VIRY.CZ

Dobrý večer nebo ahoj,

mám na vás prosbu, našel jsem zde nějaké návody na odstranění win 7 home security 2011, chci se zeptat jestli můžu postupovat podle nich, nebo je to pokažde potřeba šít na míru.
Chytil jsem win 7 home security 2012
děkuji za odpověď
Q.

Zdravim, pekny vecer preji a vitam vas u nas na foru

vzdy je treba lecit a psat skripty "na miru"

Takze stahnete RSIT - viz muj podpis - a dejte log z nej

Děkuji za přívětivé přijetí,

snad jsem to udelal vše správně.
------------

Logfile of random's system information tool 1.08 (written by random/random)
Run by Qwertown at 2011-06-16 21:05:22
Microsoft Windows 7 Ultimate
System drive C: has 14 GB (26%) free of 54 GB
Total RAM: 6142 MB (76% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006e8
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe"
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
WLIDSvcM.exe 2156
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskmgr.exe /3
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cd5efba4-d2f1-410b-9ab9-3f01bdeb2adc -SystemEventPortName:HostProcess-b8d52ef4-9b7b-4f36-8a81-a3b423e90839 -IoCancelEventPortName:HostProcess-fa97c99f-0151-4434-905a-4e3e4f5a8890 -NonStateChangingEventPortName:HostProcess-2318b5eb-343d-423d-86a5-5215b5840418 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e79808f6-7aec-489e-a2e2-929a12c5f5e3
taskhost.exe C:\Windows\system32\defrag.exe -c
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
taskeng.exe {CC20D771-DC81-4AF3-A6C5-D29352323538}
C:\Users\Qwertown\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
"C:\Users\Qwertown\AppData\Local\Google\Update\GoogleUpdate.exe" -Embedding
C:\Users\Qwertown\AppData\Local\ucg.exe -dtm -a
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Qwertown\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"ActivControl"=C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe [2008-07-18 1695744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Qwertown\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-19 136176]
"ICQ"=C:\Program Files (x86)\ICQ7.2\ICQ.exe [2011-01-05 133432]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [2011-01-26 3683456]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]
"4096960643"=C:\Users\Qwertown\AppData\Local\ucg.exe [2011-06-16 339968]
"Spyware Doctor"=C:\Users\Qwertown\Desktop\sdsetup_aff.exe -min []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 336384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.exe - open - "C:\Users\Qwertown\AppData\Local\ucg.exe" -a "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2011-06-16 21:05:22 ----D---- C:\rsit
2011-06-16 21:05:22 ----D---- C:\Program Files\trend micro
2011-06-16 19:11:44 ----D---- C:\ProgramData\PC Tools
2011-05-28 16:21:11 ----D---- C:\ProgramData\BioWare
2011-05-28 15:40:11 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2011-05-28 15:40:04 ----D---- C:\ProgramData\Media Center Programs
2011-05-26 18:43:26 ----SHD---- C:\ProgramData\DSS
2011-05-26 18:43:26 ----D---- C:\ProgramData\Codemasters
2011-05-26 18:34:15 ----D---- C:\Windows\SYSWOW64\xlive
2011-05-26 18:34:09 ----RA---- C:\Windows\SYSWOW64\tmp1FE0.tmp
2011-05-26 08:17:52 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-05-26 08:17:47 ----RA---- C:\Windows\SYSWOW64\tmp7F6D.tmp
2011-05-26 06:51:22 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2011-05-26 06:51:22 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2011-05-26 06:51:21 ----D---- C:\Program Files (x86)\BRS
2011-05-26 06:51:20 ----RA---- C:\Windows\SYSWOW64\tmpFFC3.tmp
2011-05-26 06:51:20 ----D---- C:\Program Files (x86)\OpenAL
2011-05-26 06:51:20 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2011-05-26 06:51:20 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2011-05-26 06:51:20 ----A---- C:\Windows\system32\wrap_oal.dll
2011-05-26 06:51:20 ----A---- C:\Windows\system32\OpenAL32.dll

======List of files/folders modified in the last 1 months======

2011-06-16 21:05:22 ----RD---- C:\Program Files
2011-06-16 21:05:22 ----D---- C:\Windows\Prefetch
2011-06-16 20:06:14 ----D---- C:\Windows\System32
2011-06-16 20:06:14 ----D---- C:\Windows\inf
2011-06-16 20:06:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-16 20:04:36 ----D---- C:\Windows\Temp
2011-06-16 19:43:07 ----D---- C:\Windows\system32\config
2011-06-16 19:11:44 ----HD---- C:\ProgramData
2011-06-16 19:04:17 ----D---- C:\Users\Qwertown\AppData\Roaming\ICQ
2011-06-16 18:56:27 ----D---- C:\Install
2011-06-16 07:08:02 ----SHD---- C:\System Volume Information
2011-06-16 06:49:24 ----D---- C:\Windows\SYSWOW64\sysprep
2011-06-14 01:06:15 ----D---- C:\Users\Qwertown\AppData\Roaming\uTorrent
2011-06-10 21:48:52 ----D---- C:\Users\Qwertown\AppData\Roaming\dvdcss
2011-06-07 20:35:39 ----D---- C:\Windows\system32\NDF
2011-06-06 20:13:00 ----D---- C:\Users\Qwertown\AppData\Roaming\Skype
2011-06-06 18:31:34 ----D---- C:\Windows\system32\Tasks
2011-06-06 18:29:38 ----D---- C:\Users\Qwertown\AppData\Roaming\skypePM
2011-06-06 18:28:23 ----D---- C:\Windows\system32\catroot2
2011-05-28 16:18:52 ----SHD---- C:\Windows\Installer
2011-05-28 16:10:22 ----D---- C:\Program Files (x86)\Common Files
2011-05-28 15:40:11 ----D---- C:\Windows
2011-05-26 18:34:15 ----D---- C:\Windows\SysWOW64
2011-05-26 08:17:52 ----RD---- C:\Program Files (x86)
2011-05-26 06:51:50 ----D---- C:\Windows\winsxs
2011-05-26 06:39:45 ----SD---- C:\ProgramData\Microsoft
2011-05-26 06:31:47 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-05 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-08-02 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-01 254528]
R1 SpyEmrg;Spy Emergency Driver; C:\Windows\System32\Drivers\spyemrg.sys [2009-09-17 15416]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-27 83120]
R2 WinFLdrv;WinFLdrv; C:\Windows\SysWOW64\WinFLdrv.sys [2010-08-28 21888]
R3 ActivHidSerMini;Promethean Serial Board Driver; C:\Windows\system32\DRIVERS\activhidsermini.sys [2008-06-16 65536]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-01-14 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 36720]
R3 prmvmouse;Promethean HID Mouse Service; C:\Windows\system32\DRIVERS\activmouse.sys [2008-06-16 7168]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\Windows\System32\Drivers\spyemrg_guard.sys [2009-09-17 16952]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2008-01-02 145024]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-05-08 20520]
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; C:\Windows\System32\Drivers\spyemrg_access.sys [2009-09-17 22584]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-26 203776]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-03-20 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-09-05 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-09-05 107832]
R2 SpyEmrgSrv;Spy Emergency Engine Service; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2010-09-30 3628672]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\HRY\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-20 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Fajn, takze jdem s mrchou zatocit

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  motji píše: Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Tak prikladam log, dekuji.



ComboFix 11-06-15.04 - Qwertown 16.06.2011 21:46:21.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.6142.4535 [GMT 2:00]
Spuštěný z: c:\users\Qwertown\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Qwertown\AppData\Local\ief.exe
c:\users\Qwertown\AppData\Local\ucg.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-16 do 2011-06-16 )))))))))))))))))))))))))))))))
.
.
2011-06-16 20:14 . 2011-06-16 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-16 19:05 . 2011-06-16 19:05 -------- d-----w- C:\rsit
2011-06-16 19:05 . 2011-06-16 19:05 -------- d-----w- c:\program files\trend micro
2011-06-16 17:11 . 2011-06-16 17:11 -------- d-----w- c:\programdata\PC Tools
2011-06-13 14:44 . 2011-06-13 14:44 -------- d-----w- c:\users\Qwertown\AppData\Local\GNE
2011-06-06 16:31 . 2011-06-06 16:32 -------- d-----w- c:\users\Qwertown\AppData\Local\{F8B71779-65BA-4E2A-9115-FD82E081F21B}
2011-05-28 14:21 . 2011-05-28 14:21 -------- d-----w- c:\programdata\BioWare
2011-05-28 14:10 . 2011-05-28 14:18 -------- d-----w- c:\program files (x86)\Common Files\BioWare
2011-05-28 13:40 . 2011-05-28 13:40 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2011-05-28 13:40 . 2011-05-28 14:18 -------- d-----w- c:\programdata\Media Center Programs
2011-05-26 16:43 . 2011-05-26 16:43 -------- d-sh--w- c:\programdata\DSS
2011-05-26 16:43 . 2011-05-26 16:43 -------- d-----w- c:\programdata\Codemasters
2011-05-26 16:34 . 2011-05-26 16:34 -------- d-----w- c:\windows\SysWow64\xlive
2011-05-26 16:34 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmp1FE0.tmp
2011-05-26 06:17 . 2011-05-26 16:34 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-05-26 06:17 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmp7F6D.tmp
2011-05-26 04:51 . 2011-03-19 13:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2011-05-26 04:51 . 2010-09-22 11:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2011-05-26 04:51 . 2011-05-26 16:34 -------- d-----w- c:\program files (x86)\BRS
2011-05-26 04:51 . 2011-05-26 16:34 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-26 04:51 . 2011-05-26 16:34 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-05-26 04:51 . 2011-05-26 16:34 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-26 04:51 . 2011-05-26 16:34 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-05-26 04:51 . 2011-05-26 04:51 -------- d-----w- c:\program files (x86)\OpenAL
2011-05-26 04:51 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmpFFC3.tmp
2011-05-22 12:07 . 2011-06-13 04:29 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmpFF45.tmp
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmp7EFF.tmp
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmp1FA0.tmp
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-03 07:47 . 2011-04-03 07:47 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-04-03 07:47 . 2011-04-03 07:47 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-04-03 07:47 . 2011-04-03 07:47 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"SpyEmergency"="c:\program files\NETGATE\Spy Emergency\SpyEmergency.exe" [2011-01-26 3683456]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\Drivers\spyemrg_access.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
S2 SpyEmrgSrv;Spy Emergency Engine Service;c:\program files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2010-09-30 3628672]
S2 WinFLdrv;WinFLdrv;SysWOW64\WinFLdrv.sys [x]
S3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\DRIVERS\activhidsermini.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [x]
S3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\DRIVERS\activmouse.sys [x]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\Drivers\spyemrg_guard.sys [x]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4cd55248-2dd4-11e0-bffb-982671748d2d}]
\shell\AutoRun\command - G:\autorun.exe -auto
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000Core.job
- c:\users\Qwertown\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-19 21:44]
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000UA.job
- c:\users\Qwertown\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-19 21:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
"ActivControl"="c:\program files\Activ Software\Activdriver\ActivControl2x64.exe" [2008-07-18 1695744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Spyware Doctor - c:\users\Qwertown\Desktop\sdsetup_aff.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-FolderLock6 - c:\program files\Folder Lock\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-195626693-1238686875-1063126848-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-195626693-1238686875-1063126848-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
.
**************************************************************************
.
Celkový čas: 2011-06-16 22:19:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-16 20:19
.
Před spuštěním: Volných bajtů: 14 586 920 960
Po spuštění: Volných bajtů: 14 552 899 584
.
- - End Of File - - 021638FE9CD4A23035067F6CC5317FE2

Omlouvam se za zdrzeni, pracovni povinnosti

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  RegLock::
  [HKEY_USERS\S-1-5-21-195626693-1238686875-1063126848-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
  [HKEY_USERS\S-1-5-21-195626693-1238686875-1063126848-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  File::
  c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000UA.job
  c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000Core.job
  
  Registry::
  [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4cd55248-2dd4-11e0-bffb-982671748d2d}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "Adobe Reader Speed Launcher"=-
  "Adobe ARM"=-
  "SunJavaUpdateSched"=-
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "ICQ"=-
  "DAEMON Tools Lite"=-
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Tak bohuzel jsem se taky dlouho nedostal k tomu to dotahnout do konce, takze prvni krok (TFC) proveden a i druhy krok proveden jen mi to rvalo, ze mam aktivni antivir desktop, sice jsem ho deaktivoval, ale asi to chtelo jeste deaktivovat nekde jinde. Mam Aviru. prikladam log, jo a jeste se nedostanu do document and setings a nejsem si jistej jestli je to tim co jsme provadeli nebo jsem nekde sam neco zmenil jak jsem se snazil vypnout antivir

-----------------------------------------------

ComboFix 11-07-06.02 - Qwertown 06.07.2011 19:19:28.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.6142.4796 [GMT 2:00]
Spuštěný z: c:\users\Qwertown\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Qwertown\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\~.inf
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-195626693-1238686875-1063126848-1000UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-06 do 2011-07-06 )))))))))))))))))))))))))))))))
.
.
2011-07-06 17:33 . 2011-07-06 17:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-21 18:27 . 2011-06-21 18:28 294742 ----a-w- c:\windows\SysWow64\~.tmp
2011-06-19 06:24 . 2011-06-19 06:24 -------- d-----w- c:\users\Qwertown\AppData\Roaming\SynthMaker
2011-06-17 14:53 . 2011-06-17 14:53 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-06-17 14:45 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-06-17 14:45 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-17 14:45 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-17 14:45 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-06-16 19:05 . 2011-06-16 19:05 -------- d-----w- C:\rsit
2011-06-16 19:05 . 2011-06-16 19:05 -------- d-----w- c:\program files\trend micro
2011-06-16 17:11 . 2011-06-16 17:11 -------- d-----w- c:\programdata\PC Tools
2011-06-13 14:44 . 2011-06-13 14:44 -------- d-----w- c:\users\Qwertown\AppData\Local\GNE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-04 05:32 . 2010-12-19 05:42 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-04 05:32 . 2010-12-19 05:42 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-20 04:42 . 2011-05-22 12:07 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-26 16:34 . 2011-05-26 04:51 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-26 16:34 . 2011-05-26 04:51 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-05-26 16:34 . 2011-05-26 04:51 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-26 16:34 . 2011-05-26 04:51 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-04-15 23:40 . 2011-05-26 16:34 809496 ----a-r- c:\windows\SysWow64\tmp1FE0.tmp
2011-04-15 23:40 . 2011-05-26 06:17 809496 ----a-r- c:\windows\SysWow64\tmp7F6D.tmp
2011-04-15 23:40 . 2011-05-26 04:51 809496 ----a-r- c:\windows\SysWow64\tmpFFC3.tmp
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmpFF45.tmp
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmp7EFF.tmp
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmp1FA0.tmp
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-16_20.16.34 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-02-28 06:32 . 2010-12-18 05:30 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 67072 c:\windows\SysWOW64\mshtmled.dll
- 2011-02-28 06:32 . 2010-12-18 05:26 12800 c:\windows\SysWOW64\msfeedssync.exe
+ 2011-06-17 14:49 . 2011-04-22 19:30 12800 c:\windows\SysWOW64\msfeedssync.exe
- 2011-02-28 06:32 . 2010-12-18 05:30 64512 c:\windows\SysWOW64\msfeedsbs.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 64512 c:\windows\SysWOW64\msfeedsbs.dll
- 2011-02-28 06:32 . 2010-12-18 05:32 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2011-02-28 06:32 . 2010-12-18 05:29 44544 c:\windows\SysWOW64\licmgr10.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 44544 c:\windows\SysWOW64\licmgr10.dll
- 2011-02-28 06:32 . 2010-12-18 05:29 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2011-06-17 14:49 . 2011-03-03 05:27 28672 c:\windows\SysWOW64\dnscacheugc.exe
- 2009-07-13 23:38 . 2009-07-14 01:14 28672 c:\windows\SysWOW64\dnscacheugc.exe
- 2009-07-14 04:54 . 2011-06-14 20:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-06 14:11 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-06 14:11 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-14 20:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-06 14:11 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-14 20:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-17 14:49 . 2011-02-19 05:32 34304 c:\windows\SysWOW64\atmlib.dll
- 2011-02-28 06:32 . 2011-01-07 07:27 34304 c:\windows\SysWOW64\atmlib.dll
+ 2010-08-19 17:18 . 2011-07-06 17:06 43194 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-06 17:06 38332 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-08-19 16:04 . 2011-07-06 16:12 12366 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-195626693-1238686875-1063126848-1000_UserData.bin
- 2011-02-28 06:32 . 2010-12-18 06:12 97280 c:\windows\system32\mshtmled.dll
+ 2011-06-17 14:49 . 2011-04-22 20:14 97280 c:\windows\system32\mshtmled.dll
- 2011-02-28 06:32 . 2010-12-18 06:08 12288 c:\windows\system32\msfeedssync.exe
+ 2011-06-17 14:49 . 2011-04-22 20:09 12288 c:\windows\system32\msfeedssync.exe
+ 2011-06-17 14:49 . 2011-04-22 20:14 82944 c:\windows\system32\msfeedsbs.dll
- 2011-02-28 06:32 . 2010-12-18 06:12 82944 c:\windows\system32\msfeedsbs.dll
- 2011-02-28 06:32 . 2010-12-18 06:15 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2011-06-17 14:49 . 2011-04-22 20:18 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2011-06-17 14:49 . 2011-04-22 20:14 57856 c:\windows\system32\licmgr10.dll
- 2011-02-28 06:32 . 2010-12-18 06:11 57856 c:\windows\system32\licmgr10.dll
+ 2011-06-17 14:49 . 2011-02-05 12:41 20352 c:\windows\system32\kdusb.dll
+ 2011-06-17 14:49 . 2011-02-05 12:41 17792 c:\windows\system32\kdcom.dll
+ 2011-06-17 14:49 . 2011-02-05 12:41 19328 c:\windows\system32\kd1394.dll
+ 2011-06-17 14:49 . 2011-04-22 20:13 64512 c:\windows\system32\jsproxy.dll
- 2011-02-28 06:32 . 2010-12-18 06:11 64512 c:\windows\system32\jsproxy.dll
- 2009-07-13 23:54 . 2009-07-14 01:39 30208 c:\windows\system32\dnscacheugc.exe
+ 2011-06-17 14:49 . 2011-03-03 06:14 30208 c:\windows\system32\dnscacheugc.exe
+ 2010-08-19 15:58 . 2011-07-06 17:07 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-19 15:58 . 2011-06-16 18:48 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-19 15:58 . 2011-06-16 18:48 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-08-19 15:58 . 2011-07-06 17:07 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-16 18:48 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-06 17:07 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-02-28 06:32 . 2011-01-07 08:06 46080 c:\windows\system32\atmlib.dll
+ 2011-06-17 14:49 . 2011-02-19 06:36 46080 c:\windows\system32\atmlib.dll
+ 2010-08-19 16:29 . 2011-07-06 17:06 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-19 16:29 . 2011-06-16 17:46 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:46 . 2011-05-27 17:38 72456 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:46 . 2011-06-24 03:25 72456 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-08-19 16:29 . 2011-07-06 17:06 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-08-19 16:29 . 2011-06-16 17:46 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-08-19 16:29 . 2011-07-06 17:06 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-08-19 16:29 . 2011-06-16 17:46 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-19 16:21 . 2011-07-06 17:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-19 16:21 . 2011-06-16 17:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-19 16:21 . 2011-06-16 17:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-19 16:21 . 2011-07-06 17:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-17 14:56 . 2011-06-17 14:56 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
- 2011-02-28 06:35 . 2011-02-28 06:35 49936 c:\windows\Installer\{95120000-00AF-0405-0000-0000000FF1CE}\ppvwicon.exe
+ 2011-06-17 15:02 . 2011-06-17 15:02 49936 c:\windows\Installer\{95120000-00AF-0405-0000-0000000FF1CE}\ppvwicon.exe
- 2010-12-31 12:28 . 2011-02-28 06:34 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-12-31 12:28 . 2011-06-17 14:56 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-06-17 14:53 . 2011-06-17 14:53 32768 c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2010-09-20 21:07 . 2010-09-20 21:07 70584 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\adobeextractfiles.dll
+ 2011-06-18 19:23 . 2011-06-18 19:23 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\25e24b9842af6168a95af6447edd84e7\System.Windows.Presentation.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\88ae41e083b3ac7a04f1fb2dc60b6b92\System.Web.DynamicData.Design.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\61c4342c01fae3975e5b03d3f68bd8f3\PresentationFontCache.ni.exe
+ 2011-06-17 18:33 . 2011-06-17 18:33 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\2165f694f68ea31be5c889744b7f376a\PresentationCFFRasterizer.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\15fbefcc4df790796823a7e2e4ede4ad\Microsoft.WSMan.Runtime.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\9a85013711975f888dbdcd9ba29f7cd9\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8eaf21ff4ec85e8c20ca71d336b90aa5\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\72d8c360968f8ae94a59e3e6a6d4f9f4\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\5495a3448acaa8da2c0d5e4699d04941\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\4d77bcbe01e9270c4fde9bbb3d7038a3\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\029c17cd07099cb16415232678393a38\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-06-17 18:31 . 2011-06-17 18:31 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\40cd41798c41838f8b9a5d37321e6cc3\Microsoft.VisualC.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 64000 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\d5441617d5ad5fbad107e22991718992\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 66048 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\0dc3e0ef50eb4b78bddfe30e8763f5af\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\df60a61d94b1a28cbe352cec3ca38303\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\87a5c18a75ce5dbefd5449ccf7e14015\LoadMxf.ni.exe
+ 2011-06-18 05:46 . 2011-06-18 05:46 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\21ac98f7be6a727c836381b75bfc70aa\ehiUPnP.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\d8496707757be9191cf8ab416cd4cc55\ehiTVMSMusic.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\3a636596125a4a71c7aebc8040a23b95\dfsvc.ni.exe
+ 2011-06-18 05:44 . 2011-06-18 05:44 33280 c:\windows\assembly\NativeImages_v2.0.50727_64\AuditPolicyGPManage#\0b302affa475e169e501799f02263e7a\AuditPolicyGPManagedStubs.Interop.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\9d237481823f88cbb89c0834d85df526\Accessibility.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\b85e99e0e2796daa62e3514e229df37a\WindowsLiveWriter.ni.exe
+ 2011-06-18 05:40 . 2011-06-18 05:40 81408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ef45ec522b2fd9ba886df63183fcf699\WindowsLive.Writer.Passport.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\44e9489d2fa2bb1380584a1530d0fab7\WiaProxy32.ni.exe
+ 2011-06-17 18:36 . 2011-06-17 18:36 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\6a8a0fb15f936916d6e51ab8538cff35\UIAutomationProvider.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\4bffc57a97a74462320698ec8d35bb50\System.Windows.Presentation.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\488e644a3bb2fae3aa18fc8853f62bad\System.Web.DynamicData.Design.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\648f4f68ecefd8f36e31e47fd56d941c\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\9527a25b7d80904951b6dd248b7ce04e\System.AddIn.Contract.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\59cace9a8ff0a24736f137c3e587273d\PresentationFontCache.ni.exe
+ 2011-06-17 18:36 . 2011-06-17 18:36 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\29b15b9eef203908b55751af62b163e2\PresentationCFFRasterizer.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\f4c3808dd2780198b469629de091dc14\napcrypt.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\c80b25dbf6abbec80fa0797142181f0a\Microsoft.WSMan.Runtime.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ca665309b6753bc6126567290689ba4e\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\bf84cf9013c3d7bee5ad42c3bc04b2fe\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\b8dcbfd51e0d89e7e16048c9efbc6aad\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\8342c096f1660f99a19b30529fd105d3\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 86016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\6d6df1b863e704b425cb7610b9cf9343\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\5aa44d13c29d5251935666fbcc4f9d7c\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\13d89aae42327385e99037b0a1b97181\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\dc288223f0c505d04491a2a67074cb98\Microsoft.Vsa.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\12de3a3ae03044c5c1684ac7181358d2\Microsoft.VisualC.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\659d1348dcd75fd91e5ffd2511a27f09\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\0ab78aedb70574867c80b6bb2eaef022\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d07ea523785675cf42d9b9db1f462f53\Microsoft.Build.Framework.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\90df6fcb66dc94accdf887701b730d76\Microsoft.Build.Framework.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\ed6f04a2d417e68f0fd680a22d3b7b31\Interop.WIA.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\aac55d605c2ac3537a6ad1e463759480\ehiUserXp.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\f6a3bc61f8be1c37cb60328dd7379d90\dfsvc.ni.exe
+ 2011-06-18 05:40 . 2011-06-18 05:40 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\e6da3791406b6d71a01f9f5faf72fa0a\AuditPolicyGPManagedStubs.Interop.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\11ebcba65c931267301739008a883e60\Accessibility.ni.dll
- 2010-09-15 15:13 . 2011-06-16 17:43 3826 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-09-15 15:13 . 2011-07-03 21:51 3826 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-07-06 17:34 . 2011-07-06 17:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-16 20:15 . 2011-06-16 20:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-06 17:34 . 2011-07-06 17:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-16 20:15 . 2011-06-16 20:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-17 14:49 . 2011-04-22 19:31 981504 c:\windows\SysWOW64\wininet.dll
- 2011-02-28 06:32 . 2010-12-18 05:32 981504 c:\windows\SysWOW64\wininet.dll
+ 2011-06-17 14:49 . 2011-02-18 05:36 428032 c:\windows\SysWOW64\vbscript.dll
- 2011-02-28 06:32 . 2011-01-05 05:37 428032 c:\windows\SysWOW64\vbscript.dll
- 2009-07-14 00:06 . 2009-07-14 01:16 850432 c:\windows\SysWOW64\sbe.dll
+ 2011-06-17 14:50 . 2010-12-23 05:28 850432 c:\windows\SysWOW64\sbe.dll
+ 2011-06-17 14:49 . 2010-12-18 05:31 571904 c:\windows\SysWOW64\oleaut32.dll
- 2009-07-13 23:44 . 2009-07-14 01:16 571904 c:\windows\SysWOW64\oleaut32.dll
- 2011-02-28 06:32 . 2010-12-18 05:30 606208 c:\windows\SysWOW64\mstime.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 606208 c:\windows\SysWOW64\mstime.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 599552 c:\windows\SysWOW64\msfeeds.dll
+ 2011-06-20 04:42 . 2011-06-20 04:42 240288 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe
+ 2011-06-20 04:42 . 2011-06-20 04:42 321184 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.dll
+ 2011-06-17 14:49 . 2011-02-18 05:35 716800 c:\windows\SysWOW64\jscript.dll
- 2011-02-28 06:32 . 2011-01-05 05:34 716800 c:\windows\SysWOW64\jscript.dll
- 2011-02-28 06:32 . 2010-12-18 05:29 176640 c:\windows\SysWOW64\ieui.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 176640 c:\windows\SysWOW64\ieui.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 185856 c:\windows\SysWOW64\iepeers.dll
- 2011-02-28 06:32 . 2010-12-18 05:29 185856 c:\windows\SysWOW64\iepeers.dll
- 2011-02-28 06:32 . 2010-12-18 05:29 381440 c:\windows\SysWOW64\iedkcs32.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 381440 c:\windows\SysWOW64\iedkcs32.dll
- 2009-07-14 00:41 . 2009-07-14 01:16 534528 c:\windows\SysWOW64\EncDec.dll
+ 2011-06-17 14:50 . 2010-12-23 05:28 534528 c:\windows\SysWOW64\EncDec.dll
+ 2011-06-17 14:49 . 2011-03-03 05:29 269824 c:\windows\SysWOW64\dnsapi.dll
- 2009-07-13 23:12 . 2009-07-14 01:15 269824 c:\windows\SysWOW64\dnsapi.dll
+ 2011-06-17 14:50 . 2010-12-23 05:28 642048 c:\windows\SysWOW64\CPFilters.dll
+ 2011-06-17 14:49 . 2011-02-19 03:37 294912 c:\windows\SysWOW64\atmfd.dll
+ 2011-06-17 14:49 . 2011-02-05 12:39 518160 c:\windows\system32\winresume.exe
+ 2011-06-17 14:49 . 2011-02-05 12:39 603976 c:\windows\system32\winload.exe
+ 2010-08-21 14:47 . 2011-07-03 06:11 497150 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-06-17 14:49 . 2011-02-18 06:37 612352 c:\windows\system32\vbscript.dll
- 2011-02-28 06:32 . 2011-01-05 06:20 612352 c:\windows\system32\vbscript.dll
- 2009-07-14 02:36 . 2011-06-16 18:06 606992 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-07-06 17:08 606992 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-07-06 17:08 622422 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-06-16 18:06 622422 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-06-16 18:06 103370 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-07-06 17:08 103370 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2011-06-16 18:06 118604 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2011-07-06 17:08 118604 c:\windows\system32\perfc005.dat
+ 2011-06-17 14:49 . 2010-12-18 06:13 861184 c:\windows\system32\oleaut32.dll
- 2009-07-13 23:59 . 2009-07-14 01:41 861184 c:\windows\system32\oleaut32.dll
+ 2011-06-17 14:49 . 2011-04-22 20:14 703488 c:\windows\system32\msfeeds.dll
- 2011-02-28 06:32 . 2010-12-18 06:12 703488 c:\windows\system32\msfeeds.dll
- 2011-02-28 06:32 . 2011-01-05 06:16 852480 c:\windows\system32\jscript.dll
+ 2011-06-17 14:49 . 2011-02-18 06:36 852480 c:\windows\system32\jscript.dll
- 2011-02-28 06:32 . 2010-12-18 06:11 247808 c:\windows\system32\ieui.dll
+ 2011-06-17 14:49 . 2011-04-22 20:13 247808 c:\windows\system32\ieui.dll
- 2011-02-28 06:32 . 2010-12-18 06:11 256000 c:\windows\system32\iepeers.dll
+ 2011-06-17 14:49 . 2011-04-22 20:13 256000 c:\windows\system32\iepeers.dll
+ 2011-06-17 14:49 . 2011-04-22 20:13 445952 c:\windows\system32\iedkcs32.dll
- 2011-02-28 06:32 . 2010-12-18 06:11 445952 c:\windows\system32\iedkcs32.dll
+ 2009-07-14 04:45 . 2011-06-17 18:29 288088 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2011-03-04 19:42 288088 c:\windows\system32\FNTCACHE.DAT
+ 2011-06-17 14:50 . 2010-12-23 06:07 723968 c:\windows\system32\EncDec.dll
+ 2011-06-17 14:50 . 2011-04-29 03:12 161792 c:\windows\system32\drivers\srvnet.sys
- 2011-02-28 06:30 . 2010-08-27 03:37 161792 c:\windows\system32\drivers\srvnet.sys
+ 2011-06-17 14:50 . 2011-04-29 03:12 399872 c:\windows\system32\drivers\srv2.sys
+ 2011-06-17 14:50 . 2011-04-29 03:13 461312 c:\windows\system32\drivers\srv.sys
+ 2011-06-17 14:49 . 2011-05-04 02:51 126464 c:\windows\system32\drivers\mrxsmb20.sys
+ 2011-06-17 14:49 . 2011-05-04 02:51 287744 c:\windows\system32\drivers\mrxsmb10.sys
+ 2011-06-17 14:49 . 2011-05-04 02:51 157696 c:\windows\system32\drivers\mrxsmb.sys
- 2010-08-20 04:20 . 2010-02-27 07:52 157696 c:\windows\system32\drivers\mrxsmb.sys
- 2009-07-13 23:23 . 2009-07-13 23:23 102400 c:\windows\system32\drivers\dfsc.sys
+ 2011-06-17 14:49 . 2011-04-27 02:57 102400 c:\windows\system32\drivers\dfsc.sys
+ 2011-06-17 14:49 . 2011-04-25 02:44 499712 c:\windows\system32\drivers\afd.sys
- 2009-07-13 23:21 . 2009-07-14 01:40 182272 c:\windows\system32\dnsrslvr.dll
+ 2011-06-17 14:49 . 2011-03-03 06:17 182272 c:\windows\system32\dnsrslvr.dll
- 2009-07-13 23:21 . 2009-07-14 01:40 356352 c:\windows\system32\dnsapi.dll
+ 2011-06-17 14:49 . 2011-03-03 06:17 356352 c:\windows\system32\dnsapi.dll
+ 2011-06-17 14:50 . 2010-12-23 06:07 961024 c:\windows\system32\CPFilters.dll
+ 2009-07-14 05:12 . 2011-07-06 17:07 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-06-16 05:07 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-06-17 14:49 . 2011-02-05 12:39 518160 c:\windows\system32\Boot\winresume.exe
+ 2011-06-17 14:49 . 2011-02-05 12:39 603976 c:\windows\system32\Boot\winload.exe
+ 2011-06-17 14:49 . 2011-02-19 04:13 367104 c:\windows\system32\atmfd.dll
- 2010-08-19 16:29 . 2010-08-20 04:56 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-08-19 16:29 . 2011-06-17 18:32 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-12-31 12:42 . 2011-07-06 17:33 963032 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-08-20 04:29 . 2010-05-20 22:38 485192 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll
+ 2011-06-17 14:49 . 2011-02-07 23:30 485192 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll
+ 2011-06-17 14:49 . 2011-02-07 23:35 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2010-08-20 04:29 . 2010-05-20 22:49 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-06-17 14:49 . 2011-02-07 23:35 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2009-07-13 20:46 . 2009-06-10 21:23 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2010-08-20 04:29 . 2010-05-20 22:49 995160 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-06-17 14:49 . 2011-02-07 23:35 995160 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-04-19 02:54 . 2011-04-19 02:54 227328 c:\windows\Installer\c9472.msi
+ 2010-09-20 21:07 . 2010-09-20 21:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\readerupdater.exe
+ 2010-09-20 21:07 . 2010-09-20 21:07 932288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\adobearm.exe
+ 2010-09-20 21:07 . 2010-09-20 21:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobatupdater.exe
+ 2011-06-18 19:24 . 2011-06-18 19:24 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\a204d00ba10c911f00293014caafc2a9\WsatConfig.ni.exe
+ 2011-06-18 19:24 . 2011-06-18 19:24 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\24f5de449f83de20ab6e7cd6636a74c0\WindowsFormsIntegration.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\98ed2ce59a02b2ad53b96c0c3b6a874e\UIAutomationTypes.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\69f823739fd264e2405cc8af76c2196f\UIAutomationProvider.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\8a1c25a6532f4078b303d6aa1333065f\UIAutomationClient.ni.dll
+ 2011-06-18 19:24 . 2011-06-18 19:24 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\4ce28e6887c5110334a0523de81a5b59\TaskScheduler.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\b819f184922b7faef750b18a0d82e858\System.Xml.Linq.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\02c01af0907002c36a1b898d0bc3c31c\System.Web.Routing.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\e710c7ee94372b7b828e50af9a40755d\System.Web.RegularExpressions.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\66669158b4e8688fbbdeefc9a680b46c\System.Web.Entity.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\acbbfd99fb86d00db846d84739841e34\System.Web.Entity.Design.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\edcdc55c2f52e4a141ab5c7fb26bce59\System.Web.DynamicData.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\cedb3051c72884cec81d0979940da378\System.Web.Abstractions.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f0bbdfdeb16f0ee1fdaf0877f7d88cfc\System.Transactions.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\78823484d7145e65b3ee87fe946b4fae\System.ServiceProcess.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\ae5dbb7ece9715387344b40d44249877\System.Security.ni.dll
+ 2011-06-17 18:33 . 2011-06-17 18:33 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\e2661f961657f6705544823d25728184\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\091778aa3187d35535f90b00dd95baef\System.Net.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\2939541c1b3a1563d6a7877df6d6e6e8\System.Messaging.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\6d89678666d49bb027764c8c0879f032\System.Management.Instrumentation.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 569344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\cbd156c642f9698caa21a622cdfe29c2\System.IO.Log.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\ea431ab37ee44a253dd95f563d4376a7\System.IdentityModel.Selectors.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\ba9279746ba6eb498176b0130bc1340c\System.EnterpriseServices.Wrapper.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\7cddebcb28b0e9fcbfe66a244eb7cd61\System.Drawing.Design.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\e7b23ec962ae6a9b0e69547ae4bd4d98\System.DirectoryServices.Protocols.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 493056 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\c1a0f4689ae1cf73a0416e70e946f87b\System.Data.Services.Design.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\8d5d24a53750f68ed069d218548310c7\System.Data.DataSetExtensions.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\b486333468a782e0d7433bd494480df0\System.Configuration.Install.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\e396dd0bab3b9a38d0a8b6a84b3a8409\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\cfb735ab4102c23ddda6411e3e1c2a1d\System.AddIn.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\f439fd4698b29680c6387ed258592edc\System.AddIn.Contract.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\76f801595d49c56ab3d0dd86cff7ce5d\sysglobl.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\731e7ded67383623d69d38aab9696c84\SMSvcHost.ni.exe
+ 2011-06-18 05:45 . 2011-06-18 05:45 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\8b2a0f357186101fe26a7ed196b396fe\SMDiagnostics.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 377344 c:\windows\assembly\NativeImages_v2.0.50727_64\SecurityAuditPolici#\8632b60a3e70524cba303fe47baa49eb\SecurityAuditPoliciesSnapIn.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\fa7db7310a8415385632395042607d6d\PresentationFramework.Aero.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\615e2449f6de31234a1b04131d972cc8\PresentationFramework.Royale.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\5f0119616775b2bab899d8768c7a909c\PresentationFramework.Luna.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 279040 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\1a7aaba1ab9c2e3d2edf48cea9509552\PresentationFramework.Classic.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 241152 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.SystemL#\e6bdb2fd68384272a90c5d45134bd67e\PaintDotNet.SystemLayer.Native.x64.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 415232 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Resourc#\1220552684b7dd8a8640e79c3f70d6ca\PaintDotNet.Resources.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 764416 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Data\5c2bca9f2209bf423a841bab7acbfac3\PaintDotNet.Data.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\b904e2dc6fe9a06c3fdecf1586444989\napsnap.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\d163c4448708f49b85ec59c3fec91350\napinit.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\765a4776917e3f7190e004ac708e4021\naphlpr.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\b121712a09393bbea7d98025920d496d\napcrypt.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\3678d0857e9ad8ef89b40a47ec7035e9\MSBuild.ni.exe
+ 2011-06-18 05:47 . 2011-06-18 05:47 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\1edce855e47b6279c45b04ccd67b18e2\MMCFxCommon.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 681472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\58eab56a3dad06abd5678683831d9f0c\Microsoft.WSMan.Management.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\94cc0bd657babf3f9d75aef3d45d512a\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\0a653cd63f7ee2f2ad8544e5f0e7e771\Microsoft.Vsa.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\e4bdf0f9949189329b888af10a8be118\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 934912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\f66b70cbc1123b23d1b49f1161bf3dab\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 235008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\6acabf9acfcc0e3e7f31823a53a41e07\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 318976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\5385193ba721cc248d7f923b8b6ccd1f\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 275456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\489f816fef7b097920d5d76b7c4ed96e\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\b8bd0ab3d0711bee247473a6bc005824\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\829e156651ae88ec5e327b73894d49fa\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\64afcf8829889a21cf4a893acd6fe54b\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\5ec243876e1b251455de6f9ea14510a5\Microsoft.PowerShell.Security.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ecd61a6b41ee15a514c4a6e65d9c0348\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\46b1931ac42cc387dd3fa93058109223\Microsoft.MediaCenter.Mheg.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\39f354f4d41e85e8b2b19d3528e0bce5\Microsoft.MediaCenter.iTv.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\2777b647e3b2a61111c8475d2c47912c\Microsoft.MediaCenter.Sports.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\26812a570cb9fe2364578144024307f5\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\147fe6e09b6af26c1572ba5a10668d49\Microsoft.MediaCenter.Interop.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\0c4570cfb10e0bf67d7e6305e8ccbac3\Microsoft.MediaCenter.Playback.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 797696 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\35292b1c40de7c9b70fac10964a0564c\Microsoft.ManagementConsole.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 618496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\faff7fb04e8ab9897782b73007ed4976\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 399360 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\8b8c3d5495b809ec603fc68c53f0fb0b\Microsoft.GroupPolicy.Interop.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\d832ebab9b336bd7d7d5a9a6ce8358d6\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\7782d5404093d2c5a723ce1a2ca4a9c8\Microsoft.Build.Utilities.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\fe49e18822f811ba5885934068e4c6d5\Microsoft.Build.Framework.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\766c3fae1b31c90c12144de7ba802166\Microsoft.Build.Framework.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\302e5bd7cd8eb1a91092f24e4aada304\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 423424 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\a9ab001644846a7c73cd53ff326953af\Microsoft.ApplicationId.Framework.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 727040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\0ce51505f5d143aa1f1ce4024595f9a9\Microsoft.ApplicationId.RuleWizard.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 107008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\fc157b89a64f9c5f4ff321b60e49dda8\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\6d7e0873f16833c344e9b9b5585282d1\Mcx2Dvcs.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 545792 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\b18904063ad2a46e22e84bb471555e59\mcupdate.ni.exe
+ 2011-06-18 05:46 . 2011-06-18 05:46 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\c73cb1372bb50cc34bc639d067091bca\mcstoredb.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\29348ab244a52357c952b2627c589114\mcplayerinterop.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\6885e68ac29ace04f80f61b1bd72b933\mcGlidHostObj.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\367ce4c9806b5b0d3399a86036a3f9de\MCESidebarCtrl.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 262144 c:\windows\assembly\NativeImages_v2.0.50727_64\Interop.WIA\2dc15d81801a0640b71a41876ab4601b\Interop.WIA.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 714240 c:\windows\assembly\NativeImages_v2.0.50727_64\ICSharpCode.SharpZi#\713fc6f2ab1b0a997a74835450a05ec5\ICSharpCode.SharpZipLib.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\938c373c9e414f1c3360674f925da421\EventViewer.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\f4dd0e77620788a62248f7ce449c5bb2\ehRecObj.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\96f0e431b898ab61ce982efb5029a575\ehiWUapi.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\27869a1b711abd758db6434784e3e924\ehiwmp.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\207c5f9fb2a43197c5847af6d83b10d7\ehiUserXp.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\4b121c97bf8825d527814204f40349ff\ehiiTv.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\b0850300010766f4cb1d54868c5e8000\ehiExtens.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\58dcdd95ed5632ed521f78e7b8b6d2ef\ehiBmlDataCarousel.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 125440 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\4e199fc5639e7c976bd08bd7ce1a2d40\ehiActivScp.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\bb7a1dfe12563a04a33c7454823ea14a\ehExtHost.ni.exe
+ 2011-06-18 05:46 . 2011-06-18 05:46 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\4d0ab98537a118b62771dd0dfc84a2ef\ehCIR.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\441d1cc78fd9efcc1d6f75759ae3b5fe\CustomMarshalers.ni.dll
+ 2011-06-18 05:45 . 2011-06-18 05:45 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\c92afe3489a1236dfb52ec202ec835d1\ComSvcConfig.ni.exe
+ 2011-06-18 05:44 . 2011-06-18 05:44 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\b5866d13f13973cb6c1ed4f34da3a307\BDATunePIA.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\92820867d7756b2ee6e784d106f4082e\WsatConfig.ni.exe
+ 2011-06-18 05:40 . 2011-06-18 05:40 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\3e803fc5aef6d73d1c16bc6a78d83133\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 374272 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f9e9f4414180c20847a701afa54c9107\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 890880 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dc21015ca39daa60f36a8239a75cfc76\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d866bb47d775be19d9a10cc2014f86e0\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d228f762ef31003a146192e319675b61\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cd41096a8d07c7bab1b4ae0b9bf2f972\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ab3cb928b11136b32326d9dc580222d6\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 780288 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aab8355596406c879658d8db638f9dfe\WindowsLive.Writer.Controls.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\92c0158518246a43c2528d53f53a4bc6\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8fbb87bc3a3c702c610606e1d40361e4\WindowsLive.Writer.Api.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\84287b3fa852ed8f6c52c477e0c08950\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7bcf9241898c162e1922a281cc149439\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\78ac46df4e0eb84984b0f6d418ade02c\WindowsLive.Writer.Interop.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\308bf04b2b406ad92e4e9efa7877ec74\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0c44da3ae0aee6a17506177341447349\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 223232 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\3cc129913cd627477b709ef64e7f837e\WindowsLive.Client.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\dc92545eebf5f0ab962c9e04f6371873\WindowsFormsIntegration.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\7f7d2046655d4c9869df1400e96ef148\UIAutomationTypes.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\b46016e46c49f5c6e454d799fe3905a1\UIAutomationClient.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\94b7b6fdf4fae7d8729f497accebfc51\TaskScheduler.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\d5dfe3fcbea2923bfa33430ff487ffb6\System.Xml.Linq.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\ed71e07845afe0a93b7746b6430dda73\System.Web.Routing.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\86f6b6c6f39adbf30b16f0010eae55ed\System.Web.RegularExpressions.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\d9aef815443e4d3c10bc05e599a80567\System.Web.Extensions.Design.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e194364704c7634d78692566990695e1\System.Web.Entity.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\e35377eb04faaa818ab7594cfc25c383\System.Web.Entity.Design.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af6bfa76fd64a29416ed911c599a8f63\System.Web.DynamicData.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\ee6d962b3e3145a009995d2a12526492\System.Web.Abstractions.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4be7719ea0e1f2ba2d3fde051d1ef7ab\System.Transactions.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\b6d66d3c48e430796c17d0497ce37972\System.ServiceProcess.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 680960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\395fc7d9f333940351a74aaab5d6ae99\System.Security.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ad1106dcb485b61902595ebdbac11003\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\3edb259ce4002a23b081c7499169a03d\System.Net.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\5881d9447d785713df04b6eef6daf417\System.Messaging.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 997888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\94eb4ca06f43edf88bbdecd3729657d5\System.Management.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\88d1e8766ea70faf415ff33ae68ab296\System.Management.Instrumentation.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\faadac81c1e5803ee56cd14b45f4e05c\System.IO.Log.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\f57bc1904dcf818df2884ea65086a288\System.IdentityModel.Selectors.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\d571165dafc1dd90e3450ea2a1325657\System.EnterpriseServices.Wrapper.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\d571165dafc1dd90e3450ea2a1325657\System.EnterpriseServices.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ee36fbb280cddb3efe592efd9119c8d5\System.Drawing.Design.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 887808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\fddab756434edabe6389b3b2e3edfbee\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\fcffd264d279dfade0e9e81676e2be2e\System.DirectoryServices.Protocols.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 356864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\d6485a7b50ca90fa320ac63da3285585\System.Data.Services.Design.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 946176 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\12cc161596458a54666bfb0f47b84c20\System.Data.Services.Client.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 762880 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\9d990cc6b3b48a7362036791beb16552\System.Data.Entity.Design.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\08f80695e275fb341524fc324ce572c1\System.Data.DataSetExtensions.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\6ab5ba34d9ef6368859b41a78d77cb8b\System.Configuration.Install.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\c23507b5fb2ac12c725e5b21e9876718\System.AddIn.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\2309cc00d60111e583b7a5da3bb9e66e\sysglobl.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\1c87b6d89d1bb464c9ff1d8ce8e0d7ed\SMSvcHost.ni.exe
+ 2011-06-18 05:41 . 2011-06-18 05:41 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\c33c0219534ddfe640fe44ccccb41f2b\SMDiagnostics.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 295424 c:\windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\d5afcedb74934d7de0accdbe061a907a\SecurityAuditPoliciesSnapIn.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b3063a90df90a31a7ab2524bac40b7fc\PresentationFramework.Classic.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b0aaab2b6a3abd5d4a54bdf346152416\PresentationFramework.Luna.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e1f199a523bdc014cd19072d583e7cc\PresentationFramework.Aero.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\35bfb432b168fb51731c8257117093aa\PresentationFramework.Royale.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\39cef9cd41423580220236c5bfc9605a\PaintDotNet.SystemLayer.Native.x86.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 900096 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\1b0cb62afa42d8cff45f71038e0b7305\PaintDotNet.SystemLayer.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\dfaf49c71ce598aaeb860317ca4cfad0\PaintDotNet.Base.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\7ab917a7b1576bca7dc9fb2cf9a53569\napsnap.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\aad191f43e9b4a127501040f917380e6\napinit.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\b0ae87278eb84e2b831103df63fa2657\naphlpr.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\f23c6ad56ad4605afc688022a386f2ad\MSBuild.ni.exe
+ 2011-06-18 05:41 . 2011-06-18 05:41 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\e7bf0bdf0202180ab0ef3aa522762b60\MMCFxCommon.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 531456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\27b7aa571ad3e6f9120fb3fb6f869f07\Microsoft.WSMan.Management.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\51d5e62fd2fbf00f545f39e0d024a98c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 187392 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\edf1b1c9d2a7915c512beeeac4a5e3ce\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 157184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\d4c5eaed8216d6a1366691b6cfbb2e94\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 210944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\9aa149d4446f1f759a65b8b79be2254e\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 837120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\497903610d745d903aa084080fc832ec\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e47d78eaaf4e73ffbb55c2e5f3d2c816\Microsoft.PowerShell.Security.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d5dca4260f2ade8d607daf1698ba73ea\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b0b2c2cd14cfba3ff2c6939de43bfd48\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\94b2b89b9ab207a928b5ae14ddab7fb1\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 785920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1e659b044679bf346882b726851ba3e9\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\8f5d31794203c5d9ba6c89af26d33587\Microsoft.ManagementConsole.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 286208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\d95c64cf7064273f3d4c2d49dc6ac812\Microsoft.GroupPolicy.Interop.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 455168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\a86a229fe1f87aeae9f99a231443bb16\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4f0f296e30faa9a8276944f6b55faa57\Microsoft.Build.Utilities.ni.dll

pokracovani :


+ 2011-06-18 05:41 . 2011-06-18 05:41 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\46bf9580c6422121b8f20e0d35d30cde\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\85e2726db1f258e49f0d71c3de15d096\Microsoft.Build.Engine.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0813e2893e5acbc57418c7e30a93b516\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 587264 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\e474d273e878697930db5a0c860aa818\Microsoft.ApplicationId.RuleWizard.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 316928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\c6c68d2987cc81aa7e06a8b2914d950a\Microsoft.ApplicationId.Framework.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\24c4963d5d60d9c64b9b845c73293674\mcstoredb.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\c5d0b89f0fe0d02f0c7e8393342c2463\EventViewer.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\25ffd1e38bc3cef6dc5e8db63b31d073\ehRecObj.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\fee78ce453770a7f8f01a80cba88f870\ehiVidCtl.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\8b5dfd678af2ce1e63f4fb45c35247d7\ehiProxy.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\134fdbf744efb0166c20d53bf2eee245\ehiExtens.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\57e8cac6b563dadf43235da308f3cad7\ehExtHost32.ni.exe
+ 2011-06-18 05:41 . 2011-06-18 05:41 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\690ef8a86cc2ce3dd973cf0ee4ca8cd0\CustomMarshalers.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4c15a608346fc62b46765dd106e3c43f\ComSvcConfig.ni.exe
+ 2011-06-18 05:40 . 2011-06-18 05:40 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\1c02b1d787025d0361fb319b6548e79e\BDATunePIA.ni.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 1229824 c:\windows\SysWOW64\urlmon.dll
- 2011-02-28 06:32 . 2010-10-27 04:43 3901824 c:\windows\SysWOW64\ntoskrnl.exe
+ 2011-06-17 14:50 . 2011-04-09 06:13 3901824 c:\windows\SysWOW64\ntoskrnl.exe
+ 2011-06-17 14:50 . 2011-04-09 06:13 3957632 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2009-07-20 22:05 . 2009-07-20 22:05 1348432 c:\windows\SysWOW64\msxml4.dll
+ 2011-06-17 14:49 . 2010-12-18 05:30 2690560 c:\windows\SysWOW64\mstscax.dll
+ 2011-06-17 14:49 . 2010-12-18 05:26 1034240 c:\windows\SysWOW64\mstsc.exe
+ 2011-06-17 14:49 . 2011-05-28 04:38 5984256 c:\windows\SysWOW64\mshtml.dll
+ 2011-06-17 14:49 . 2011-03-11 05:40 1164288 c:\windows\SysWOW64\mfc42u.dll
+ 2011-06-17 14:49 . 2011-03-11 05:40 1137664 c:\windows\SysWOW64\mfc42.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 2063360 c:\windows\SysWOW64\iertutil.dll
- 2011-02-28 06:32 . 2010-12-18 05:29 2063360 c:\windows\SysWOW64\iertutil.dll
- 2011-02-28 06:32 . 2010-12-18 06:15 1197056 c:\windows\system32\wininet.dll
+ 2011-06-17 14:49 . 2011-04-22 20:18 1197056 c:\windows\system32\wininet.dll
+ 2011-06-17 14:49 . 2011-05-28 03:07 3133952 c:\windows\system32\win32k.sys
+ 2011-06-17 14:49 . 2011-04-22 20:18 1500160 c:\windows\system32\urlmon.dll
+ 2011-06-17 14:50 . 2010-12-23 06:07 1118720 c:\windows\system32\sbe.dll
- 2009-07-14 00:21 . 2009-07-14 01:41 1118720 c:\windows\system32\sbe.dll
+ 2011-06-17 14:50 . 2011-04-09 06:45 5509504 c:\windows\system32\ntoskrnl.exe
+ 2011-06-17 14:49 . 2010-12-18 06:12 3138048 c:\windows\system32\mstscax.dll
+ 2011-06-17 14:49 . 2010-12-18 06:08 1097216 c:\windows\system32\mstsc.exe
- 2011-02-28 06:32 . 2010-12-18 06:12 1026560 c:\windows\system32\mstime.dll
+ 2011-06-17 14:49 . 2011-04-22 20:15 1026560 c:\windows\system32\mstime.dll
+ 2011-06-17 14:49 . 2011-05-28 05:22 9316352 c:\windows\system32\mshtml.dll
+ 2011-06-17 14:49 . 2011-03-11 06:19 1359872 c:\windows\system32\mfc42u.dll
+ 2011-06-17 14:49 . 2011-03-11 06:19 1395712 c:\windows\system32\mfc42.dll
+ 2011-06-17 14:49 . 2011-04-22 20:13 2448896 c:\windows\system32\iertutil.dll
+ 2011-06-17 14:49 . 2011-04-25 05:32 1896832 c:\windows\system32\drivers\tcpip.sys
- 2010-08-20 04:23 . 2010-06-14 06:37 1896832 c:\windows\system32\drivers\tcpip.sys
+ 2009-07-14 04:45 . 2011-06-17 18:32 3607895 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-05-26 05:34 3607895 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2010-08-20 04:29 . 2010-05-20 22:38 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2011-06-17 14:49 . 2011-02-07 23:30 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2011-06-17 14:49 . 2011-02-07 23:30 1576784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
+ 2011-06-17 14:49 . 2011-02-07 23:30 1764184 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll
- 2010-08-20 04:29 . 2010-05-20 22:38 1764184 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll
+ 2011-06-17 14:49 . 2011-02-07 23:35 5817168 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-06-17 14:49 . 2011-02-07 23:35 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2010-08-20 04:29 . 2010-05-20 22:49 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-04-29 10:28 . 2011-04-29 10:28 1995264 c:\windows\Installer\c947c.msp
+ 2009-07-20 22:29 . 2009-07-20 22:29 6057984 c:\windows\Installer\c9469.msi
+ 2008-09-30 19:07 . 2008-09-30 19:07 6042112 c:\windows\Installer\c9453.msi
+ 2009-07-27 02:31 . 2009-07-27 02:31 3738624 c:\windows\Installer\c9449.msp
+ 2011-03-17 18:01 . 2011-03-17 18:01 9563648 c:\windows\Installer\c943e.msp
+ 2010-11-20 21:33 . 2010-11-20 21:33 1980928 c:\windows\Installer\c9433.msp
+ 2011-04-16 06:44 . 2011-04-16 06:44 2770944 c:\windows\Installer\c9429.msi
+ 2011-04-29 10:30 . 2011-04-29 10:30 1197056 c:\windows\Installer\c940d.msp
+ 2009-04-02 13:35 . 2009-04-02 13:35 1787216 c:\windows\Installer\$PatchCache$\Managed\00002159FA0050400000000000F01FEC\12.0.6425\PPCNV.DLL
+ 2009-02-05 10:36 . 2009-02-05 10:36 1640800 c:\windows\Installer\$PatchCache$\Managed\00002159FA0050400000000000F01FEC\12.0.6425\OGL.DLL
+ 2011-06-17 18:32 . 2011-06-17 18:32 4927488 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\1e3f3f8caebccc43bac1ead6c499e86c\WindowsBase.ni.dll
+ 2011-06-18 19:24 . 2011-06-18 19:24 1458688 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\b236de39043cc88d3a3538a21a6d8727\UIAutomationClientsideProviders.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\204425dc0001e539afa7b421e22ad3d2\System.Xml.ni.dll
+ 2011-06-18 19:24 . 2011-06-18 19:24 1817600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\289806afa08572ba46f571c49a4653e9\System.WorkflowServices.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 2707456 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\d78456878eef99f0f4495952e83ecf2d\System.Workflow.Runtime.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 5955072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\e9915eb362a1c1e9a20d6d94e660b907\System.Workflow.ComponentModel.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\63cd5cacc8837a76bd42f6b7fb1c3c7c\System.Workflow.Activities.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 2291712 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\af3b2a74ad03110a907db4e8c2561f33\System.Web.Services.ni.dll
+ 2011-06-18 19:23 . 2011-06-18 19:23 3335680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\d836571308354d76cbf903aa1f7f5b70\System.Web.Mobile.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\ca207a3f8e7c0b38d7889d6553a26879\System.Web.Extensions.Design.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 3041792 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\41b530f6a8020fe7234f1756b0306e8f\System.Web.Extensions.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\7630c96ebd07515a410f4233bc181d6b\System.Speech.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\a1da4b1129cde521b4f8d2190e49bf7f\System.ServiceModel.Web.ni.dll
+ 2011-06-18 05:45 . 2011-06-18 05:45 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8f330bba5fc6e402f62bbcdf8db81cbb\System.Runtime.Serialization.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\80f3a46ef5dc430c63ee6dec74dd6482\System.Runtime.Remoting.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 1453568 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\d04f22e62959a7aa46af27cd1a6ce8ff\System.Printing.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 1408512 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\febdaf76a9969b639bfcbda99e429ada\System.Management.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 1433088 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\968f3b72f07dfb33c9d22c81a455aeb9\System.IdentityModel.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\ba9279746ba6eb498176b0130bc1340c\System.EnterpriseServices.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\62f46b8689863e5f23b1b69fe9c92eaf\System.Drawing.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\7d7bc7eaca0f064b75d209ef490ee2c4\System.DirectoryServices.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 1229824 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3df753899b6693bb07ef99bf4ddf5588\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\72c2ada0c8d4c5db4d1264db7a884e4e\System.Deployment.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 8692736 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\8d390d75a41448a48b0c93bbd43d36af\System.Data.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 3461632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\72ee46246444eda0506c70290feb53a6\System.Data.SqlXml.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 1846272 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\1ae3281a91395f38f3db5308bc3f07b3\System.Data.Services.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 1289728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\2d0a6c2422810bcdfed26f30314eff98\System.Data.Services.Client.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\3ddb904739b06cfa2eecfe684cd3135d\System.Data.OracleClient.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\300c68c0168f08ec594fff60631e4928\System.Data.Linq.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\96b4a5aca775953c64296e86e3571621\System.Data.Entity.Design.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 3312128 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\b2db5a32768114cfc55b80b01fb2fbfb\System.Core.ni.dll
+ 2011-06-17 18:31 . 2011-06-17 18:31 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\8de5af4b452750696e15e959e0e7b8a6\System.Configuration.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 1529856 c:\windows\assembly\NativeImages_v2.0.50727_64\SrpUxSnapIn\f18dd62d87d7f60ec2e5679a66b28e21\SrpUxSnapIn.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 3101696 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\fae264da855e84f7830ffff60496c4ab\ReachFramework.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\cfb1bf2fef2f3ea4325302b86c50d30a\PresentationUI.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 1881088 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\29fa4597e1ce168fbf3dcedce365ff67\PresentationBuildTasks.ni.dll
+ 2011-06-18 05:45 . 2011-06-18 05:45 4374528 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet\a4741126f4559b69afd473ee8335d267\PaintDotNet.ni.exe
+ 2011-06-18 05:44 . 2011-06-18 05:44 1324544 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.SystemL#\25f73594bf92e11cdfb77298d8a71b93\PaintDotNet.SystemLayer.ni.dll
+ 2011-06-18 05:45 . 2011-06-18 05:45 1069568 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Effects\2218c12b9e70ed367ad214857242a1c5\PaintDotNet.Effects.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 2607616 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Core\05f37f85cee94729b564cdecdd627331\PaintDotNet.Core.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 1111552 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Base\9e577175f341d6b6eb67a7eb06f280f6\PaintDotNet.Base.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\e6dc93caa2b09c7bc89196714e672df4\Narrator.ni.exe
+ 2011-06-18 05:49 . 2011-06-18 05:49 2327040 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\02603ae8a95f62ea4b33d1aa583c65a6\MMCEx.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 7966208 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\72ba75aaaed25fa07ee66ac55edd3157\MIGUIControls.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\e2c3e73da17ade8f0e360938b7673013\Microsoft.VisualBasic.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 1598464 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\f6957147c628c0dd91fd692c1893343c\Microsoft.Transactions.Bridge.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 5351424 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\e9f43e953c0f2232cecfc417a90b6b6c\Microsoft.PowerShell.Editor.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\883a8405bde38fa11dfe05f13bfee3d4\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 2175488 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\4726faaad23c07544bce6b911930524f\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-06-18 05:49 . 2011-06-18 05:49 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0a2674f2e73449754d046493a83e2af5\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\f33297772fb14c4725bde1374082eb03\Microsoft.MediaCenter.Bml.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e5c8780fbf98347c0b78f8e2fbcec359\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c4c3b2f564ea5fd39749707216d4fb8a\Microsoft.MediaCenter.Shell.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\93c74c0596582828383dbd76b381d4d3\Microsoft.MediaCenter.UI.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 1516032 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\3661f440b93a05e3e441a7f1f3c8c402\Microsoft.MediaCenter.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 3208192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\dc2e65cb6909fd4fb0fd90b9a794641c\Microsoft.JScript.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\c0d443d9ae3d8c0f8aacb5209e6b07a2\Microsoft.Ink.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 5054976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\0c8a2eb96ffab69cdd1dec494dc67f13\Microsoft.GroupPolicy.Reporting.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\7e8da4a8cb6b2493cba5c4e3a1b42070\Microsoft.Build.Tasks.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 2677760 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\32db3cdf96c5c96fd061a0ccf83c491f\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\e2616d8f95eec6de85c220339a99905f\Microsoft.Build.Engine.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\c987905a9afa970663c90a683f91e2d3\Microsoft.Build.Engine.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 2796032 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\04e3c7dd2faf9cd66543207e4f538c4a\mcstore.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 4070912 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\d40bf518cc80b3a9ec6c1b6a204dde08\mcepg.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 2165248 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\e1ce43395470dd1e66aec15b037c913b\ehiVidCtl.ni.dll
+ 2011-06-18 05:46 . 2011-06-18 05:46 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\28a8fd56d1a25c8fcf3ab08be049786d\ehiProxy.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8efa8c4205649dafdf3c541abb82d3e1\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 7024640 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\63a5140c01b3740670d743d8bd42a5a1\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\580bfe4ce6f980f0f54775c572732f9a\WindowsLive.Writer.Localization.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 1284608 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\316f831f738a25267d86e38ade968430\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 3325952 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\caa9d8bca3092573cdbb67c8e81bf0f3\WindowsBase.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9277a01f030f100dab838a2337c610d9\UIAutomationClientsideProviders.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 7949312 c:\windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 5452800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\cfe5c3c77d2041ae4c03d198a6e8b5a0\System.WorkflowServices.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 1914880 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\8f1782183b31982f174d72fb90d7716f\System.Workflow.Runtime.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\62a4f0f720e9fbde89029958855f83b2\System.Workflow.ComponentModel.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\1bbb5146995a1f32c86f40741d92c2fe\System.Workflow.Activities.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f9fe5fb8add34a7107252b0cc957180f\System.Web.Services.ni.dll
+ 2011-06-18 05:44 . 2011-06-18 05:44 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\47a62bbfa75ce9830af804eef2df16ae\System.Web.Mobile.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 2402816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\9c2369e5f6c0af8a87229db2e62c5367\System.Web.Extensions.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\a2d9bf609f27dd1012b0f5f53e2cf842\System.Speech.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 1705984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\bd18aa89bc33bcf72fc616f0f738885e\System.ServiceModel.Web.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dc01d7a6574e5414acc40f3cd0c4ea1d\System.Runtime.Serialization.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\ee6cdd2f7d1912e83be10c072d20b08d\System.Printing.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 8871936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\375d18dac548687f2f84d031bf84610f\System.Management.Automation.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 1072128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\3310d8cd2857662a7f5e77161790a77f\System.IdentityModel.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 1586688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\cf7ba38149c1045375a57ce45121b2a0\System.DirectoryServices.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\fb344a8683aa8f1c4250807eb4b264eb\System.Deployment.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 6618624 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\b9565c454a22ca564978b05db4186f22\System.Data.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\2e02ccda4754a42463e74452f55b81d4\System.Data.SqlXml.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 1328640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\f128715ff681876d725e7e96578b1742\System.Data.Services.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\901ca7df5560e0e9aae68a130549e71a\System.Data.OracleClient.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1e54b09b3497c0bb75871fee8d97f832\System.Data.Linq.ni.dll
+ 2011-06-18 05:43 . 2011-06-18 05:43 9921024 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\fb46966f238c774dffacbf8697992e1b\System.Data.Entity.ni.dll
+ 2011-06-18 05:40 . 2011-06-18 05:40 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\bf0286e181064f9ded08895c7f23967d\System.Core.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 1351168 c:\windows\assembly\NativeImages_v2.0.50727_32\SrpUxSnapIn\26414255994073a3cd4454f98fc6d18c\SrpUxSnapIn.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 2147328 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\47b01e14f159a5ca0ea03e7edf9d7139\ReachFramework.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\88eb524b3a37cca550934d993ac4c205\PresentationUI.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 1449984 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\da62589149dbb3f5cace9d23915fbc50\PresentationBuildTasks.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\e929f9dae243305d3e006a4b4c0ef774\Narrator.ni.exe
+ 2011-06-18 05:42 . 2011-06-18 05:42 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\2ab5f6334c292908c8070469b8c1e9ea\MMCEx.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 6434304 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\7547d315c49d6ab506da38d558760adb\MIGUIControls.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dda6d8c7413334b605fcf590a702e9f1\Microsoft.VisualBasic.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 1092608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\011179f510aa2d54fb1fb1c43eae85eb\Microsoft.Transactions.Bridge.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\e8ea7a94c29012ad176d570ab4678e2d\Microsoft.PowerShell.Editor.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 1705472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3eec9c8a51429210138c9d4c07774731\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2e51f2a0795860085c24705ad8576acc\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\0f8be11ad94d8a6375fb868b269bb74d\Microsoft.MediaCenter.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\0ed1916f9d4e93f454be65ff61390596\Microsoft.MediaCenter.UI.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 2332672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e757d1ff0f056eecac1e0a22a8bbc252\Microsoft.JScript.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\a44105e58e3c4e32962a822162fe9757\Microsoft.Ink.ni.dll
+ 2011-06-18 05:42 . 2011-06-18 05:42 4071424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\4849473d58a0a3353e443db5b756ecb3\Microsoft.GroupPolicy.Reporting.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\b0d18518eeefd2b18a779040e1e6fadf\Microsoft.Build.Tasks.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2a8a75f4dbf81acd088c044a4bf24a63\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\86065d9c6ceb0d7469fc1e8b80146e63\Microsoft.Build.Engine.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 2031104 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\28fa984a3fec4bf4afb1b53c52896dd5\mcstore.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 3014656 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\480f8adc7731c8e41ca7207d3adcd30e\mcepg.ni.dll
+ 2011-06-17 14:49 . 2011-02-07 23:30 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-08-20 04:29 . 2010-05-20 22:38 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-06-17 14:49 . 2011-02-07 23:35 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-08-20 04:29 . 2010-05-20 22:49 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-06-17 14:49 . 2011-04-22 19:31 10990080 c:\windows\SysWOW64\ieframe.dll
- 2009-07-14 02:34 . 2011-06-16 16:28 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-07-06 14:23 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2010-08-20 04:36 . 2011-06-03 16:30 49454024 c:\windows\system32\MRT.exe
+ 2011-06-17 14:49 . 2011-04-22 20:13 12372480 c:\windows\system32\ieframe.dll
+ 2011-06-17 14:49 . 2011-02-07 23:30 10059600 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
+ 2011-06-17 14:55 . 2011-06-17 14:55 20333056 c:\windows\Installer\c9460.msp
+ 2011-06-08 04:39 . 2011-06-08 04:39 19798016 c:\windows\Installer\8e148.msp
+ 2009-04-03 17:46 . 2009-04-03 17:46 17314688 c:\windows\Installer\$PatchCache$\Managed\00002159FA0050400000000000F01FEC\12.0.6425\MSO.DLL
+ 2011-06-17 18:31 . 2011-06-17 18:31 10597376 c:\windows\assembly\NativeImages_v2.0.50727_64\System\98ac7ad6dcf7484bf8b4478ea6951cb6\System.ni.dll
+ 2011-06-17 18:33 . 2011-06-17 18:33 17378816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\1109b73499e4e9b612bf55e2014d94df\System.Windows.Forms.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 15232512 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\402c0dfbdc7583b3006f3d098824bd3a\System.Web.ni.dll
+ 2011-06-18 05:45 . 2011-06-18 05:45 23812096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\25ccc2d0b2d7cb50ef99d7649e1556e1\System.ServiceModel.ni.dll
+ 2011-06-18 05:48 . 2011-06-18 05:48 11898880 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\f67bb3690f12a990e59ad85abeaa81d1\System.Management.Automation.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:35 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\6b6d8f59352e98be45886c2dea18c720\System.Design.ni.dll
+ 2011-06-18 05:50 . 2011-06-18 05:50 13757952 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\deced468ac01881a5117a59817d65a52\System.Data.Entity.ni.dll
+ 2011-06-17 18:34 . 2011-06-17 18:34 19169792 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\517c391cbd3151250f6dcf4c4b4d193e\PresentationFramework.ni.dll
+ 2011-06-17 18:32 . 2011-06-17 18:32 16513024 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\ba7e600eefb4ace27a48c034937e1e3c\PresentationCore.ni.dll
+ 2011-06-17 18:31 . 2011-06-17 18:31 15566848 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\10e3a3015e967b69f90d58230a694f67\mscorlib.ni.dll
+ 2011-06-18 05:47 . 2011-06-18 05:47 25460224 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\12489c08901ba39887f0c1accd1afa74\ehshell.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 11807744 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\b867fbc0d573ac5e5fe71143d9caf43b\System.Web.ni.dll
+ 2011-06-18 05:41 . 2011-06-18 05:41 17400320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e445840cb2432f9e2dd4860bd98c4a05\System.ServiceModel.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 10578432 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c519a7e1b063eb63b43fa5b3a782c641\System.Design.ni.dll
+ 2011-06-17 18:37 . 2011-06-17 18:37 14322688 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7827588b8043e8be3184c8a64a867fc\PresentationFramework.ni.dll
+ 2011-06-17 18:36 . 2011-06-17 18:36 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\03dd2b7701ca5cfe696d4ca5a0f7b8bb\PresentationCore.ni.dll
+ 2011-06-17 18:35 . 2011-06-17 18:36 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\Drivers\spyemrg_access.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
S2 SpyEmrgSrv;Spy Emergency Engine Service;c:\program files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2010-09-30 3628672]
S2 WinFLdrv;WinFLdrv;SysWOW64\WinFLdrv.sys [x]
S3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\DRIVERS\activhidsermini.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [x]
S3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\DRIVERS\activmouse.sys [x]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\Drivers\spyemrg_guard.sys [x]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
"ActivControl"="c:\program files\Activ Software\Activdriver\ActivControl2x64.exe" [2008-07-18 1695744]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový čas: 2011-07-06 19:39:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-06 17:39
ComboFix2.txt 2011-06-16 20:19
.
Před spuštěním: Volných bajtů: 17 896 034 304
Po spuštění: Volných bajtů: 19 182 092 288
.
- - End Of File - - A8BC782A977C0432575F16F818836533

Aplikujte Daft - Deckard´s Association Fix Tool

• Linky ke stazeni
  • COM soubor http://vyosek.ic.cz/BE/daft.com
  • PIF soubor http://vyosek.ic.cz/BE/daft.pif
• Utilitu spustit, dat Scan, nasledne vybrat poskozene associace a dat Fix

Restart PC a napiste jak se chova PC

stahnul jse to na plochu a dvojklik, neplatny digi podpis klik na spustit, hlaska:

---------------------------
Deckard's Association Fix Tool
---------------------------
DAFT cannot continue because you do not have administrative privileges. You will be asked to choose a user account to run DAFT; please choose an administrative account or the program will not work.
---------------------------
OK
---------------------------
delam neco spatne?

Omezeni W7, omlouvam se - kliknete na Daft pravym a dejte Spustit jako Spravce (Run As Administrator)

ono me to taky napadlo, ale ja tam tu moznost bohuzel nemam ani kdyz dam ctrl nebo shift + prave tl

pritom pokud dam prave tl mysi na combofix tak tam tu moznost mam

Aplikujte exeHelper by Raktor

• Linky ke stazeni
  • COM soubor http://vyosek.ic.cz/BE/exeHelper.com
  • SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
• Utilitu staci spustit, probehne oprava a vznikne log exehelperlog.txt
• Pripadne spustte jako spravce

exeHelper by Raktor
Build 20100414
Run at 19:39:46 on 07/07/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--