22:19.0109 2304 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/05/05 10:22:19.0156 2304 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/05/05 10:22:19.0234 2304 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/05/05 10:22:19.0359 2304 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/05/05 10:22:19.0421 2304 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/05/05 10:22:19.0609 2304 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/05/05 10:22:19.0765 2304 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/05/05 10:22:20.0000 2304 nmwcdnsu (496f34fb30dd541350b29558842cd42a) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011/05/05 10:22:20.0203 2304 nmwcdnsuc (99fbb538789888e6a48b902417f68dd4) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011/05/05 10:22:20.0281 2304 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/05/05 10:22:20.0890 2304 NSNDIS5 (53f7546e8daefb3a0813f5e19c4613c9) C:\WINDOWS\system32\NSNDIS5.SYS
2011/05/05 10:22:21.0203 2304 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/05/05 10:22:21.0312 2304 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/05/05 10:22:21.0375 2304 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/05/05 10:22:21.0437 2304 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/05/05 10:22:21.0531 2304 pardrv (6775738192f4d3e13ac68aca3565d239) C:\WINDOWS\system32\drivers\pardrv.sys
2011/05/05 10:22:21.0843 2304 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/05/05 10:22:22.0000 2304 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/05/05 10:22:22.0078 2304 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/05/05 10:22:23.0515 2304 PCANDIS5 (ceef86cb35abe95c40a88784f5b631ad) C:\WINDOWS\system32\PCANDIS5.SYS
2011/05/05 10:22:23.0687 2304 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/05/05 10:22:23.0953 2304 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/05/05 10:22:24.0296 2304 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/05/05 10:22:24.0531 2304 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/05/05 10:22:28.0687 2304 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/05/05 10:22:29.0234 2304 PRODIGY (65937a34c9a5741e3030a86905400d91) C:\WINDOWS\system32\Drivers\PRODIGY.SYS
2011/05/05 10:22:30.0140 2304 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/05/05 10:22:30.0265 2304 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/05/05 10:22:38.0953 2304 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/05/05 10:22:39.0156 2304 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/05/05 10:22:39.0421 2304 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/05/05 10:22:39.0718 2304 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/05/05 10:22:39.0765 2304 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/05/05 10:22:40.0031 2304 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/05/05 10:22:40.0078 2304 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/05/05 10:22:40.0375 2304 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/05/05 10:22:40.0656 2304 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/05/05 10:22:40.0828 2304 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/05/05 10:22:41.0031 2304 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2011/05/05 10:22:41.0203 2304 risdptsk (ace2ce73d7b04eac48fb80482e05e770) C:\WINDOWS\system32\DRIVERS\risdptsk.sys
2011/05/05 10:22:41.0281 2304 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/05/05 10:22:41.0468 2304 RTL8023xp (7988bfe882bcd94199225b5c3482f1bd) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/05/05 10:22:41.0609 2304 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/05/05 10:22:41.0703 2304 s117bus (1f561844318914e7eb6e54673a4cc54c) C:\WINDOWS\system32\DRIVERS\s117bus.sys
2011/05/05 10:22:41.0953 2304 s117mdfl (ba93eec3cdf6a63b77ae66221aa4f902) C:\WINDOWS\system32\DRIVERS\s117mdfl.sys
2011/05/05 10:22:42.0187 2304 s117mdm (cba12fd8a8ee5b5cdfbbae2381cd6703) C:\WINDOWS\system32\DRIVERS\s117mdm.sys
2011/05/05 10:22:42.0453 2304 s117mgmt (bd6483e64b1da17e812b34bcdefd9459) C:\WINDOWS\system32\DRIVERS\s117mgmt.sys
2011/05/05 10:22:42.0703 2304 s117nd5 (c7ca36c3054b4cd47a1f6611b046e2f9) C:\WINDOWS\system32\DRIVERS\s117nd5.sys
2011/05/05 10:22:42.0953 2304 s117obex (e290b3a6b58fb72ca97dd48d64e4fc1c) C:\WINDOWS\system32\DRIVERS\s117obex.sys
2011/05/05 10:22:43.0187 2304 s117unic (5c4d1ba23c7511ac880e8ba7baa80dba) C:\WINDOWS\system32\DRIVERS\s117unic.sys
2011/05/05 10:22:43.0437 2304 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/05/05 10:22:43.0578 2304 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/05/05 10:22:43.0953 2304 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/05/05 10:22:44.0250 2304 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
2011/05/05 10:22:44.0546 2304 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/05/05 10:22:44.0734 2304 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
2011/05/05 10:22:45.0046 2304 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/05/05 10:22:45.0328 2304 silabenm (3ead8e1668ce42a0afe41d56e7157bcf) C:\WINDOWS\system32\DRIVERS\silabenm.sys
2011/05/05 10:22:45.0546 2304 silabser (177d3ebf3e236a272d769c14f73ecc3e) C:\WINDOWS\system32\DRIVERS\silabser.sys
2011/05/05 10:22:46.0343 2304 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/05/05 10:22:46.0625 2304 smserial (ce2e9d6b8c26c38779581cff1f14b65b) C:\WINDOWS\system32\DRIVERS\smserial.sys
2011/05/05 10:22:47.0218 2304 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/05/05 10:22:47.0500 2304 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/05/05 10:22:47.0812 2304 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/05/05 10:22:48.0406 2304 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/05/05 10:22:48.0687 2304 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/05/05 10:22:49.0000 2304 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/05/05 10:22:50.0296 2304 SynMini (472b9e75ddab952f0cd37bd9aa3e81f8) C:\WINDOWS\system32\Drivers\SynMini.sys
2011/05/05 10:22:50.0515 2304 SynScan (bed9a41e66e9f038af6d2e487a3f2757) C:\WINDOWS\system32\Drivers\SynScan.sys
2011/05/05 10:22:50.0703 2304 SynTP (9c29e8e9c1c48e9c8bc38f031df4720f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/05/05 10:22:50.0968 2304 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/05/05 10:22:51.0265 2304 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/05/05 10:22:51.0546 2304 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/05/05 10:22:51.0796 2304 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/05/05 10:22:52.0062 2304 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/05/05 10:22:52.0656 2304 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/05/05 10:22:53.0109 2304 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/05/05 10:22:53.0390 2304 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/05/05 10:22:53.0531 2304 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/05/05 10:22:53.0781 2304 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/05/05 10:22:54.0046 2304 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/05/05 10:22:54.0218 2304 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/05/05 10:22:54.0453 2304 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/05/05 10:22:54.0687 2304 USBMULCD (f23d08cf90c0dfe8b20b9236a0002250) C:\WINDOWS\system32\drivers\CM106.sys
2011/05/05 10:22:55.0031 2304 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/05/05 10:22:55.0328 2304 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/05/05 10:22:55.0578 2304 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/05/05 10:22:55.0812 2304 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
2011/05/05 10:22:56.0046 2304 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/05/05 10:22:56.0328 2304 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/05/05 10:22:56.0609 2304 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/05/05 10:22:57.0125 2304 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/05/05 10:22:57.0437 2304 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/05/05 10:22:57.0718 2304 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/05/05 10:22:58.0281 2304 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/05/05 10:22:58.0609 2304 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/05/05 10:22:58.0890 2304 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/05/05 10:22:59.0171 2304 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/05/05 10:22:59.0406 2304 ================================================================================
2011/05/05 10:22:59.0406 2304 Scan finished
2011/05/05 10:22:59.0406 2304 ================================================================================

Jelikoz to hlavni odstranil CFko - tohle bylo pro kontrolu - mel jste tam peknou mrchu - doporucuji kompletni zmenu hesel - TDL rootkit si rad o nich povida s okolim

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Driver::
  uphcleanhlp
  SSPORT
  
  Registry::
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
  "C:\Documents and Settings\user\Local Settings\Temp\7zS79.tmp\SymNRT.exe"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "QuickTime Task"=-
  "SunJavaUpdateSched"=-
  [-HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
  [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
  "5060:UDP"=-
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Ziadne priznaky uz nevidim. Normalne funguje aj WUpdate. Este otazka: Na pochybne stranky som nechodil, software stahujem len zo SoftPedia a podobne. Je normalne, ze som tu haved chytil napriek pouzivaniu Windows Defender? Teraz uz pouzivam avast!, dufam, ze je lepsi ako WD.

Vdaka za pomoc

Dejte mi sem prosim ten log co na Vas vyplivlo CFko, at vidim ze provedlo vse co melo

Predtym ako som spustil CF mi zbehli nejake update Windows, takze je toho viac. Prva cast:

ComboFix 11-05-04.03 - user . 05. 2011 11:20:06.2.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1029.18.895.370 [GMT 2:00]
Running from: c:\documents and settings\user\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\user\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\_000006_.tmp.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_UPHCLEANHLP
-------\Service_SSPORT
.
.
((((((((((((((((((((((((( Files Created from 2011-04-05 to 2011-05-05 )))))))))))))))))))))))))))))))
.
.
2011-05-04 20:51 . 2011-05-04 20:51 -------- d-----w- C:\rsit
2011-05-04 20:46 . 2011-05-04 20:46 -------- d-----w- c:\program files\Ultimate Process Manager
2011-05-04 18:20 . 2011-05-04 18:20 388096 ----a-r- c:\documents and settings\user\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-04 18:20 . 2011-05-04 18:20 -------- d-----w- c:\program files\Trend Micro
2011-05-04 16:55 . 2011-05-04 16:55 -------- d-----w- c:\documents and settings\user\Data aplikací\SUPERAntiSpyware.com
2011-05-04 16:55 . 2011-05-04 16:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-05-04 16:55 . 2011-05-04 16:55 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-05-02 13:58 . 2011-05-02 14:02 113 ----a-w- C:\vmusic2.bin
2011-04-30 13:02 . 2011-04-30 13:12 47 ----a-w- C:\vmusic.bin
2011-04-21 13:50 . 2011-04-21 13:50 -------- d--h--w- c:\documents and settings\user\Data aplikací\Microchip
2011-04-21 13:49 . 2011-04-21 13:49 -------- d-----w- c:\program files\Microchip
2011-04-16 11:03 . 2011-02-23 13:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-16 11:03 . 2011-02-23 13:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-16 11:03 . 2011-02-23 13:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-16 11:03 . 2011-02-23 13:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-16 11:03 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-16 11:03 . 2011-02-23 13:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-16 11:03 . 2011-02-23 13:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-16 11:03 . 2011-02-23 13:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-16 11:03 . 2011-02-23 14:04 40648 ----a-w- c:\windows\avastSS.scr
2011-04-16 11:03 . 2011-02-23 14:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-16 11:03 . 2011-04-16 11:03 -------- d-----w- c:\program files\AVAST Software
2011-04-16 11:03 . 2011-04-16 11:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-04-16 06:55 . 2007-03-09 09:25 2321288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-04-16 06:55 . 2011-04-14 14:30 6792528 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{2F4644A9-74DB-4230-966D-ACD8D7ECC355}\mpengine.dll
2011-04-16 06:55 . 2011-04-16 06:55 -------- d-----w- c:\program files\Windows Defender
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2006-10-17 00:59 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 13:53 . 2004-11-20 09:14 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-19 13:51 . 2011-02-19 13:51 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2011-02-19 13:51 . 2011-02-19 13:51 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-02-19 13:51 . 2011-02-19 13:51 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-02-18 14:36 . 2011-03-17 10:31 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 14:36 . 2011-03-17 10:31 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 13:52 . 2004-11-20 09:14 668160 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 13:52 . 2004-11-20 09:14 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-02-17 13:52 . 2004-11-20 09:14 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 13:50 . 2004-11-20 09:14 370176 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2004-11-20 09:14 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-11-20 09:14 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2004-11-20 09:14 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 14:44 . 2008-04-14 03:22 232448 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 12:53 . 2004-11-20 09:14 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 12:53 . 2004-11-20 09:14 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2004-11-20 09:14 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2004-11-20 09:14 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-08 12:13 . 2011-03-04 14:43 58496 ----a-w- c:\windows\system32\drivers\silabser.sys
2011-02-08 12:13 . 2011-03-04 14:43 47176 ----a-w- c:\windows\system32\drivers\silabenm.sys
2011-02-08 12:13 . 2011-03-04 14:43 1461992 ----a-w- c:\windows\system32\WdfCoinstaller01009.dll
2011-02-07 09:52 . 2011-02-07 09:52 2113536 ----a-w- c:\windows\system32\mppython.dll
2011-02-07 09:48 . 2011-02-07 09:48 81920 ----a-w- c:\windows\system32\MPMapTrace.dll
2011-02-07 09:09 . 2011-02-07 09:09 364544 ----a-w- c:\windows\system32\mpPathan.dll
2011-02-07 09:08 . 2011-02-07 09:08 1753088 ----a-w- c:\windows\system32\mpxerces-c_2_7.dll
2010-01-30 21:27 . 2010-01-30 21:27 516247 ----a-w- c:\program files\opera\program\plugins\axvlc.dll
2010-01-30 21:27 . 2010-01-30 21:27 114176 ----a-w- c:\program files\opera\program\plugins\libvlc.dll
2010-01-30 21:27 . 2010-01-30 21:27 2183680 ----a-w- c:\program files\opera\program\plugins\libvlccore.dll
2011-04-14 17:01 . 2011-03-22 18:22 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-05_08.03.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-22 21:25 . 2010-07-05 13:13 18296 c:\windows\system32\spmsg.dll
- 2010-08-22 21:25 . 2010-07-05 12:13 18296 c:\windows\system32\spmsg.dll
+ 2004-11-20 09:14 . 2011-05-05 08:48 76484 c:\windows\system32\perfc009.dat
+ 2004-11-20 09:15 . 2011-05-05 08:48 88434 c:\windows\system32\perfc005.dat
- 2009-02-20 08:12 . 2010-12-20 21:14 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-02-20 08:12 . 2011-02-17 13:52 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2011-02-10 02:10 . 2011-02-10 02:10 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2010-03-18 11:16 . 2010-03-18 11:16 56656 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9824b202ffe88c945577effdc7fc8fc3\UIAutomationProvider.ni.dll
+ 2011-05-05 09:04 . 2011-05-05 09:04 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\6474ae2cebac637025eab3cbcdc9ffe6\System.Windows.Presentation.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:04 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\50cbf014f60fa88f67a763dfbead1fee\System.Web.ApplicationServices.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f472171edc898ea876f14b97b4f332b8\System.ServiceModel.Channels.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\473102f936b4a823e5e2b2e6282c5104\System.AddIn.Contract.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\1a21a54acf18fabfddb0b94d40e509a1\Microsoft.VisualC.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\7600f9d2a3bc01ba15674667283c2e53\Accessibility.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 24064 c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\edf8cb8e205d183624d8b50eea8317c8\WiaProxy32.ni.exe
+ 2011-05-05 08:53 . 2011-05-05 08:53 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c\UIAutomationProvider.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d\System.Windows.Presentation.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852\System.Web.DynamicData.Design.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d\System.AddIn.Contract.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c\PresentationFontCache.ni.exe
+ 2011-05-05 08:52 . 2011-05-05 08:52 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650\PresentationCFFRasterizer.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:56 20992 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.StylusR#\28f3c140e985bc04d86a96ee33acb443\PaintDotNet.StylusReader.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Microsoft.Vsa.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\61ae638a8173b053fc3e6dde41df25a3\Microsoft.VisualC.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24\Microsoft.Build.Framework.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc\Microsoft.Build.Framework.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:56 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\cf20d6f118507cdab44b3ce19452f640\Interop.WIA.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-05-05 08:56 . 2011-05-05 08:56 81408 c:\windows\assembly\NativeImages_v2.0.50727_32\DdsFileType\a2d3bd4e944cb6cc4ac4f4ff35b25e82\DdsFileType.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-10-04 14:55 . 2010-10-04 14:56 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\1a4701c5a061d081b78353bd04349c3e\dfsvc.ni.exe
- 2010-10-04 14:55 . 2010-10-04 14:55 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2004-11-20 09:14 . 2010-12-20 21:14 627200 c:\windows\system32\urlmon.dll
+ 2004-11-20 09:14 . 2011-02-17 13:52 627200 c:\windows\system32\urlmon.dll
+ 2004-11-20 09:14 . 2011-05-05 08:48 474060 c:\windows\system32\perfh009.dat
+ 2004-11-20 09:15 . 2011-05-05 08:48 469178 c:\windows\system32\perfh005.dat
+ 2004-11-20 09:14 . 2011-02-17 13:52 532480 c:\windows\system32\mstime.dll
- 2004-11-20 09:14 . 2010-12-20 21:14 532480 c:\windows\system32\mstime.dll
- 2004-11-20 09:14 . 2010-12-20 21:14 449024 c:\windows\system32\mshtmled.dll
+ 2004-11-20 09:14 . 2011-02-17 13:52 449024 c:\windows\system32\mshtmled.dll
+ 2004-11-20 09:14 . 2011-02-17 13:52 251904 c:\windows\system32\iepeers.dll
- 2004-11-20 09:14 . 2010-12-20 21:14 251904 c:\windows\system32\iepeers.dll
+ 2006-10-17 00:53 . 2011-05-05 09:34 144424 c:\windows\system32\FNTCACHE.DAT
- 2006-10-17 00:53 . 2011-03-27 20:49 144424 c:\windows\system32\FNTCACHE.DAT
- 2008-04-21 06:45 . 2010-12-20 21:14 668160 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-21 06:45 . 2011-02-17 13:52 668160 c:\windows\system32\dllcache\wininet.dll
- 2008-06-26 08:14 . 2010-12-20 21:14 627200 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-26 08:14 . 2011-02-17 13:52 627200 c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-20 11:31 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2010-11-05 04:02 . 2011-02-17 13:52 532480 c:\windows\system32\dllcache\mstime.dll
- 2010-11-05 04:02 . 2010-12-20 21:14 532480 c:\windows\system32\dllcache\mstime.dll
+ 2010-09-09 14:23 . 2011-02-17 13:52 449024 c:\windows\system32\dllcache\mshtmled.dll
- 2010-09-09 14:23 . 2010-12-20 21:14 449024 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-11-14 15:36 . 2011-02-17 13:18 455936 c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-10-14 07:13 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
- 2006-10-14 07:13 . 2010-09-18 10:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-14 19:32 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
- 2008-08-16 18:25 . 2010-06-09 07:45 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-08-16 18:25 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2010-02-26 05:43 . 2011-02-17 13:52 251904 c:\windows\system32\dllcache\iepeers.dll
- 2010-02-26 05:43 . 2010-12-20 21:14 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-14 03:22 . 2011-02-11 14:44 232448 c:\windows\system32\dllcache\fxscover.exe
+ 2010-04-20 05:32 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2011-02-11 14:44 . 2011-02-11 14:44 232448 c:\windows\ServicePackFiles\ServicePackCache\i386\fxscover.exe
+ 2011-02-10 02:10 . 2011-02-10 02:10 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2010-03-18 11:16 . 2010-03-18 11:16 517448 c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
- 2010-03-18 11:16 . 2010-03-18 11:16 955728 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-02-10 02:10 . 2011-02-10 02:10 955728 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-02-10 02:10 . 2011-02-10 02:10 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
- 2010-03-18 11:16 . 2010-03-18 11:16 385864 c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 231760 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 607064 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 149848 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-11-14 15:36 . 2011-02-17 13:18 455936 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-05-05 09:04 . 2011-05-05 09:04 245760 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\c854ff737035c79fdf1b56b95e28fdbc\WindowsFormsIntegration.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 195584 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\c085fc0d222fb39afe14cc8e5eb32eee\UIAutomationTypes.ni.dll
+ 2011-05-05 09:04 . 2011-05-05 09:04 481792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\974f99cb0c5b67484ce5a3fd1fc5e7dd\UIAutomationClient.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6d7c87b19bf40f2bc57ec4429b628c9a\System.Xml.Linq.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 187904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\21eb4743be4fdd8df5f0a9cd0dd52f5d\System.Windows.Input.Manipulations.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 645632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\1fac5b5769af4e4dd0aa3f09d9834734\System.Transactions.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 220672 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\4e5c6a1e261c43961b19f4712359234f\System.ServiceProcess.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9fc58e83505ef6bf05a4529665c7737d\System.ServiceModel.Routing.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 721920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\df00a90a0ca189eb49b071dfd9530347\System.Security.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 310272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7de8fccb064fff0d219e8594a014b600\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 758784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\30b7ffac8d9d7ba0364dd19c158fe291\System.Runtime.Remoting.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 144896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\f2304201110addb8170997ff442e87fc\System.Numerics.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 651264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\56158e581a3dfce8f930fe7388cfe156\System.Net.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 625152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\8b3e59239912537657fc7f9c6b88dd8a\System.Messaging.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 392704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\117067671949b80852b0a7c112888b7b\System.Management.Instrumentation.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 405504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\a483116d4df8444911c9d47fd99b8b95\System.IO.Log.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 228352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\3891b868ee83ca630686d547c328da31\System.IdentityModel.Selectors.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 230912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\547669d593c2ac7c94391e153ea6068f\System.EnterpriseServices.Wrapper.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 784896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\547669d593c2ac7c94391e153ea6068f\System.EnterpriseServices.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 373248 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\f9b335b9f86afcae5a54949288010a0f\System.Dynamic.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 911872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\8a7ceaec74327e2be758e7291b8a5849\System.DirectoryServices.AccountManagement.ni.dll

+ 2011-05-05 09:03 . 2011-05-05 09:03 461824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\698dd101afeceb8ffc4a435b9be82038\System.DirectoryServices.Protocols.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 112128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\65b4592d5d04a0c5b6f102f8d1e065e8\System.Device.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\ee0a48c4f9340f1002baa71004a14932\System.Data.DataSetExtensions.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 973312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\f7f7d2aa985906327e256d05472bdeb3\System.Configuration.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 145920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\9a074aee02c2c27bd8a64bd39bb0f954\System.Configuration.Install.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 193536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\f02a6c23986ba9eee3699717437b0f94\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 690176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\50925baa7781cd6b13b345750b78cac2\System.ComponentModel.Composition.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 613888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\d5de48c1c29a8498c89ed5da48e40690\System.AddIn.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 402944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\d60de251f6401ab42fe195f6bf25ca73\System.Activities.DurableInstancing.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 316928 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\d42aded7e797fe07a002cec27071b509\SMSvcHost.ni.exe
+ 2011-05-05 09:00 . 2011-05-05 09:00 142336 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\22f477b2dad8700e564daead57f5b825\SMDiagnostics.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 656896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ea81a1bfc0d3e8840be37dffb83fc12e\PresentationFramework.Luna.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 327168 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e4498a63f9913a5d47d26de0da220fdc\PresentationFramework.Royale.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 283648 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\debfd1ead83df514b9a663bf3601669f\PresentationFramework.Classic.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 450048 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\bc6292c4e40c4bf27d35ec5a8065893f\PresentationFramework.Aero.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 219136 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e6c8530bfd8c9a39e07a5401b3acba04\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 418304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\a78fa250714cf42472bc22d0b7ea14e5\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 193024 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\e665571fbfd43f6f3f715b715dd01f14\CustomMarshalers.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\95de80b860252231b46014f58226e473\WsatConfig.ni.exe
+ 2011-05-05 08:55 . 2011-05-05 08:55 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\715710f5a31a494ed5c0ec0874dafe3e\WindowsFormsIntegration.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\017be0e6c5f1810f15a696157cd5e2c2\UIAutomationTypes.ni.dll
+ 2011-05-05 08:55 . 2011-05-05 08:55 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bec5b0a93df12eb26c02c877a4eae678\UIAutomationClient.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3d8f787002439f4942c33f376cfd8555\System.Xml.Linq.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4b746fea8062a10ccc6e5331914e7dad\System.Web.Routing.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\103956fdb019bce8a173fe9cb9da3e02\System.Web.RegularExpressions.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c0a156fbf46ad272ac262e45eaa998f4\System.Web.Extensions.Design.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e3651e13567ce4e3fa7bb2fbab737d9a\System.Web.Entity.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\834d7769f39e4d937eda1ad3707d4716\System.Web.Entity.Design.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\032c96c6206b53bca122d1fbaf5f8ca2\System.Web.DynamicData.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6ce0e4fb33afcfcce43c427e82b987db\System.Web.Abstractions.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\990d96810a21e0fa95f916ffc66f3a94\System.Transactions.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e0d56c0582316e9ecb4c18186e37217c\System.ServiceProcess.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\9e91cca51a5ed6fb13b67558109d2726\System.Security.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1d03df7f7548613e8beab2cc21e57910\System.Runtime.Remoting.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\6194eb4bc1e0133d0183d086b747f512\System.Net.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\fd6bd402916af28b2c2fa49ebb8a76d1\System.Messaging.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d6ae8171ae6fd4fe83add34e6d70e5b5\System.Management.Instrumentation.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\abd5a61d39e474f12b30ccbbe6277667\System.IO.Log.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\12c4dba6d4ff0278d208c283d9ed7670\System.IdentityModel.Selectors.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.Wrapper.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e6b7128278d8c0e8382a5685f5b196c6\System.Drawing.Design.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ef56bf47fc2fc4204e0fcc1f32bab01\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\447d7b4a7d0add13f8d2086088bcc41c\System.DirectoryServices.Protocols.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ce2afe8854ee9cdc834b6f392348c882\System.Data.Services.Design.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\03d4658290e300e437e745ef4a613b59\System.Data.Services.Client.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\7ce21a2855bb7731de4dab797e69f3f6\System.Data.Entity.Design.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ea57694aea47c05853516c9bb2ad54b4\System.Data.DataSetExtensions.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f312bb844670ebc7458fec9e6b2568b3\System.Configuration.Install.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\afd9595f07a8c68b26e81cf995957f56\System.AddIn.ni.dll
+ 2011-05-05 08:55 . 2011-05-05 08:55 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\2b73a63d3b6e331db1224173b25f9148\sysglobl.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3a42b2fbafe93d7b9395e328bea35afa\SMSvcHost.ni.exe
+ 2011-05-05 08:57 . 2011-05-05 08:57 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\97ff96d3fc8d0b10ea294f320acf821e\SMDiagnostics.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\28ed0e9efd938b05b4f53e0d90046701\ServiceModelReg.ni.exe
+ 2011-05-05 08:54 . 2011-05-05 08:54 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ffe13679e6b3e36e5cb6c47f8c4faf9c\PresentationFramework.Aero.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbb40299379f2009c140ddadb04231b4\PresentationFramework.Classic.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a34cd33cec1bdfebe4a3910bceb8723b\PresentationFramework.Royale.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:56 534528 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\48d6666db2fe805ac625ed690c940c25\PaintDotNet.SystemLayer.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:56 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Resourc#\64549b859ecb455b30030d0ecde9a418\PaintDotNet.Resources.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:56 683008 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Effects\67c6b88923c1a07173bc999c533f82dd\PaintDotNet.Effects.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:56 605696 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Data\a25932cfa039003036d05ca02eb4767e\PaintDotNet.Data.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:56 180736 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\c4331ab3617c7df52b407aa43f22622b\PaintDotNet.Base.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5670e74887ef1025c6a8c056ffe86b38\MSBuild.ni.exe
+ 2011-05-05 08:57 . 2011-05-05 08:57 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\653732002ebf5c68f69150a60e145e6a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cc62770393640302bd4d7e442b1e49a4\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\352bff1ee71ce114e225f849038dc48d\Microsoft.Build.Utilities.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\7345f4d2d7157bf49de4158e8f2b6847\Microsoft.Build.Engine.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d7dba901ddd410ca1a0156d0f2a27533\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:56 504320 c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\b751faee219739c129748648f8edd3b9\ICSharpCode.SharpZipLib.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\010552e529d130ce914765b0801e2367\CustomMarshalers.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\6861f639b13967e9b014b44bbb7c5d4c\ComSvcConfig.ni.exe
+ 2011-05-05 08:56 . 2011-05-05 08:56 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\800da7dec567fadf3392091e9f01ecb9\AspNetMMCExt.ni.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-10-04 14:55 . 2010-10-04 14:56 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-10-04 14:55 . 2010-10-04 14:56 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-10-04 14:55 . 2010-10-04 14:56 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2004-11-20 09:14 . 2010-12-20 21:14 1510912 c:\windows\system32\shdocvw.dll
+ 2004-11-20 09:14 . 2011-02-17 13:52 1510912 c:\windows\system32\shdocvw.dll
+ 2004-11-20 09:14 . 2011-02-17 13:52 3099648 c:\windows\system32\mshtml.dll
+ 2007-10-11 12:12 . 2008-03-20 16:06 1480232 c:\windows\system32\LegitCheckControl.dll
+ 2008-10-20 11:31 . 2011-03-03 13:53 1857920 c:\windows\system32\dllcache\win32k.sys
- 2008-06-26 08:14 . 2010-12-20 21:14 1510912 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-06-26 08:14 . 2011-02-17 13:52 1510912 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-04-21 06:45 . 2011-02-17 13:52 3099648 c:\windows\system32\dllcache\mshtml.dll
- 2010-03-10 04:43 . 2010-12-20 21:14 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2010-03-10 04:43 . 2011-02-17 13:52 1025024 c:\windows\system32\dllcache\browseui.dll
- 2004-11-20 09:14 . 2010-12-20 21:14 1025024 c:\windows\system32\browseui.dll
+ 2004-11-20 09:14 . 2011-02-17 13:52 1025024 c:\windows\system32\browseui.dll
+ 2011-02-10 02:10 . 2011-02-10 02:10 5196112 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
- 2010-03-18 11:16 . 2010-03-18 11:16 5196112 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-02-10 02:10 . 2011-02-10 02:10 1142104 c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-02-10 02:10 . 2011-02-10 02:10 6735176 c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 5813072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-01-18 02:39 . 2011-01-18 02:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 1303896 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 3481928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 3481928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 4982120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 4982120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 6067048 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 1339736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 6346600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 2970968 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 3545952 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 5196112 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 5196112 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-11-13 06:21 . 2010-11-13 06:21 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-05-05 08:48 . 2011-05-05 08:48 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2011-05-05 08:50 . 2011-05-05 08:50 3779072 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8d8cf1d60737d945a526fb11577d4b8a\WindowsBase.ni.dll
+ 2011-05-05 09:04 . 2011-05-05 09:04 1055744 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\28121866e3d6d8b0dc72d9e250b0af1c\UIAutomationClientsideProviders.ni.dll
+ 2011-05-05 08:49 . 2011-05-05 08:49 9000960 c:\windows\assembly\NativeImages_v4.0.30319_32\System\7abfd34ae39103ceccdfb8b262ed6a97\System.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 5571584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\eb45dda4b68ae7f29995c3a3d909fbe7\System.Xml.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1776640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\738a078bc59722d6b06b5ae5e99569f9\System.Xaml.ni.dll
+ 2011-05-05 09:04 . 2011-05-05 09:04 4496384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\eec21f9b08bbed54d9e36038badaf289\System.Windows.Forms.DataVisualization.ni.dll
+ 2011-05-05 09:04 . 2011-05-05 09:04 1828352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\46f59c5b9fee41849705f2b5f1102d66\System.Web.Services.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:04 1992192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\01a3b3bf7fadd971e17400c8502ec886\System.Speech.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 1127424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6856341eadab4c3ace0e39182649bba2\System.ServiceModel.Discovery.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 1388032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4048a5620b0fa66a7414cff30155d30c\System.ServiceModel.Activities.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 2625024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c46375bba06671d2a9369e630752987a\System.Runtime.Serialization.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1011200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\6b6309a2e7f384bac4ccbdf1eca34c30\System.Runtime.DurableInstancing.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 1047040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\24f97354b0a95ef77b2db8de9e7374fe\System.Printing.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 1159168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\05a0937d76f565aa728348fc24f6c2eb\System.Management.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 1065984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1f045fc92d6402b27f6b9fb9291d44c3\System.IdentityModel.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 1651200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\526f0a9717cbd8a50d09a10b5ce81c0d\System.Drawing.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1151488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\6dc0ed081400ec315f895bdc7fd016c4\System.DirectoryServices.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:01 1872384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\2a2a921350a9651e9bd681197edeb88d\System.Deployment.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 6754816 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\adc8f2f7dff3233f2d72bcef8e58226a\System.Data.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 2538496 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\c25dda9b477a33f9f235292114bb535c\System.Data.SqlXml.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 1332736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\aa778d274523b93d389e581e58698918\System.Data.Services.Client.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 2499072 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\8e0d083a7ad85b579d176e3594b5f3b8\System.Data.Linq.ni.dll
+ 2011-05-05 08:50 . 2011-05-05 08:50 7025664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\69b1f8a15cdfb26e30c8761fa4f96940\System.Core.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 4103168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\ec488a50a47246a625159744ad8e0931\System.Activities.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 3691520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\00fb4f96c610880aeee34d8670347a6d\System.Activities.Presentation.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 1506304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\a965a0f825fb91ce7cf78d99263968b4\System.Activities.Core.Presentation.ni.dll
+ 2011-05-05 09:01 . 2011-05-05 09:01 2842624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\3f04b2ab8961aceac03f8ae2ccabe947\ReachFramework.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1622528 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\3aebfb1497141c9466ee8ce68a3bf805\PresentationUI.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1819648 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ff572ca3a119cd72903df8c6ed667b62\Microsoft.VisualBasic.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1134080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\c9bbe042f095b833c13bf65d50aa54b6\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1167872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\320f1578082f1de1f8562ce92c0c2dab\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1079808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\ac03be8a96bd10965da87208d81eb07d\Microsoft.Transactions.Bridge.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 2441728 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\d4572ad085979b16261058f1433e73e9\Microsoft.JScript.ni.dll
+ 2011-05-05 08:51 . 2011-05-05 08:51 1612288 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\32454400da56267e19961852345d7a62\Microsoft.CSharp.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll
+ 2011-05-05 08:55 . 2011-05-05 08:55 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9e022c95e79f2b6f383a501ad99f08a9\UIAutomationClientsideProviders.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
+ 2011-05-05 09:00 . 2011-05-05 09:00 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6346221cecf631e5c0b754d842aad102\System.WorkflowServices.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\1fbcd203ff8d77d561df8bf806417ab6\System.Workflow.Runtime.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\efbaf3696c44fd7d4b3cd925e0437b36\System.Workflow.ComponentModel.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\52a9bc5dd1fa497af7c7f4600bd8e6d1\System.Workflow.Activities.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\92d6b75e3b63b528d4069bf4ee01983a\System.Web.Mobile.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\02d53154634c8000382942e0f43ead41\System.Web.Extensions.ni.dll
+ 2011-05-05 08:55 . 2011-05-05 08:55 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\dd128c8e21e7fa14c12b71df9892d046\System.Speech.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8b0bb430bb6af96c18b43e3c54cfafe8\System.ServiceModel.Web.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\85a7a7aace114e78fc6c9b219bcd5551\System.Printing.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\86c59378e9a43bf101a10ad452a4bb8e\System.IdentityModel.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c05d9332116964104c721e97f7ce1058\System.DirectoryServices.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0118c0c73ea5c77bda7b10b188102ab6\System.Deployment.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\1337829e3df6888464a17aab78bb9b8f\System.Data.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ba3ca7a93e227c32ce7b50d0a7ba935f\System.Data.SqlXml.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de52be5da96059651b5bec800cb4605\System.Data.Services.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\5018d7d39ee99a18c2c17d68837a7a6d\System.Data.OracleClient.ni.dll
+ 2011-05-05 08:55 . 2011-05-05 08:55 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\11f1306e0e311a0d0cbd139fb2fa4c36\System.Data.Linq.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6f83243158f28669aac9577fdb3d5aaf\System.Data.Entity.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\12efddabe6fe35be21246c88ed9bf8ab\ReachFramework.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\257c9327ba9cc5cd87f58de224aa2e0d\PresentationUI.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\2faf279f73d492469a21f3e74d18955d\PresentationBuildTasks.ni.dll
+ 2011-05-05 08:56 . 2011-05-05 08:57 1999360 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet\91d4b4babb3df537ca3709ccb196da57\PaintDotNet.ni.exe
+ 2011-05-05 08:56 . 2011-05-05 08:56 1777664 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Core\17a681ef0c729801ba2984a64639dfe8\PaintDotNet.Core.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\269103939243ec6929739c8b9a645c0d\Microsoft.VisualBasic.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\bf7bd26d2828e35156814018939ce4f6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-05-05 08:59 . 2011-05-05 08:59 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\6594c17d7e112b0507b701d5b8a67bba\Microsoft.JScript.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:58 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f5eb1e42ccd0f67f7496b94a31949cd0\Microsoft.Build.Tasks.ni.dll
+ 2011-05-05 08:58 . 2011-05-05 08:58 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cc7f05675a5cd8014222be1483d6beaf\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\41cf95aa4ff5765b515d3252abc6353b\Microsoft.Build.Engine.ni.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-10-04 14:55 . 2010-10-04 14:55 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-10-04 14:56 . 2010-10-04 14:56 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-05-05 08:45 . 2011-05-05 08:45 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-10-04 14:55 . 2010-10-04 14:56 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-02-11 06:43 . 2011-02-11 06:43 10951168 c:\windows\Installer\267bd4.msp
+ 2011-02-11 18:47 . 2011-02-11 18:47 12028928 c:\windows\Installer\267bc7.msp
+ 2011-05-05 08:52 . 2011-05-05 08:52 13006336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\85b61e27d3c08c0c8ff19deb75912e1d\System.Windows.Forms.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 17919488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\8964b15d32028ef9dfe776216af8524d\System.ServiceModel.ni.dll
+ 2011-05-05 09:03 . 2011-05-05 09:03 13273600 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\38409bc0ee7cdb9fbc981fefea83ab23\System.Data.Entity.ni.dll
+ 2011-05-05 08:50 . 2011-05-05 08:50 17629184 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f1e3e74b135fcd61fa30090a2c2596a6\PresentationFramework.ni.dll
+ 2011-05-05 08:50 . 2011-05-05 08:50 11058176 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3fe193ac81b9eafd76aafeec99bdbf6a\PresentationCore.ni.dll
+ 2011-05-05 08:49 . 2011-05-05 08:49 14415872 c:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\eb4e1e70734f6efb9c7de7ec5f452c9e\mscorlib.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll
+ 2011-05-05 08:57 . 2011-05-05 08:57 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b5f24d96334ea08b99350421450d3ba4\System.ServiceModel.ni.dll
+ 2011-05-05 08:54 . 2011-05-05 08:54 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\5aeadb9ff9a86f49130de5976a9f1744\System.Design.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll
+ 2011-05-05 08:53 . 2011-05-05 08:53 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll
+ 2011-05-05 08:52 . 2011-05-05 08:52 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]
"RegProt"="c:\program files\sysinternals\diamondcs\regprot.exe" [2001-09-13 19614]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-02-23 106496]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
c:\documents and settings\user\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ASUS ChkMail.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^MultiFrame.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^viphone communicator.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\viphone communicator.lnk
backup=c:\windows\pss\viphone communicator.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43 69632 ----a-w- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
2006-02-21 13:20 180224 ----a-w- c:\program files\Asus\ASUS Live Update\ALU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2006-03-08 19:05 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Control Center]
2005-09-13 19:55 1668096 ----a-w- c:\program files\Asus\WLAN Card Utilities\Center.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-05-07 13:39 16862208 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-01-19 21:34 544768 ----a-r- c:\windows\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-10-21 00:26 761945 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 2]
2005-10-17 15:09 987136 ----a-w- c:\program files\Wireless Console 2\wcourier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"navapsvc"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccProxy"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"aawservice"=2 (0x2)
"a2free"=2 (0x2)
"SPBBCSvc"=3 (0x3)
"SNDSrvc"=3 (0x3)
"SBService"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ServiceLayer"=3 (0x3)
"SAVScan"=3 (0x3)
"ISSVC"=3 (0x3)
"idsvc"=3 (0x3)
"AcrSch2Svc"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"c:\\Program Files\\Opera\\Opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\System32\\fxsclnt.exe"=
"c:\\INSTALL\\webserver\\babyweb.exe"=
"c:\\install\\team\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\viphone communicator\\viphone communicator.exe"=
"c:\\Program Files\\Java\\JRE6\\BIN\\javaw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\SKFON\\qtwengophone.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\VLC.EXE"=
"c:\\Program Files\\Elnec_sw\\Programmer\\Pg4uwMC.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16. 4. 2011 13:03 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16. 4. 2011 13:03 301528]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 20:41 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16. 4. 2011 13:03 19544]
R2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [21. 12. 2010 18:02 9728]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3. 11. 2006 19:19 13592]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [19. 2. 2011 15:51 27632]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [17. 10. 2006 3:29 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [17. 10. 2006 3:29 8064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16 130384]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [19. 2. 2011 15:51 13224]
S3 ipswuio;ipswuio;c:\windows\system32\drivers\ipswuio.sys [17. 10. 2006 3:22 34944]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [19. 3. 2010 17:37 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [19. 3. 2010 17:37 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [27. 9. 2008 23:02 32377]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [4. 3. 2011 16:43 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [4. 3. 2011 16:43 58496]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [31. 3. 2011 21:52 1506304]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16 753504]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - UPHCLEANHLP
*Deregistered* - uphcleanhlp
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-05 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.orange.sk/
uInternet Settings,ProxyOverride = *.local
IE: Send To &Bluetooth - c:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\user\Data aplikací\Mozilla\Firefox\Profiles\y91djhrr.default\
FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-05 11:35
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(796)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(548)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Altap Salamander 2.5\plugins\salamext.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\rundll32.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\UPHClean\uphclean.exe
c:\windows\system32\wscntfy.exe
c:\windows\ATK0100\ATKOSD.exe
.
**************************************************************************
.
Completion time: 2011-05-05 11:39:42 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-05 09:39
ComboFix2.txt 2011-05-05 08:07
.
Pre-Run: Volných bajtů: 18 711 281 664
Post-Run: Volných bajtů: 18 718 556 160
.
- - End Of File - - 12A949D6B543A5629AEA9F813D3F1E54

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /Uninstall
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Havet si mohla najit nejake slabe misto v zabezpeceni windows, chybne kliknuti na nejaky infikovany odkza, priloha mailu - zpusobu nakazeni je mnoho...

Napiste jak se chova PC

PC je uz ok. Este raz vdaka za pomoc.

Nemate zac, rad jsem pomohl