Tak tady je výsledek ComboFixu :
ComboFix 12-03-27.03 - Nomy 27.03.2012 20:06:55.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2420 [GMT 2:00]
Spuštěný z: c:\users\Nomy\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-27 do 2012-03-27 )))))))))))))))))))))))))))))))
.
.
2012-03-27 18:12 . 2012-03-27 18:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\programdata\Malwarebytes
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-27 17:27 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\windows\SysWow64\xlive
2012-03-27 14:44 . 2007-07-19 22:57 411496 ----a-w- c:\windows\system32\xactengine2_9.dll
2012-03-27 11:54 . 2012-03-20 01:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82DB89D5-6AA0-4035-96D2-A426EAACC62B}\mpengine.dll
2012-03-26 18:51 . 2012-03-26 18:51 -------- d-----w- c:\program files (x86)\VideoLAN
2012-03-26 18:41 . 2012-03-26 18:41 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-26 18:41 . 2012-03-26 18:41 -------- d-----w- c:\windows\system32\Macromed
2012-03-26 16:50 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-26 16:50 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-26 16:33 . 2012-03-26 16:33 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-03-26 14:20 . 2012-03-26 14:20 -------- d-----w- C:\TopCD
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\SysWow64\Wat
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\system32\Wat
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\SPReview
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\EventProviders
2012-03-25 21:25 . 2012-03-25 21:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-03-25 21:25 . 2012-03-25 21:25 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-25 21:19 . 2010-11-20 13:27 1646080 ----a-w- c:\windows\system32\wevtsvc.dll
2012-03-25 21:18 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll
2012-03-25 21:17 . 2010-11-20 13:27 4400640 ----a-w- c:\program files\DVD Maker\OmdProject.dll
2012-03-25 21:16 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-03-25 21:16 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-03-25 21:16 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-03-25 21:16 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-03-25 21:16 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-03-25 21:15 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-03-25 20:36 . 2012-03-27 16:59 -------- d-----w- c:\program files (x86)\Steam
2012-03-25 20:35 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-03-25 20:35 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-03-25 20:35 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-03-25 20:35 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-03-25 20:35 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-03-25 20:35 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-03-25 20:35 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-03-25 20:35 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-03-25 20:35 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-03-25 20:35 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-03-25 20:34 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-03-25 20:34 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-03-25 20:34 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-03-25 20:33 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-03-25 20:33 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-03-25 20:33 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-03-25 20:33 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-03-25 20:33 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-03-25 20:33 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-03-25 20:33 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-03-25 20:32 . 2012-03-25 21:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-03-25 20:29 . 2012-03-25 20:29 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-25 19:35 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-25 19:35 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-25 19:35 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-25 19:33 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-25 18:53 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2012-03-25 18:52 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2012-03-25 18:51 . 2011-07-16 05:37 421888 ----a-w- c:\windows\system32\KernelBase.dll
2012-03-25 18:50 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2012-03-25 18:46 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-03-25 18:46 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-03-25 18:42 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-03-25 18:42 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-03-25 17:29 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-25 17:29 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-25 17:29 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-25 17:20 . 2012-03-25 17:20 -------- d-----w- c:\program files (x86)\Google
2012-03-25 17:20 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-25 17:20 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-25 17:20 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-25 17:20 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-25 17:20 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-25 17:20 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-25 17:20 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-25 17:19 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-25 17:19 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\programdata\AVAST Software
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\program files\AVAST Software
2012-03-25 17:15 . 2012-03-25 17:15 -------- d-----w- c:\windows\OemDrv
2012-03-25 17:03 . 2009-07-28 12:48 140632 ----a-w- c:\windows\system32\TODDSrv.exe
2012-03-25 17:01 . 2009-06-22 15:06 35008 ----a-w- c:\windows\system32\drivers\PGEffect.sys
2012-03-25 17:00 . 2012-02-23 07:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-03-25 16:59 . 2012-03-25 17:02 -------- d-----w- c:\programdata\Toshiba
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files\DIFX
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files (x86)\JMicron
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\windows\SysWow64\SDA
2012-03-25 16:55 . 2012-03-25 16:55 -------- d-----w- c:\program files\Synaptics
2012-03-25 16:54 . 2012-03-25 16:55 -------- d-----w- c:\program files (x86)\Realtek WLAN Driver
2012-03-25 16:54 . 2010-04-28 09:32 932384 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys
2012-03-25 16:54 . 2010-04-26 23:23 1103904 ----a-w- c:\windows\system32\drivers\rtl8192se.sys
2012-03-25 16:54 . 2010-04-08 08:07 612352 ----a-w- c:\windows\system32\drivers\rtl819xp.sys
2012-03-25 16:54 . 2010-04-01 12:01 442368 ----a-w- c:\windows\system32\drivers\rtl8187Se.sys
2012-03-25 16:54 . 2010-03-31 09:10 450048 ----a-w- c:\windows\system32\drivers\rtl8187B.sys
2012-03-25 16:54 . 2009-02-05 00:49 451072 ------w- c:\windows\SysWow64\ISSRemoveSP.exe
2012-03-25 16:52 . 2012-03-25 16:52 -------- d-----w- c:\program files\NVIDIA Corporation
2012-03-25 16:47 . 1999-10-12 17:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll
2012-03-25 16:47 . 1999-10-12 17:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll
2012-03-25 16:46 . 2010-03-04 14:44 8192 ----a-w- c:\windows\system32\TSBWLS.dll
2012-03-25 16:46 . 2010-03-04 14:44 49664 ----a-w- c:\windows\system32\HWS_Ctrl.dll
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\windows\SysWow64\Microsoft.VC80.MFC
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\windows\system32\Microsoft.VC80.MFC
2012-03-25 16:46 . 2012-03-25 16:49 -------- d-----w- c:\programdata\win7_64
2012-03-25 16:46 . 2012-03-25 16:49 -------- d-----w- c:\programdata\win7_32
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\programdata\vista64
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\programdata\vista32
2012-03-25 16:45 . 2012-03-25 16:59 -------- d-----w- c:\windows\Downloaded Installations
2012-03-25 16:43 . 2010-01-15 10:22 538136 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-03-25 16:41 . 2012-03-25 16:53 -------- d-----w- c:\programdata\NVIDIA
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\users\UpdatusUser
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\windows\SysWow64\AGEIA
2012-03-25 16:40 . 2010-05-05 17:24 659048 ----a-w- c:\windows\system32\nvuninst.exe
2012-03-25 16:39 . 2012-03-25 16:39 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-25 21:52 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-03-25 21:52 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-03-25 21:36 . 2012-03-25 21:36 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-03-25 21:36 . 2012-03-25 21:36 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-08 1086760]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2009-07-21 701752]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 acpials;Filtr zařízení ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 136176]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-05-05 1604200]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 17:20]
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 17:20]
.
2012-03-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002Core.job
- c:\users\Nomy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-25 17:25]
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002UA.job
- c:\users\Nomy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-25 17:25]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-05 17412200]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.100.252
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
Toolbar-Locked - (no file)
HKLM-Run-(Výchozí) - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Celkový čas: 2012-03-27 20:19:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-27 18:19
.
Před spuštěním: Volných bajtů: 444 290 736 128
Po spuštění: Volných bajtů: 444 149 092 352
.
- - End Of File - - DE9B4C7611210EF2B60BD8B1267EC701
Win32 problém-rychle prosím Vyřešeno
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
Mimochodem po restartu jsem dostal na výběr aktualizaci,která mi nejspíš bude chtít doplnit dll,které jsem měl podle návodu smazat.
Nebude se pak problém opakovat?
Tady je popis té akt. : Byl zjištěn problém se zabezpečením,který umožnuje ohrožení zabezpečení aplikace MFC podvržením knihovny DLL,protože
aplikace MFC neurčuje plnou cestu k systémovým/lokalizačním knihovnám DLL.Instalací této aktualizace od Microsoft zajistíte ochranu sváho počítače.
Název: Aktualizace zabezpečení produktu Security Update for Microsoft Visual C++2005 Service Pack 1Redistributable Package (KB2538242).
Nebude se pak problém opakovat?
Tady je popis té akt. : Byl zjištěn problém se zabezpečením,který umožnuje ohrožení zabezpečení aplikace MFC podvržením knihovny DLL,protože
aplikace MFC neurčuje plnou cestu k systémovým/lokalizačním knihovnám DLL.Instalací této aktualizace od Microsoft zajistíte ochranu sváho počítače.
Název: Aktualizace zabezpečení produktu Security Update for Microsoft Visual C++2005 Service Pack 1Redistributable Package (KB2538242).
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Stáhni si aswMBR na svojí plochu.
Poklepej na aswMBR.exe. Klikni na Scan.
Po skenu klikni na aswASW.log a ulož si ho na plochu, vlož sem celý obsah toho logu.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002UA.job
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=-
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Stáhni si aswMBR na svojí plochu.
Poklepej na aswMBR.exe. Klikni na Scan.
Po skenu klikni na aswASW.log a ulož si ho na plochu, vlož sem celý obsah toho logu.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
U toho 2 to je :
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-27 22:18:50
-----------------------------
22:18:50.261 OS Version: Windows x64 6.1.7601 Service Pack 1
22:18:50.261 Number of processors: 4 586 0x2502
22:18:50.261 ComputerName: NOMY-TOSH UserName: Nomy
22:18:53.287 Initialize success
22:18:53.475 AVAST engine defs: 12032701
22:19:07.608 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:19:07.624 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
22:19:07.639 Disk 0 MBR read successfully
22:19:07.639 Disk 0 MBR scan
22:19:07.639 Disk 0 Windows VISTA default MBR code
22:19:07.671 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
22:19:07.686 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 466771 MB offset 3074048
22:19:07.717 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8668 MB offset 959021056
22:19:07.764 Disk 0 scanning C:\windows\system32\drivers
22:19:22.288 Service scanning
22:20:09.821 Modules scanning
22:20:09.837 Disk 0 trace - called modules:
22:20:09.899 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys
22:20:09.899 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800700d060]
22:20:09.915 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa800700c060]
22:20:13.081 AVAST engine scan C:\windows
22:20:20.476 AVAST engine scan C:\windows\system32
22:22:58.395 AVAST engine scan C:\windows\system32\drivers
22:23:06.725 AVAST engine scan C:\Users\Nomy
22:23:39.111 File: C:\Users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe **INFECTED** Win32:Malware-gen
22:23:39.173 File: C:\Users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe **INFECTED** Win32:Trojan-gen
22:24:19.967 AVAST engine scan C:\ProgramData
22:24:38.032 Scan finished successfully
22:25:40.807 Disk 0 MBR has been saved successfully to "C:\Users\Nomy\Desktop\MBR.dat"
22:25:40.807 The log file has been saved successfully to "C:\Users\Nomy\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-27 22:18:50
-----------------------------
22:18:50.261 OS Version: Windows x64 6.1.7601 Service Pack 1
22:18:50.261 Number of processors: 4 586 0x2502
22:18:50.261 ComputerName: NOMY-TOSH UserName: Nomy
22:18:53.287 Initialize success
22:18:53.475 AVAST engine defs: 12032701
22:19:07.608 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:19:07.624 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
22:19:07.639 Disk 0 MBR read successfully
22:19:07.639 Disk 0 MBR scan
22:19:07.639 Disk 0 Windows VISTA default MBR code
22:19:07.671 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
22:19:07.686 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 466771 MB offset 3074048
22:19:07.717 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8668 MB offset 959021056
22:19:07.764 Disk 0 scanning C:\windows\system32\drivers
22:19:22.288 Service scanning
22:20:09.821 Modules scanning
22:20:09.837 Disk 0 trace - called modules:
22:20:09.899 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys
22:20:09.899 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800700d060]
22:20:09.915 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa800700c060]
22:20:13.081 AVAST engine scan C:\windows
22:20:20.476 AVAST engine scan C:\windows\system32
22:22:58.395 AVAST engine scan C:\windows\system32\drivers
22:23:06.725 AVAST engine scan C:\Users\Nomy
22:23:39.111 File: C:\Users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe **INFECTED** Win32:Malware-gen
22:23:39.173 File: C:\Users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe **INFECTED** Win32:Trojan-gen
22:24:19.967 AVAST engine scan C:\ProgramData
22:24:38.032 Scan finished successfully
22:25:40.807 Disk 0 MBR has been saved successfully to "C:\Users\Nomy\Desktop\MBR.dat"
22:25:40.807 The log file has been saved successfully to "C:\Users\Nomy\Desktop\aswMBR.txt"
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
Ale u prvního je výsledek moc velký,abych ho dal na forum ,takze ho tu dam na 2 casty:
ComboFix 12-03-27.03 - Nomy 27.03.2012 21:34:28.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2559 [GMT 2:00]
Spuštěný z: c:\users\Nomy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Nomy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-27 do 2012-03-27 )))))))))))))))))))))))))))))))
.
.
2012-03-27 19:46 . 2012-03-27 19:46 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-03-27 19:46 . 2012-03-27 19:46 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-03-27 19:46 . 2012-03-27 19:46 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-03-27 19:46 . 2012-03-27 19:46 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-03-27 19:46 . 2012-03-27 19:46 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2012-03-27 19:46 . 2012-03-27 19:46 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-03-27 19:45 . 2012-03-27 19:45 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2012-03-27 19:45 . 2012-03-27 19:45 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2012-03-27 19:45 . 2012-03-27 19:45 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2012-03-27 19:45 . 2012-03-27 19:45 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2012-03-27 19:45 . 2012-03-27 19:45 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2012-03-27 19:45 . 2012-03-27 19:45 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2012-03-27 19:45 . 2012-03-27 19:45 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2012-03-27 19:45 . 2012-03-27 19:45 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2012-03-27 19:45 . 2012-03-27 19:45 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2012-03-27 19:45 . 2012-03-27 19:45 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2012-03-27 19:45 . 2012-03-27 19:45 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2012-03-27 19:43 . 2012-03-27 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\programdata\Malwarebytes
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-27 17:27 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\windows\SysWow64\xlive
2012-03-27 14:44 . 2007-07-19 22:57 411496 ----a-w- c:\windows\system32\xactengine2_9.dll
2012-03-27 11:54 . 2012-03-20 01:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82DB89D5-6AA0-4035-96D2-A426EAACC62B}\mpengine.dll
2012-03-26 18:51 . 2012-03-26 18:51 -------- d-----w- c:\program files (x86)\VideoLAN
2012-03-26 18:41 . 2012-03-26 18:41 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-26 18:41 . 2012-03-26 18:41 -------- d-----w- c:\windows\system32\Macromed
2012-03-26 16:50 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-26 16:50 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-26 16:33 . 2012-03-26 16:33 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-03-26 14:20 . 2012-03-26 14:20 -------- d-----w- C:\TopCD
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\SysWow64\Wat
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\system32\Wat
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\SPReview
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\EventProviders
2012-03-25 21:25 . 2012-03-25 21:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-03-25 21:25 . 2012-03-25 21:25 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-25 21:19 . 2010-11-20 13:27 1646080 ----a-w- c:\windows\system32\wevtsvc.dll
2012-03-25 21:18 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll
2012-03-25 21:17 . 2010-11-20 13:27 4400640 ----a-w- c:\program files\DVD Maker\OmdProject.dll
2012-03-25 21:16 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-03-25 21:16 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-03-25 21:16 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-03-25 21:16 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-03-25 21:16 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-03-25 21:15 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-03-25 20:36 . 2012-03-27 19:08 -------- d-----w- c:\program files (x86)\Steam
2012-03-25 20:35 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-03-25 20:35 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-03-25 20:35 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-03-25 20:35 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-03-25 20:35 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-03-25 20:35 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-03-25 20:35 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-03-25 20:35 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-03-25 20:35 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-03-25 20:35 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-03-25 20:34 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-03-25 20:34 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-03-25 20:34 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-03-25 20:33 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-03-25 20:33 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-03-25 20:33 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-03-25 20:33 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-03-25 20:33 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-03-25 20:33 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-03-25 20:33 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-03-25 20:32 . 2012-03-25 21:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-03-25 20:29 . 2012-03-25 20:29 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-25 19:35 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-25 19:35 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-25 19:35 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-25 19:33 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-25 18:53 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2012-03-25 18:52 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2012-03-25 18:51 . 2011-07-16 05:37 421888 ----a-w- c:\windows\system32\KernelBase.dll
2012-03-25 18:50 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2012-03-25 18:46 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-03-25 18:46 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-03-25 18:42 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-03-25 18:42 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-03-25 17:29 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-25 17:29 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-25 17:29 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-25 17:20 . 2012-03-25 17:20 -------- d-----w- c:\program files (x86)\Google
2012-03-25 17:20 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-25 17:20 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-25 17:20 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-25 17:20 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-25 17:20 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-25 17:20 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-25 17:20 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-25 17:19 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-25 17:19 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\programdata\AVAST Software
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\program files\AVAST Software
2012-03-25 17:15 . 2012-03-25 17:15 -------- d-----w- c:\windows\OemDrv
2012-03-25 17:03 . 2009-07-28 12:48 140632 ----a-w- c:\windows\system32\TODDSrv.exe
2012-03-25 17:01 . 2009-06-22 15:06 35008 ----a-w- c:\windows\system32\drivers\PGEffect.sys
2012-03-25 17:00 . 2012-02-23 07:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-03-25 16:59 . 2012-03-25 17:02 -------- d-----w- c:\programdata\Toshiba
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files\DIFX
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files (x86)\JMicron
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\windows\SysWow64\SDA
2012-03-25 16:55 . 2012-03-25 16:55 -------- d-----w- c:\program files\Synaptics
2012-03-25 16:54 . 2012-03-25 16:55 -------- d-----w- c:\program files (x86)\Realtek WLAN Driver
2012-03-25 16:54 . 2010-04-28 09:32 932384 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys
2012-03-25 16:54 . 2010-04-26 23:23 1103904 ----a-w- c:\windows\system32\drivers\rtl8192se.sys
2012-03-25 16:54 . 2010-04-08 08:07 612352 ----a-w- c:\windows\system32\drivers\rtl819xp.sys
2012-03-25 16:54 . 2010-04-01 12:01 442368 ----a-w- c:\windows\system32\drivers\rtl8187Se.sys
2012-03-25 16:54 . 2010-03-31 09:10 450048 ----a-w- c:\windows\system32\drivers\rtl8187B.sys
2012-03-25 16:54 . 2009-02-05 00:49 451072 ------w- c:\windows\SysWow64\ISSRemoveSP.exe
2012-03-25 16:52 . 2012-03-25 16:52 -------- d-----w- c:\program files\NVIDIA Corporation
2012-03-25 16:47 . 1999-10-12 17:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll
2012-03-25 16:47 . 1999-10-12 17:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-25 21:52 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-03-25 21:52 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-03-25 21:36 . 2012-03-25 21:36 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-03-25 21:36 . 2012-03-25 21:36 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
.
ComboFix 12-03-27.03 - Nomy 27.03.2012 21:34:28.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2559 [GMT 2:00]
Spuštěný z: c:\users\Nomy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Nomy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2354811146-407768284-2492069451-1002UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-27 do 2012-03-27 )))))))))))))))))))))))))))))))
.
.
2012-03-27 19:46 . 2012-03-27 19:46 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-03-27 19:46 . 2012-03-27 19:46 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-03-27 19:46 . 2012-03-27 19:46 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-03-27 19:46 . 2012-03-27 19:46 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-03-27 19:46 . 2012-03-27 19:46 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2012-03-27 19:46 . 2012-03-27 19:46 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-03-27 19:45 . 2012-03-27 19:45 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2012-03-27 19:45 . 2012-03-27 19:45 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2012-03-27 19:45 . 2012-03-27 19:45 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2012-03-27 19:45 . 2012-03-27 19:45 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2012-03-27 19:45 . 2012-03-27 19:45 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2012-03-27 19:45 . 2012-03-27 19:45 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2012-03-27 19:45 . 2012-03-27 19:45 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2012-03-27 19:45 . 2012-03-27 19:45 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2012-03-27 19:45 . 2012-03-27 19:45 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2012-03-27 19:45 . 2012-03-27 19:45 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2012-03-27 19:45 . 2012-03-27 19:45 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2012-03-27 19:43 . 2012-03-27 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\programdata\Malwarebytes
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-27 17:27 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\windows\SysWow64\xlive
2012-03-27 14:44 . 2007-07-19 22:57 411496 ----a-w- c:\windows\system32\xactengine2_9.dll
2012-03-27 11:54 . 2012-03-20 01:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82DB89D5-6AA0-4035-96D2-A426EAACC62B}\mpengine.dll
2012-03-26 18:51 . 2012-03-26 18:51 -------- d-----w- c:\program files (x86)\VideoLAN
2012-03-26 18:41 . 2012-03-26 18:41 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-26 18:41 . 2012-03-26 18:41 -------- d-----w- c:\windows\system32\Macromed
2012-03-26 16:50 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-26 16:50 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-26 16:33 . 2012-03-26 16:33 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-03-26 14:20 . 2012-03-26 14:20 -------- d-----w- C:\TopCD
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\SysWow64\Wat
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\system32\Wat
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\SPReview
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\EventProviders
2012-03-25 21:25 . 2012-03-25 21:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-03-25 21:25 . 2012-03-25 21:25 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-25 21:19 . 2010-11-20 13:27 1646080 ----a-w- c:\windows\system32\wevtsvc.dll
2012-03-25 21:18 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll
2012-03-25 21:17 . 2010-11-20 13:27 4400640 ----a-w- c:\program files\DVD Maker\OmdProject.dll
2012-03-25 21:16 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-03-25 21:16 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-03-25 21:16 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-03-25 21:16 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-03-25 21:16 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-03-25 21:15 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-03-25 20:36 . 2012-03-27 19:08 -------- d-----w- c:\program files (x86)\Steam
2012-03-25 20:35 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-03-25 20:35 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-03-25 20:35 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-03-25 20:35 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-03-25 20:35 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-03-25 20:35 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-03-25 20:35 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-03-25 20:35 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-03-25 20:35 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-03-25 20:35 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-03-25 20:34 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-03-25 20:34 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-03-25 20:34 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-03-25 20:33 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-03-25 20:33 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-03-25 20:33 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-03-25 20:33 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-03-25 20:33 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-03-25 20:33 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-03-25 20:33 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-03-25 20:32 . 2012-03-25 21:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-03-25 20:29 . 2012-03-25 20:29 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-25 19:35 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-25 19:35 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-25 19:35 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-25 19:33 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-25 18:53 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2012-03-25 18:52 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2012-03-25 18:51 . 2011-07-16 05:37 421888 ----a-w- c:\windows\system32\KernelBase.dll
2012-03-25 18:50 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2012-03-25 18:46 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-03-25 18:46 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-03-25 18:42 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-03-25 18:42 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-03-25 17:29 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-25 17:29 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-25 17:29 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-25 17:20 . 2012-03-25 17:20 -------- d-----w- c:\program files (x86)\Google
2012-03-25 17:20 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-25 17:20 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-25 17:20 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-25 17:20 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-25 17:20 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-25 17:20 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-25 17:20 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-25 17:19 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-25 17:19 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\programdata\AVAST Software
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\program files\AVAST Software
2012-03-25 17:15 . 2012-03-25 17:15 -------- d-----w- c:\windows\OemDrv
2012-03-25 17:03 . 2009-07-28 12:48 140632 ----a-w- c:\windows\system32\TODDSrv.exe
2012-03-25 17:01 . 2009-06-22 15:06 35008 ----a-w- c:\windows\system32\drivers\PGEffect.sys
2012-03-25 17:00 . 2012-02-23 07:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-03-25 16:59 . 2012-03-25 17:02 -------- d-----w- c:\programdata\Toshiba
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files\DIFX
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files (x86)\JMicron
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\windows\SysWow64\SDA
2012-03-25 16:55 . 2012-03-25 16:55 -------- d-----w- c:\program files\Synaptics
2012-03-25 16:54 . 2012-03-25 16:55 -------- d-----w- c:\program files (x86)\Realtek WLAN Driver
2012-03-25 16:54 . 2010-04-28 09:32 932384 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys
2012-03-25 16:54 . 2010-04-26 23:23 1103904 ----a-w- c:\windows\system32\drivers\rtl8192se.sys
2012-03-25 16:54 . 2010-04-08 08:07 612352 ----a-w- c:\windows\system32\drivers\rtl819xp.sys
2012-03-25 16:54 . 2010-04-01 12:01 442368 ----a-w- c:\windows\system32\drivers\rtl8187Se.sys
2012-03-25 16:54 . 2010-03-31 09:10 450048 ----a-w- c:\windows\system32\drivers\rtl8187B.sys
2012-03-25 16:54 . 2009-02-05 00:49 451072 ------w- c:\windows\SysWow64\ISSRemoveSP.exe
2012-03-25 16:52 . 2012-03-25 16:52 -------- d-----w- c:\program files\NVIDIA Corporation
2012-03-25 16:47 . 1999-10-12 17:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll
2012-03-25 16:47 . 1999-10-12 17:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-25 21:52 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-03-25 21:52 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-03-25 21:36 . 2012-03-25 21:36 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-03-25 21:36 . 2012-03-25 21:36 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
.
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
((((((((((((((((((((((((((((( SnapShot@2012-03-27_18.14.59 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-03-27 18:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-27 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-27 19:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-27 18:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-27 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-27 18:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-07 18:16 . 2012-03-27 18:23 43802 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-27 18:23 37692 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-03-27 19:26 . 2012-03-27 19:26 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\5b53a87f7799ee5454e4fb8faece3a82\System.AddIn.Contract.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\8dd565cc0b374e1eec73cf7eaba91e92\UIAutomationProvider.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\077e75015456f75a0495f65cfcf140cb\System.Windows.Presentation.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\22a9aa847a8e4e651a35b63270ce8999\System.Web.ApplicationServices.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\fdeb5ca04943da59f732d3001d6a0df0\System.ServiceModel.Channels.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\9688786618bf6390637c283b5bd1c9b3\System.AddIn.Contract.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\6ffc3ac04451b4978519218fd266403e\Microsoft.VisualC.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\8cbc15b63aa3f06453f1aaa8659cf809\Accessibility.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\c22781f6201c8db16b404644884e48b8\WindowsLiveWriter.ni.exe
+ 2012-03-27 19:15 . 2012-03-27 19:15 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b018eb1e5276252053c62766b66978e9\WindowsLive.Writer.Api.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\df6e2f050af3e7a7676650240ef9d7e5\System.Windows.Presentation.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e66fcffbc602b284e20b6c49f4ac64b6\System.Web.DynamicData.Design.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2463cb2600fc129e38f67974f3553368\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\32d21563937263ee3ae9eecfa59fdc3d\System.AddIn.Contract.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\17b4308b0e6d35c1230135ed25fffbfe\stdole.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\bef92fc6725738f2a261600dab88cd66\PresentationFontCache.ni.exe
+ 2012-03-27 19:17 . 2012-03-27 19:17 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\a38f8e60cdbca2d158d8daaea9577934\napcrypt.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\7834abeef71f9188bb9d9253d8f807ab\Microsoft.WSMan.Runtime.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ef668f1802501935d634458ef637f5e7\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ed12245481e36d8cc238876bd79b1e6c\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\a66c7d26f61bb8e12960441a77159102\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\62e68252fc137a55d2d39fe0d5093599\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\61a8d567fe6450b5b77584b0044a6979\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\52785c0dca46f1e08b5cf9299fba9ae0\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\183073b14873e3b18951879ae4a8b425\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\824d2cc6a8193a2458ce90e579c8b8f5\Microsoft.Vsa.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aac5bc888c15c2630ea22e517e4e19f8\Microsoft.Build.Framework.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4ee55572f0f54a71e24fe3fec094968b\Microsoft.Build.Framework.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\e6e4bd9a47848b93cd2dd8a688968741\ehiUserXp.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\94a173b39fa90956937b41c775ac66d7\dfsvc.ni.exe
- 2012-03-27 14:44 . 2012-03-27 14:44 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2012-03-25 17:28 . 2012-03-27 18:23 5114 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2354811146-407768284-2492069451-1002_UserData.bin
+ 2012-03-27 19:45 . 2012-03-27 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-27 18:14 . 2012-03-27 18:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-27 18:14 . 2012-03-27 18:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-27 19:45 . 2012-03-27 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-27 19:40 . 2012-03-27 19:40 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\6bafe185b3d23de57ec689035642fe43\System.Xml.Serialization.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\592252ee904bd41f99cd1d19909b548c\dfsvc.ni.exe
- 2009-07-14 05:01 . 2012-03-27 18:12 307212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-27 19:44 307212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-27 19:25 . 2012-03-27 19:25 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\b2a2a1fb4e1313088250b334b3af2a15\UIAutomationTypes.ni.dll
+ 2012-03-27 19:25 . 2012-03-27 19:25 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\dcb9e1eaa1491094f79c3288b8c78830\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-27 19:27 . 2012-03-27 19:27 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\db296a100034c7dee5f80219f0542df7\System.Data.DataSetExtensions.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\0f771cbf8b32ae1618f4cd4266337b3c\System.Configuration.Install.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\501ad39b1ef6f43e8dc92a4efa7c35ea\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\f8c6e4854178bb4d928c8aec1c04648d\System.AddIn.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\3503e3c2a87db97b720c0ed8a5d59f61\System.Activities.DurableInstancing.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\d5a18f2355101b19f23ff2f31d1d1e17\WindowsFormsIntegration.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\9562374f940f41cdc64d88268d543f0b\UIAutomationTypes.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\641eec5b274fe3972d02892607f9b650\UIAutomationClient.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\295b3156b838ca161a64a5456522438b\System.Xml.Linq.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\0b68854406b775365c6d91e87813c2dc\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\5e3cf00b80c0aecd8392f1702d2d0f28\System.Transactions.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\bf0b3689dd5e261097f2feb2ed0103e8\System.ServiceProcess.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d3d9c582c7cd77f17fd93167dc462242\System.ServiceModel.Routing.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7b17528dffe47d9b17be6086a575a516\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\533deafc53346179cd118acc874752a3\System.Runtime.Remoting.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\965e2749489298cc85387f44f76a40f2\System.Net.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\f5333e6e06a2d476f93b0880c5e7fd14\System.Messaging.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\1bff2d3e952c2160ba0c790d2342a601\System.Management.Instrumentation.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\e6cb98078120266f5310adf0f45aa7df\System.IO.Log.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\22dadf930ad449894633480562d6c913\System.IdentityModel.Selectors.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.Wrapper.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e25cc7918b583b3beffcad52920eae29\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\a3be39ae9813098aa81430dd507d22ca\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4975f93d2055b33bd7a91d6f05628e2a\System.Device.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\42d3d301d2adef24edeb3b775fbe3a4b\System.Data.DataSetExtensions.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\e844f0d4cf703c2e97515ed020331b76\System.Configuration.Install.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\9b418b211d6207feafcdc27027d26036\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\a4cfba8e3500f8387fe5924b940983be\System.AddIn.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\520d0ed9f48c121fbe79bda6fc176b74\System.Activities.DurableInstancing.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\98ec8a39382e6eee39845bd4759ecf04\SMSvcHost.ni.exe
+ 2012-03-27 19:19 . 2012-03-27 19:19 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3b905cdec5960d51e5bdc7030b005c09\SMDiagnostics.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\cdd04b14b9dd6ced2e2572a044c3c57e\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5958d9610eb58adb2b62153492a7c27e\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\e3e1fd8ccf76e9eb0147484fb8dd773a\CustomMarshalers.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\89b33061218d345ed0b937b7fe785df9\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dd50adf5a3ac7dadf33131f4eb595a57\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b8347c45498583e893bf6d2f32b3557c\WindowsLive.Writer.Passport.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a2fb4df08101d5b1ae54f23d8b450e77\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8b0678e775e389f71cfa327fa7d9517d\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\83710dc46973b5d931177e243fe32f83\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7fce28738c3284334511cc990338c2c8\WindowsLive.Writer.Interop.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7a491a59942aabc7006dfa22ecf97d83\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\799eebb88b45f4bb1d319354fb9c4ab1\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7638e949e82bcb69be73a5d980b15849\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6bc2037a1ce1c95b8ef186df80cc245e\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5de26322b6768d6ca30c7916372b8d79\WindowsLive.Writer.Controls.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4603800223476adaa15d9ddcddad4517\WindowsLive.Writer.Instrumentation.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 258560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3763ca29387f486abc63a7d4cbfb2417\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\34be42e5977a1297ddb2037a48c02c30\WindowsLive.Writer.Localization.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\337a858556e37fa49fd8673a7c1c79c1\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\d037382638d933e81479a0099d33663d\WindowsLive.Client.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\af6e0dd358a5edc094dca9e7957f1038\WindowsFormsIntegration.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d0972fea9e965a565c3cff76982709db\UIAutomationClient.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ff345d3a2aaafb8a960c3d400e3c11a9\TaskScheduler.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\43e0731fbb58632563909f1fa5dfe063\System.Web.Routing.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\95f94674ddc4b1224df94bd7ae19c9ef\System.Web.Extensions.Design.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\4c569a365154300e49ab3450f74c2618\System.Web.Entity.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fb21c5770bc64fc4105787238842f70d\System.Web.Entity.Design.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\785e2ad4125cef423bc367b37fabb71c\System.Web.DynamicData.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\685fb72f0189330eda1d62176fb38996\System.Web.Abstractions.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2273d6ab12c9ae0d52842a84d586b8df\System.Net.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\a717cdb44ec0d3238c621efa420a9956\System.Messaging.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b5930434d0d624701114e014513c9041\System.Management.Instrumentation.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7651951311f9d134e6bc08be7dc9ddc7\System.IO.Log.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8b0dc9405f292a93ddd52eb76bb88169\System.IdentityModel.Selectors.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\344d3289061b28a0f7fb19229f45bb9c\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\6a6642467bcccf0345c5e9139e7fd9ae\System.Data.Services.Design.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\c1cf8e31da405f07780fa7b0f28cc650\System.Data.Entity.Design.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\71400a36c8621388031e00075f2fc8e9\System.Data.DataSetExtensions.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\05c4011ad0068d0af722b4b52677d915\System.AddIn.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\571bcd3c57411a09469a58c7462a4c8b\sysglobl.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\17b78ffee2144cf38f024e73b131158d\SMSvcHost.ni.exe
+ 2012-03-27 19:15 . 2012-03-27 19:15 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\62531ec9534c96e83de2bbd4edfd07e8\napsnap.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\bb49eea48fd5f546afc6d5be634d3cb9\napinit.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\6c31aace1d7b39145fe0ef94f1530e8a\naphlpr.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\4ac4095081957a001a6174c0b9f7f195\MSBuild.ni.exe
+ 2012-03-27 19:16 . 2012-03-27 19:16 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\bd5a72adac7a95585984d5bcce994b71\MMCFxCommon.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\928fb6b2401fffd8cc993578c3a04acd\Microsoft.WSMan.Management.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\eda566c4dc6595779c3c9dfc359575ed\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4f6b6f33d84b7f438c3f3b66f0336d\Microsoft.PowerShell.Security.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\951235283ff1d4a91ffaa92ea8693249\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5f7928a2ffe462f16e25f03be01966e9\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2015eca4346e34310e958089b22a9c62\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6386ef67ed70f53fe6424246d256190d\Microsoft.ManagementConsole.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c8e128b5e6ceee852cb1f8c165c2177e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9795da40a8ee0bc54e91792de7422152\Microsoft.Build.Utilities.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\be7ad749a064283deab76fad38bf2930\Microsoft.Build.Engine.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\f42105699650a206e2ae439ac54ad40a\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\886a8c3d4f00567df779318fea56f28a\mcstoredb.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\58ea1059f397ccd13d6a8d94d7be7830\EventViewer.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\9d5219961228fb5236c843ea75c69d39\ehRecObj.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\fbec5a519a2c5005d43b04b6386406b2\ehiVidCtl.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\832b98f0578e73e8693fea7067c3d2ab\ehiProxy.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\fa383760dc46e586ae40374129164b4e\ehiExtens.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\6a07aa6df4d45d1485b6a2749647a3aa\ehExtHost32.ni.exe
+ 2012-03-27 19:16 . 2012-03-27 19:16 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2c2215e99c21daeec6bf697cf7bcf103\CustomMarshalers.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\39ab6b73bdbaac85b90cc561761916f7\ComSvcConfig.ni.exe
+ 2012-03-27 19:15 . 2012-03-27 19:15 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\d89086a63a9d85aa9d719d7088e5ae69\BDATunePIA.ni.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2012-03-25 20:58 . 2012-03-27 19:44 1201972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2354811146-407768284-2492069451-1002-8192.dat
+ 2012-03-27 19:26 . 2012-03-27 19:26 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\7668fa73a73410f2e00d341a8684e28a\System.Printing.ni.dll
+ 2012-03-27 19:25 . 2012-03-27 19:25 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\0ce1b3a9a0192c2cdb16d848e78e6688\System.Deployment.ni.dll
+ 2012-03-27 19:42 . 2012-03-27 19:42 3386880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\0ba3ab7e136a52fcba260ad7893ede32\System.Data.Linq.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\5a66bc1859e864d87b81e31438a5f07d\System.ComponentModel.Composition.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\f25d1dde40ef0128d9e5163d142bd2e2\System.Activities.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\26671ab09e54e0ecfd23012e32cb6383\System.Activities.Presentation.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\e9f6686e336507594e33cad6ed7814cd\System.Activities.Core.Presentation.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\9c49a7b6fb133a307e3804ca7ba35d16\ReachFramework.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\0f5df23e9f268e9ff4c8033f9865a12a\UIAutomationClientsideProviders.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ae31d46211440b11a9e66c3ba1a4e7ff\System.Xaml.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\d6c84e888c7f465844a8ae0e6470e05c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b60e888b3b9e41d46dcbd34d9fae80d6\System.Web.Services.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\90de8ba8101001c8845439cd5f9a76eb\System.Speech.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8c12f469cbd6b8d9718c64a4b2c96d47\System.ServiceModel.Activities.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\746651ce870c2f9cd43bc7246154f81a\System.ServiceModel.Discovery.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a14816d568ee8c7cc9f9923d979d682d\System.Runtime.Serialization.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\d6b9e13a40ed53cfc10e04c023c62a49\System.Runtime.DurableInstancing.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\1141220aff69c63f638ab64e5b0186bc\System.Printing.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\dfd9cbfccfadcf84406398a9d83ab4f4\System.Management.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2a4589aeec877df58cbbcd633bc18fb6\System.IdentityModel.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\6bd4a77663c0e708e0827be849906fdc\System.DirectoryServices.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\84d9ec8b14f9731797c51d31cae12d87\System.Deployment.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1344000 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\4b28434c73ac4229c7ae7c4f0598e25f\System.Data.Services.Client.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\7bbd2b637fbe2a5b17a16cd4fcc3c3ca\System.Activities.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a479b22107e8fe08689d840a3a1a77e9\System.Activities.Presentation.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\819fccf9934ef29a6078d4accbf9ea0c\System.Activities.Core.Presentation.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\073c60e5566fdaab702636f1474233b0\ReachFramework.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\7194eb8e3da784ae30566a64569314a4\PresentationUI.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e0ea9e02e609e08602bed4392d0e08d7\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\9150a80d10ec86440aa59f6fe4b73f9d\Microsoft.VisualBasic.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1ae1a98af2c7d3e68c7525bf1395fa61\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\fb09c8733a8ef9292079399b25d5d973\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\8b1e797d9c7f5ef773c150e15b07a087\Microsoft.JScript.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 6394368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\79b01bf3184976b55bab95f00d0e8874\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\657650ba065cc3fc506bb4b445b6c14b\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 1105408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\323b597d6a83a762756db2c1f7234e43\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c463ccf17b00f16ed8e60a6ba1cb46e5\UIAutomationClientsideProviders.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\99f03be29e7f6de2f4bc278b83f0761b\System.WorkflowServices.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0eada94e6fc22ecdf69ec412fe7df0b9\System.Web.Mobile.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8ae9ee071050afc6dce19f5248817d66\System.Web.Extensions.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\8e4b0ae89bdfbe3eac1b79dacef4ef79\System.Speech.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f4d8c56c790b998bd1bb971905bfae78\System.Management.Automation.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\47c2a93f42a371ac1b3756d098ac18a5\System.Data.Services.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3763b8ac5fa0a96ad5100a53b10b4449\System.Data.Services.Client.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1fe993f1045190570a2c69cb32f9d62d\System.Data.Linq.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\932542a144496e3a9cb9155270fd4492\System.Data.Entity.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\d2c547794ac1c167fe24904e6848d5cc\PresentationBuildTasks.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\308236e39e3ad82c6b5bfa2d955735e3\Narrator.ni.exe
+ 2012-03-27 19:17 . 2012-03-27 19:17 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\b792eec16fb24a0f73ca20e1551bfcbf\MMCEx.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\44f2bd588202e6bdacf0b867c7011057\MIGUIControls.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\659bc287f3b51e5e604208ce93d983ec\Microsoft.VisualBasic.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1a6921bcfb8ade6652efb9f095b275f1\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\86fa49490bc929adf75488903f0dac4b\Microsoft.PowerShell.Editor.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\413c3be0ba8ed04984a0bb3044e0c2e0\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2f66392066352b804d8022664e7bf8de\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\558d4558f0857891cf0d41d818e7b490\Microsoft.MediaCenter.UI.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\03d64144ed3ea21cbeea0c872ece14b6\Microsoft.MediaCenter.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\09cea564f5888335ef97bd104d7e4ea6\Microsoft.JScript.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ca0dacd1a4dc23e5d7bb3e6548282b6b\Microsoft.Ink.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\e566cc5fe7ad95b0a9fca152b335b551\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2b23923536c41d0fb8ab658f6c9a95c1\Microsoft.Build.Tasks.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b8459651fae37b63ab314350a8eff8a\Microsoft.Build.Engine.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\103b0155f85ff08fc9940bd0c3aa0128\mcstore.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\c28c1427f0691e070b77b4ad97000e4c\mcepg.ni.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 17291264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\f850dba642b0cc845d9a7d8ac300e243\System.Windows.Forms.ni.dll
+ 2012-03-27 19:41 . 2012-03-27 19:41 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9aca7097fc620da8481516b2d4e3fede\System.Data.Entity.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\c43869b44f633a3ad003a0ad9e79b273\System.ServiceModel.ni.dll
+ 2012-03-27 19:39 . 2012-03-27 19:39 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\b642a4ad94ff1e027a128b9796878372\System.Data.Entity.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-08 1086760]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2009-07-21 701752]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 acpials;Filtr zařízení ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 136176]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-05-05 1604200]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-05 17412200]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.100.252
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Celkový čas: 2012-03-27 21:56:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-27 19:56
ComboFix2.txt 2012-03-27 18:19
.
Před spuštěním: Volných bajtů: 439 865 810 944
Po spuštění: Volných bajtů: 439 705 026 560
.
- - End Of File - - D1F4F7F21BB9BC54E040A3A387456A5B
.
- 2009-07-14 04:54 . 2012-03-27 18:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-27 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-03-27 19:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-27 18:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-27 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-27 18:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-07 18:16 . 2012-03-27 18:23 43802 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-27 18:23 37692 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-03-27 19:26 . 2012-03-27 19:26 97792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn.Contra#\5b53a87f7799ee5454e4fb8faece3a82\System.AddIn.Contract.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\8dd565cc0b374e1eec73cf7eaba91e92\UIAutomationProvider.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\077e75015456f75a0495f65cfcf140cb\System.Windows.Presentation.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\22a9aa847a8e4e651a35b63270ce8999\System.Web.ApplicationServices.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\fdeb5ca04943da59f732d3001d6a0df0\System.ServiceModel.Channels.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\9688786618bf6390637c283b5bd1c9b3\System.AddIn.Contract.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\6ffc3ac04451b4978519218fd266403e\Microsoft.VisualC.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\8cbc15b63aa3f06453f1aaa8659cf809\Accessibility.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\c22781f6201c8db16b404644884e48b8\WindowsLiveWriter.ni.exe
+ 2012-03-27 19:15 . 2012-03-27 19:15 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b018eb1e5276252053c62766b66978e9\WindowsLive.Writer.Api.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\df6e2f050af3e7a7676650240ef9d7e5\System.Windows.Presentation.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e66fcffbc602b284e20b6c49f4ac64b6\System.Web.DynamicData.Design.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2463cb2600fc129e38f67974f3553368\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\32d21563937263ee3ae9eecfa59fdc3d\System.AddIn.Contract.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\17b4308b0e6d35c1230135ed25fffbfe\stdole.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\bef92fc6725738f2a261600dab88cd66\PresentationFontCache.ni.exe
+ 2012-03-27 19:17 . 2012-03-27 19:17 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\a38f8e60cdbca2d158d8daaea9577934\napcrypt.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\7834abeef71f9188bb9d9253d8f807ab\Microsoft.WSMan.Runtime.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ef668f1802501935d634458ef637f5e7\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ed12245481e36d8cc238876bd79b1e6c\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\a66c7d26f61bb8e12960441a77159102\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\62e68252fc137a55d2d39fe0d5093599\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\61a8d567fe6450b5b77584b0044a6979\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\52785c0dca46f1e08b5cf9299fba9ae0\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\183073b14873e3b18951879ae4a8b425\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\824d2cc6a8193a2458ce90e579c8b8f5\Microsoft.Vsa.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aac5bc888c15c2630ea22e517e4e19f8\Microsoft.Build.Framework.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4ee55572f0f54a71e24fe3fec094968b\Microsoft.Build.Framework.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\e6e4bd9a47848b93cd2dd8a688968741\ehiUserXp.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\94a173b39fa90956937b41c775ac66d7\dfsvc.ni.exe
- 2012-03-27 14:44 . 2012-03-27 14:44 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2012-03-25 17:28 . 2012-03-27 18:23 5114 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2354811146-407768284-2492069451-1002_UserData.bin
+ 2012-03-27 19:45 . 2012-03-27 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-27 18:14 . 2012-03-27 18:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-27 18:14 . 2012-03-27 18:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-27 19:45 . 2012-03-27 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-27 19:40 . 2012-03-27 19:40 9216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\6bafe185b3d23de57ec689035642fe43\System.Xml.Serialization.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\592252ee904bd41f99cd1d19909b548c\dfsvc.ni.exe
- 2009-07-14 05:01 . 2012-03-27 18:12 307212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-27 19:44 307212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-27 19:25 . 2012-03-27 19:25 231424 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\b2a2a1fb4e1313088250b334b3af2a15\UIAutomationTypes.ni.dll
+ 2012-03-27 19:25 . 2012-03-27 19:25 256000 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Inpu#\dcb9e1eaa1491094f79c3288b8c78830\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-27 19:27 . 2012-03-27 19:27 176128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.DataSet#\db296a100034c7dee5f80219f0542df7\System.Data.DataSetExtensions.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\0f771cbf8b32ae1618f4cd4266337b3c\System.Configuration.Install.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 255488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\501ad39b1ef6f43e8dc92a4efa7c35ea\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 865792 c:\windows\assembly\NativeImages_v4.0.30319_64\System.AddIn\f8c6e4854178bb4d928c8aec1c04648d\System.AddIn.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 560640 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.D#\3503e3c2a87db97b720c0ed8a5d59f61\System.Activities.DurableInstancing.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\d5a18f2355101b19f23ff2f31d1d1e17\WindowsFormsIntegration.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\9562374f940f41cdc64d88268d543f0b\UIAutomationTypes.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 484352 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\641eec5b274fe3972d02892607f9b650\UIAutomationClient.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 393216 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\295b3156b838ca161a64a5456522438b\System.Xml.Linq.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 189440 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\0b68854406b775365c6d91e87813c2dc\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 649728 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\5e3cf00b80c0aecd8392f1702d2d0f28\System.Transactions.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\bf0b3689dd5e261097f2feb2ed0103e8\System.ServiceProcess.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 369664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d3d9c582c7cd77f17fd93167dc462242\System.ServiceModel.Routing.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 311296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7b17528dffe47d9b17be6086a575a516\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 762880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\533deafc53346179cd118acc874752a3\System.Runtime.Remoting.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 657408 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\965e2749489298cc85387f44f76a40f2\System.Net.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\f5333e6e06a2d476f93b0880c5e7fd14\System.Messaging.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\1bff2d3e952c2160ba0c790d2342a601\System.Management.Instrumentation.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\e6cb98078120266f5310adf0f45aa7df\System.IO.Log.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 229888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\22dadf930ad449894633480562d6c913\System.IdentityModel.Selectors.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.Wrapper.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 787456 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e25cc7918b583b3beffcad52920eae29\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 470528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\a3be39ae9813098aa81430dd507d22ca\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\4975f93d2055b33bd7a91d6f05628e2a\System.Device.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\42d3d301d2adef24edeb3b775fbe3a4b\System.Data.DataSetExtensions.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\e844f0d4cf703c2e97515ed020331b76\System.Configuration.Install.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\9b418b211d6207feafcdc27027d26036\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\a4cfba8e3500f8387fe5924b940983be\System.AddIn.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 411136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\520d0ed9f48c121fbe79bda6fc176b74\System.Activities.DurableInstancing.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 317952 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\98ec8a39382e6eee39845bd4759ecf04\SMSvcHost.ni.exe
+ 2012-03-27 19:19 . 2012-03-27 19:19 143360 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3b905cdec5960d51e5bdc7030b005c09\SMDiagnostics.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\cdd04b14b9dd6ced2e2572a044c3c57e\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 418816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5958d9610eb58adb2b62153492a7c27e\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\e3e1fd8ccf76e9eb0147484fb8dd773a\CustomMarshalers.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\89b33061218d345ed0b937b7fe785df9\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dd50adf5a3ac7dadf33131f4eb595a57\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b8347c45498583e893bf6d2f32b3557c\WindowsLive.Writer.Passport.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\a2fb4df08101d5b1ae54f23d8b450e77\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8b0678e775e389f71cfa327fa7d9517d\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\83710dc46973b5d931177e243fe32f83\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7fce28738c3284334511cc990338c2c8\WindowsLive.Writer.Interop.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7a491a59942aabc7006dfa22ecf97d83\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\799eebb88b45f4bb1d319354fb9c4ab1\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7638e949e82bcb69be73a5d980b15849\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6bc2037a1ce1c95b8ef186df80cc245e\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5de26322b6768d6ca30c7916372b8d79\WindowsLive.Writer.Controls.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4603800223476adaa15d9ddcddad4517\WindowsLive.Writer.Instrumentation.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 258560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3763ca29387f486abc63a7d4cbfb2417\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\34be42e5977a1297ddb2037a48c02c30\WindowsLive.Writer.Localization.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\337a858556e37fa49fd8673a7c1c79c1\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\d037382638d933e81479a0099d33663d\WindowsLive.Client.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\af6e0dd358a5edc094dca9e7957f1038\WindowsFormsIntegration.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\d0972fea9e965a565c3cff76982709db\UIAutomationClient.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ff345d3a2aaafb8a960c3d400e3c11a9\TaskScheduler.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\43e0731fbb58632563909f1fa5dfe063\System.Web.Routing.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\95f94674ddc4b1224df94bd7ae19c9ef\System.Web.Extensions.Design.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\4c569a365154300e49ab3450f74c2618\System.Web.Entity.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\fb21c5770bc64fc4105787238842f70d\System.Web.Entity.Design.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\785e2ad4125cef423bc367b37fabb71c\System.Web.DynamicData.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\685fb72f0189330eda1d62176fb38996\System.Web.Abstractions.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2273d6ab12c9ae0d52842a84d586b8df\System.Net.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\a717cdb44ec0d3238c621efa420a9956\System.Messaging.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\b5930434d0d624701114e014513c9041\System.Management.Instrumentation.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\7651951311f9d134e6bc08be7dc9ddc7\System.IO.Log.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8b0dc9405f292a93ddd52eb76bb88169\System.IdentityModel.Selectors.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\344d3289061b28a0f7fb19229f45bb9c\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\6a6642467bcccf0345c5e9139e7fd9ae\System.Data.Services.Design.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\c1cf8e31da405f07780fa7b0f28cc650\System.Data.Entity.Design.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\71400a36c8621388031e00075f2fc8e9\System.Data.DataSetExtensions.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\05c4011ad0068d0af722b4b52677d915\System.AddIn.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\571bcd3c57411a09469a58c7462a4c8b\sysglobl.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\17b78ffee2144cf38f024e73b131158d\SMSvcHost.ni.exe
+ 2012-03-27 19:15 . 2012-03-27 19:15 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\62531ec9534c96e83de2bbd4edfd07e8\napsnap.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\bb49eea48fd5f546afc6d5be634d3cb9\napinit.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\6c31aace1d7b39145fe0ef94f1530e8a\naphlpr.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\4ac4095081957a001a6174c0b9f7f195\MSBuild.ni.exe
+ 2012-03-27 19:16 . 2012-03-27 19:16 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\bd5a72adac7a95585984d5bcce994b71\MMCFxCommon.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\928fb6b2401fffd8cc993578c3a04acd\Microsoft.WSMan.Management.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\eda566c4dc6595779c3c9dfc359575ed\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\df4f6b6f33d84b7f438c3f3b66f0336d\Microsoft.PowerShell.Security.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\951235283ff1d4a91ffaa92ea8693249\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\5f7928a2ffe462f16e25f03be01966e9\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2015eca4346e34310e958089b22a9c62\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\6386ef67ed70f53fe6424246d256190d\Microsoft.ManagementConsole.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c8e128b5e6ceee852cb1f8c165c2177e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9795da40a8ee0bc54e91792de7422152\Microsoft.Build.Utilities.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\be7ad749a064283deab76fad38bf2930\Microsoft.Build.Engine.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\f42105699650a206e2ae439ac54ad40a\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\886a8c3d4f00567df779318fea56f28a\mcstoredb.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\58ea1059f397ccd13d6a8d94d7be7830\EventViewer.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\9d5219961228fb5236c843ea75c69d39\ehRecObj.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\fbec5a519a2c5005d43b04b6386406b2\ehiVidCtl.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\832b98f0578e73e8693fea7067c3d2ab\ehiProxy.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\fa383760dc46e586ae40374129164b4e\ehiExtens.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\6a07aa6df4d45d1485b6a2749647a3aa\ehExtHost32.ni.exe
+ 2012-03-27 19:16 . 2012-03-27 19:16 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2c2215e99c21daeec6bf697cf7bcf103\CustomMarshalers.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\39ab6b73bdbaac85b90cc561761916f7\ComSvcConfig.ni.exe
+ 2012-03-27 19:15 . 2012-03-27 19:15 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\d89086a63a9d85aa9d719d7088e5ae69\BDATunePIA.ni.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2012-03-25 20:58 . 2012-03-27 19:44 1201972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2354811146-407768284-2492069451-1002-8192.dat
+ 2012-03-27 19:26 . 2012-03-27 19:26 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\7668fa73a73410f2e00d341a8684e28a\System.Printing.ni.dll
+ 2012-03-27 19:25 . 2012-03-27 19:25 2402816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\0ce1b3a9a0192c2cdb16d848e78e6688\System.Deployment.ni.dll
+ 2012-03-27 19:42 . 2012-03-27 19:42 3386880 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Linq\0ba3ab7e136a52fcba260ad7893ede32\System.Data.Linq.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 1007616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ComponentMod#\5a66bc1859e864d87b81e31438a5f07d\System.ComponentModel.Composition.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 5695488 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities\f25d1dde40ef0128d9e5163d142bd2e2\System.Activities.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\26671ab09e54e0ecfd23012e32cb6383\System.Activities.Presentation.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 2064896 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.C#\e9f6686e336507594e33cad6ed7814cd\System.Activities.Core.Presentation.ni.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\9c49a7b6fb133a307e3804ca7ba35d16\ReachFramework.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1063424 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\0f5df23e9f268e9ff4c8033f9865a12a\UIAutomationClientsideProviders.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1782272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ae31d46211440b11a9e66c3ba1a4e7ff\System.Xaml.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 4545024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\d6c84e888c7f465844a8ae0e6470e05c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1885696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b60e888b3b9e41d46dcbd34d9fae80d6\System.Web.Services.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 2012160 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\90de8ba8101001c8845439cd5f9a76eb\System.Speech.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1393152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8c12f469cbd6b8d9718c64a4b2c96d47\System.ServiceModel.Activities.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1140736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\746651ce870c2f9cd43bc7246154f81a\System.ServiceModel.Discovery.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 2647040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a14816d568ee8c7cc9f9923d979d682d\System.Runtime.Serialization.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1021952 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\d6b9e13a40ed53cfc10e04c023c62a49\System.Runtime.DurableInstancing.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\1141220aff69c63f638ab64e5b0186bc\System.Printing.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\dfd9cbfccfadcf84406398a9d83ab4f4\System.Management.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1072640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2a4589aeec877df58cbbcd633bc18fb6\System.IdentityModel.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\6bd4a77663c0e708e0827be849906fdc\System.DirectoryServices.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1879040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\84d9ec8b14f9731797c51d31cae12d87\System.Deployment.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 1344000 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\4b28434c73ac4229c7ae7c4f0598e25f\System.Data.Services.Client.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 4129792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\7bbd2b637fbe2a5b17a16cd4fcc3c3ca\System.Activities.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a479b22107e8fe08689d840a3a1a77e9\System.Activities.Presentation.ni.dll
+ 2012-03-27 19:38 . 2012-03-27 19:38 1547264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\819fccf9934ef29a6078d4accbf9ea0c\System.Activities.Core.Presentation.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\073c60e5566fdaab702636f1474233b0\ReachFramework.ni.dll
+ 2012-03-27 19:19 . 2012-03-27 19:19 1640448 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\7194eb8e3da784ae30566a64569314a4\PresentationUI.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e0ea9e02e609e08602bed4392d0e08d7\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\9150a80d10ec86440aa59f6fe4b73f9d\Microsoft.VisualBasic.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1172480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1ae1a98af2c7d3e68c7525bf1395fa61\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1085952 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\fb09c8733a8ef9292079399b25d5d973\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\8b1e797d9c7f5ef773c150e15b07a087\Microsoft.JScript.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 6394368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\79b01bf3184976b55bab95f00d0e8874\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\657650ba065cc3fc506bb4b445b6c14b\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 1105408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\323b597d6a83a762756db2c1f7234e43\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c463ccf17b00f16ed8e60a6ba1cb46e5\UIAutomationClientsideProviders.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\99f03be29e7f6de2f4bc278b83f0761b\System.WorkflowServices.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0eada94e6fc22ecdf69ec412fe7df0b9\System.Web.Mobile.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8ae9ee071050afc6dce19f5248817d66\System.Web.Extensions.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\8e4b0ae89bdfbe3eac1b79dacef4ef79\System.Speech.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\f4d8c56c790b998bd1bb971905bfae78\System.Management.Automation.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\47c2a93f42a371ac1b3756d098ac18a5\System.Data.Services.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3763b8ac5fa0a96ad5100a53b10b4449\System.Data.Services.Client.ni.dll
+ 2012-03-27 19:18 . 2012-03-27 19:18 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\1fe993f1045190570a2c69cb32f9d62d\System.Data.Linq.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\932542a144496e3a9cb9155270fd4492\System.Data.Entity.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\d2c547794ac1c167fe24904e6848d5cc\PresentationBuildTasks.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\308236e39e3ad82c6b5bfa2d955735e3\Narrator.ni.exe
+ 2012-03-27 19:17 . 2012-03-27 19:17 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\b792eec16fb24a0f73ca20e1551bfcbf\MMCEx.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\44f2bd588202e6bdacf0b867c7011057\MIGUIControls.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\659bc287f3b51e5e604208ce93d983ec\Microsoft.VisualBasic.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1a6921bcfb8ade6652efb9f095b275f1\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\86fa49490bc929adf75488903f0dac4b\Microsoft.PowerShell.Editor.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\413c3be0ba8ed04984a0bb3044e0c2e0\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-03-27 19:17 . 2012-03-27 19:17 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2f66392066352b804d8022664e7bf8de\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\558d4558f0857891cf0d41d818e7b490\Microsoft.MediaCenter.UI.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\03d64144ed3ea21cbeea0c872ece14b6\Microsoft.MediaCenter.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\09cea564f5888335ef97bd104d7e4ea6\Microsoft.JScript.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\ca0dacd1a4dc23e5d7bb3e6548282b6b\Microsoft.Ink.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\e566cc5fe7ad95b0a9fca152b335b551\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2b23923536c41d0fb8ab658f6c9a95c1\Microsoft.Build.Tasks.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6b8459651fae37b63ab314350a8eff8a\Microsoft.Build.Engine.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\103b0155f85ff08fc9940bd0c3aa0128\mcstore.ni.dll
+ 2012-03-27 19:16 . 2012-03-27 19:16 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\c28c1427f0691e070b77b4ad97000e4c\mcepg.ni.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-03-27 14:44 . 2012-03-27 14:44 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 18:53 . 2012-03-27 18:53 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-03-27 19:26 . 2012-03-27 19:26 17291264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\f850dba642b0cc845d9a7d8ac300e243\System.Windows.Forms.ni.dll
+ 2012-03-27 19:41 . 2012-03-27 19:41 18480128 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Entity\9aca7097fc620da8481516b2d4e3fede\System.Data.Entity.ni.dll
+ 2012-03-27 19:40 . 2012-03-27 19:40 18058752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\c43869b44f633a3ad003a0ad9e79b273\System.ServiceModel.ni.dll
+ 2012-03-27 19:39 . 2012-03-27 19:39 13345792 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\b642a4ad94ff1e027a128b9796878372\System.Data.Entity.ni.dll
+ 2012-03-27 19:15 . 2012-03-27 19:15 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-08 1086760]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2009-07-21 701752]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 acpials;Filtr zařízení ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 136176]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-05-05 1604200]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-05 17412200]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.100.252
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Celkový čas: 2012-03-27 21:56:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-27 19:56
ComboFix2.txt 2012-03-27 18:19
.
Před spuštěním: Volných bajtů: 439 865 810 944
Po spuštění: Volných bajtů: 439 705 026 560
.
- - End Of File - - D1F4F7F21BB9BC54E040A3A387456A5B
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
Spusť znovu aswMBR , dej sken a poté klikni na „Fix“.
Zavři program , restartuj PC , po restartu znovu spusť aswMBR a dej sken , klikni na „Save log“
Obsah logu sem znovu vlož.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Zavři program , restartuj PC , po restartu znovu spusť aswMBR a dej sken , klikni na „Save log“
Obsah logu sem znovu vlož.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
KillAll::
File::
c:\program files (x86)\Google\Update\GoogleUpdate.exe
Folder::
C:\Users\Nomy\AppData\Local\Google\Update
C:\Users\Nomy\AppData\Local\Google\Update
Driver::
gupdate
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
Tady je z aswMBR:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-28 14:30:07
-----------------------------
14:30:07.173 OS Version: Windows x64 6.1.7601 Service Pack 1
14:30:07.173 Number of processors: 4 586 0x2502
14:30:07.173 ComputerName: NOMY-TOSH UserName: Nomy
14:30:09.186 Initialize success
14:30:09.389 AVAST engine defs: 12032801
14:30:15.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:30:15.831 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
14:30:15.847 Disk 0 MBR read successfully
14:30:15.847 Disk 0 MBR scan
14:30:15.847 Disk 0 Windows 7 default MBR code
14:30:15.863 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
14:30:15.909 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 466771 MB offset 3074048
14:30:15.956 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8668 MB offset 959021056
14:30:16.003 Disk 0 scanning C:\windows\system32\drivers
14:30:26.783 Service scanning
14:31:12.381 Modules scanning
14:31:12.381 Disk 0 trace - called modules:
14:31:12.413 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys
14:31:12.413 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800529a060]
14:31:12.428 3 CLASSPNP.SYS[fffff88001d7943f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8005299060]
14:31:13.645 AVAST engine scan C:\windows
14:31:19.261 AVAST engine scan C:\windows\system32
14:33:18.555 AVAST engine scan C:\windows\system32\drivers
14:33:27.774 AVAST engine scan C:\Users\Nomy
14:33:28.741 File: C:\Users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe **INFECTED** Win32:Malware-gen
14:33:28.804 File: C:\Users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe **INFECTED** Win32:Trojan-gen
14:34:04.419 AVAST engine scan C:\ProgramData
14:34:25.073 Scan finished successfully
14:35:20.505 Disk 0 MBR has been saved successfully to "C:\Users\Nomy\Desktop\MBR.dat"
14:35:20.512 The log file has been saved successfully to "C:\Users\Nomy\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-28 14:30:07
-----------------------------
14:30:07.173 OS Version: Windows x64 6.1.7601 Service Pack 1
14:30:07.173 Number of processors: 4 586 0x2502
14:30:07.173 ComputerName: NOMY-TOSH UserName: Nomy
14:30:09.186 Initialize success
14:30:09.389 AVAST engine defs: 12032801
14:30:15.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:30:15.831 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
14:30:15.847 Disk 0 MBR read successfully
14:30:15.847 Disk 0 MBR scan
14:30:15.847 Disk 0 Windows 7 default MBR code
14:30:15.863 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
14:30:15.909 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 466771 MB offset 3074048
14:30:15.956 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8668 MB offset 959021056
14:30:16.003 Disk 0 scanning C:\windows\system32\drivers
14:30:26.783 Service scanning
14:31:12.381 Modules scanning
14:31:12.381 Disk 0 trace - called modules:
14:31:12.413 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys
14:31:12.413 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800529a060]
14:31:12.428 3 CLASSPNP.SYS[fffff88001d7943f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8005299060]
14:31:13.645 AVAST engine scan C:\windows
14:31:19.261 AVAST engine scan C:\windows\system32
14:33:18.555 AVAST engine scan C:\windows\system32\drivers
14:33:27.774 AVAST engine scan C:\Users\Nomy
14:33:28.741 File: C:\Users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe **INFECTED** Win32:Malware-gen
14:33:28.804 File: C:\Users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe **INFECTED** Win32:Trojan-gen
14:34:04.419 AVAST engine scan C:\ProgramData
14:34:25.073 Scan finished successfully
14:35:20.505 Disk 0 MBR has been saved successfully to "C:\Users\Nomy\Desktop\MBR.dat"
14:35:20.512 The log file has been saved successfully to "C:\Users\Nomy\Desktop\aswMBR.txt"
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
Výsledek ComboFixu :
ComboFix 12-03-27.03 - Nomy 28.03.2012 14:40:15.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2567 [GMT 2:00]
Spuštěný z: c:\users\Nomy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Nomy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Google\Update\GoogleUpdate.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\users\Nomy\AppData\Local\Google\Update
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateBroker.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateHelper.msi
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateOnDemand.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateSetup.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdate.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_am.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ar.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_bg.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_bn.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ca.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_cs.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_da.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_de.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_el.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_en-GB.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_en.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_es-419.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_es.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_et.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_fa.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_fi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_fil.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_fr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_gu.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_hi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_hr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_hu.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_id.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_is.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_it.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_iw.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ja.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_kn.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ko.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_lt.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_lv.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ml.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_mr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ms.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_nl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_no.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_pl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_pt-BR.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_pt-PT.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ro.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ru.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sk.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sv.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sw.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ta.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_te.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_th.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_tr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_uk.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ur.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_vi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_zh-CN.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_zh-TW.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\psmachine.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\psuser.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleUpdate.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateBroker.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateHelper.msi
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateOnDemand.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdate.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_am.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ar.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_bg.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_bn.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ca.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_cs.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_da.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_de.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_el.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_en-GB.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_en.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_es-419.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_es.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_et.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_fa.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_fi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_fil.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_fr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_gu.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_hi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_hr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_hu.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_id.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_is.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_it.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_iw.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ja.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_kn.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ko.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_lt.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_lv.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ml.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_mr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ms.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_nl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_no.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_pl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_pt-BR.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_pt-PT.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ro.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ru.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sk.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sv.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sw.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ta.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_te.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_th.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_tr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_uk.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ur.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_vi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_zh-CN.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_zh-TW.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\psmachine.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\psuser.dll
c:\users\Nomy\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.111\GoogleUpdateSetup.exe
c:\users\Nomy\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\17.0.963.83\chrome_installer.exe
c:\users\Nomy\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-28 )))))))))))))))))))))))))))))))
.
.
2012-03-28 12:45 . 2012-03-28 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\programdata\Malwarebytes
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-27 17:27 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\windows\SysWow64\xlive
2012-03-27 14:44 . 2007-07-19 22:57 411496 ----a-w- c:\windows\system32\xactengine2_9.dll
2012-03-27 11:54 . 2012-03-20 01:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82DB89D5-6AA0-4035-96D2-A426EAACC62B}\mpengine.dll
2012-03-26 18:51 . 2012-03-26 18:51 -------- d-----w- c:\program files (x86)\VideoLAN
2012-03-26 18:41 . 2012-03-26 18:41 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-26 18:41 . 2012-03-26 18:41 -------- d-----w- c:\windows\system32\Macromed
2012-03-26 16:50 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-26 16:50 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-26 16:33 . 2012-03-26 16:33 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-03-26 14:20 . 2012-03-26 14:20 -------- d-----w- C:\TopCD
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\SysWow64\Wat
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\system32\Wat
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\SPReview
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\EventProviders
2012-03-25 21:25 . 2012-03-25 21:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-03-25 21:25 . 2012-03-25 21:25 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-25 21:19 . 2010-11-20 13:27 1646080 ----a-w- c:\windows\system32\wevtsvc.dll
2012-03-25 21:18 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll
2012-03-25 21:17 . 2010-11-20 13:27 4400640 ----a-w- c:\program files\DVD Maker\OmdProject.dll
2012-03-25 21:16 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-03-25 21:16 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-03-25 21:16 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-03-25 21:16 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-03-25 21:16 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-03-25 21:15 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-03-25 20:36 . 2012-03-27 19:08 -------- d-----w- c:\program files (x86)\Steam
2012-03-25 20:35 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-03-25 20:35 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-03-25 20:35 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-03-25 20:35 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-03-25 20:35 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-03-25 20:35 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-03-25 20:35 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-03-25 20:35 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-03-25 20:35 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-03-25 20:35 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-03-25 20:34 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-03-25 20:34 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-03-25 20:34 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-03-25 20:33 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-03-25 20:33 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-03-25 20:33 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-03-25 20:33 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-03-25 20:33 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-03-25 20:33 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-03-25 20:33 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-03-25 20:32 . 2012-03-25 21:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-03-25 20:29 . 2012-03-25 20:29 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-25 19:35 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-25 19:35 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-25 19:35 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-25 19:33 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-25 18:53 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2012-03-25 18:52 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2012-03-25 18:51 . 2011-07-16 05:37 421888 ----a-w- c:\windows\system32\KernelBase.dll
2012-03-25 18:50 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2012-03-25 18:46 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-03-25 18:46 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-03-25 18:42 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-03-25 18:42 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-03-25 17:29 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-25 17:29 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-25 17:29 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-25 17:20 . 2012-03-25 17:20 -------- d-----w- c:\program files (x86)\Google
2012-03-25 17:20 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-25 17:20 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-25 17:20 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-25 17:20 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-25 17:20 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-25 17:20 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-25 17:20 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-25 17:19 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-25 17:19 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\programdata\AVAST Software
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\program files\AVAST Software
2012-03-25 17:15 . 2012-03-25 17:15 -------- d-----w- c:\windows\OemDrv
2012-03-25 17:03 . 2009-07-28 12:48 140632 ----a-w- c:\windows\system32\TODDSrv.exe
2012-03-25 17:01 . 2009-06-22 15:06 35008 ----a-w- c:\windows\system32\drivers\PGEffect.sys
2012-03-25 17:00 . 2012-02-23 07:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-03-25 16:59 . 2012-03-25 17:02 -------- d-----w- c:\programdata\Toshiba
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files\DIFX
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files (x86)\JMicron
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\windows\SysWow64\SDA
2012-03-25 16:55 . 2012-03-25 16:55 -------- d-----w- c:\program files\Synaptics
2012-03-25 16:54 . 2012-03-25 16:55 -------- d-----w- c:\program files (x86)\Realtek WLAN Driver
2012-03-25 16:54 . 2010-04-28 09:32 932384 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys
2012-03-25 16:54 . 2010-04-26 23:23 1103904 ----a-w- c:\windows\system32\drivers\rtl8192se.sys
2012-03-25 16:54 . 2010-04-08 08:07 612352 ----a-w- c:\windows\system32\drivers\rtl819xp.sys
2012-03-25 16:54 . 2010-04-01 12:01 442368 ----a-w- c:\windows\system32\drivers\rtl8187Se.sys
2012-03-25 16:54 . 2010-03-31 09:10 450048 ----a-w- c:\windows\system32\drivers\rtl8187B.sys
2012-03-25 16:54 . 2009-02-05 00:49 451072 ------w- c:\windows\SysWow64\ISSRemoveSP.exe
2012-03-25 16:52 . 2012-03-25 16:52 -------- d-----w- c:\program files\NVIDIA Corporation
2012-03-25 16:47 . 1999-10-12 17:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll
2012-03-25 16:47 . 1999-10-12 17:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll
2012-03-25 16:46 . 2010-03-04 14:44 8192 ----a-w- c:\windows\system32\TSBWLS.dll
2012-03-25 16:46 . 2010-03-04 14:44 49664 ----a-w- c:\windows\system32\HWS_Ctrl.dll
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\windows\SysWow64\Microsoft.VC80.MFC
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\windows\system32\Microsoft.VC80.MFC
2012-03-25 16:46 . 2012-03-25 16:49 -------- d-----w- c:\programdata\win7_64
2012-03-25 16:46 . 2012-03-25 16:49 -------- d-----w- c:\programdata\win7_32
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\programdata\vista64
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\programdata\vista32
2012-03-25 16:45 . 2012-03-25 16:59 -------- d-----w- c:\windows\Downloaded Installations
2012-03-25 16:43 . 2010-01-15 10:22 538136 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-03-25 16:41 . 2012-03-25 16:53 -------- d-----w- c:\programdata\NVIDIA
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\users\UpdatusUser
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\windows\SysWow64\AGEIA
2012-03-25 16:40 . 2010-05-05 17:24 659048 ----a-w- c:\windows\system32\nvuninst.exe
2012-03-25 16:39 . 2012-03-25 16:39 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-25 21:52 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-03-25 21:52 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-03-25 21:36 . 2012-03-25 21:36 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-03-25 21:36 . 2012-03-25 21:36 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-03-27_19.46.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-03-28 12:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-27 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-27 19:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 12:47 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 12:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-27 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-07 18:16 . 2012-03-28 12:30 44698 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-28 12:30 37788 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:46 . 2012-03-28 12:25 91888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-03-27 20:07 . 2012-03-27 20:07 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\f137c53afae3903f20eba1fa0f8f8dad\System.Xml.Serialization.ni.dll
+ 2012-03-27 20:07 . 2012-03-27 20:07 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\ef151d5b49d8b0d0052d05fc56d25107\System.Windows.Presentation.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\c5b08a1a9a7a97922af50f30b5e32268\System.Web.ApplicationServices.ni.dll
+ 2012-03-25 17:28 . 2012-03-28 12:30 5718 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2354811146-407768284-2492069451-1002_UserData.bin
- 2012-03-27 19:45 . 2012-03-27 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-28 12:46 . 2012-03-28 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-28 12:46 . 2012-03-28 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-03-27 19:45 . 2012-03-27 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-26 17:10 . 2012-03-28 14:33 133440 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 05:01 . 2012-03-28 12:45 307212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-27 19:44 307212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-27 20:07 . 2012-03-27 20:07 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\d05858dd730eef93a5e4a3cc88dd4ec3\WindowsFormsIntegration.ni.dll
+ 2012-03-27 20:07 . 2012-03-27 20:07 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\cd55f47d44c3695862bc047b8e86fcd3\UIAutomationClient.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\73874670b92afbde73b23e8a1200eede\System.ServiceProcess.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\909c8d76773648809478644ac50a21eb\System.ServiceModel.Routing.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\26db69101f5bcf148fd962f00c0e78dd\System.ServiceModel.Channels.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\a46d5472536da900435885b28a19eda8\System.Net.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\ae0089b9135614de304ebe288fa6fca8\System.Messaging.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\3ad050d3f47352421e05b7707ddd3524\System.Management.Instrumentation.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\87efa405cd384d2c47380467fcd7ea86\System.IO.Log.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\50ccc897ad714e66f750ca1e51e0ffde\System.IdentityModel.Selectors.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\1ae0a8a9eb92ccaf900f5911740b2c3c\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\9edded64312f5cbae54a093eca246aaa\System.Device.ni.dll
- 2009-07-14 04:45 . 2012-03-26 18:05 7112306 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-03-27 20:20 7112306 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2012-03-25 20:58 . 2012-03-27 19:44 1201972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2354811146-407768284-2492069451-1002-8192.dat
+ 2012-03-25 20:58 . 2012-03-28 12:45 1201972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2354811146-407768284-2492069451-1002-8192.dat
+ 2011-04-16 06:44 . 2011-04-16 06:44 2770944 c:\windows\Installer\ede17.msi
+ 2012-03-27 20:07 . 2012-03-27 20:07 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\d1d48cd30cd275b06fad70778798cae7\UIAutomationClientsideProviders.ni.dll
+ 2012-03-27 20:07 . 2012-03-27 20:07 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\455d5edfdc989057a8fea7bc88a02ef6\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bd044dc068adc34e430faa820e5c5e44\System.Web.Services.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\561e5a115d6d7ade93236df74d61af84\System.Speech.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4606cac0ba2d406b4ddefca21a3db1eb\System.ServiceModel.Activities.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\28b5d075cf252a24a6b007ff5941dce1\System.ServiceModel.Discovery.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\2280764a011295483642b17fe5d2b1f7\System.Management.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\a77730a57cc54142f1ecbb1e85060e5f\System.IdentityModel.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\60390cb3abc6f1d85a572c156d39fc02\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\930a4b48234d358f2758f075be0684c5\System.Data.Services.Client.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\0fbfc1087f7622c5b6b06f88fce1a45e\Microsoft.JScript.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 24551424 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\bd433ada9b2565b666331b5b1276538a\System.ServiceModel.ni.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-08 1086760]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2009-07-21 701752]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 acpials;Filtr zařízení ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-05-05 1604200]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-05 17412200]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
"combofix"="c:\combofix\CF12936.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.100.252
FF - ProfilePath - c:\users\Nomy\AppData\Roaming\Mozilla\Firefox\Profiles\wom2gxg6.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Celkový čas: 2012-03-28 16:37:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-28 14:37
ComboFix2.txt 2012-03-27 19:56
ComboFix3.txt 2012-03-27 18:19
.
Před spuštěním: Volných bajtů: 439 467 098 112
Po spuštění: Volných bajtů: 438 945 656 832
.
- - End Of File - - 74DA19A989B3F67D1F93199F98AA48B4
ComboFix 12-03-27.03 - Nomy 28.03.2012 14:40:15.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2567 [GMT 2:00]
Spuštěný z: c:\users\Nomy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Nomy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Google\Update\GoogleUpdate.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\users\Nomy\AppData\Local\Google\Update
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdate.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateBroker.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateHelper.msi
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateOnDemand.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\GoogleUpdateSetup.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdate.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_am.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ar.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_bg.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_bn.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ca.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_cs.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_da.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_de.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_el.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_en-GB.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_en.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_es-419.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_es.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_et.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_fa.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_fi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_fil.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_fr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_gu.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_hi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_hr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_hu.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_id.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_is.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_it.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_iw.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ja.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_kn.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ko.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_lt.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_lv.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ml.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_mr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ms.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_nl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_no.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_pl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_pt-BR.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_pt-PT.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ro.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ru.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sk.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sv.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_sw.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ta.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_te.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_th.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_tr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_uk.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_ur.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_vi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_zh-CN.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\goopdateres_zh-TW.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\psmachine.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.111\psuser.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleUpdate.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateBroker.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateHelper.msi
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateOnDemand.exe
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdate.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_am.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ar.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_bg.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_bn.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ca.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_cs.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_da.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_de.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_el.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_en-GB.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_en.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_es-419.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_es.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_et.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_fa.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_fi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_fil.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_fr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_gu.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_hi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_hr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_hu.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_id.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_is.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_it.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_iw.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ja.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_kn.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ko.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_lt.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_lv.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ml.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_mr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ms.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_nl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_no.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_pl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_pt-BR.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_pt-PT.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ro.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ru.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sk.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sl.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sv.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_sw.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ta.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_te.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_th.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_tr.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_uk.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_ur.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_vi.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_zh-CN.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\goopdateres_zh-TW.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\psmachine.dll
c:\users\Nomy\AppData\Local\Google\Update\1.3.21.99\psuser.dll
c:\users\Nomy\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.111\GoogleUpdateSetup.exe
c:\users\Nomy\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\17.0.963.83\chrome_installer.exe
c:\users\Nomy\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-28 )))))))))))))))))))))))))))))))
.
.
2012-03-28 12:45 . 2012-03-28 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\programdata\Malwarebytes
2012-03-27 17:27 . 2012-03-27 17:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-27 17:27 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-03-27 14:46 . 2012-03-27 14:46 -------- d-----w- c:\windows\SysWow64\xlive
2012-03-27 14:44 . 2007-07-19 22:57 411496 ----a-w- c:\windows\system32\xactengine2_9.dll
2012-03-27 11:54 . 2012-03-20 01:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{82DB89D5-6AA0-4035-96D2-A426EAACC62B}\mpengine.dll
2012-03-26 18:51 . 2012-03-26 18:51 -------- d-----w- c:\program files (x86)\VideoLAN
2012-03-26 18:41 . 2012-03-26 18:41 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-26 18:41 . 2012-03-26 18:41 -------- d-----w- c:\windows\system32\Macromed
2012-03-26 16:50 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-26 16:50 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-26 16:33 . 2012-03-26 16:33 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-03-26 14:20 . 2012-03-26 14:20 -------- d-----w- C:\TopCD
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\SysWow64\Wat
2012-03-25 21:42 . 2012-03-25 21:42 -------- d-----w- c:\windows\system32\Wat
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\SPReview
2012-03-25 21:28 . 2012-03-25 21:28 -------- d-----w- c:\windows\system32\EventProviders
2012-03-25 21:25 . 2012-03-25 21:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-03-25 21:25 . 2012-03-25 21:25 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-25 21:19 . 2010-11-20 13:27 1646080 ----a-w- c:\windows\system32\wevtsvc.dll
2012-03-25 21:18 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll
2012-03-25 21:17 . 2010-11-20 13:27 4400640 ----a-w- c:\program files\DVD Maker\OmdProject.dll
2012-03-25 21:16 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-03-25 21:16 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-03-25 21:16 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-03-25 21:16 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-03-25 21:16 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-03-25 21:16 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-03-25 21:16 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-03-25 21:15 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-03-25 21:15 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-03-25 20:36 . 2012-03-27 19:08 -------- d-----w- c:\program files (x86)\Steam
2012-03-25 20:35 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-03-25 20:35 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-03-25 20:35 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-03-25 20:35 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-03-25 20:35 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-03-25 20:35 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-03-25 20:35 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-03-25 20:35 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-03-25 20:35 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-03-25 20:35 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-03-25 20:34 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-03-25 20:34 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-03-25 20:34 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-03-25 20:33 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-03-25 20:33 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-03-25 20:33 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-03-25 20:33 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-03-25 20:33 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-03-25 20:33 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-03-25 20:33 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-03-25 20:32 . 2012-03-25 21:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-03-25 20:29 . 2012-03-25 20:29 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-25 19:35 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-25 19:35 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-25 19:35 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-25 19:33 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-25 18:53 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2012-03-25 18:52 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2012-03-25 18:51 . 2011-07-16 05:37 421888 ----a-w- c:\windows\system32\KernelBase.dll
2012-03-25 18:50 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2012-03-25 18:46 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-03-25 18:46 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-03-25 18:42 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-03-25 18:42 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-03-25 17:29 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-25 17:29 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-25 17:29 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-25 17:29 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-25 17:20 . 2012-03-25 17:20 -------- d-----w- c:\program files (x86)\Google
2012-03-25 17:20 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-25 17:20 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-25 17:20 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-25 17:20 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-25 17:20 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-25 17:20 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-25 17:20 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-25 17:19 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-25 17:19 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\programdata\AVAST Software
2012-03-25 17:19 . 2012-03-25 17:19 -------- d-----w- c:\program files\AVAST Software
2012-03-25 17:15 . 2012-03-25 17:15 -------- d-----w- c:\windows\OemDrv
2012-03-25 17:03 . 2009-07-28 12:48 140632 ----a-w- c:\windows\system32\TODDSrv.exe
2012-03-25 17:01 . 2009-06-22 15:06 35008 ----a-w- c:\windows\system32\drivers\PGEffect.sys
2012-03-25 17:00 . 2012-02-23 07:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-03-25 16:59 . 2012-03-25 17:02 -------- d-----w- c:\programdata\Toshiba
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files\DIFX
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\program files (x86)\JMicron
2012-03-25 16:57 . 2012-03-25 16:57 -------- d-----w- c:\windows\SysWow64\SDA
2012-03-25 16:55 . 2012-03-25 16:55 -------- d-----w- c:\program files\Synaptics
2012-03-25 16:54 . 2012-03-25 16:55 -------- d-----w- c:\program files (x86)\Realtek WLAN Driver
2012-03-25 16:54 . 2010-04-28 09:32 932384 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys
2012-03-25 16:54 . 2010-04-26 23:23 1103904 ----a-w- c:\windows\system32\drivers\rtl8192se.sys
2012-03-25 16:54 . 2010-04-08 08:07 612352 ----a-w- c:\windows\system32\drivers\rtl819xp.sys
2012-03-25 16:54 . 2010-04-01 12:01 442368 ----a-w- c:\windows\system32\drivers\rtl8187Se.sys
2012-03-25 16:54 . 2010-03-31 09:10 450048 ----a-w- c:\windows\system32\drivers\rtl8187B.sys
2012-03-25 16:54 . 2009-02-05 00:49 451072 ------w- c:\windows\SysWow64\ISSRemoveSP.exe
2012-03-25 16:52 . 2012-03-25 16:52 -------- d-----w- c:\program files\NVIDIA Corporation
2012-03-25 16:47 . 1999-10-12 17:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll
2012-03-25 16:47 . 1999-10-12 17:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll
2012-03-25 16:46 . 2010-03-04 14:44 8192 ----a-w- c:\windows\system32\TSBWLS.dll
2012-03-25 16:46 . 2010-03-04 14:44 49664 ----a-w- c:\windows\system32\HWS_Ctrl.dll
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\windows\SysWow64\Microsoft.VC80.MFC
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\windows\system32\Microsoft.VC80.MFC
2012-03-25 16:46 . 2012-03-25 16:49 -------- d-----w- c:\programdata\win7_64
2012-03-25 16:46 . 2012-03-25 16:49 -------- d-----w- c:\programdata\win7_32
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\programdata\vista64
2012-03-25 16:46 . 2012-03-25 16:46 -------- d-----w- c:\programdata\vista32
2012-03-25 16:45 . 2012-03-25 16:59 -------- d-----w- c:\windows\Downloaded Installations
2012-03-25 16:43 . 2010-01-15 10:22 538136 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-03-25 16:41 . 2012-03-25 16:53 -------- d-----w- c:\programdata\NVIDIA
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\users\UpdatusUser
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-03-25 16:41 . 2012-03-25 16:41 -------- d-----w- c:\windows\SysWow64\AGEIA
2012-03-25 16:40 . 2010-05-05 17:24 659048 ----a-w- c:\windows\system32\nvuninst.exe
2012-03-25 16:39 . 2012-03-25 16:39 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-25 21:52 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-03-25 21:52 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-03-25 21:36 . 2012-03-25 21:36 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-03-25 21:36 . 2012-03-25 21:36 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-03-27_19.46.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-03-28 12:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-27 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-27 19:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 12:47 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-28 12:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-27 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-07 18:16 . 2012-03-28 12:30 44698 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-03-28 12:30 37788 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:46 . 2012-03-28 12:25 91888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-03-27 20:07 . 2012-03-27 20:07 10240 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\f137c53afae3903f20eba1fa0f8f8dad\System.Xml.Serialization.ni.dll
+ 2012-03-27 20:07 . 2012-03-27 20:07 43520 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Pres#\ef151d5b49d8b0d0052d05fc56d25107\System.Windows.Presentation.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 86016 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Applicat#\c5b08a1a9a7a97922af50f30b5e32268\System.Web.ApplicationServices.ni.dll
+ 2012-03-25 17:28 . 2012-03-28 12:30 5718 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2354811146-407768284-2492069451-1002_UserData.bin
- 2012-03-27 19:45 . 2012-03-27 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-28 12:46 . 2012-03-28 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-28 12:46 . 2012-03-28 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-03-27 19:45 . 2012-03-27 19:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-26 17:10 . 2012-03-28 14:33 133440 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 05:01 . 2012-03-28 12:45 307212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-03-27 19:44 307212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-27 20:07 . 2012-03-27 20:07 336896 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\d05858dd730eef93a5e4a3cc88dd4ec3\WindowsFormsIntegration.ni.dll
+ 2012-03-27 20:07 . 2012-03-27 20:07 645120 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClient\cd55f47d44c3695862bc047b8e86fcd3\UIAutomationClient.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\73874670b92afbde73b23e8a1200eede\System.ServiceProcess.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 517120 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\909c8d76773648809478644ac50a21eb\System.ServiceModel.Routing.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 108032 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\26db69101f5bcf148fd962f00c0e78dd\System.ServiceModel.Channels.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 933376 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Net\a46d5472536da900435885b28a19eda8\System.Net.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\ae0089b9135614de304ebe288fa6fca8\System.Messaging.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 521728 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management.I#\3ad050d3f47352421e05b7707ddd3524\System.Management.Instrumentation.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 531456 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IO.Log\87efa405cd384d2c47380467fcd7ea86\System.IO.Log.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 290816 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityMode#\50ccc897ad714e66f750ca1e51e0ffde\System.IdentityModel.Selectors.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 632832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\1ae0a8a9eb92ccaf900f5911740b2c3c\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 141824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Device\9edded64312f5cbae54a093eca246aaa\System.Device.ni.dll
- 2009-07-14 04:45 . 2012-03-26 18:05 7112306 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-03-27 20:20 7112306 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2012-03-25 20:58 . 2012-03-27 19:44 1201972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2354811146-407768284-2492069451-1002-8192.dat
+ 2012-03-25 20:58 . 2012-03-28 12:45 1201972 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2354811146-407768284-2492069451-1002-8192.dat
+ 2011-04-16 06:44 . 2011-04-16 06:44 2770944 c:\windows\Installer\ede17.msi
+ 2012-03-27 20:07 . 2012-03-27 20:07 1430016 c:\windows\assembly\NativeImages_v4.0.30319_64\UIAutomationClients#\d1d48cd30cd275b06fad70778798cae7\UIAutomationClientsideProviders.ni.dll
+ 2012-03-27 20:07 . 2012-03-27 20:07 5627904 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\455d5edfdc989057a8fea7bc88a02ef6\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 2236416 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bd044dc068adc34e430faa820e5c5e44\System.Web.Services.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 2735616 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Speech\561e5a115d6d7ade93236df74d61af84\System.Speech.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 1918976 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\4606cac0ba2d406b4ddefca21a3db1eb\System.ServiceModel.Activities.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 1579008 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel#\28b5d075cf252a24a6b007ff5941dce1\System.ServiceModel.Discovery.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Management\2280764a011295483642b17fe5d2b1f7\System.Management.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 1416192 c:\windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\a77730a57cc54142f1ecbb1e85060e5f\System.IdentityModel.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 1217024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.DirectorySer#\60390cb3abc6f1d85a572c156d39fc02\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 1799168 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Data.Service#\930a4b48234d358f2758f075be0684c5\System.Data.Services.Client.ni.dll
+ 2012-03-27 20:05 . 2012-03-27 20:05 3313664 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.JScript\0fbfc1087f7622c5b6b06f88fce1a45e\Microsoft.JScript.ni.dll
+ 2012-03-27 20:06 . 2012-03-27 20:06 24551424 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\bd433ada9b2565b666331b5b1276538a\System.ServiceModel.ni.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-08 1086760]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2009-07-21 701752]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 acpials;Filtr zařízení ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-05-05 1604200]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-05 17412200]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
"combofix"="c:\combofix\CF12936.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.100.252
FF - ProfilePath - c:\users\Nomy\AppData\Roaming\Mozilla\Firefox\Profiles\wom2gxg6.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Celkový čas: 2012-03-28 16:37:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-28 14:37
ComboFix2.txt 2012-03-27 19:56
ComboFix3.txt 2012-03-27 18:19
.
Před spuštěním: Volných bajtů: 439 467 098 112
Po spuštění: Volných bajtů: 438 945 656 832
.
- - End Of File - - 74DA19A989B3F67D1F93199F98AA48B4
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
A tady je HJT ,ale uprostřed sken se mi furt pise ze mam neco odmazat.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:47:50, on 28.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Users\Nomy\Eliminátor virů\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10256 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:47:50, on 28.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Users\Nomy\Eliminátor virů\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10256 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Spusť znovu aswMBR , dej sken a pak zase klik na Save Log , a vlož ho sem..
nerozumím , co smazat??
Návod
Kód: Vybrat vše
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"Spusť znovu aswMBR , dej sken a pak zase klik na Save Log , a vlož ho sem..
A tady je HJT ,ale uprostřed sken se mi furt pise ze mam neco odmazat.
nerozumím , co smazat??
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
ondrej.nosek
- Level 2
- Příspěvky: 202
- Registrován: březen 12
- Pohlaví:
- Stav:
Offline
Re: Win32 problém-rychle prosím
Ještě než ho sem dám,tak si myslím,že ten vir otevírá dveře dalším virům,takže doufám,že takhle najdu zdroj :S
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 0 hostů