Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
crcdisk.sys
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
crcdisk.sys
Zdravím, po opravě OS jsem nemohl nahodit NTB pořad byla modra obrazovka s chyb.kody=0x80599BB0 0x00000034 0x000007B. Nakonec jsem přeinstaloval celý OS abych ho nahodil.Ted nelze cokoliv stahovat před dotaženim souboru "Hláška" připojeni bylo resetovano. ani nemluvim o rychlosti 1,5KB max. Ted jsem se na netu dobral k tomu že mam s největší pravděpodobnosti nakažený crcdisk.sys a že vlastně moje PC řídí jiné PC a ne já? Prosim vas o pomoc!Prosííím
VF1
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: crcdisk.sys
Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: crcdisk.sys
Logfile of random's system information tool 1.07 (written by random/random)
Run by Správce at 2010-07-08 21:31:44
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 78 GB (68%) free of 114 GB
Total RAM: 1788 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:25, on 8.7.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\VF1\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Správce.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Users\Správce\Desktop\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 2010\UIWatcher.exe
O4 - HKCU\..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run
O4 - HKCU\..\Run: [ccleaner] "C:\Users\Správce\Desktop\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1272589827-2999714901-3555477113-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'VF1')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\a-squared Free\a2service.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
--
End of file - 6166 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2009-11-03 556432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-05-24 1008184]
"StartCCC"=C:\Users\Správce\Desktop\ATI.ACE\Core-Static\CLIStart.exe [2009-07-14 98304]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2008-05-02 307200]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-04-20 2327552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-05-24 1233920]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 2010\UIWatcher.exe [2010-01-04 2530656]
"BrowserChoice"=C:\Windows\System32\browserchoice.exe [2010-02-12 293376]
"ccleaner"=C:\Users\Správce\Desktop\CCleaner\ccleaner.exe [2010-01-26 1724728]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2010-03-02 1347496]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ad52b50-88b9-11df-8513-806e6f6e6963}]
shell\AutoRun\command - D:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ad52b7f-88b9-11df-8513-e6ca1948044d}]
shell\AutoRun\command - E:\AutoRun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-07-08 21:35:11 ----D---- C:\Users\Správce\AppData\Roaming\Vodafone
2010-07-08 21:34:22 ----D---- C:\Windows\LastGood
2010-07-08 21:33:43 ----D---- C:\ProgramData\Vodafone
2010-07-08 21:33:27 ----D---- C:\Program Files\Vodafone
2010-07-08 21:21:29 ----D---- C:\Program Files\T-Mobile
2010-07-08 09:39:08 ----D---- C:\Program Files\Huawei technologies
2010-07-08 09:39:07 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-08 09:33:01 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-08 08:18:43 ----D---- C:\a-squared Free
2010-07-08 06:56:32 ----D---- C:\Program Files\trend micro
2010-07-08 06:56:31 ----D---- C:\rsit
2010-07-08 05:49:27 ----D---- C:\ProgramData\Bluetooth
2010-07-08 05:47:52 ----D---- C:\Program Files\IVT Corporation
2010-07-08 02:02:57 ----D---- C:\Program Files\Opera
2010-07-08 01:54:59 ----D---- C:\Program Files\Mozilla Firefox
2010-07-08 01:44:06 ----A---- C:\Windows\system32\kerberos.dll
2010-07-08 01:44:04 ----A---- C:\Windows\system32\schannel.dll
2010-07-08 00:58:10 ----D---- C:\ProgramData\Windows Genuine Advantage
2010-07-08 00:44:13 ----D---- C:\ProgramData\Office Genuine Advantage
2010-07-07 22:37:07 ----N---- C:\Windows\system32\agrsmdel.exe
2010-07-07 22:32:19 ----D---- C:\Windows\Options
2010-07-07 22:27:49 ----D---- C:\Users\Správce\AppData\Roaming\Hewlett Packard
2010-07-07 22:27:36 ----D---- C:\SWSetup
2010-07-07 20:55:58 ----A---- C:\Windows\system32\msshooks.dll
2010-07-07 20:55:58 ----A---- C:\Windows\system32\msscb.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-07-07 20:55:56 ----A---- C:\Windows\system32\propsys.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\propdefs.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\msstrc.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\mssprxy.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\mssitlb.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\msshsq.dll
2010-07-07 20:55:55 ----A---- C:\Windows\system32\thawbrkr.dll
2010-07-07 20:55:55 ----A---- C:\Windows\system32\srchadmin.dll
2010-07-07 20:55:55 ----A---- C:\Windows\system32\korwbrkr.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\xmlfilter.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\wsepno.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\rtffilt.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\offfilt.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\nlhtml.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\msscntrs.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\mimefilt.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\chtbrkr.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\chsbrkr.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\tquery.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-07-07 20:55:53 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-07-07 20:55:53 ----A---- C:\Windows\system32\mssvp.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\mssrch.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\mssphtb.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\mssph.dll
2010-07-07 18:53:30 ----A---- C:\Windows\system32\dfshim.dll
2010-07-07 18:53:26 ----A---- C:\Windows\system32\mscoree.dll
2010-07-07 18:53:23 ----A---- C:\Windows\system32\netfxperf.dll
2010-07-07 18:53:08 ----A---- C:\Windows\system32\mscorier.dll
2010-07-07 18:53:01 ----A---- C:\Windows\system32\mscories.dll
2010-07-07 18:51:36 ----D---- C:\Program Files\LSI SoftModem
2010-07-07 18:51:02 ----D---- C:\ProgramData\Gemfor
2010-07-07 17:47:34 ----A---- C:\Windows\system32\occache.dll
2010-07-07 17:47:34 ----A---- C:\Windows\system32\mstime.dll
2010-07-07 17:47:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-07-07 17:47:33 ----A---- C:\Windows\system32\msfeeds.dll
2010-07-07 17:47:33 ----A---- C:\Windows\system32\jsproxy.dll
2010-07-07 17:47:33 ----A---- C:\Windows\system32\iepeers.dll
2010-07-07 17:47:32 ----A---- C:\Windows\system32\ieui.dll
2010-07-07 17:47:32 ----A---- C:\Windows\system32\iesetup.dll
2010-07-07 17:47:32 ----A---- C:\Windows\system32\iernonce.dll
2010-07-07 17:47:31 ----A---- C:\Windows\system32\wininet.dll
2010-07-07 17:47:31 ----A---- C:\Windows\system32\msfeedssync.exe
2010-07-07 17:47:31 ----A---- C:\Windows\system32\iedkcs32.dll
2010-07-07 17:47:31 ----A---- C:\Windows\system32\ie4uinit.exe
2010-07-07 17:47:30 ----A---- C:\Windows\system32\ieUnatt.exe
2010-07-07 17:47:30 ----A---- C:\Windows\system32\iesysprep.dll
2010-07-07 17:47:30 ----A---- C:\Windows\system32\iertutil.dll
2010-07-07 17:47:29 ----A---- C:\Windows\system32\urlmon.dll
2010-07-07 17:47:27 ----A---- C:\Windows\system32\ieframe.dll
2010-07-07 17:47:26 ----A---- C:\Windows\system32\mshtml.dll
2010-07-07 17:45:30 ----A---- C:\Windows\system32\mshtmled.dll
2010-07-07 17:45:29 ----A---- C:\Windows\system32\msls31.dll
2010-07-07 17:45:29 ----A---- C:\Windows\system32\mshtmler.dll
2010-07-07 17:45:29 ----A---- C:\Windows\system32\icardie.dll
2010-07-07 17:45:29 ----A---- C:\Windows\system32\admparse.dll
2010-07-07 17:45:28 ----A---- C:\Windows\system32\imgutil.dll
2010-07-07 17:45:28 ----A---- C:\Windows\system32\ieakeng.dll
2010-07-07 17:45:28 ----A---- C:\Windows\system32\corpol.dll
2010-07-07 17:45:27 ----A---- C:\Windows\system32\licmgr10.dll
2010-07-07 17:45:27 ----A---- C:\Windows\system32\inseng.dll
2010-07-07 17:45:27 ----A---- C:\Windows\system32\dxtrans.dll
2010-07-07 17:45:27 ----A---- C:\Windows\system32\dxtmsft.dll
2010-07-07 17:45:26 ----A---- C:\Windows\system32\webcheck.dll
2010-07-07 17:45:26 ----A---- C:\Windows\system32\msrating.dll
2010-07-07 17:45:26 ----A---- C:\Windows\system32\ieaksie.dll
2010-07-07 17:45:25 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-07-07 17:45:25 ----A---- C:\Windows\system32\wextract.exe
2010-07-07 17:45:25 ----A---- C:\Windows\system32\ieakui.dll
2010-07-07 17:45:24 ----A---- C:\Windows\system32\pngfilt.dll
2010-07-07 17:45:24 ----A---- C:\Windows\system32\ieapfltr.dll
2010-07-07 17:45:24 ----A---- C:\Windows\system32\advpack.dll
2010-07-07 17:45:23 ----A---- C:\Windows\system32\vbscript.dll
2010-07-07 17:45:23 ----A---- C:\Windows\system32\url.dll
2010-07-07 17:45:23 ----A---- C:\Windows\system32\jscript.dll
2010-07-07 17:45:21 ----A---- C:\Windows\system32\mshta.exe
2010-07-07 17:45:21 ----A---- C:\Windows\system32\iexpress.exe
2010-07-07 17:45:20 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-07-07 17:45:20 ----A---- C:\Windows\system32\SetDepNx.exe
2010-07-07 17:45:20 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-07-07 17:45:20 ----A---- C:\Windows\system32\PDMSetup.exe
2010-07-07 17:06:00 ----D---- C:\7c6852f48f8a6a1c4da1a699d2
2010-07-07 17:05:27 ----D---- C:\Windows\CheckSur
2010-07-06 12:59:34 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-07-06 12:59:31 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-07-06 12:59:20 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-07-06 12:37:06 ----A---- C:\Windows\system32\gameux.dll
2010-07-06 12:35:32 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-07-06 12:35:31 ----A---- C:\Windows\system32\secproc_isv.dll
2010-07-06 12:35:31 ----A---- C:\Windows\system32\secproc.dll
2010-07-06 12:35:31 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-07-06 12:35:31 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-07-06 12:35:31 ----A---- C:\Windows\system32\RMActivate.exe
2010-07-06 12:35:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-07-06 12:35:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-07-06 12:35:30 ----A---- C:\Windows\system32\msdrm.dll
2010-07-06 12:29:12 ----A---- C:\Windows\system32\kd1394.dll
2010-07-06 12:29:11 ----A---- C:\Windows\system32\winresume.exe
2010-07-06 12:29:11 ----A---- C:\Windows\system32\winload.exe
2010-07-06 12:29:11 ----A---- C:\Windows\system32\ci.dll
2010-07-06 12:29:10 ----A---- C:\Windows\system32\srdelayed.exe
2010-07-06 12:29:10 ----A---- C:\Windows\system32\srcore.dll
2010-07-06 12:29:10 ----A---- C:\Windows\system32\srclient.dll
2010-07-06 12:29:10 ----A---- C:\Windows\system32\setbcdlocale.dll
2010-07-06 12:29:10 ----A---- C:\Windows\system32\rstrui.exe
2010-07-06 12:29:10 ----A---- C:\Windows\system32\kbd106n.dll
2010-07-06 12:26:46 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-07-06 12:26:45 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-07-06 12:21:44 ----A---- C:\Windows\system32\netiohlp.dll
2010-07-06 12:21:43 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\ROUTE.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\netevent.dll
2010-07-06 12:21:43 ----A---- C:\Windows\system32\MRINFO.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\finger.exe
2010-07-06 12:21:43 ----A---- C:\Windows\system32\ARP.EXE
2010-07-06 12:16:09 ----A---- C:\Windows\system32\wdigest.dll
2010-07-06 12:16:09 ----A---- C:\Windows\system32\msv1_0.dll
2010-07-06 12:16:09 ----A---- C:\Windows\system32\lsasrv.dll
2010-07-06 12:16:08 ----A---- C:\Windows\system32\secur32.dll
2010-07-06 12:16:08 ----A---- C:\Windows\system32\lsass.exe
2010-07-06 12:10:10 ----HD---- C:\Windows\msdownld.tmp
2010-07-06 12:10:10 ----D---- C:\Windows\system32\directx
2010-07-06 12:10:06 ----D---- C:\Users\Správce\AppData\Roaming\XBMC
2010-07-06 12:05:40 ----A---- C:\Windows\system32\rpcss.dll
2010-07-06 12:05:39 ----A---- C:\Windows\system32\sdohlp.dll
2010-07-06 12:05:39 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-07-06 12:05:39 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-07-06 12:05:39 ----A---- C:\Windows\system32\iasrecst.dll
2010-07-06 12:05:39 ----A---- C:\Windows\system32\iasdatastore.dll
2010-07-06 12:05:38 ----A---- C:\Windows\system32\iashost.exe
2010-07-06 12:05:38 ----A---- C:\Windows\system32\iasads.dll
2010-07-06 12:05:34 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-07-06 12:05:34 ----A---- C:\Windows\system32\logagent.exe
2010-07-06 12:04:32 ----A---- C:\Windows\system32\rpcrt4.dll
2010-07-06 12:02:15 ----A---- C:\Windows\system32\wmpdxm.dll
2010-07-06 12:01:38 ----A---- C:\Windows\system32\msxml6.dll
2010-07-06 12:01:38 ----A---- C:\Windows\system32\msxml3.dll
2010-07-06 12:00:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-07-06 12:00:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-07-06 11:59:53 ----A---- C:\Windows\system32\kernel32.dll
2010-07-06 11:59:52 ----A---- C:\Windows\system32\apilogen.dll
2010-07-06 11:59:52 ----A---- C:\Windows\system32\amxread.dll
2010-07-06 11:59:04 ----A---- C:\Windows\system32\localspl.dll
2010-07-06 11:58:48 ----A---- C:\Windows\system32\wlansvc.dll
2010-07-06 11:58:48 ----A---- C:\Windows\system32\wlansec.dll
2010-07-06 11:58:48 ----A---- C:\Windows\system32\wlanmsm.dll
2010-07-06 11:58:47 ----A---- C:\Windows\system32\L2SecHC.dll
2010-07-06 11:57:34 ----A---- C:\Windows\system32\shell32.dll
2010-07-06 11:57:19 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-07-06 11:57:00 ----A---- C:\Windows\system32\t2embed.dll
2010-07-06 11:56:33 ----A---- C:\Windows\system32\inetcomm.dll
2010-07-06 11:56:29 ----A---- C:\Windows\system32\atl.dll
2010-07-06 11:56:18 ----A---- C:\Windows\system32\wmp.dll
2010-07-06 11:56:17 ----A---- C:\Windows\system32\unregmp2.exe
2010-07-06 11:56:16 ----A---- C:\Windows\system32\spwmp.dll
2010-07-06 11:56:16 ----A---- C:\Windows\system32\dxmasf.dll
2010-07-06 11:56:15 ----A---- C:\Windows\system32\wmploc.DLL
2010-07-06 11:55:42 ----A---- C:\Windows\system32\tsbyuv.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\msyuv.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\msvidc32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\msvfw32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\msrle32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\mciavi32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\iyuv_32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\avifil32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\avicap32.dll
2010-07-06 11:55:36 ----A---- C:\Windows\system32\tzres.dll
2010-07-06 11:52:13 ----A---- C:\Windows\system32\fsquirt.exe
2010-07-06 11:52:12 ----A---- C:\Windows\system32\winhttp.dll
2010-07-06 11:52:09 ----A---- C:\Windows\explorer.exe
2010-07-06 11:52:07 ----A---- C:\Windows\system32\mstscax.dll
2010-07-06 11:52:01 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-07-06 11:52:00 ----A---- C:\Windows\system32\asycfilt.dll
2010-07-06 11:51:52 ----A---- C:\Windows\system32\wersvc.dll
2010-07-06 11:51:52 ----A---- C:\Windows\system32\Faultrep.dll
2010-07-06 11:51:49 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-07-06 11:51:33 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-07-06 11:51:32 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-07-06 11:51:32 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-07-06 11:51:10 ----A---- C:\Windows\system32\xolehlp.dll
2010-07-06 11:51:10 ----A---- C:\Windows\system32\msdtcprx.dll
2010-07-06 11:51:07 ----A---- C:\Windows\system32\netapi32.dll
2010-07-06 11:51:04 ----A---- C:\Windows\system32\fontsub.dll
2010-07-06 11:51:04 ----A---- C:\Windows\system32\dciman32.dll
2010-07-06 11:51:04 ----A---- C:\Windows\system32\atmlib.dll
2010-07-06 11:51:04 ----A---- C:\Windows\system32\atmfd.dll
2010-07-06 11:51:00 ----A---- C:\Windows\system32\es.dll
2010-07-06 11:49:58 ----A---- C:\Windows\system32\emdmgmt.dll
2010-07-06 11:49:57 ----A---- C:\Windows\system32\dataclen.dll
2010-07-06 11:49:57 ----A---- C:\Windows\system32\cdd.dll
2010-07-06 11:49:50 ----A---- C:\Windows\system32\win32spl.dll
2010-07-06 11:49:46 ----A---- C:\Windows\system32\msasn1.dll
2010-07-06 11:49:38 ----A---- C:\Windows\system32\wshext.dll
2010-07-06 11:49:38 ----A---- C:\Windows\system32\wscript.exe
2010-07-06 11:49:37 ----A---- C:\Windows\system32\scrrun.dll
2010-07-06 11:49:37 ----A---- C:\Windows\system32\scrobj.dll
2010-07-06 11:49:37 ----A---- C:\Windows\system32\cscript.exe
2010-07-06 11:47:10 ----A---- C:\Windows\system32\connect.dll
2010-07-06 11:40:34 ----A---- C:\Windows\system32\wmpeffects.dll
2010-07-06 11:40:32 ----A---- C:\Windows\system32\rastls.dll
2010-07-06 11:40:32 ----A---- C:\Windows\system32\raschap.dll
2010-07-06 11:40:27 ----A---- C:\Windows\system32\gdi32.dll
2010-07-06 11:37:57 ----A---- C:\Windows\system32\browserchoice.exe
2010-07-06 11:37:04 ----A---- C:\Windows\system32\pacerprf.dll
2010-07-06 11:30:16 ----A---- C:\Windows\system32\WSDApi.dll
2010-07-06 11:29:48 ----A---- C:\Windows\system32\wkssvc.dll
2010-07-06 11:17:55 ----D---- C:\ProgramData\Adobe
2010-07-06 11:17:17 ----D---- C:\Program Files\Common Files\Adobe
2010-07-06 11:17:17 ----D---- C:\Program Files\Adobe
2010-07-06 11:07:58 ----A---- C:\Windows\system32\quartz.dll
2010-07-06 10:48:00 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-07-06 10:47:59 ----A---- C:\Windows\system32\mf.dll
2010-07-06 10:43:41 ----D---- C:\Users\Správce\AppData\Roaming\Zoner
2010-07-06 10:43:10 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-07-06 10:39:31 ----D---- C:\Program Files\Zoner
2010-07-06 09:13:56 ----D---- C:\Program Files\Common Files\Apple
2010-07-06 09:13:18 ----D---- C:\ProgramData\Apple
2010-07-06 09:13:18 ----D---- C:\Program Files\Apple Software Update
2010-07-06 09:02:46 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-06 09:01:38 ----D---- C:\Program Files\Microsoft Sync Framework
2010-07-06 08:54:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-07-06 08:53:44 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-07-06 08:49:04 ----N---- C:\Windows\system32\rpcnet.exe
2010-07-06 08:49:04 ----A---- C:\Windows\system32\rpcnet.dll
2010-07-06 08:47:56 ----D---- C:\Program Files\Microsoft
2010-07-06 08:45:20 ----D---- C:\Program Files\Windows Live SkyDrive
2010-07-06 08:45:08 ----D---- C:\Program Files\Windows Live
2010-07-06 08:41:30 ----N---- C:\Windows\system32\MpSigStub.exe
2010-07-06 08:40:09 ----D---- C:\Program Files\Common Files\Windows Live
2010-07-06 08:32:47 ----D---- C:\Program Files\Google
2010-07-06 08:20:07 ----A---- C:\Windows\system32\wintrust.dll
2010-07-06 08:19:54 ----A---- C:\Windows\system32\cabview.dll
2010-07-06 08:16:33 ----A---- C:\Windows\system32\msimsg.dll
2010-07-06 08:16:33 ----A---- C:\Windows\system32\msihnd.dll
2010-07-06 08:16:33 ----A---- C:\Windows\system32\msiexec.exe
2010-07-06 08:16:32 ----A---- C:\Windows\system32\msi.dll
2010-07-06 08:14:22 ----A---- C:\Windows\system32\wups2.dll
2010-07-06 08:14:21 ----A---- C:\Windows\system32\wucltux.dll
2010-07-06 08:14:21 ----A---- C:\Windows\system32\wuaueng.dll
2010-07-06 08:14:21 ----A---- C:\Windows\system32\wuauclt.exe
2010-07-06 08:14:09 ----A---- C:\Windows\system32\wups.dll
2010-07-06 08:14:09 ----A---- C:\Windows\system32\wudriver.dll
2010-07-06 08:14:09 ----A---- C:\Windows\system32\wuapi.dll
2010-07-06 08:14:00 ----A---- C:\Windows\system32\wuwebv.dll
2010-07-06 08:14:00 ----A---- C:\Windows\system32\wuapp.exe
2010-07-06 08:06:02 ----D---- C:\Windows\system32\EventProviders
2010-07-06 07:43:50 ----D---- C:\Windows\Panther
2010-07-06 07:43:36 ----RAS---- C:\BOOTSECT.BAK
2010-07-06 07:43:34 ----SHD---- C:\Boot
2010-07-06 07:31:08 ----D---- C:\ProgramData\Ashampoo
2010-07-06 07:31:05 ----D---- C:\Program Files\MyAshampoo
2010-07-06 07:31:05 ----D---- C:\Program Files\Conduit
2010-07-06 07:26:58 ----D---- C:\Program Files\Microsoft Security Essentials
2010-07-06 07:25:59 ----D---- C:\ProgramData\page
2010-07-06 07:25:58 ----D---- C:\Program Files\Ashampoo
2010-07-06 07:22:53 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-06 07:22:37 ----D---- C:\Windows\PCHEALTH
2010-07-06 07:22:37 ----D---- C:\Program Files\Microsoft.NET
2010-07-06 07:20:16 ----D---- C:\Program Files\Microsoft Analysis Services
2010-07-06 07:20:02 ----D---- C:\Windows\SHELLNEW
2010-07-06 07:19:27 ----D---- C:\Program Files\Microsoft Office
2010-07-06 07:19:26 ----D---- C:\ProgramData\Microsoft Help
2010-07-06 07:19:14 ----RHD---- C:\MSOCache
2010-07-06 07:14:16 ----D---- C:\Users\Správce\AppData\Roaming\ATI
2010-07-06 07:14:16 ----D---- C:\ProgramData\ATI
2010-07-06 07:06:33 ----SHD---- C:\Windows\Installer
2010-07-06 07:06:26 ----D---- C:\Program Files\ATI
2010-07-06 07:00:06 ----D---- C:\Users\Správce\AppData\Roaming\Identities
2010-07-06 06:59:59 ----SD---- C:\Users\Správce\AppData\Roaming\Microsoft
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Šablony
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Plocha
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Oblíbené položky
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Nabídka Start
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Dokumenty
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Data aplikací
2010-07-06 06:56:39 ----D---- C:\Windows\Debug
2010-07-06 06:49:39 ----D---- C:\Windows\SoftwareDistribution
2010-07-06 06:47:35 ----D---- C:\Windows\system32\catroot2
2010-07-06 06:47:25 ----A---- C:\Windows\system32\rpcnetp.dll
2010-07-06 06:45:17 ----D---- C:\Windows\Prefetch
2010-07-06 06:45:06 ----SHD---- C:\System Volume Information
2010-07-06 06:45:05 ----A---- C:\Windows\system32\rpcnetp.exe
2010-06-15 16:53:34 ----A---- C:\Windows\system32\HPMDPCoInst10.dll
2010-06-15 16:53:24 ----A---- C:\Windows\system32\hpservice.exe
2010-06-15 16:53:18 ----A---- C:\Windows\system32\accelerometerdll.DLL
======List of files/folders modified in the last 1 months======
2010-07-08 21:35:24 ----D---- C:\Windows\Temp
2010-07-08 21:35:06 ----D---- C:\Windows\system32\catroot
2010-07-08 21:35:06 ----D---- C:\Windows\inf
2010-07-08 21:34:32 ----D---- C:\Windows\system32\drivers
2010-07-08 21:34:22 ----D---- C:\Windows
2010-07-08 21:33:43 ----HD---- C:\ProgramData
2010-07-08 21:33:27 ----RD---- C:\Program Files
2010-07-08 21:33:02 ----D---- C:\Windows\System32
2010-07-08 21:33:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-08 21:06:39 ----D---- C:\Windows\system32\LogFiles
2010-07-08 21:06:04 ----SD---- C:\ProgramData\Microsoft
2010-07-08 13:39:01 ----D---- C:\Windows\ModemLogs
2010-07-08 09:33:01 ----D---- C:\Program Files\Common Files
2010-07-08 02:50:12 ----D---- C:\Windows\system32\WDI
2010-07-08 02:32:17 ----D---- C:\Windows\winsxs
2010-07-08 00:57:41 ----SD---- C:\Windows\Downloaded Program Files
2010-07-07 22:43:30 ----D---- C:\Windows\rescache
2010-07-07 22:23:55 ----D---- C:\Windows\Microsoft.NET
2010-07-07 22:23:54 ----RSD---- C:\Windows\assembly
2010-07-07 22:20:56 ----D---- C:\Windows\system32\Tasks
2010-07-07 22:14:51 ----D---- C:\Windows\system32\cs-CZ
2010-07-07 22:14:50 ----D---- C:\Program Files\Windows Mail
2010-07-07 22:14:48 ----D---- C:\Windows\AppPatch
2010-07-07 22:14:47 ----D---- C:\Windows\PolicyDefinitions
2010-07-07 22:14:45 ----D---- C:\Windows\system32\Boot
2010-07-07 22:14:44 ----D---- C:\Windows\system32\wbem
2010-07-07 22:14:43 ----D---- C:\Windows\system32\manifeststore
2010-07-07 17:54:04 ----D---- C:\Windows\system32\migration
2010-07-07 17:54:04 ----D---- C:\Program Files\Internet Explorer
2010-07-07 17:53:54 ----D---- C:\Windows\system32\en-US
2010-07-07 17:49:13 ----D---- C:\Windows\twain_32
2010-07-06 16:37:35 ----RSD---- C:\Windows\Fonts
2010-07-06 16:37:35 ----D---- C:\Program Files\Windows Media Player
2010-07-06 12:11:53 ----D---- C:\Windows\Logs
2010-07-06 11:41:27 ----D---- C:\Program Files\Movie Maker
2010-07-06 10:48:11 ----SHD---- C:\$Recycle.Bin
2010-07-06 10:47:15 ----RD---- C:\Users
2010-07-06 09:58:20 ----HD---- C:\Windows\system32\GroupPolicyUsers
2010-07-06 09:58:20 ----HD---- C:\Windows\system32\GroupPolicy
2010-07-06 09:17:50 ----D---- C:\Windows\system32\zh-TW
2010-07-06 09:17:50 ----D---- C:\Windows\system32\uk-UA
2010-07-06 09:17:50 ----D---- C:\Windows\system32\tr-TR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\th-TH
2010-07-06 09:17:50 ----D---- C:\Windows\system32\sv-SE
2010-07-06 09:17:50 ----D---- C:\Windows\system32\sr-Latn-CS
2010-07-06 09:17:50 ----D---- C:\Windows\system32\sl-SI
2010-07-06 09:17:50 ----D---- C:\Windows\system32\pt-PT
2010-07-06 09:17:50 ----D---- C:\Windows\system32\pt-BR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\pl-PL
2010-07-06 09:17:50 ----D---- C:\Windows\system32\nl-NL
2010-07-06 09:17:50 ----D---- C:\Windows\system32\lv-LV
2010-07-06 09:17:50 ----D---- C:\Windows\system32\lt-LT
2010-07-06 09:17:50 ----D---- C:\Windows\system32\ko-KR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\it-IT
2010-07-06 09:17:50 ----D---- C:\Windows\system32\hu-HU
2010-07-06 09:17:50 ----D---- C:\Windows\system32\hr-HR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\he-IL
2010-07-06 09:17:50 ----D---- C:\Windows\system32\fr-FR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\fi-FI
2010-07-06 09:17:50 ----D---- C:\Windows\system32\es-ES
2010-07-06 09:17:50 ----D---- C:\Windows\system32\el-GR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\bg-BG
2010-07-06 09:17:49 ----D---- C:\Windows\system32\zh-CN
2010-07-06 09:17:49 ----D---- C:\Windows\system32\sk-SK
2010-07-06 09:17:49 ----D---- C:\Windows\system32\ru-RU
2010-07-06 09:17:49 ----D---- C:\Windows\system32\ro-RO
2010-07-06 09:17:49 ----D---- C:\Windows\system32\nb-NO
2010-07-06 09:17:49 ----D---- C:\Windows\system32\ja-JP
2010-07-06 09:17:49 ----D---- C:\Windows\system32\et-EE
2010-07-06 09:17:49 ----D---- C:\Windows\system32\de-DE
2010-07-06 09:17:49 ----D---- C:\Windows\system32\da-DK
2010-07-06 09:17:49 ----D---- C:\Windows\system32\ar-SA
2010-07-06 09:05:08 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-06 07:20:44 ----A---- C:\Windows\win.ini
2010-07-06 07:20:33 ----D---- C:\Program Files\Common Files\System
2010-07-06 07:06:57 ----D---- C:\Windows\system32\restore
2010-07-06 07:03:27 ----D---- C:\Windows\system32\CodeIntegrity
2010-07-06 06:57:17 ----D---- C:\Program Files\Windows NT
2010-07-06 06:51:52 ----ASH---- C:\Program Files\desktop.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 33848]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-12-13 1161152]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-15 5068800]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-05-24 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-05-24 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-05-24 14208]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-04-09 102784]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-05-24 49664]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-05-24 11264]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-05-24 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-05-24 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-05-24 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-05-24 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-05-24 6016]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-05-24 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-05-24 83328]
S4 ErrDev;Ovladače chybového zařízení hardwaru Microsoft; C:\Windows\system32\drivers\errdev.sys [2008-05-24 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-05-24 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; C:\a-squared Free\a2service.exe [2009-10-01 1858144]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-26 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-15 172032]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-05-24 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 26168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2010-07-06 57752]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-04-20 9216]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
-----------------EOF-----------------
Run by Správce at 2010-07-08 21:31:44
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 78 GB (68%) free of 114 GB
Total RAM: 1788 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:25, on 8.7.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\VF1\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Správce.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Users\Správce\Desktop\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 2010\UIWatcher.exe
O4 - HKCU\..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run
O4 - HKCU\..\Run: [ccleaner] "C:\Users\Správce\Desktop\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1272589827-2999714901-3555477113-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'VF1')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\a-squared Free\a2service.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
--
End of file - 6166 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2009-11-03 556432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-05-24 1008184]
"StartCCC"=C:\Users\Správce\Desktop\ATI.ACE\Core-Static\CLIStart.exe [2009-07-14 98304]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2008-05-02 307200]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-04-20 2327552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-05-24 1233920]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 2010\UIWatcher.exe [2010-01-04 2530656]
"BrowserChoice"=C:\Windows\System32\browserchoice.exe [2010-02-12 293376]
"ccleaner"=C:\Users\Správce\Desktop\CCleaner\ccleaner.exe [2010-01-26 1724728]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2010-03-02 1347496]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ad52b50-88b9-11df-8513-806e6f6e6963}]
shell\AutoRun\command - D:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ad52b7f-88b9-11df-8513-e6ca1948044d}]
shell\AutoRun\command - E:\AutoRun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-07-08 21:35:11 ----D---- C:\Users\Správce\AppData\Roaming\Vodafone
2010-07-08 21:34:22 ----D---- C:\Windows\LastGood
2010-07-08 21:33:43 ----D---- C:\ProgramData\Vodafone
2010-07-08 21:33:27 ----D---- C:\Program Files\Vodafone
2010-07-08 21:21:29 ----D---- C:\Program Files\T-Mobile
2010-07-08 09:39:08 ----D---- C:\Program Files\Huawei technologies
2010-07-08 09:39:07 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-08 09:33:01 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-08 08:18:43 ----D---- C:\a-squared Free
2010-07-08 06:56:32 ----D---- C:\Program Files\trend micro
2010-07-08 06:56:31 ----D---- C:\rsit
2010-07-08 05:49:27 ----D---- C:\ProgramData\Bluetooth
2010-07-08 05:47:52 ----D---- C:\Program Files\IVT Corporation
2010-07-08 02:02:57 ----D---- C:\Program Files\Opera
2010-07-08 01:54:59 ----D---- C:\Program Files\Mozilla Firefox
2010-07-08 01:44:06 ----A---- C:\Windows\system32\kerberos.dll
2010-07-08 01:44:04 ----A---- C:\Windows\system32\schannel.dll
2010-07-08 00:58:10 ----D---- C:\ProgramData\Windows Genuine Advantage
2010-07-08 00:44:13 ----D---- C:\ProgramData\Office Genuine Advantage
2010-07-07 22:37:07 ----N---- C:\Windows\system32\agrsmdel.exe
2010-07-07 22:32:19 ----D---- C:\Windows\Options
2010-07-07 22:27:49 ----D---- C:\Users\Správce\AppData\Roaming\Hewlett Packard
2010-07-07 22:27:36 ----D---- C:\SWSetup
2010-07-07 20:55:58 ----A---- C:\Windows\system32\msshooks.dll
2010-07-07 20:55:58 ----A---- C:\Windows\system32\msscb.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-07-07 20:55:56 ----A---- C:\Windows\system32\propsys.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\propdefs.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\msstrc.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\mssprxy.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\mssitlb.dll
2010-07-07 20:55:56 ----A---- C:\Windows\system32\msshsq.dll
2010-07-07 20:55:55 ----A---- C:\Windows\system32\thawbrkr.dll
2010-07-07 20:55:55 ----A---- C:\Windows\system32\srchadmin.dll
2010-07-07 20:55:55 ----A---- C:\Windows\system32\korwbrkr.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\xmlfilter.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\wsepno.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\rtffilt.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\offfilt.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\nlhtml.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\msscntrs.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\mimefilt.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\chtbrkr.dll
2010-07-07 20:55:54 ----A---- C:\Windows\system32\chsbrkr.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\tquery.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-07-07 20:55:53 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-07-07 20:55:53 ----A---- C:\Windows\system32\mssvp.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\mssrch.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\mssphtb.dll
2010-07-07 20:55:53 ----A---- C:\Windows\system32\mssph.dll
2010-07-07 18:53:30 ----A---- C:\Windows\system32\dfshim.dll
2010-07-07 18:53:26 ----A---- C:\Windows\system32\mscoree.dll
2010-07-07 18:53:23 ----A---- C:\Windows\system32\netfxperf.dll
2010-07-07 18:53:08 ----A---- C:\Windows\system32\mscorier.dll
2010-07-07 18:53:01 ----A---- C:\Windows\system32\mscories.dll
2010-07-07 18:51:36 ----D---- C:\Program Files\LSI SoftModem
2010-07-07 18:51:02 ----D---- C:\ProgramData\Gemfor
2010-07-07 17:47:34 ----A---- C:\Windows\system32\occache.dll
2010-07-07 17:47:34 ----A---- C:\Windows\system32\mstime.dll
2010-07-07 17:47:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-07-07 17:47:33 ----A---- C:\Windows\system32\msfeeds.dll
2010-07-07 17:47:33 ----A---- C:\Windows\system32\jsproxy.dll
2010-07-07 17:47:33 ----A---- C:\Windows\system32\iepeers.dll
2010-07-07 17:47:32 ----A---- C:\Windows\system32\ieui.dll
2010-07-07 17:47:32 ----A---- C:\Windows\system32\iesetup.dll
2010-07-07 17:47:32 ----A---- C:\Windows\system32\iernonce.dll
2010-07-07 17:47:31 ----A---- C:\Windows\system32\wininet.dll
2010-07-07 17:47:31 ----A---- C:\Windows\system32\msfeedssync.exe
2010-07-07 17:47:31 ----A---- C:\Windows\system32\iedkcs32.dll
2010-07-07 17:47:31 ----A---- C:\Windows\system32\ie4uinit.exe
2010-07-07 17:47:30 ----A---- C:\Windows\system32\ieUnatt.exe
2010-07-07 17:47:30 ----A---- C:\Windows\system32\iesysprep.dll
2010-07-07 17:47:30 ----A---- C:\Windows\system32\iertutil.dll
2010-07-07 17:47:29 ----A---- C:\Windows\system32\urlmon.dll
2010-07-07 17:47:27 ----A---- C:\Windows\system32\ieframe.dll
2010-07-07 17:47:26 ----A---- C:\Windows\system32\mshtml.dll
2010-07-07 17:45:30 ----A---- C:\Windows\system32\mshtmled.dll
2010-07-07 17:45:29 ----A---- C:\Windows\system32\msls31.dll
2010-07-07 17:45:29 ----A---- C:\Windows\system32\mshtmler.dll
2010-07-07 17:45:29 ----A---- C:\Windows\system32\icardie.dll
2010-07-07 17:45:29 ----A---- C:\Windows\system32\admparse.dll
2010-07-07 17:45:28 ----A---- C:\Windows\system32\imgutil.dll
2010-07-07 17:45:28 ----A---- C:\Windows\system32\ieakeng.dll
2010-07-07 17:45:28 ----A---- C:\Windows\system32\corpol.dll
2010-07-07 17:45:27 ----A---- C:\Windows\system32\licmgr10.dll
2010-07-07 17:45:27 ----A---- C:\Windows\system32\inseng.dll
2010-07-07 17:45:27 ----A---- C:\Windows\system32\dxtrans.dll
2010-07-07 17:45:27 ----A---- C:\Windows\system32\dxtmsft.dll
2010-07-07 17:45:26 ----A---- C:\Windows\system32\webcheck.dll
2010-07-07 17:45:26 ----A---- C:\Windows\system32\msrating.dll
2010-07-07 17:45:26 ----A---- C:\Windows\system32\ieaksie.dll
2010-07-07 17:45:25 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-07-07 17:45:25 ----A---- C:\Windows\system32\wextract.exe
2010-07-07 17:45:25 ----A---- C:\Windows\system32\ieakui.dll
2010-07-07 17:45:24 ----A---- C:\Windows\system32\pngfilt.dll
2010-07-07 17:45:24 ----A---- C:\Windows\system32\ieapfltr.dll
2010-07-07 17:45:24 ----A---- C:\Windows\system32\advpack.dll
2010-07-07 17:45:23 ----A---- C:\Windows\system32\vbscript.dll
2010-07-07 17:45:23 ----A---- C:\Windows\system32\url.dll
2010-07-07 17:45:23 ----A---- C:\Windows\system32\jscript.dll
2010-07-07 17:45:21 ----A---- C:\Windows\system32\mshta.exe
2010-07-07 17:45:21 ----A---- C:\Windows\system32\iexpress.exe
2010-07-07 17:45:20 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-07-07 17:45:20 ----A---- C:\Windows\system32\SetDepNx.exe
2010-07-07 17:45:20 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-07-07 17:45:20 ----A---- C:\Windows\system32\PDMSetup.exe
2010-07-07 17:06:00 ----D---- C:\7c6852f48f8a6a1c4da1a699d2
2010-07-07 17:05:27 ----D---- C:\Windows\CheckSur
2010-07-06 12:59:34 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-07-06 12:59:31 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-07-06 12:59:20 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-07-06 12:37:06 ----A---- C:\Windows\system32\gameux.dll
2010-07-06 12:35:32 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-07-06 12:35:31 ----A---- C:\Windows\system32\secproc_isv.dll
2010-07-06 12:35:31 ----A---- C:\Windows\system32\secproc.dll
2010-07-06 12:35:31 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-07-06 12:35:31 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-07-06 12:35:31 ----A---- C:\Windows\system32\RMActivate.exe
2010-07-06 12:35:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-07-06 12:35:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-07-06 12:35:30 ----A---- C:\Windows\system32\msdrm.dll
2010-07-06 12:29:12 ----A---- C:\Windows\system32\kd1394.dll
2010-07-06 12:29:11 ----A---- C:\Windows\system32\winresume.exe
2010-07-06 12:29:11 ----A---- C:\Windows\system32\winload.exe
2010-07-06 12:29:11 ----A---- C:\Windows\system32\ci.dll
2010-07-06 12:29:10 ----A---- C:\Windows\system32\srdelayed.exe
2010-07-06 12:29:10 ----A---- C:\Windows\system32\srcore.dll
2010-07-06 12:29:10 ----A---- C:\Windows\system32\srclient.dll
2010-07-06 12:29:10 ----A---- C:\Windows\system32\setbcdlocale.dll
2010-07-06 12:29:10 ----A---- C:\Windows\system32\rstrui.exe
2010-07-06 12:29:10 ----A---- C:\Windows\system32\kbd106n.dll
2010-07-06 12:26:46 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-07-06 12:26:45 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-07-06 12:21:44 ----A---- C:\Windows\system32\netiohlp.dll
2010-07-06 12:21:43 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\ROUTE.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\netevent.dll
2010-07-06 12:21:43 ----A---- C:\Windows\system32\MRINFO.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-07-06 12:21:43 ----A---- C:\Windows\system32\finger.exe
2010-07-06 12:21:43 ----A---- C:\Windows\system32\ARP.EXE
2010-07-06 12:16:09 ----A---- C:\Windows\system32\wdigest.dll
2010-07-06 12:16:09 ----A---- C:\Windows\system32\msv1_0.dll
2010-07-06 12:16:09 ----A---- C:\Windows\system32\lsasrv.dll
2010-07-06 12:16:08 ----A---- C:\Windows\system32\secur32.dll
2010-07-06 12:16:08 ----A---- C:\Windows\system32\lsass.exe
2010-07-06 12:10:10 ----HD---- C:\Windows\msdownld.tmp
2010-07-06 12:10:10 ----D---- C:\Windows\system32\directx
2010-07-06 12:10:06 ----D---- C:\Users\Správce\AppData\Roaming\XBMC
2010-07-06 12:05:40 ----A---- C:\Windows\system32\rpcss.dll
2010-07-06 12:05:39 ----A---- C:\Windows\system32\sdohlp.dll
2010-07-06 12:05:39 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-07-06 12:05:39 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-07-06 12:05:39 ----A---- C:\Windows\system32\iasrecst.dll
2010-07-06 12:05:39 ----A---- C:\Windows\system32\iasdatastore.dll
2010-07-06 12:05:38 ----A---- C:\Windows\system32\iashost.exe
2010-07-06 12:05:38 ----A---- C:\Windows\system32\iasads.dll
2010-07-06 12:05:34 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-07-06 12:05:34 ----A---- C:\Windows\system32\logagent.exe
2010-07-06 12:04:32 ----A---- C:\Windows\system32\rpcrt4.dll
2010-07-06 12:02:15 ----A---- C:\Windows\system32\wmpdxm.dll
2010-07-06 12:01:38 ----A---- C:\Windows\system32\msxml6.dll
2010-07-06 12:01:38 ----A---- C:\Windows\system32\msxml3.dll
2010-07-06 12:00:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-07-06 12:00:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-07-06 11:59:53 ----A---- C:\Windows\system32\kernel32.dll
2010-07-06 11:59:52 ----A---- C:\Windows\system32\apilogen.dll
2010-07-06 11:59:52 ----A---- C:\Windows\system32\amxread.dll
2010-07-06 11:59:04 ----A---- C:\Windows\system32\localspl.dll
2010-07-06 11:58:48 ----A---- C:\Windows\system32\wlansvc.dll
2010-07-06 11:58:48 ----A---- C:\Windows\system32\wlansec.dll
2010-07-06 11:58:48 ----A---- C:\Windows\system32\wlanmsm.dll
2010-07-06 11:58:47 ----A---- C:\Windows\system32\L2SecHC.dll
2010-07-06 11:57:34 ----A---- C:\Windows\system32\shell32.dll
2010-07-06 11:57:19 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-07-06 11:57:00 ----A---- C:\Windows\system32\t2embed.dll
2010-07-06 11:56:33 ----A---- C:\Windows\system32\inetcomm.dll
2010-07-06 11:56:29 ----A---- C:\Windows\system32\atl.dll
2010-07-06 11:56:18 ----A---- C:\Windows\system32\wmp.dll
2010-07-06 11:56:17 ----A---- C:\Windows\system32\unregmp2.exe
2010-07-06 11:56:16 ----A---- C:\Windows\system32\spwmp.dll
2010-07-06 11:56:16 ----A---- C:\Windows\system32\dxmasf.dll
2010-07-06 11:56:15 ----A---- C:\Windows\system32\wmploc.DLL
2010-07-06 11:55:42 ----A---- C:\Windows\system32\tsbyuv.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\msyuv.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\msvidc32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\msvfw32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\msrle32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\mciavi32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\iyuv_32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\avifil32.dll
2010-07-06 11:55:42 ----A---- C:\Windows\system32\avicap32.dll
2010-07-06 11:55:36 ----A---- C:\Windows\system32\tzres.dll
2010-07-06 11:52:13 ----A---- C:\Windows\system32\fsquirt.exe
2010-07-06 11:52:12 ----A---- C:\Windows\system32\winhttp.dll
2010-07-06 11:52:09 ----A---- C:\Windows\explorer.exe
2010-07-06 11:52:07 ----A---- C:\Windows\system32\mstscax.dll
2010-07-06 11:52:01 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-07-06 11:52:00 ----A---- C:\Windows\system32\asycfilt.dll
2010-07-06 11:51:52 ----A---- C:\Windows\system32\wersvc.dll
2010-07-06 11:51:52 ----A---- C:\Windows\system32\Faultrep.dll
2010-07-06 11:51:49 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-07-06 11:51:33 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-07-06 11:51:32 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-07-06 11:51:32 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-07-06 11:51:10 ----A---- C:\Windows\system32\xolehlp.dll
2010-07-06 11:51:10 ----A---- C:\Windows\system32\msdtcprx.dll
2010-07-06 11:51:07 ----A---- C:\Windows\system32\netapi32.dll
2010-07-06 11:51:04 ----A---- C:\Windows\system32\fontsub.dll
2010-07-06 11:51:04 ----A---- C:\Windows\system32\dciman32.dll
2010-07-06 11:51:04 ----A---- C:\Windows\system32\atmlib.dll
2010-07-06 11:51:04 ----A---- C:\Windows\system32\atmfd.dll
2010-07-06 11:51:00 ----A---- C:\Windows\system32\es.dll
2010-07-06 11:49:58 ----A---- C:\Windows\system32\emdmgmt.dll
2010-07-06 11:49:57 ----A---- C:\Windows\system32\dataclen.dll
2010-07-06 11:49:57 ----A---- C:\Windows\system32\cdd.dll
2010-07-06 11:49:50 ----A---- C:\Windows\system32\win32spl.dll
2010-07-06 11:49:46 ----A---- C:\Windows\system32\msasn1.dll
2010-07-06 11:49:38 ----A---- C:\Windows\system32\wshext.dll
2010-07-06 11:49:38 ----A---- C:\Windows\system32\wscript.exe
2010-07-06 11:49:37 ----A---- C:\Windows\system32\scrrun.dll
2010-07-06 11:49:37 ----A---- C:\Windows\system32\scrobj.dll
2010-07-06 11:49:37 ----A---- C:\Windows\system32\cscript.exe
2010-07-06 11:47:10 ----A---- C:\Windows\system32\connect.dll
2010-07-06 11:40:34 ----A---- C:\Windows\system32\wmpeffects.dll
2010-07-06 11:40:32 ----A---- C:\Windows\system32\rastls.dll
2010-07-06 11:40:32 ----A---- C:\Windows\system32\raschap.dll
2010-07-06 11:40:27 ----A---- C:\Windows\system32\gdi32.dll
2010-07-06 11:37:57 ----A---- C:\Windows\system32\browserchoice.exe
2010-07-06 11:37:04 ----A---- C:\Windows\system32\pacerprf.dll
2010-07-06 11:30:16 ----A---- C:\Windows\system32\WSDApi.dll
2010-07-06 11:29:48 ----A---- C:\Windows\system32\wkssvc.dll
2010-07-06 11:17:55 ----D---- C:\ProgramData\Adobe
2010-07-06 11:17:17 ----D---- C:\Program Files\Common Files\Adobe
2010-07-06 11:17:17 ----D---- C:\Program Files\Adobe
2010-07-06 11:07:58 ----A---- C:\Windows\system32\quartz.dll
2010-07-06 10:48:00 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-07-06 10:47:59 ----A---- C:\Windows\system32\mf.dll
2010-07-06 10:43:41 ----D---- C:\Users\Správce\AppData\Roaming\Zoner
2010-07-06 10:43:10 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-07-06 10:39:31 ----D---- C:\Program Files\Zoner
2010-07-06 09:13:56 ----D---- C:\Program Files\Common Files\Apple
2010-07-06 09:13:18 ----D---- C:\ProgramData\Apple
2010-07-06 09:13:18 ----D---- C:\Program Files\Apple Software Update
2010-07-06 09:02:46 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-06 09:01:38 ----D---- C:\Program Files\Microsoft Sync Framework
2010-07-06 08:54:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-07-06 08:53:44 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-07-06 08:49:04 ----N---- C:\Windows\system32\rpcnet.exe
2010-07-06 08:49:04 ----A---- C:\Windows\system32\rpcnet.dll
2010-07-06 08:47:56 ----D---- C:\Program Files\Microsoft
2010-07-06 08:45:20 ----D---- C:\Program Files\Windows Live SkyDrive
2010-07-06 08:45:08 ----D---- C:\Program Files\Windows Live
2010-07-06 08:41:30 ----N---- C:\Windows\system32\MpSigStub.exe
2010-07-06 08:40:09 ----D---- C:\Program Files\Common Files\Windows Live
2010-07-06 08:32:47 ----D---- C:\Program Files\Google
2010-07-06 08:20:07 ----A---- C:\Windows\system32\wintrust.dll
2010-07-06 08:19:54 ----A---- C:\Windows\system32\cabview.dll
2010-07-06 08:16:33 ----A---- C:\Windows\system32\msimsg.dll
2010-07-06 08:16:33 ----A---- C:\Windows\system32\msihnd.dll
2010-07-06 08:16:33 ----A---- C:\Windows\system32\msiexec.exe
2010-07-06 08:16:32 ----A---- C:\Windows\system32\msi.dll
2010-07-06 08:14:22 ----A---- C:\Windows\system32\wups2.dll
2010-07-06 08:14:21 ----A---- C:\Windows\system32\wucltux.dll
2010-07-06 08:14:21 ----A---- C:\Windows\system32\wuaueng.dll
2010-07-06 08:14:21 ----A---- C:\Windows\system32\wuauclt.exe
2010-07-06 08:14:09 ----A---- C:\Windows\system32\wups.dll
2010-07-06 08:14:09 ----A---- C:\Windows\system32\wudriver.dll
2010-07-06 08:14:09 ----A---- C:\Windows\system32\wuapi.dll
2010-07-06 08:14:00 ----A---- C:\Windows\system32\wuwebv.dll
2010-07-06 08:14:00 ----A---- C:\Windows\system32\wuapp.exe
2010-07-06 08:06:02 ----D---- C:\Windows\system32\EventProviders
2010-07-06 07:43:50 ----D---- C:\Windows\Panther
2010-07-06 07:43:36 ----RAS---- C:\BOOTSECT.BAK
2010-07-06 07:43:34 ----SHD---- C:\Boot
2010-07-06 07:31:08 ----D---- C:\ProgramData\Ashampoo
2010-07-06 07:31:05 ----D---- C:\Program Files\MyAshampoo
2010-07-06 07:31:05 ----D---- C:\Program Files\Conduit
2010-07-06 07:26:58 ----D---- C:\Program Files\Microsoft Security Essentials
2010-07-06 07:25:59 ----D---- C:\ProgramData\page
2010-07-06 07:25:58 ----D---- C:\Program Files\Ashampoo
2010-07-06 07:22:53 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-06 07:22:37 ----D---- C:\Windows\PCHEALTH
2010-07-06 07:22:37 ----D---- C:\Program Files\Microsoft.NET
2010-07-06 07:20:16 ----D---- C:\Program Files\Microsoft Analysis Services
2010-07-06 07:20:02 ----D---- C:\Windows\SHELLNEW
2010-07-06 07:19:27 ----D---- C:\Program Files\Microsoft Office
2010-07-06 07:19:26 ----D---- C:\ProgramData\Microsoft Help
2010-07-06 07:19:14 ----RHD---- C:\MSOCache
2010-07-06 07:14:16 ----D---- C:\Users\Správce\AppData\Roaming\ATI
2010-07-06 07:14:16 ----D---- C:\ProgramData\ATI
2010-07-06 07:06:33 ----SHD---- C:\Windows\Installer
2010-07-06 07:06:26 ----D---- C:\Program Files\ATI
2010-07-06 07:00:06 ----D---- C:\Users\Správce\AppData\Roaming\Identities
2010-07-06 06:59:59 ----SD---- C:\Users\Správce\AppData\Roaming\Microsoft
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Šablony
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Plocha
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Oblíbené položky
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Nabídka Start
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Dokumenty
2010-07-06 06:57:17 ----SHD---- C:\ProgramData\Data aplikací
2010-07-06 06:56:39 ----D---- C:\Windows\Debug
2010-07-06 06:49:39 ----D---- C:\Windows\SoftwareDistribution
2010-07-06 06:47:35 ----D---- C:\Windows\system32\catroot2
2010-07-06 06:47:25 ----A---- C:\Windows\system32\rpcnetp.dll
2010-07-06 06:45:17 ----D---- C:\Windows\Prefetch
2010-07-06 06:45:06 ----SHD---- C:\System Volume Information
2010-07-06 06:45:05 ----A---- C:\Windows\system32\rpcnetp.exe
2010-06-15 16:53:34 ----A---- C:\Windows\system32\HPMDPCoInst10.dll
2010-06-15 16:53:24 ----A---- C:\Windows\system32\hpservice.exe
2010-06-15 16:53:18 ----A---- C:\Windows\system32\accelerometerdll.DLL
======List of files/folders modified in the last 1 months======
2010-07-08 21:35:24 ----D---- C:\Windows\Temp
2010-07-08 21:35:06 ----D---- C:\Windows\system32\catroot
2010-07-08 21:35:06 ----D---- C:\Windows\inf
2010-07-08 21:34:32 ----D---- C:\Windows\system32\drivers
2010-07-08 21:34:22 ----D---- C:\Windows
2010-07-08 21:33:43 ----HD---- C:\ProgramData
2010-07-08 21:33:27 ----RD---- C:\Program Files
2010-07-08 21:33:02 ----D---- C:\Windows\System32
2010-07-08 21:33:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-08 21:06:39 ----D---- C:\Windows\system32\LogFiles
2010-07-08 21:06:04 ----SD---- C:\ProgramData\Microsoft
2010-07-08 13:39:01 ----D---- C:\Windows\ModemLogs
2010-07-08 09:33:01 ----D---- C:\Program Files\Common Files
2010-07-08 02:50:12 ----D---- C:\Windows\system32\WDI
2010-07-08 02:32:17 ----D---- C:\Windows\winsxs
2010-07-08 00:57:41 ----SD---- C:\Windows\Downloaded Program Files
2010-07-07 22:43:30 ----D---- C:\Windows\rescache
2010-07-07 22:23:55 ----D---- C:\Windows\Microsoft.NET
2010-07-07 22:23:54 ----RSD---- C:\Windows\assembly
2010-07-07 22:20:56 ----D---- C:\Windows\system32\Tasks
2010-07-07 22:14:51 ----D---- C:\Windows\system32\cs-CZ
2010-07-07 22:14:50 ----D---- C:\Program Files\Windows Mail
2010-07-07 22:14:48 ----D---- C:\Windows\AppPatch
2010-07-07 22:14:47 ----D---- C:\Windows\PolicyDefinitions
2010-07-07 22:14:45 ----D---- C:\Windows\system32\Boot
2010-07-07 22:14:44 ----D---- C:\Windows\system32\wbem
2010-07-07 22:14:43 ----D---- C:\Windows\system32\manifeststore
2010-07-07 17:54:04 ----D---- C:\Windows\system32\migration
2010-07-07 17:54:04 ----D---- C:\Program Files\Internet Explorer
2010-07-07 17:53:54 ----D---- C:\Windows\system32\en-US
2010-07-07 17:49:13 ----D---- C:\Windows\twain_32
2010-07-06 16:37:35 ----RSD---- C:\Windows\Fonts
2010-07-06 16:37:35 ----D---- C:\Program Files\Windows Media Player
2010-07-06 12:11:53 ----D---- C:\Windows\Logs
2010-07-06 11:41:27 ----D---- C:\Program Files\Movie Maker
2010-07-06 10:48:11 ----SHD---- C:\$Recycle.Bin
2010-07-06 10:47:15 ----RD---- C:\Users
2010-07-06 09:58:20 ----HD---- C:\Windows\system32\GroupPolicyUsers
2010-07-06 09:58:20 ----HD---- C:\Windows\system32\GroupPolicy
2010-07-06 09:17:50 ----D---- C:\Windows\system32\zh-TW
2010-07-06 09:17:50 ----D---- C:\Windows\system32\uk-UA
2010-07-06 09:17:50 ----D---- C:\Windows\system32\tr-TR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\th-TH
2010-07-06 09:17:50 ----D---- C:\Windows\system32\sv-SE
2010-07-06 09:17:50 ----D---- C:\Windows\system32\sr-Latn-CS
2010-07-06 09:17:50 ----D---- C:\Windows\system32\sl-SI
2010-07-06 09:17:50 ----D---- C:\Windows\system32\pt-PT
2010-07-06 09:17:50 ----D---- C:\Windows\system32\pt-BR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\pl-PL
2010-07-06 09:17:50 ----D---- C:\Windows\system32\nl-NL
2010-07-06 09:17:50 ----D---- C:\Windows\system32\lv-LV
2010-07-06 09:17:50 ----D---- C:\Windows\system32\lt-LT
2010-07-06 09:17:50 ----D---- C:\Windows\system32\ko-KR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\it-IT
2010-07-06 09:17:50 ----D---- C:\Windows\system32\hu-HU
2010-07-06 09:17:50 ----D---- C:\Windows\system32\hr-HR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\he-IL
2010-07-06 09:17:50 ----D---- C:\Windows\system32\fr-FR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\fi-FI
2010-07-06 09:17:50 ----D---- C:\Windows\system32\es-ES
2010-07-06 09:17:50 ----D---- C:\Windows\system32\el-GR
2010-07-06 09:17:50 ----D---- C:\Windows\system32\bg-BG
2010-07-06 09:17:49 ----D---- C:\Windows\system32\zh-CN
2010-07-06 09:17:49 ----D---- C:\Windows\system32\sk-SK
2010-07-06 09:17:49 ----D---- C:\Windows\system32\ru-RU
2010-07-06 09:17:49 ----D---- C:\Windows\system32\ro-RO
2010-07-06 09:17:49 ----D---- C:\Windows\system32\nb-NO
2010-07-06 09:17:49 ----D---- C:\Windows\system32\ja-JP
2010-07-06 09:17:49 ----D---- C:\Windows\system32\et-EE
2010-07-06 09:17:49 ----D---- C:\Windows\system32\de-DE
2010-07-06 09:17:49 ----D---- C:\Windows\system32\da-DK
2010-07-06 09:17:49 ----D---- C:\Windows\system32\ar-SA
2010-07-06 09:05:08 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-06 07:20:44 ----A---- C:\Windows\win.ini
2010-07-06 07:20:33 ----D---- C:\Program Files\Common Files\System
2010-07-06 07:06:57 ----D---- C:\Windows\system32\restore
2010-07-06 07:03:27 ----D---- C:\Windows\system32\CodeIntegrity
2010-07-06 06:57:17 ----D---- C:\Program Files\Windows NT
2010-07-06 06:51:52 ----ASH---- C:\Program Files\desktop.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 33848]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-12-13 1161152]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-15 5068800]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-05-24 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-05-24 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-05-24 14208]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-04-09 102784]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-05-24 49664]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-05-24 11264]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-05-24 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-05-24 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-05-24 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-05-24 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-05-24 6016]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-05-24 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-05-24 83328]
S4 ErrDev;Ovladače chybového zařízení hardwaru Microsoft; C:\Windows\system32\drivers\errdev.sys [2008-05-24 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-05-24 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; C:\a-squared Free\a2service.exe [2009-10-01 1858144]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-26 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-15 172032]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-05-24 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 26168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2010-07-06 57752]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-04-20 9216]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
-----------------EOF-----------------
VF1
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: crcdisk.sys
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?