Klavesnice pise jine znaky prosim o kontrolu

StressCZ · Příspěvekod **StressCZ** » 01 čer 2012 20:37

Já to taky beru jako tu úplně poslední možnost, pokud zde nenaleznu radu, do reinstalace se mi nechce vůbec. Takže zatím vydržím čekat.

Reklama

Příspěvekod **Žbeky** » 01 čer 2012 21:11

V jaké sekci jste? HJT. Tak co tu **** všichni děláte? Laskavě si zopakujte pravidla HJT

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
c:\windows\KMSEmulator.exe
c:\windows\Setup1.exe
c:\windows\ST6UNST.EXE
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\AutoKMSDaily.job
c:\windows\AutoKMS.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job

Folder::
c:\users\Jakub\AppData\Local\Google\Update

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

StressCZ · Příspěvekod **StressCZ** » 01 čer 2012 21:46

Výpis z logu:

ComboFix 12-06-01.03 - Jakub 01.06.2012 21:24:39.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2071 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jakub\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\AutoKMS.exe"
"c:\windows\KMSEmulator.exe"
"c:\windows\Setup1.exe"
"c:\windows\ST6UNST.EXE"
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\AutoKMSDaily.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jakub\AppData\Local\Google\Update
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateBroker.exe
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateHelper.msi
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateOnDemand.exe
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateSetup.exe
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdate.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_am.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ar.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_bg.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_bn.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ca.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_cs.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_da.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_de.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_el.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_en-GB.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_en.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_es-419.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_es.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_et.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_fa.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_fi.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_fil.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_fr.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_gu.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_hi.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_hr.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_hu.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_id.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_is.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_it.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_iw.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ja.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_kn.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ko.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_lt.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_lv.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ml.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_mr.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ms.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_nl.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_no.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_pl.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_pt-BR.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_pt-PT.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ro.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ru.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_sk.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_sl.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_sr.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_sv.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_sw.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ta.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_te.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_th.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_tr.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_uk.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_ur.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_vi.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_zh-CN.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\goopdateres_zh-TW.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\psmachine.dll
c:\users\Jakub\AppData\Local\Google\Update\1.3.21.111\psuser.dll
c:\users\Jakub\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.111\GoogleUpdateSetup.exe
c:\users\Jakub\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\19.0.1084.52\chrome_updater.exe
c:\users\Jakub\AppData\Local\Google\Update\Download\{D0AB2EBC-931B-4013-9FEB-C9C4C2225C8C}\2.9.10.7526\googletalkpluginaccel.msi
c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-01 do 2012-06-01 )))))))))))))))))))))))))))))))
.
.
2012-06-01 19:35 . 2012-06-01 19:35 -------- d-----w- c:\users\sshdsvc\AppData\Local\temp
2012-06-01 19:35 . 2012-06-01 19:35 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-06-01 19:35 . 2012-06-01 19:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-01 15:42 . 2012-06-01 15:42 -------- d-----w- c:\users\Jakub\AppData\Local\Adobe
2012-06-01 15:06 . 2012-06-01 15:06 -------- d-----w- c:\users\Jakub\AppData\Local\BMExplorer
2012-06-01 15:02 . 2012-06-01 15:35 78848 ----a-w- c:\windows\KMSEmulator.exe
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\users\Jakub\AppData\Roaming\Malwarebytes
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\users\Jakub\AppData\Local\ATI
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\programdata\Malwarebytes
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-01 13:57 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-01 06:57 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{35CE2E62-0F00-4A6A-A717-627A651304BA}\mpengine.dll
2012-05-29 19:24 . 2012-06-01 06:54 -------- d-----w- c:\program files (x86)\Diablo III
2012-05-21 15:14 . 2012-05-21 15:17 -------- d-----w- c:\users\Jakub\AppData\Roaming\Mumble
2012-05-21 15:09 . 2012-05-21 15:09 -------- d-----w- c:\program files (x86)\Mumble
2012-05-05 20:40 . 2012-05-05 20:40 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-03 02:55 . 2012-05-03 02:55 28056 ----a-w- c:\windows\system32\xfcodec64.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-28 10:34 . 2012-02-17 19:51 65536 ----a-w- c:\windows\SysWow64\Encrypt.dll
2012-05-05 20:41 . 2012-04-17 22:04 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 20:41 . 2012-04-17 22:04 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-24 11:18 . 2012-04-24 07:56 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2012-04-24 11:10 . 2012-04-24 11:10 94208 ----a-w- c:\windows\DIIUnin.exe
2012-04-24 11:10 . 2012-04-24 11:10 2829 ----a-w- c:\windows\DIIUnin.pif
2012-04-24 07:49 . 2012-04-24 07:49 249856 ------w- c:\windows\Setup1.exe
2012-04-24 07:49 . 2012-04-24 07:49 73216 ----a-w- c:\windows\ST6UNST.EXE
2012-03-14 08:41 . 2012-02-01 15:54 2379552 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-01_15.28.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-03 08:28 . 2012-06-01 19:37 27648 c:\windows\SysWOW64\bsh\usr\X11R6\bin\xauth.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 27648 c:\windows\SysWOW64\bsh\usr\X11R6\bin\xauth.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 34816 c:\windows\SysWOW64\bsh\usr\sbin\syslogd.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 34816 c:\windows\SysWOW64\bsh\usr\sbin\syslogd.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 82446 c:\windows\SysWOW64\bsh\usr\sbin\ssh-pkcs11-helper.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 82446 c:\windows\SysWOW64\bsh\usr\sbin\ssh-pkcs11-helper.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 53774 c:\windows\SysWOW64\bsh\usr\sbin\sftp-server.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 53774 c:\windows\SysWOW64\bsh\usr\sbin\sftp-server.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 55310 c:\windows\SysWOW64\bsh\bin\who.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 55310 c:\windows\SysWOW64\bsh\bin\who.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 27648 c:\windows\SysWOW64\bsh\bin\vmstat.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 27648 c:\windows\SysWOW64\bsh\bin\vmstat.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 47104 c:\windows\SysWOW64\bsh\bin\users.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 47104 c:\windows\SysWOW64\bsh\bin\users.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 15360 c:\windows\SysWOW64\bsh\bin\uptime.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 15360 c:\windows\SysWOW64\bsh\bin\uptime.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 32768 c:\windows\SysWOW64\bsh\bin\sudoku.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 32768 c:\windows\SysWOW64\bsh\bin\sudoku.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 50702 c:\windows\SysWOW64\bsh\bin\su.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 50702 c:\windows\SysWOW64\bsh\bin\su.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 68110 c:\windows\SysWOW64\bsh\bin\stty.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 68110 c:\windows\SysWOW64\bsh\bin\stty.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 30208 c:\windows\SysWOW64\bsh\bin\strace.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 30208 c:\windows\SysWOW64\bsh\bin\strace.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 21006 c:\windows\SysWOW64\bsh\bin\ssp.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 21006 c:\windows\SysWOW64\bsh\bin\ssp.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 94734 c:\windows\SysWOW64\bsh\bin\ssh-agent.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 94734 c:\windows\SysWOW64\bsh\bin\ssh-agent.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 12800 c:\windows\SysWOW64\bsh\bin\shutdown.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 12800 c:\windows\SysWOW64\bsh\bin\shutdown.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 69134 c:\windows\SysWOW64\bsh\bin\shred.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 69134 c:\windows\SysWOW64\bsh\bin\shred.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 69646 c:\windows\SysWOW64\bsh\bin\sha256sum.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 69646 c:\windows\SysWOW64\bsh\bin\sha256sum.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 69646 c:\windows\SysWOW64\bsh\bin\sha224sum.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 69646 c:\windows\SysWOW64\bsh\bin\sha224sum.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 61454 c:\windows\SysWOW64\bsh\bin\sha1sum.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 61454 c:\windows\SysWOW64\bsh\bin\sha1sum.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 85518 c:\windows\SysWOW64\bsh\bin\sftp.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 85518 c:\windows\SysWOW64\bsh\bin\sftp.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 15374 c:\windows\SysWOW64\bsh\bin\setfacl.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 15374 c:\windows\SysWOW64\bsh\bin\setfacl.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 51726 c:\windows\SysWOW64\bsh\bin\seq.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 51726 c:\windows\SysWOW64\bsh\bin\seq.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 97280 c:\windows\SysWOW64\bsh\bin\sed.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 97280 c:\windows\SysWOW64\bsh\bin\sed.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 51214 c:\windows\SysWOW64\bsh\bin\scp.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 51214 c:\windows\SysWOW64\bsh\bin\scp.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 17408 c:\windows\SysWOW64\bsh\bin\rsh.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 17408 c:\windows\SysWOW64\bsh\bin\rsh.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 19456 c:\windows\SysWOW64\bsh\bin\rlogin.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 19456 c:\windows\SysWOW64\bsh\bin\rlogin.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 21006 c:\windows\SysWOW64\bsh\bin\regtool.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 21006 c:\windows\SysWOW64\bsh\bin\regtool.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 10766 c:\windows\SysWOW64\bsh\bin\realpath.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 10766 c:\windows\SysWOW64\bsh\bin\realpath.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 16398 c:\windows\SysWOW64\bsh\bin\readshortcut.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 16398 c:\windows\SysWOW64\bsh\bin\readshortcut.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 87040 c:\windows\SysWOW64\bsh\bin\readpst.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 87040 c:\windows\SysWOW64\bsh\bin\readpst.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 21504 c:\windows\SysWOW64\bsh\bin\rcp.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 21504 c:\windows\SysWOW64\bsh\bin\rcp.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 14350 c:\windows\SysWOW64\bsh\bin\ps.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 14350 c:\windows\SysWOW64\bsh\bin\ps.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 20494 c:\windows\SysWOW64\bsh\bin\passwd.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 20494 c:\windows\SysWOW64\bsh\bin\passwd.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 25088 c:\windows\SysWOW64\bsh\bin\nimesweeper.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 25088 c:\windows\SysWOW64\bsh\bin\nimesweeper.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 26112 c:\windows\SysWOW64\bsh\bin\netcat.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 26112 c:\windows\SysWOW64\bsh\bin\netcat.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 15374 c:\windows\SysWOW64\bsh\bin\mount.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 15374 c:\windows\SysWOW64\bsh\bin\mount.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 18446 c:\windows\SysWOW64\bsh\bin\mkshortcut.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 18446 c:\windows\SysWOW64\bsh\bin\mkshortcut.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 21006 c:\windows\SysWOW64\bsh\bin\mkpasswd.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 21006 c:\windows\SysWOW64\bsh\bin\mkpasswd.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 20494 c:\windows\SysWOW64\bsh\bin\mkgroup.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 20494 c:\windows\SysWOW64\bsh\bin\mkgroup.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 18958 c:\windows\SysWOW64\bsh\bin\locale.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 18958 c:\windows\SysWOW64\bsh\bin\locale.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 13838 c:\windows\SysWOW64\bsh\bin\ldd.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 13838 c:\windows\SysWOW64\bsh\bin\ldd.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 10766 c:\windows\SysWOW64\bsh\bin\kill.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 10766 c:\windows\SysWOW64\bsh\bin\kill.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 14336 c:\windows\SysWOW64\bsh\bin\ipcs.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 14336 c:\windows\SysWOW64\bsh\bin\ipcs.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 26638 c:\windows\SysWOW64\bsh\bin\iconv.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 26638 c:\windows\SysWOW64\bsh\bin\iconv.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 72206 c:\windows\SysWOW64\bsh\bin\chown.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 72206 c:\windows\SysWOW64\bsh\bin\chown.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 68110 c:\windows\SysWOW64\bsh\bin\chmod.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 68110 c:\windows\SysWOW64\bsh\bin\chmod.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 70158 c:\windows\SysWOW64\bsh\bin\chgrp.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 70158 c:\windows\SysWOW64\bsh\bin\chgrp.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 23040 c:\windows\SysWOW64\bsh\bin\httping.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 23040 c:\windows\SysWOW64\bsh\bin\httping.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 11278 c:\windows\SysWOW64\bsh\bin\getfacl.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 11278 c:\windows\SysWOW64\bsh\bin\getfacl.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 17920 c:\windows\SysWOW64\bsh\bin\fdupes.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 17920 c:\windows\SysWOW64\bsh\bin\fdupes.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 91402 c:\windows\SysWOW64\bsh\bin\email.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 91402 c:\windows\SysWOW64\bsh\bin\email.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 68608 c:\windows\SysWOW64\bsh\bin\editrights.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 68608 c:\windows\SysWOW64\bsh\bin\editrights.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 54272 c:\windows\SysWOW64\bsh\bin\dmidecode.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 54272 c:\windows\SysWOW64\bsh\bin\dmidecode.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 65536 c:\windows\SysWOW64\bsh\bin\cygz.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 65536 c:\windows\SysWOW64\bsh\bin\cygz.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 10240 c:\windows\SysWOW64\bsh\bin\cygXmuu-1.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 10240 c:\windows\SysWOW64\bsh\bin\cygXmuu-1.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 50176 c:\windows\SysWOW64\bsh\bin\cygXext-6.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 50176 c:\windows\SysWOW64\bsh\bin\cygXext-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 24064 c:\windows\SysWOW64\bsh\bin\cygwrap-0.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 24064 c:\windows\SysWOW64\bsh\bin\cygwrap-0.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 10254 c:\windows\SysWOW64\bsh\bin\cygssp-0.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 10254 c:\windows\SysWOW64\bsh\bin\cygssp-0.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 27662 c:\windows\SysWOW64\bsh\bin\cygSM-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 27662 c:\windows\SysWOW64\bsh\bin\cygSM-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 22528 c:\windows\SysWOW64\bsh\bin\cygpopt-0.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 22528 c:\windows\SysWOW64\bsh\bin\cygpopt-0.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 22542 c:\windows\SysWOW64\bsh\bin\cygpath.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 22542 c:\windows\SysWOW64\bsh\bin\cygpath.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 24064 c:\windows\SysWOW64\bsh\bin\cygminires.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 24064 c:\windows\SysWOW64\bsh\bin\cygminires.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 31232 c:\windows\SysWOW64\bsh\bin\cygintl-8.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 31232 c:\windows\SysWOW64\bsh\bin\cygintl-8.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 31744 c:\windows\SysWOW64\bsh\bin\cygintl-3.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 31744 c:\windows\SysWOW64\bsh\bin\cygintl-3.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 74766 c:\windows\SysWOW64\bsh\bin\cygICE-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 74766 c:\windows\SysWOW64\bsh\bin\cygICE-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 46094 c:\windows\SysWOW64\bsh\bin\cyggcc_s-1.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 46094 c:\windows\SysWOW64\bsh\bin\cyggcc_s-1.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 19968 c:\windows\SysWOW64\bsh\bin\ctris.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 19968 c:\windows\SysWOW64\bsh\bin\ctris.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 35342 c:\windows\SysWOW64\bsh\bin\crontab.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 35342 c:\windows\SysWOW64\bsh\bin\crontab.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 40462 c:\windows\SysWOW64\bsh\bin\cron.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 40462 c:\windows\SysWOW64\bsh\bin\cron.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 53262 c:\windows\SysWOW64\bsh\bin\base64.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 53262 c:\windows\SysWOW64\bsh\bin\base64.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 79886 c:\windows\SysWOW64\bsh\bin\ash.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 79886 c:\windows\SysWOW64\bsh\bin\ash.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 65536 c:\windows\SysWOW64\bsh\bin\afio.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 65536 c:\windows\SysWOW64\bsh\bin\afio.exe
+ 2011-05-10 19:36 . 2012-06-01 19:39 51002 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-01 19:39 37690 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-09-23 10:59 . 2012-06-01 19:39 15582 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-695818009-2212152024-3822427678-1001_UserData.bin
+ 2009-07-14 04:46 . 2012-06-01 18:26 96832 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-11-03 08:28 . 2012-06-01 15:26 1656 c:\windows\SysWOW64\bsh\usr\share\terminfo\6e\nansi.sys
+ 2011-11-03 08:28 . 2012-06-01 19:37 1656 c:\windows\SysWOW64\bsh\usr\share\terminfo\6e\nansi.sys
- 2011-11-03 08:28 . 2012-06-01 15:26 1594 c:\windows\SysWOW64\bsh\usr\share\terminfo\61\ansi.sys
+ 2011-11-03 08:28 . 2012-06-01 19:37 1594 c:\windows\SysWOW64\bsh\usr\share\terminfo\61\ansi.sys
- 2011-11-03 08:28 . 2012-06-01 15:26 8718 c:\windows\SysWOW64\bsh\bin\umount.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 8718 c:\windows\SysWOW64\bsh\bin\umount.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 5632 c:\windows\SysWOW64\bsh\bin\syslog.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 5632 c:\windows\SysWOW64\bsh\bin\syslog.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 4096 c:\windows\SysWOW64\bsh\bin\setsid.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 4096 c:\windows\SysWOW64\bsh\bin\setsid.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 7694 c:\windows\SysWOW64\bsh\bin\setmetamode.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 7694 c:\windows\SysWOW64\bsh\bin\setmetamode.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 5120 c:\windows\SysWOW64\bsh\bin\renice.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 5120 c:\windows\SysWOW64\bsh\bin\renice.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 9728 c:\windows\SysWOW64\bsh\bin\ping.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 9728 c:\windows\SysWOW64\bsh\bin\ping.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 1536 c:\windows\SysWOW64\bsh\bin\ldh.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 1536 c:\windows\SysWOW64\bsh\bin\ldh.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 8192 c:\windows\SysWOW64\bsh\bin\cygXau-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 8192 c:\windows\SysWOW64\bsh\bin\cygXau-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 4608 c:\windows\SysWOW64\bsh\bin\cygwin-console-helper.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 4608 c:\windows\SysWOW64\bsh\bin\cygwin-console-helper.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 6656 c:\windows\SysWOW64\bsh\bin\cygcrypt-0.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 6656 c:\windows\SysWOW64\bsh\bin\cygcrypt-0.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 6656 c:\windows\SysWOW64\bsh\bin\crypt.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 6656 c:\windows\SysWOW64\bsh\bin\crypt.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 8718 c:\windows\SysWOW64\bsh\bin\cronevents.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 8718 c:\windows\SysWOW64\bsh\bin\cronevents.exe
- 2011-08-27 11:14 . 2012-06-01 14:58 2190 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-08-27 11:14 . 2012-06-01 19:35 2190 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2012-06-01 14:59 . 2012-06-01 15:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-01 19:36 . 2012-06-01 19:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-01 19:36 . 2012-06-01 19:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-01 14:59 . 2012-06-01 15:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-03 08:28 . 2012-06-01 15:26 397838 c:\windows\SysWOW64\bsh\usr\sbin\sshd.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 397838 c:\windows\SysWOW64\bsh\usr\sbin\sshd.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 201742 c:\windows\SysWOW64\bsh\usr\sbin\ssh-keysign.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 201742 c:\windows\SysWOW64\bsh\usr\sbin\ssh-keysign.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 152590 c:\windows\SysWOW64\bsh\usr\sbin\cygserver.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 152590 c:\windows\SysWOW64\bsh\usr\sbin\cygserver.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 231936 c:\windows\SysWOW64\bsh\bin\zip.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 231936 c:\windows\SysWOW64\bsh\bin\zip.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 213504 c:\windows\SysWOW64\bsh\bin\wget.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 213504 c:\windows\SysWOW64\bsh\bin\wget.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 114688 c:\windows\SysWOW64\bsh\bin\telnet.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 114688 c:\windows\SysWOW64\bsh\bin\telnet.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 202752 c:\windows\SysWOW64\bsh\bin\TCPCapture.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 202752 c:\windows\SysWOW64\bsh\bin\TCPCapture.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 346638 c:\windows\SysWOW64\bsh\bin\ssh.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 346638 c:\windows\SysWOW64\bsh\bin\ssh.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 196110 c:\windows\SysWOW64\bsh\bin\ssh-keyscan.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 196110 c:\windows\SysWOW64\bsh\bin\ssh-keyscan.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 150030 c:\windows\SysWOW64\bsh\bin\ssh-keygen.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 150030 c:\windows\SysWOW64\bsh\bin\ssh-keygen.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 108558 c:\windows\SysWOW64\bsh\bin\ssh-add.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 108558 c:\windows\SysWOW64\bsh\bin\ssh-add.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 111118 c:\windows\SysWOW64\bsh\bin\sha512sum.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 111118 c:\windows\SysWOW64\bsh\bin\sha512sum.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 111118 c:\windows\SysWOW64\bsh\bin\sha384sum.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 111118 c:\windows\SysWOW64\bsh\bin\sha384sum.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 356878 c:\windows\SysWOW64\bsh\bin\rsync.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 356878 c:\windows\SysWOW64\bsh\bin\rsync.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 299008 c:\windows\SysWOW64\bsh\bin\rebase.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 299008 c:\windows\SysWOW64\bsh\bin\rebase.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 415758 c:\windows\SysWOW64\bsh\bin\openssl.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 415758 c:\windows\SysWOW64\bsh\bin\openssl.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 241664 c:\windows\SysWOW64\bsh\bin\ncftp.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 241664 c:\windows\SysWOW64\bsh\bin\ncftp.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 198670 c:\windows\SysWOW64\bsh\bin\mathomatic.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 198670 c:\windows\SysWOW64\bsh\bin\mathomatic.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 113494 c:\windows\SysWOW64\bsh\bin\iperf.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 113494 c:\windows\SysWOW64\bsh\bin\iperf.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 296974 c:\windows\SysWOW64\bsh\bin\gawk.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 296974 c:\windows\SysWOW64\bsh\bin\gawk.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 232448 c:\windows\SysWOW64\bsh\bin\ftp.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 232448 c:\windows\SysWOW64\bsh\bin\ftp.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 199182 c:\windows\SysWOW64\bsh\bin\find.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 199182 c:\windows\SysWOW64\bsh\bin\find.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 287232 c:\windows\SysWOW64\bsh\bin\cygXt-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 287232 c:\windows\SysWOW64\bsh\bin\cygXt-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 905216 c:\windows\SysWOW64\bsh\bin\cygX11-6.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 905216 c:\windows\SysWOW64\bsh\bin\cygX11-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 270862 c:\windows\SysWOW64\bsh\bin\cygssl-0.9.8.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 270862 c:\windows\SysWOW64\bsh\bin\cygssl-0.9.8.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 165390 c:\windows\SysWOW64\bsh\bin\cygreadline7.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 165390 c:\windows\SysWOW64\bsh\bin\cygreadline7.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 158208 c:\windows\SysWOW64\bsh\bin\cygreadline6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 158208 c:\windows\SysWOW64\bsh\bin\cygreadline6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 202766 c:\windows\SysWOW64\bsh\bin\cygncurses-9.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 202766 c:\windows\SysWOW64\bsh\bin\cygncurses-9.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 242176 c:\windows\SysWOW64\bsh\bin\cygncurses-8.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 242176 c:\windows\SysWOW64\bsh\bin\cygncurses-8.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 136718 c:\windows\SysWOW64\bsh\bin\cygcheck.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 136718 c:\windows\SysWOW64\bsh\bin\cygcheck.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 500238 c:\windows\SysWOW64\bsh\bin\cygfreetype-6.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 500238 c:\windows\SysWOW64\bsh\bin\cygfreetype-6.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 334862 c:\windows\SysWOW64\bsh\bin\bb.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 334862 c:\windows\SysWOW64\bsh\bin\bb.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 472064 c:\windows\SysWOW64\bsh\bin\bash.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 472064 c:\windows\SysWOW64\bsh\bin\bash.exe
- 2009-07-14 05:01 . 2012-06-01 14:58 419436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-01 19:35 419436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-11-03 08:28 . 2012-06-01 19:37 1382912 c:\windows\SysWOW64\bsh\bin\vim.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 1382912 c:\windows\SysWOW64\bsh\bin\vim.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 1242112 c:\windows\SysWOW64\bsh\bin\nedit.exe
+ 2011-11-03 08:28 . 2012-06-01 19:37 1242112 c:\windows\SysWOW64\bsh\bin\nedit.exe
- 2011-11-03 08:28 . 2012-06-01 15:26 1201152 c:\windows\SysWOW64\bsh\bin\cygXm-2.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 1201152 c:\windows\SysWOW64\bsh\bin\cygXm-2.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 2611988 c:\windows\SysWOW64\bsh\bin\cygwin1.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 2611988 c:\windows\SysWOW64\bsh\bin\cygwin1.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 1005582 c:\windows\SysWOW64\bsh\bin\cygiconv-2.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 1005582 c:\windows\SysWOW64\bsh\bin\cygiconv-2.dll
+ 2011-11-03 08:28 . 2012-06-01 19:37 1172494 c:\windows\SysWOW64\bsh\bin\cygcrypto-0.9.8.dll
- 2011-11-03 08:28 . 2012-06-01 15:26 1172494 c:\windows\SysWOW64\bsh\bin\cygcrypto-0.9.8.dll
+ 2011-12-28 19:15 . 2012-06-01 19:35 1024584 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-12-28 19:15 . 2012-06-01 14:58 1024584 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-09-25 01:29 . 2012-06-01 14:58 4328812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-695818009-2212152024-3822427678-1001-12288.dat
+ 2011-09-25 01:29 . 2012-06-01 19:35 4328812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-695818009-2212152024-3822427678-1001-12288.dat
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 910208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HP HD Webcam [Fixed]_Monitor"="c:\program files (x86)\HP HD Webcam [Fixed]\monitor.exe" [2010-11-26 11:31 267128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2011-03-07 62184]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-10-18 38424]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 ghsdiagMDM;Handset Diagnostic Port;c:\windows\system32\DRIVERS\ghsdiagMDM.sys [x]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator;c:\windows\system32\DRIVERS\GRemoteBus64.sys [x]
R3 GRemoteJoy;GRemote virtual joystick Device Driver;c:\windows\system32\DRIVERS\GRemoteJoy64.sys [x]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2010-10-20 11776]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;c:\windows\system32\ZDCNDIS6a64.sys [2009-04-24 41280]
R3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\DRIVERS\zghsdiag.sys [2011-01-13 122624]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-01-13 122624]
R3 zghsnmea;ZTE General Handset NMEA Port;c:\windows\system32\DRIVERS\zghsnmea.sys [2011-01-13 122624]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 MobaSSH1;MobaSSH;c:\windows\SysWOW64\MobaSSH.exe [2011-11-03 23181824]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 postgresql-x64-9.1;postgresql-x64-9.1 - PostgreSQL Server 9.1;C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N postgresql-x64-9.1 -D C:/Program Files/PostgreSQL/9.1/data -w [x]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2012-03-23 191440]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 20:41]
.
2012-06-01 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2011-09-23 13:44]
.
2012-06-01 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS.exe [2011-09-23 13:44]
.
2012-06-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job
- c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-23 07:40]
.
2012-06-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job
- c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-23 07:40]
.
2012-05-23 c:\windows\Tasks\HPCeeScheduleForJAKUB-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EFEED92A-A33D-4873-BA8F-32BAA631E54D}"= "c:\program files (x86)\Astroburn Toolbar\ABToolbar64.dll" [BU]
.
[HKEY_CLASSES_ROOT\CLSID\{EFEED92A-A33D-4873-BA8F-32BAA631E54D}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\x64\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{B723B1B8-9788-4684-ADA7-D1DB02E1D516} - c:\poker\Noble Poker\casino.exe
TCP: DhcpNameServer = 77.236.211.129 77.236.211.130
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}\2557A79636F524162696: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}\2557A79636F5E4F66797: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{45F7E510-DD1F-44A6-8BA9-CB1EBE8E8854}: NameServer = 8.8.8.8,8.8.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.1]
"ImagePath"="C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.1\" -D \"C:/Program Files/PostgreSQL/9.1/data\" -w"
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.1]
"ImagePath"="C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.1\" -D \"C:/Program Files/PostgreSQL/9.1/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-695818009-2212152024-3822427678-1001\Software\SecuROM\License information*]
"datasecu"=hex:c1,43,2a,90,86,34,9a,2d,7e,2e,34,05,b0,37,1a,87,03,78,2c,d1,45,
01,51,5f,49,da,f6,b0,c4,be,58,2b,ee,ee,29,7a,c2,1c,c0,27,0c,73,35,8d,9c,05,\
"rkeysecu"=hex:5e,76,46,7e,12,10,95,79,a4,09,dd,4a,76,0c,aa,9e
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\windows\SysWOW64\bsh\usr\sbin\sshd.exe
c:\program files (x86)\HP HD Webcam [Fixed]\Monitor.exe
c:\program files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
.
**************************************************************************
.
Celkový čas: 2012-06-01 21:45:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-06-01 19:45
ComboFix2.txt 2012-06-01 15:32
.
Před spuštěním: Volných bajtů: 51 479 388 160
Po spuštění: Volných bajtů: 51 409 031 168
.
- - End Of File - - D222A3A9C72417D82C8E141AC000882A

Příspěvekod **jaro3** » 01 čer 2012 22:42

hroch123 píše:Pokud máš přeplou klávesnici, nebo pokud to je vir a dáš formát tak to opravíš.

Opravdu rada nad zlato!!!
Hroch123: nevadí Ti , že jsi v sekci Hijackthis?? Přečti si pravidla:
viewtopic.php?f=70&t=29204

Zadavatel: Opakuj ten script od Žbekyho znovu.

c:\windows\SysWOW64\bsh--- říká Ti něco tato složka??

Stáhni AVP Tools
na svojí plochu.

Zaškrtni :
Hidden startup objects
System Memory
Disk boot sectors
Dokumenty
My email
Počítač
Místní disk C
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
A jiné , např. Flash disky , které máš připojeny.

Pokračuj podle instrukcí.Na konci se objeví textový soubor , který si hned ulož (save log) na svojí plochu pod názvem KAS.txt .Poté sem vlož celý obsah toho logu.

Pokud se Ti log nezobrazí:
Pokud máš AVPtool stále zapnutý, zkus zmáčknout tlačítko Zpráva (Report).
Pokud se Ti zobrazí tabulka, klikni na ní pravým myšítkem a dej Maximalize a měli by se Ti zobrazit výsledky.

http://www.sosej.cz/Download/Kaspersky- ... nload.html

StressCZ · Příspěvekod **StressCZ** » 02 čer 2012 10:32

Projel jsem ještě jednou tím combofixem, log je následující:

ComboFix 12-06-01.03 - Jakub 02.06.2012 3:07.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.1978 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jakub\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\AutoKMS.exe"
"c:\windows\KMSEmulator.exe"
"c:\windows\Setup1.exe"
"c:\windows\ST6UNST.EXE"
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\AutoKMSDaily.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-02 do 2012-06-02 )))))))))))))))))))))))))))))))
.
.
2012-06-02 01:16 . 2012-06-02 01:16 -------- d-----w- c:\users\sshdsvc\AppData\Local\temp
2012-06-02 01:16 . 2012-06-02 01:16 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-06-02 01:16 . 2012-06-02 01:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-01 15:42 . 2012-06-01 15:42 -------- d-----w- c:\users\Jakub\AppData\Local\Adobe
2012-06-01 15:06 . 2012-06-01 15:06 -------- d-----w- c:\users\Jakub\AppData\Local\BMExplorer
2012-06-01 15:02 . 2012-06-02 02:43 78848 ----a-w- c:\windows\KMSEmulator.exe
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\users\Jakub\AppData\Roaming\Malwarebytes
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\users\Jakub\AppData\Local\ATI
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\programdata\Malwarebytes
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-01 13:57 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-01 06:57 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{35CE2E62-0F00-4A6A-A717-627A651304BA}\mpengine.dll
2012-05-29 19:24 . 2012-06-01 06:54 -------- d-----w- c:\program files (x86)\Diablo III
2012-05-21 15:14 . 2012-05-21 15:17 -------- d-----w- c:\users\Jakub\AppData\Roaming\Mumble
2012-05-21 15:09 . 2012-05-21 15:09 -------- d-----w- c:\program files (x86)\Mumble
2012-05-05 20:40 . 2012-05-05 20:40 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-03 02:55 . 2012-05-03 02:55 28056 ----a-w- c:\windows\system32\xfcodec64.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-28 10:34 . 2012-02-17 19:51 65536 ----a-w- c:\windows\SysWow64\Encrypt.dll
2012-05-05 20:41 . 2012-04-17 22:04 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 20:41 . 2012-04-17 22:04 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-24 11:18 . 2012-04-24 07:56 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2012-04-24 11:10 . 2012-04-24 11:10 94208 ----a-w- c:\windows\DIIUnin.exe
2012-04-24 11:10 . 2012-04-24 11:10 2829 ----a-w- c:\windows\DIIUnin.pif
2012-04-24 07:49 . 2012-04-24 07:49 249856 ------w- c:\windows\Setup1.exe
2012-04-24 07:49 . 2012-04-24 07:49 73216 ----a-w- c:\windows\ST6UNST.EXE
2012-03-14 08:41 . 2012-02-01 15:54 2379552 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-06-01_19.37.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-11-03 08:28 . 2012-06-01 19:37 27648 c:\windows\SysWOW64\bsh\usr\X11R6\bin\xauth.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 27648 c:\windows\SysWOW64\bsh\usr\X11R6\bin\xauth.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 34816 c:\windows\SysWOW64\bsh\usr\sbin\syslogd.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 34816 c:\windows\SysWOW64\bsh\usr\sbin\syslogd.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 82446 c:\windows\SysWOW64\bsh\usr\sbin\ssh-pkcs11-helper.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 82446 c:\windows\SysWOW64\bsh\usr\sbin\ssh-pkcs11-helper.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 53774 c:\windows\SysWOW64\bsh\usr\sbin\sftp-server.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 53774 c:\windows\SysWOW64\bsh\usr\sbin\sftp-server.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 55310 c:\windows\SysWOW64\bsh\bin\who.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 55310 c:\windows\SysWOW64\bsh\bin\who.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 27648 c:\windows\SysWOW64\bsh\bin\vmstat.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 27648 c:\windows\SysWOW64\bsh\bin\vmstat.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 47104 c:\windows\SysWOW64\bsh\bin\users.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 47104 c:\windows\SysWOW64\bsh\bin\users.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 15360 c:\windows\SysWOW64\bsh\bin\uptime.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 15360 c:\windows\SysWOW64\bsh\bin\uptime.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 32768 c:\windows\SysWOW64\bsh\bin\sudoku.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 32768 c:\windows\SysWOW64\bsh\bin\sudoku.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 50702 c:\windows\SysWOW64\bsh\bin\su.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 50702 c:\windows\SysWOW64\bsh\bin\su.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 68110 c:\windows\SysWOW64\bsh\bin\stty.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 68110 c:\windows\SysWOW64\bsh\bin\stty.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 30208 c:\windows\SysWOW64\bsh\bin\strace.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 30208 c:\windows\SysWOW64\bsh\bin\strace.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 21006 c:\windows\SysWOW64\bsh\bin\ssp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 21006 c:\windows\SysWOW64\bsh\bin\ssp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 94734 c:\windows\SysWOW64\bsh\bin\ssh-agent.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 94734 c:\windows\SysWOW64\bsh\bin\ssh-agent.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 12800 c:\windows\SysWOW64\bsh\bin\shutdown.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 12800 c:\windows\SysWOW64\bsh\bin\shutdown.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 69134 c:\windows\SysWOW64\bsh\bin\shred.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 69134 c:\windows\SysWOW64\bsh\bin\shred.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 69646 c:\windows\SysWOW64\bsh\bin\sha256sum.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 69646 c:\windows\SysWOW64\bsh\bin\sha256sum.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 69646 c:\windows\SysWOW64\bsh\bin\sha224sum.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 69646 c:\windows\SysWOW64\bsh\bin\sha224sum.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 61454 c:\windows\SysWOW64\bsh\bin\sha1sum.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 61454 c:\windows\SysWOW64\bsh\bin\sha1sum.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 85518 c:\windows\SysWOW64\bsh\bin\sftp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 85518 c:\windows\SysWOW64\bsh\bin\sftp.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 15374 c:\windows\SysWOW64\bsh\bin\setfacl.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 15374 c:\windows\SysWOW64\bsh\bin\setfacl.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 51726 c:\windows\SysWOW64\bsh\bin\seq.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 51726 c:\windows\SysWOW64\bsh\bin\seq.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 97280 c:\windows\SysWOW64\bsh\bin\sed.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 97280 c:\windows\SysWOW64\bsh\bin\sed.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 51214 c:\windows\SysWOW64\bsh\bin\scp.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 51214 c:\windows\SysWOW64\bsh\bin\scp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 17408 c:\windows\SysWOW64\bsh\bin\rsh.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 17408 c:\windows\SysWOW64\bsh\bin\rsh.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 19456 c:\windows\SysWOW64\bsh\bin\rlogin.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 19456 c:\windows\SysWOW64\bsh\bin\rlogin.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 21006 c:\windows\SysWOW64\bsh\bin\regtool.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 21006 c:\windows\SysWOW64\bsh\bin\regtool.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 10766 c:\windows\SysWOW64\bsh\bin\realpath.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 10766 c:\windows\SysWOW64\bsh\bin\realpath.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 16398 c:\windows\SysWOW64\bsh\bin\readshortcut.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 16398 c:\windows\SysWOW64\bsh\bin\readshortcut.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 87040 c:\windows\SysWOW64\bsh\bin\readpst.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 87040 c:\windows\SysWOW64\bsh\bin\readpst.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 21504 c:\windows\SysWOW64\bsh\bin\rcp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 21504 c:\windows\SysWOW64\bsh\bin\rcp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 14350 c:\windows\SysWOW64\bsh\bin\ps.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 14350 c:\windows\SysWOW64\bsh\bin\ps.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 20494 c:\windows\SysWOW64\bsh\bin\passwd.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 20494 c:\windows\SysWOW64\bsh\bin\passwd.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 25088 c:\windows\SysWOW64\bsh\bin\nimesweeper.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 25088 c:\windows\SysWOW64\bsh\bin\nimesweeper.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 26112 c:\windows\SysWOW64\bsh\bin\netcat.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 26112 c:\windows\SysWOW64\bsh\bin\netcat.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 15374 c:\windows\SysWOW64\bsh\bin\mount.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 15374 c:\windows\SysWOW64\bsh\bin\mount.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 18446 c:\windows\SysWOW64\bsh\bin\mkshortcut.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 18446 c:\windows\SysWOW64\bsh\bin\mkshortcut.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 21006 c:\windows\SysWOW64\bsh\bin\mkpasswd.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 21006 c:\windows\SysWOW64\bsh\bin\mkpasswd.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 20494 c:\windows\SysWOW64\bsh\bin\mkgroup.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 20494 c:\windows\SysWOW64\bsh\bin\mkgroup.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 18958 c:\windows\SysWOW64\bsh\bin\locale.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 18958 c:\windows\SysWOW64\bsh\bin\locale.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 13838 c:\windows\SysWOW64\bsh\bin\ldd.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 13838 c:\windows\SysWOW64\bsh\bin\ldd.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 10766 c:\windows\SysWOW64\bsh\bin\kill.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 10766 c:\windows\SysWOW64\bsh\bin\kill.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 14336 c:\windows\SysWOW64\bsh\bin\ipcs.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 14336 c:\windows\SysWOW64\bsh\bin\ipcs.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 26638 c:\windows\SysWOW64\bsh\bin\iconv.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 26638 c:\windows\SysWOW64\bsh\bin\iconv.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 72206 c:\windows\SysWOW64\bsh\bin\chown.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 72206 c:\windows\SysWOW64\bsh\bin\chown.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 68110 c:\windows\SysWOW64\bsh\bin\chmod.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 68110 c:\windows\SysWOW64\bsh\bin\chmod.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 70158 c:\windows\SysWOW64\bsh\bin\chgrp.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 70158 c:\windows\SysWOW64\bsh\bin\chgrp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 23040 c:\windows\SysWOW64\bsh\bin\httping.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 23040 c:\windows\SysWOW64\bsh\bin\httping.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 11278 c:\windows\SysWOW64\bsh\bin\getfacl.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 11278 c:\windows\SysWOW64\bsh\bin\getfacl.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 17920 c:\windows\SysWOW64\bsh\bin\fdupes.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 17920 c:\windows\SysWOW64\bsh\bin\fdupes.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 91402 c:\windows\SysWOW64\bsh\bin\email.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 91402 c:\windows\SysWOW64\bsh\bin\email.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 68608 c:\windows\SysWOW64\bsh\bin\editrights.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 68608 c:\windows\SysWOW64\bsh\bin\editrights.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 54272 c:\windows\SysWOW64\bsh\bin\dmidecode.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 54272 c:\windows\SysWOW64\bsh\bin\dmidecode.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 65536 c:\windows\SysWOW64\bsh\bin\cygz.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 65536 c:\windows\SysWOW64\bsh\bin\cygz.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 10240 c:\windows\SysWOW64\bsh\bin\cygXmuu-1.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 10240 c:\windows\SysWOW64\bsh\bin\cygXmuu-1.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 50176 c:\windows\SysWOW64\bsh\bin\cygXext-6.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 50176 c:\windows\SysWOW64\bsh\bin\cygXext-6.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 24064 c:\windows\SysWOW64\bsh\bin\cygwrap-0.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 24064 c:\windows\SysWOW64\bsh\bin\cygwrap-0.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 10254 c:\windows\SysWOW64\bsh\bin\cygssp-0.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 10254 c:\windows\SysWOW64\bsh\bin\cygssp-0.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 27662 c:\windows\SysWOW64\bsh\bin\cygSM-6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 27662 c:\windows\SysWOW64\bsh\bin\cygSM-6.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 22528 c:\windows\SysWOW64\bsh\bin\cygpopt-0.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 22528 c:\windows\SysWOW64\bsh\bin\cygpopt-0.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 22542 c:\windows\SysWOW64\bsh\bin\cygpath.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 22542 c:\windows\SysWOW64\bsh\bin\cygpath.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 24064 c:\windows\SysWOW64\bsh\bin\cygminires.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 24064 c:\windows\SysWOW64\bsh\bin\cygminires.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 31232 c:\windows\SysWOW64\bsh\bin\cygintl-8.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 31232 c:\windows\SysWOW64\bsh\bin\cygintl-8.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 31744 c:\windows\SysWOW64\bsh\bin\cygintl-3.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 31744 c:\windows\SysWOW64\bsh\bin\cygintl-3.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 74766 c:\windows\SysWOW64\bsh\bin\cygICE-6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 74766 c:\windows\SysWOW64\bsh\bin\cygICE-6.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 46094 c:\windows\SysWOW64\bsh\bin\cyggcc_s-1.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 46094 c:\windows\SysWOW64\bsh\bin\cyggcc_s-1.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 19968 c:\windows\SysWOW64\bsh\bin\ctris.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 19968 c:\windows\SysWOW64\bsh\bin\ctris.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 35342 c:\windows\SysWOW64\bsh\bin\crontab.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 35342 c:\windows\SysWOW64\bsh\bin\crontab.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 40462 c:\windows\SysWOW64\bsh\bin\cron.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 40462 c:\windows\SysWOW64\bsh\bin\cron.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 53262 c:\windows\SysWOW64\bsh\bin\base64.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 53262 c:\windows\SysWOW64\bsh\bin\base64.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 79886 c:\windows\SysWOW64\bsh\bin\ash.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 79886 c:\windows\SysWOW64\bsh\bin\ash.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 65536 c:\windows\SysWOW64\bsh\bin\afio.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 65536 c:\windows\SysWOW64\bsh\bin\afio.exe
+ 2009-07-14 05:10 . 2012-06-02 02:45 37706 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-09-23 10:59 . 2012-06-02 02:45 15622 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-695818009-2212152024-3822427678-1001_UserData.bin
- 2011-11-03 08:28 . 2012-06-01 19:37 1656 c:\windows\SysWOW64\bsh\usr\share\terminfo\6e\nansi.sys
+ 2011-11-03 08:28 . 2012-06-02 02:42 1656 c:\windows\SysWOW64\bsh\usr\share\terminfo\6e\nansi.sys
- 2011-11-03 08:28 . 2012-06-01 19:37 1594 c:\windows\SysWOW64\bsh\usr\share\terminfo\61\ansi.sys
+ 2011-11-03 08:28 . 2012-06-02 02:42 1594 c:\windows\SysWOW64\bsh\usr\share\terminfo\61\ansi.sys
+ 2011-11-03 08:28 . 2012-06-02 02:42 8718 c:\windows\SysWOW64\bsh\bin\umount.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 8718 c:\windows\SysWOW64\bsh\bin\umount.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 5632 c:\windows\SysWOW64\bsh\bin\syslog.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 5632 c:\windows\SysWOW64\bsh\bin\syslog.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 4096 c:\windows\SysWOW64\bsh\bin\setsid.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 4096 c:\windows\SysWOW64\bsh\bin\setsid.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 7694 c:\windows\SysWOW64\bsh\bin\setmetamode.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 7694 c:\windows\SysWOW64\bsh\bin\setmetamode.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 5120 c:\windows\SysWOW64\bsh\bin\renice.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 5120 c:\windows\SysWOW64\bsh\bin\renice.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 9728 c:\windows\SysWOW64\bsh\bin\ping.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 9728 c:\windows\SysWOW64\bsh\bin\ping.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 1536 c:\windows\SysWOW64\bsh\bin\ldh.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 1536 c:\windows\SysWOW64\bsh\bin\ldh.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 8192 c:\windows\SysWOW64\bsh\bin\cygXau-6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 8192 c:\windows\SysWOW64\bsh\bin\cygXau-6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 4608 c:\windows\SysWOW64\bsh\bin\cygwin-console-helper.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 4608 c:\windows\SysWOW64\bsh\bin\cygwin-console-helper.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 6656 c:\windows\SysWOW64\bsh\bin\cygcrypt-0.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 6656 c:\windows\SysWOW64\bsh\bin\cygcrypt-0.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 6656 c:\windows\SysWOW64\bsh\bin\crypt.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 6656 c:\windows\SysWOW64\bsh\bin\crypt.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 8718 c:\windows\SysWOW64\bsh\bin\cronevents.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 8718 c:\windows\SysWOW64\bsh\bin\cronevents.exe
- 2011-09-23 17:55 . 2012-03-27 07:22 3678 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-09-23 17:55 . 2012-06-02 01:16 3678 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2011-08-27 11:14 . 2012-06-01 19:35 2190 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-08-27 11:14 . 2012-06-02 01:16 2190 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2012-06-01 19:36 . 2012-06-01 19:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-02 02:41 . 2012-06-02 02:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-02 02:41 . 2012-06-02 02:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-01 19:36 . 2012-06-01 19:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-03 08:28 . 2012-06-01 19:37 397838 c:\windows\SysWOW64\bsh\usr\sbin\sshd.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 397838 c:\windows\SysWOW64\bsh\usr\sbin\sshd.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 201742 c:\windows\SysWOW64\bsh\usr\sbin\ssh-keysign.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 201742 c:\windows\SysWOW64\bsh\usr\sbin\ssh-keysign.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 152590 c:\windows\SysWOW64\bsh\usr\sbin\cygserver.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 152590 c:\windows\SysWOW64\bsh\usr\sbin\cygserver.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 231936 c:\windows\SysWOW64\bsh\bin\zip.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 231936 c:\windows\SysWOW64\bsh\bin\zip.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 213504 c:\windows\SysWOW64\bsh\bin\wget.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 213504 c:\windows\SysWOW64\bsh\bin\wget.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 114688 c:\windows\SysWOW64\bsh\bin\telnet.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 114688 c:\windows\SysWOW64\bsh\bin\telnet.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 202752 c:\windows\SysWOW64\bsh\bin\TCPCapture.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 202752 c:\windows\SysWOW64\bsh\bin\TCPCapture.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 346638 c:\windows\SysWOW64\bsh\bin\ssh.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 346638 c:\windows\SysWOW64\bsh\bin\ssh.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 196110 c:\windows\SysWOW64\bsh\bin\ssh-keyscan.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 196110 c:\windows\SysWOW64\bsh\bin\ssh-keyscan.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 150030 c:\windows\SysWOW64\bsh\bin\ssh-keygen.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 150030 c:\windows\SysWOW64\bsh\bin\ssh-keygen.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 108558 c:\windows\SysWOW64\bsh\bin\ssh-add.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 108558 c:\windows\SysWOW64\bsh\bin\ssh-add.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 111118 c:\windows\SysWOW64\bsh\bin\sha512sum.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 111118 c:\windows\SysWOW64\bsh\bin\sha512sum.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 111118 c:\windows\SysWOW64\bsh\bin\sha384sum.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 111118 c:\windows\SysWOW64\bsh\bin\sha384sum.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 356878 c:\windows\SysWOW64\bsh\bin\rsync.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 356878 c:\windows\SysWOW64\bsh\bin\rsync.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 299008 c:\windows\SysWOW64\bsh\bin\rebase.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 299008 c:\windows\SysWOW64\bsh\bin\rebase.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 415758 c:\windows\SysWOW64\bsh\bin\openssl.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 415758 c:\windows\SysWOW64\bsh\bin\openssl.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 241664 c:\windows\SysWOW64\bsh\bin\ncftp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 241664 c:\windows\SysWOW64\bsh\bin\ncftp.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 198670 c:\windows\SysWOW64\bsh\bin\mathomatic.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 198670 c:\windows\SysWOW64\bsh\bin\mathomatic.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 113494 c:\windows\SysWOW64\bsh\bin\iperf.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 113494 c:\windows\SysWOW64\bsh\bin\iperf.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 296974 c:\windows\SysWOW64\bsh\bin\gawk.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 296974 c:\windows\SysWOW64\bsh\bin\gawk.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 232448 c:\windows\SysWOW64\bsh\bin\ftp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 232448 c:\windows\SysWOW64\bsh\bin\ftp.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 199182 c:\windows\SysWOW64\bsh\bin\find.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 199182 c:\windows\SysWOW64\bsh\bin\find.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 287232 c:\windows\SysWOW64\bsh\bin\cygXt-6.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 287232 c:\windows\SysWOW64\bsh\bin\cygXt-6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 905216 c:\windows\SysWOW64\bsh\bin\cygX11-6.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 905216 c:\windows\SysWOW64\bsh\bin\cygX11-6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 270862 c:\windows\SysWOW64\bsh\bin\cygssl-0.9.8.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 270862 c:\windows\SysWOW64\bsh\bin\cygssl-0.9.8.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 165390 c:\windows\SysWOW64\bsh\bin\cygreadline7.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 165390 c:\windows\SysWOW64\bsh\bin\cygreadline7.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 158208 c:\windows\SysWOW64\bsh\bin\cygreadline6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 158208 c:\windows\SysWOW64\bsh\bin\cygreadline6.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 202766 c:\windows\SysWOW64\bsh\bin\cygncurses-9.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 202766 c:\windows\SysWOW64\bsh\bin\cygncurses-9.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 242176 c:\windows\SysWOW64\bsh\bin\cygncurses-8.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 242176 c:\windows\SysWOW64\bsh\bin\cygncurses-8.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 136718 c:\windows\SysWOW64\bsh\bin\cygcheck.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 136718 c:\windows\SysWOW64\bsh\bin\cygcheck.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 500238 c:\windows\SysWOW64\bsh\bin\cygfreetype-6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 500238 c:\windows\SysWOW64\bsh\bin\cygfreetype-6.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 334862 c:\windows\SysWOW64\bsh\bin\bb.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 334862 c:\windows\SysWOW64\bsh\bin\bb.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 472064 c:\windows\SysWOW64\bsh\bin\bash.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 472064 c:\windows\SysWOW64\bsh\bin\bash.exe
+ 2011-09-24 11:18 . 2012-06-02 00:50 470648 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:01 . 2012-06-01 19:35 419436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-02 01:16 419436 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-11-03 08:28 . 2012-06-02 02:42 1382912 c:\windows\SysWOW64\bsh\bin\vim.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 1382912 c:\windows\SysWOW64\bsh\bin\vim.exe
- 2011-11-03 08:28 . 2012-06-01 19:37 1242112 c:\windows\SysWOW64\bsh\bin\nedit.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 1242112 c:\windows\SysWOW64\bsh\bin\nedit.exe
+ 2011-11-03 08:28 . 2012-06-02 02:42 1201152 c:\windows\SysWOW64\bsh\bin\cygXm-2.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 1201152 c:\windows\SysWOW64\bsh\bin\cygXm-2.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 2611988 c:\windows\SysWOW64\bsh\bin\cygwin1.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 2611988 c:\windows\SysWOW64\bsh\bin\cygwin1.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 1005582 c:\windows\SysWOW64\bsh\bin\cygiconv-2.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 1005582 c:\windows\SysWOW64\bsh\bin\cygiconv-2.dll
- 2011-11-03 08:28 . 2012-06-01 19:37 1172494 c:\windows\SysWOW64\bsh\bin\cygcrypto-0.9.8.dll
+ 2011-11-03 08:28 . 2012-06-02 02:42 1172494 c:\windows\SysWOW64\bsh\bin\cygcrypto-0.9.8.dll
+ 2011-12-28 19:15 . 2012-06-02 01:16 1024584 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-12-28 19:15 . 2012-06-01 19:35 1024584 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-09-25 01:29 . 2012-06-01 19:35 4328812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-695818009-2212152024-3822427678-1001-12288.dat
+ 2011-09-25 01:29 . 2012-06-02 01:16 4328812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-695818009-2212152024-3822427678-1001-12288.dat
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 910208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HP HD Webcam [Fixed]_Monitor"="c:\program files (x86)\HP HD Webcam [Fixed]\monitor.exe" [2010-11-26 11:31 267128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2011-03-07 62184]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-10-18 38424]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 ghsdiagMDM;Handset Diagnostic Port;c:\windows\system32\DRIVERS\ghsdiagMDM.sys [x]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator;c:\windows\system32\DRIVERS\GRemoteBus64.sys [x]
R3 GRemoteJoy;GRemote virtual joystick Device Driver;c:\windows\system32\DRIVERS\GRemoteJoy64.sys [x]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2010-10-20 11776]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;c:\windows\system32\ZDCNDIS6a64.sys [2009-04-24 41280]
R3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\DRIVERS\zghsdiag.sys [2011-01-13 122624]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-01-13 122624]
R3 zghsnmea;ZTE General Handset NMEA Port;c:\windows\system32\DRIVERS\zghsnmea.sys [2011-01-13 122624]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 MobaSSH1;MobaSSH;c:\windows\SysWOW64\MobaSSH.exe [2011-11-03 23181824]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 postgresql-x64-9.1;postgresql-x64-9.1 - PostgreSQL Server 9.1;C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N postgresql-x64-9.1 -D C:/Program Files/PostgreSQL/9.1/data -w [x]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2012-03-23 191440]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 20:41]
.
2012-06-02 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2011-09-23 13:44]
.
2012-06-02 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS.exe [2011-09-23 13:44]
.
2012-06-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job
- c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-23 07:40]
.
2012-06-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job
- c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-23 07:40]
.
2012-05-23 c:\windows\Tasks\HPCeeScheduleForJAKUB-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EFEED92A-A33D-4873-BA8F-32BAA631E54D}"= "c:\program files (x86)\Astroburn Toolbar\ABToolbar64.dll" [BU]
.
[HKEY_CLASSES_ROOT\CLSID\{EFEED92A-A33D-4873-BA8F-32BAA631E54D}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\x64\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{B723B1B8-9788-4684-ADA7-D1DB02E1D516} - c:\poker\Noble Poker\casino.exe
TCP: DhcpNameServer = 77.236.211.129 77.236.211.130
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}\2557A79636F524162696: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}\2557A79636F5E4F66797: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{45F7E510-DD1F-44A6-8BA9-CB1EBE8E8854}: NameServer = 8.8.8.8,8.8.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.1]
"ImagePath"="C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.1\" -D \"C:/Program Files/PostgreSQL/9.1/data\" -w"
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.1]
"ImagePath"="C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.1\" -D \"C:/Program Files/PostgreSQL/9.1/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-695818009-2212152024-3822427678-1001\Software\SecuROM\License information*]
"datasecu"=hex:c1,43,2a,90,86,34,9a,2d,7e,2e,34,05,b0,37,1a,87,03,78,2c,d1,45,
01,51,5f,49,da,f6,b0,c4,be,58,2b,ee,ee,29,7a,c2,1c,c0,27,0c,73,35,8d,9c,05,\
"rkeysecu"=hex:5e,76,46,7e,12,10,95,79,a4,09,dd,4a,76,0c,aa,9e
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\SysWOW64\bsh\usr\sbin\sshd.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files (x86)\HP HD Webcam [Fixed]\Monitor.exe
c:\program files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2012-06-02 04:51:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-06-02 02:51
ComboFix2.txt 2012-06-01 19:45
ComboFix3.txt 2012-06-01 15:32
.
Před spuštěním: Volných bajtů: 51 144 269 824
Po spuštění: Volných bajtů: 51 073 437 696
.
- - End Of File - - 90DF89677E99D14F90B1750F09397931

Dále sem stáhnul ten Kaspersky, ale nějak v něm nemohu najít ty kroky, které zmiňujete. Zaškrtlé mám co jste napsal, ale nevím, podle jakých instrukcí pokračovat. Mohu dodat screen popřípadě, jestli nemám nějakou novější verzi, nebo tak. Děkuji

StressCZ · Příspěvekod **StressCZ** » 02 čer 2012 10:48

Tak ještě EDIT, nevím co se stalo ale už funguje .)))
E: nechal jsem přes noc běžet ten Kaspersky nějaký test a teď jsem prostě zkusil klávesnici a jede jak má, takže děkuju Vám všem co se na mém problému podíleli. .))

Příspěvekod **jaro3** » 02 čer 2012 15:33

Myslíš , že už je vše OK?

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

StressCZ · Příspěvekod **StressCZ** » 02 čer 2012 15:42

Klávesnice funguje, což bylo pro mě primární. Ovšem jak jsem zjistil, tak ten vir (nevím jak to pojmenovat, co to bylo, možná keylogger, vážně netuším) se dostal do mého PC společně s hrou Diablo 3, hraním public hry (nevím jestli víte o co se jedná). Spolu s tím se mi nabourali i do herního účtu a smazali veškeré věci co se zde nacházeli (ale to už si řeším s blizzardem, u kterého můžu zažádat o rollback - 24hodinový). Ještě nb projedu podle návodu, který je uveden zde: (http://eu.battle.net/wow/en/forum/topic/900641537). Jinak tedy CCleanerem jsem PC již projel, ještě použiji ten druhý T-Cleaner. Jinak bych se ještě zeptal jen tak OT, co doporučíte na předejití takovýmto "sajrajtům". Děkuji .)

Příspěvekod **jaro3** » 02 čer 2012 22:39

To je těžký , nic není 100%...

Od toho návodu bych Tě rád chtěl odradit..Superantispyware , Spybot , to už nejsou programy co byly...
Můžeš použít jednorázově a pak zase odinstalovat , je dobré předtím vypnout antivir a firewall.

Můžeme pokračovat potom zde , máme zásobu jiných možná účinějších programů..

Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Re: Klavesnice pise jine znaky prosim o kontrolu

Kdo je online