VIRY.CZ

[2010.04.21 19:56:02 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2010.04.21 19:53:29 | 000,165,437 | ---- | C] () -- C:\WINDOWS\hpwins05.dat
[2010.04.21 19:52:44 | 000,016,050 | ---- | C] () -- C:\WINDOWS\hpwscr05.dat
[2010.04.21 19:52:44 | 000,004,785 | ---- | C] () -- C:\WINDOWS\hpwmdl05.dat
[2010.04.21 19:44:50 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.21 19:36:33 | 000,001,690 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AutoCAD 2010 - česky.lnk
[2010.04.21 15:24:02 | 000,013,588 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010.04.21 15:02:32 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\rhorsak\Plocha\QIP infium.lnk
[2010.04.21 15:02:16 | 000,002,521 | ---- | C] () -- C:\Documents and Settings\rhorsak\Plocha\Microsoft Office Outlook 2007.lnk
[2010.04.21 14:53:44 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010.04.21 14:53:37 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010.04.21 14:53:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010.04.21 14:53:37 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010.04.21 14:53:37 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010.04.21 14:53:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010.04.21 14:53:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010.04.21 14:53:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010.04.21 14:53:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010.04.21 14:53:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010.04.21 14:53:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010.04.21 14:53:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010.04.21 14:53:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010.04.21 14:53:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010.04.21 14:53:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010.04.21 14:53:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010.04.21 14:53:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010.04.21 14:53:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010.04.21 14:53:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010.04.21 14:53:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010.04.21 14:53:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010.04.21 14:53:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010.04.21 14:53:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010.04.21 14:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010.04.21 14:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010.04.21 14:53:08 | 000,001,592 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010.04.21 14:52:54 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010.04.21 14:52:54 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010.04.21 14:52:54 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010.04.21 14:52:54 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010.04.21 14:52:54 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010.04.21 14:52:54 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010.04.21 14:52:53 | 002,033,597 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010.04.21 14:52:53 | 001,246,067 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010.04.21 14:52:53 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010.04.21 14:52:53 | 000,631,112 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010.04.21 14:52:53 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010.04.21 14:52:53 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010.04.21 14:52:53 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010.04.21 14:52:53 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010.04.21 14:52:53 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010.04.21 14:52:53 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010.04.21 14:52:53 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010.04.21 14:52:20 | 000,275,760 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.21 14:51:27 | 000,000,223 | RHS- | C] () -- C:\boot.ini
[2010.04.21 14:51:24 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010.04.21 14:13:27 | 000,002,273 | ---- | C] () -- C:\Documents and Settings\rhorsak\Plocha\Google Chrome.lnk
[2010.04.21 14:05:51 | 000,001,034 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1651790719-4201147004-1817147730-1138UA.job
[2010.04.21 14:05:50 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1651790719-4201147004-1817147730-1138Core.job
[2010.04.21 13:46:48 | 000,000,642 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TC UP.lnk
[2010.04.21 13:37:18 | 000,000,470 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2B4E2C57-8533-46BC-BE6D-BD765062400A}.job
[2010.04.21 13:36:15 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\fusioncache.dat
[2010.04.21 13:36:00 | 000,002,464 | ---- | C] () -- C:\WINDOWS\$_hpcst$.hpc
[2010.04.21 13:35:44 | 000,057,422 | ---- | C] () -- C:\WINDOWS\System32\mobileV.acm
[2010.04.21 13:35:43 | 000,002,510 | ---- | C] () -- C:\WINDOWS\Microsoft.MIF
[2010.04.21 13:35:15 | 000,053,248 | -H-- | C] () -- C:\Documents and Settings\rhorsak\ntuser.dat.LOG
[2010.04.21 13:35:15 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\rhorsak\ntuser.ini
[2010.04.21 13:35:14 | 007,864,320 | -H-- | C] () -- C:\Documents and Settings\rhorsak\NTUSER.DAT
[2010.04.21 13:35:14 | 000,007,281 | ---- | C] () -- C:\Documents and Settings\rhorsak\ASPNETSetup.log
[2010.04.21 13:35:07 | 000,009,438 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010.04.21 13:25:13 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.04.21 13:25:06 | 000,006,126 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2010.04.21 13:25:05 | 000,129,112 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.04.21 13:25:03 | 001,114,674 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2010.04.21 13:25:03 | 000,058,560 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2010.04.21 13:25:03 | 000,029,008 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2010.04.21 13:25:03 | 000,000,929 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2010.04.21 13:23:30 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2010.04.21 13:18:40 | 000,000,480 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6CD4EB02-F798-4B09-9389-69E4B92B2FA7}.job
[2010.04.21 13:11:55 | 000,003,632 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2010.04.21 13:10:57 | 000,012,675 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.04.21 13:10:56 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010.04.21 13:10:40 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.04.21 13:08:38 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010.04.21 13:07:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.04.21 13:07:35 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010.04.21 13:07:13 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010.04.21 13:07:13 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010.04.21 13:07:12 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010.04.21 13:06:59 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010.04.21 13:06:59 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010.04.21 13:06:54 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010.04.21 13:06:53 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010.04.21 13:06:51 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010.04.21 13:06:47 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010.04.21 13:06:44 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010.04.21 13:06:41 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010.04.21 13:06:34 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010.04.21 13:06:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010.04.21 13:06:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010.04.21 13:06:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010.04.21 13:06:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010.04.21 13:06:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010.04.21 13:06:31 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010.04.21 13:06:31 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010.04.21 13:06:31 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010.04.21 13:06:29 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010.04.21 13:06:29 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010.04.21 13:06:29 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010.04.21 13:06:29 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010.04.21 13:06:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010.04.21 13:06:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010.04.21 13:06:29 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010.04.21 13:06:28 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010.04.21 13:06:28 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010.04.21 13:06:28 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010.04.21 13:06:28 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010.04.21 13:06:27 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010.04.21 13:06:27 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010.04.21 13:05:34 | 000,896,104 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.04.21 13:04:00 | 000,002,504 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.04.21 13:04:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.04.21 13:04:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.04.21 13:04:00 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010.04.21 13:04:00 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010.04.21 13:03:53 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.04.21 13:03:53 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.04.21 13:03:51 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010.04.21 13:03:02 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010.04.21 13:03:02 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010.04.21 13:02:37 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010.04.21 13:02:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010.04.21 13:02:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010.04.21 13:02:12 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010.04.21 13:01:31 | 000,378,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010.04.21 13:00:54 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
[2010.04.21 13:00:23 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.04.21 12:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2010.04.21 12:59:40 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2010.04.21 12:59:40 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2010.04.21 12:59:40 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2010.04.21 12:59:40 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2010.04.21 12:59:40 | 000,004,640 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.h
[2010.04.21 12:59:40 | 000,003,100 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.h
[2010.04.21 12:59:40 | 000,002,590 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.h
[2010.04.21 12:58:42 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\winrmprov.mof
[2010.04.21 12:58:41 | 000,201,184 | ---- | C] () -- C:\WINDOWS\System32\winrm.vbs
[2010.04.21 12:58:41 | 000,002,426 | ---- | C] () -- C:\WINDOWS\System32\WsmTxt.xsl
[2010.04.21 12:58:41 | 000,001,559 | ---- | C] () -- C:\WINDOWS\System32\WsmPty.xsl
[2010.04.21 12:58:41 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\winrm.cmd
[2010.04.21 12:58:00 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010.04.21 12:57:59 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prérijní vítr.bmp
[2010.04.21 12:57:59 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Omítka Santa Fe.bmp
[2010.04.21 12:57:59 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Řeka Sumida.bmp
[2010.04.21 12:57:59 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Zelený kámen.bmp
[2010.04.21 12:57:59 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2010.04.21 12:57:59 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybách.bmp
[2010.04.21 12:57:59 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Zrnko kávy.bmp
[2010.04.21 12:57:59 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Textura peří.bmp
[2010.04.21 12:57:58 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010.04.21 12:57:58 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Mýdlové bubliny.bmp
[2010.04.21 12:57:58 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010.04.21 12:57:58 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010.04.21 12:57:58 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010.04.21 12:57:58 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010.04.21 12:57:58 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010.04.21 12:57:58 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Modrá krajka 16.bmp
[2010.04.21 12:57:57 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010.04.21 12:57:57 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010.04.21 12:57:54 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010.04.21 12:57:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010.04.21 12:57:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010.04.21 12:57:46 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

========== LOP Check ==========

[2010.04.23 06:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2010.04.22 10:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2010.04.27 08:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.04.26 08:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010.04.22 08:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canon
[2010.04.29 16:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DIALux
[2010.04.21 13:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.04.23 15:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FileOpen
[2010.04.21 13:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radim Horsák\Data aplikací\Windows Desktop Search
[2010.04.23 06:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\ACD Systems
[2010.04.22 10:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Acronis
[2010.04.22 09:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\AIMP
[2010.04.27 10:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Artisteer
[2010.04.27 08:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Ashampoo
[2010.04.26 08:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Autodesk
[2010.04.23 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\FileOpen
[2010.04.23 07:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HateML
[2010.04.21 13:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HEXelon
[2010.04.22 13:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\TeamViewer
[2010.05.04 08:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Thinstall
[2010.04.21 19:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Windows Desktop Search
[2010.05.05 12:31:12 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010.05.05 15:13:07 | 000,000,316 | -HS- | M] () -- C:\WINDOWS\Tasks\LKHLKOTX.job
[2010.05.05 13:39:50 | 000,000,470 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2B4E2C57-8533-46BC-BE6D-BD765062400A}.job
[2010.05.05 19:24:02 | 000,000,480 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{6CD4EB02-F798-4B09-9389-69E4B92B2FA7}.job
[2010.05.05 19:25:00 | 000,000,290 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2010.04.21 14:05:46 | 000,136,176 | ---- | M] (Google Inc.)
"Seznam Postak" = "C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s -- [2010.03.01 14:15:28 | 000,451,224 | ---- | M] ()

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.04.23 06:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\ACD Systems
[2010.04.22 10:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Acronis
[2010.04.28 08:17:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Adobe
[2010.04.23 15:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\AdobeUM
[2010.04.22 09:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\AIMP
[2010.04.27 10:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Artisteer
[2010.04.27 08:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Ashampoo
[2010.04.21 13:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\ATI
[2010.04.26 08:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Autodesk
[2010.04.27 09:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\dvdcss
[2010.04.23 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\FileOpen
[2010.04.23 07:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HateML
[2010.04.21 13:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HEXelon
[2010.04.22 07:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HP
[2010.04.21 13:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Identities
[2010.04.21 13:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\InstallShield
[2010.04.21 14:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Macromedia
[2010.04.22 10:51:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Microsoft
[2010.05.05 10:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Skype
[2010.04.22 09:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Sun
[2010.04.22 13:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\TeamViewer
[2010.05.04 08:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Thinstall
[2010.05.03 14:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\vlc
[2010.04.21 19:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Windows Desktop Search
[2010.04.22 08:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >


< MD5 for: AGP440.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 10:49:40 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2010.01.14 16:59:53 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2010.01.14 17:00:04 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\explorer.exe
[2010.01.14 17:00:04 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.01.14 17:00:11 | 000,134,528 | ---- | M] (Microsoft Corporation) MD5=E33DE9C65B3625BDD00C1313179DA5A5 -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\system32\dllcache\changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\system32\drivers\changer.sys

< MD5 for: ISAPNP.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2010.01.14 17:01:13 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\dllcache\ndis.sys
[2010.01.14 17:01:13 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.01.14 17:01:14 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=6A5A974D868AE2F9AC96DC14F221A5EF -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2010.01.14 17:01:14 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=6A5A974D868AE2F9AC96DC14F221A5EF -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2010.04.22 07:21:45 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2010.01.14 17:01:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2010.01.14 17:01:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.01.14 17:01:53 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=367DE8E5F638C091F49273144274F629 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2010.01.14 17:01:53 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=367DE8E5F638C091F49273144274F629 -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.01.14 17:02:09 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2010.01.14 17:02:09 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 09:06:14 | 000,115,200 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\axaltocms.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >
[2010.05.05 15:13:07 | 000,000,316 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\LKHLKOTX.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2010.04.21 14:51:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.04.21 14:51:26 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.04.21 14:51:26 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 09:06:14 | 000,115,200 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\axaltocms.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.05.05 11:26:19 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\system32\drivers\SBREDrv.sys
[2 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2010.05.05 09:06:14 | 000,115,200 | RHS- | M] () -- C:\WINDOWS\system32\axaltocms.dll
[2010.05.05 14:50:09 | 000,182,784 | ---- | M] () -- C:\WINDOWS\system32\regedit.exe
[2010.05.05 15:13:46 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

Spusťte OTL a do spodního okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, log vložte sem.



Tohle otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\System32\drivers\mspqm.sys.bak
C:\WINDOWS\System32\axaltocms.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

All processes killed
========== OTL ==========
No active process named regedit.exe was found!
Service ose stopped successfully!
Service ose deleted successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\C6501Sound deleted successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk moved successfully.
C:\WINDOWS\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 not found.
File C:\WINDOWS\system32\regedit.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\TaskMan not found.
File C:\RECYCLER\S-1-5-21-2560505497-3135673451-148412697-0683\mgrls32.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RailNotification\ deleted successfully.
C:\WINDOWS\System32\drivers\OLD4E3.tmp deleted successfully.
C:\WINDOWS\System32\drivers\OLD4E6.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\NV34083412.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV34083412.TMP folder deleted successfully.
File C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job not found.
File C:\Documents and Settings\rhorsak\oashdihasidhasuidhiasdhiashdiuasdhasd not found.
File C:\WINDOWS\tasks\LKHLKOTX.job not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:auto_reactivate C:\bootwiz\asrm.bin deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Radim Horsák
->Temp folder emptied: 142852 bytes
->Temporary Internet Files folder emptied: 6406982 bytes

User: rhorsak
->Temp folder emptied: 554637757 bytes
->Temporary Internet Files folder emptied: 11486835 bytes
->Java cache emptied: 12118713 bytes
->Google Chrome cache emptied: 228113496 bytes
->Flash cache emptied: 1154 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33580274 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 807,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Radim Horsák

User: rhorsak
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.4.1 log created on 05062010_141243

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Nevím proč, ale tyhle soubory na disku nemám:
C:\WINDOWS\System32\drivers\mspqm.sys.bak
C:\WINDOWS\System32\axaltocms.dll

Stáhněte a uložte na plochu SystemLook http://jpshortstuff.247fixes.com/SystemLook.exe

• Spusťte, do okénka zkopírujte text z bílého okna.

• klikněte na Look, po dokončení skenu na Vás vyskočí log, zkopírujte ho sem.

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 14:28 on 06/05/2010 by rhorsak (Administrator - Elevation successful)

========== filefind ==========

Searching for "mspqm.sys.bak"
No files found.

Searching for "axaltocms.dll"
No files found.

-=End Of File=-

Jak to vypadá s PC

Teďka jsem restartoval pc a vypadá to že to je čisté. Jak tyhle kouzla děláte? Super, už jsem měl strach že budu formátovat, jsem tu podruhé na tomto fóru a vždycky úspěch, mockrát děkuji!!!!

Kouzla to nejsou.

Poprosím o nový log z RSIT.

Logfile of random's system information tool 1.07 (written by random/random)
Run by rhorsak at 2010-05-06 14:50:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 87 GB (87%) free of 100 GB
Total RAM: 2046 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:33, on 6.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Canon\DIAS\CnxDIAS.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Seznam.cz\postak.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\TC UP\totalcmd.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\rhorsak\Plocha\RSIT.exe
C:\Program Files\trend micro\rhorsak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Služba Plánovač2] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Vytvořit mobilní oblíbenou položku - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ehv-projekt.cz
O17 - HKLM\Software\..\Telephony: DomainName = ehv-projekt.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ehv-projekt.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ehv-projekt.cz
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = ehv-projekt.cz
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Služba Plánovač2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 10069 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1651790719-4201147004-1817147730-1138Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1651790719-4201147004-1817147730-1138UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2B4E2C57-8533-46BC-BE6D-BD765062400A}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{6CD4EB02-F798-4B09-9389-69E4B92B2FA7}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2005-09-24 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-22 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2005-09-24 231160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2005-09-24 483328]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-12-14 4377960]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2009-12-14 962272]
"Acronis Služba Plánovač2"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2009-12-14 377600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-04-21 136176]
"Seznam Postak"=C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Seznam.cz\postak.exe [2010-03-01 451224]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2010-01-14 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2010-01-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-01-14 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoWelcomeScreen"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Documents and Settings\rhorsak\Local Settings\Temp\7zS7C9.tmp\setup\HPZnui01.exe"="C:\Documents and Settings\rhorsak\Local Settings\Temp\7zS7C9.tmp\setup\HPZnui01.exe:*:Enabled:hpznui01.exe"
"C:\Documents and Settings\rhorsak\Local Settings\Temp\7zS7C9.tmp\setup\hponicifs01.exe"="C:\Documents and Settings\rhorsak\Local Settings\Temp\7zS7C9.tmp\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"="C:\Program Files\Canon\DIAS\CnxDIAS.exe:*:Enabled:Canon Driver Information Assist Service"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-05-06 14:49:12 ----D---- C:\Program Files\trend micro
2010-05-06 14:49:11 ----D---- C:\rsit
2010-05-06 14:12:43 ----D---- C:\_OTL
2010-05-06 09:57:44 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\AdobeUM
2010-05-06 09:57:13 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\FileOpen
2010-05-06 09:57:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\FileOpen
2010-05-06 09:57:10 ----A---- C:\WINDOWS\Tempfocomplete.txt
2010-05-06 09:57:08 ----D---- C:\Program Files\FileOpen
2010-05-06 09:42:45 ----D---- C:\Program Files\ViewCompanion Premium
2010-04-22 11:04:28 ----D---- C:\Program Files\Acronis
2010-04-22 10:42:49 ----A---- C:\WINDOWS\system32\auto_reactivate.exe
2010-04-22 10:42:09 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Acronis
2010-04-22 09:57:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Acronis
2010-04-22 09:48:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-04-22 09:47:05 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\vlc
2010-04-22 09:46:37 ----D---- C:\Program Files\VideoLAN
2010-04-22 09:36:50 ----D---- C:\Program Files\Common Files\Adobe
2010-04-22 09:35:53 ----D---- C:\Program Files\Adobe
2010-04-22 09:23:39 ----D---- C:\WINDOWS\system32\appmgmt
2010-04-22 09:16:13 ----D---- C:\Program Files\JDownloader
2010-04-22 09:16:08 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-22 09:16:08 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-22 09:16:08 ----A---- C:\WINDOWS\system32\java.exe
2010-04-22 09:16:08 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-04-22 09:15:53 ----D---- C:\Program Files\Java
2010-04-22 09:13:53 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Sun
2010-04-22 09:07:04 ----D---- C:\Program Files\Common Files\Acronis
2010-04-22 08:41:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canon
2010-04-22 08:40:54 ----A---- C:\WINDOWS\system32\AUCPLMNT.DLL
2010-04-22 08:38:34 ----D---- C:\Program Files\Canon
2010-04-22 08:29:03 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\AIMP
2010-04-22 08:28:20 ----D---- C:\Program Files\AIMP2
2010-04-22 08:14:22 ----A---- C:\WINDOWS\Cmi6501Uninstall.exe
2010-04-22 08:14:20 ----A---- C:\WINDOWS\C6501.ini
2010-04-22 08:14:19 ----A---- C:\WINDOWS\system32\c6501rm.exe
2010-04-22 08:14:19 ----A---- C:\WINDOWS\system32\c6501rm.dll
2010-04-22 08:14:19 ----A---- C:\WINDOWS\system32\c6501p.dll
2010-04-22 08:14:19 ----A---- C:\WINDOWS\system32\c6501a3d.dll
2010-04-22 08:14:17 ----D---- C:\Program Files\C-Media 6501 Sound
2010-04-22 08:05:32 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\WinRAR
2010-04-22 08:05:20 ----D---- C:\Program Files\WinRAR
2010-04-22 07:41:05 ----A---- C:\WINDOWS\hpqEmlSz.INI
2010-04-22 07:24:24 ----N---- C:\WINDOWS\system32\nvuide.exe
2010-04-22 07:24:04 ----A---- C:\WINDOWS\system32\nvusmb.exe
2010-04-22 07:23:01 ----A---- C:\WINDOWS\AS_Debug.txt
2010-04-22 07:16:36 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Skype
2010-04-22 07:16:31 ----RD---- C:\Program Files\Skype
2010-04-22 07:16:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-04-21 20:14:27 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\HP
2010-04-21 20:13:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\HPSSUPPLY
2010-04-21 20:12:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2010-04-21 20:11:43 ----D---- C:\Program Files\Common Files\HP
2010-04-21 20:11:32 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2010-04-21 20:11:31 ----D---- C:\Program Files\Hewlett-Packard
2010-04-21 20:10:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
2010-04-21 20:09:58 ----A---- C:\WINDOWS\system32\hpz3l58a.dll
2010-04-21 20:08:28 ----A---- C:\WINDOWS\system32\hpzids01.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\hpwwiax2.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\hpwtiop2.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\hppldcoi.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\hpovst11.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\difxapi.dll
2010-04-21 20:08:21 ----D---- C:\WINDOWS\carrier
2010-04-21 20:08:13 ----D---- C:\Program Files\HP
2010-04-21 20:07:35 ----HD---- C:\Config.Msi
2010-04-21 19:53:07 ----A---- C:\WINDOWS\hpzshl01.exe
2010-04-21 19:53:03 ----A---- C:\WINDOWS\hpzmsi01.exe
2010-04-21 19:50:11 ----D---- C:\Pošta
2010-04-21 19:45:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2010-04-21 19:37:18 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-04-21 19:35:20 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-04-21 19:35:20 ----D---- C:\Program Files\AutoCAD 2010
2010-04-21 19:35:20 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Autodesk
2010-04-21 19:35:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-04-21 19:33:39 ----D---- C:\WINDOWS\Logs
2010-04-21 15:24:02 ----A---- C:\WINDOWS\system32\wpa.bak
2010-04-21 15:23:56 ----A---- C:\WINDOWS\system32\pidgen.dll.wga
2010-04-21 15:23:56 ----A---- C:\WINDOWS\system32\dpcdll.dll.wga
2010-04-21 14:56:30 ----A---- C:\WINDOWS\system32\h323log.txt
2010-04-21 14:55:12 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-04-21 14:55:02 ----D---- C:\Program Files\QIP Infium
2010-04-21 14:54:27 ----A---- C:\WINDOWS\system32\usbui.dll
2010-04-21 14:53:42 ----A---- C:\WINDOWS\imsins.BAK
2010-04-21 14:53:40 ----SHD---- C:\WINDOWS\Installer
2010-04-21 14:53:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-21 14:53:39 ----D---- C:\Program Files\Common Files\ODBC
2010-04-21 14:53:39 ----A---- C:\WINDOWS\ODBCINST.INI
2010-04-21 14:53:36 ----RD---- C:\Program Files
2010-04-21 14:53:36 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-04-21 14:53:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-21 14:53:36 ----D---- C:\Program Files\Common Files
2010-04-21 14:53:26 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-04-21 14:53:26 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-04-21 14:53:26 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-04-21 14:53:23 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-04-21 14:53:23 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-04-21 14:53:21 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-04-21 14:53:21 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-04-21 14:53:13 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-04-21 14:53:13 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-04-21 14:53:13 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-04-21 14:53:13 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\irclass.dll
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-04-21 14:53:08 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-04-21 14:53:08 ----A---- C:\WINDOWS\system32\batt.dll
2010-04-21 14:53:07 ----A---- C:\WINDOWS\system32\storprop.dll
2010-04-21 14:53:07 ----A---- C:\WINDOWS\NOTEPAD.EXE
2010-04-21 14:53:01 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-04-21 14:52:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 14:52:43 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-21 14:52:38 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-21 14:52:23 ----A---- C:\WINDOWS\setuplog.txt
2010-04-21 14:52:21 ----D---- C:\Documents and Settings
2010-04-21 14:52:20 ----SHD---- C:\System Volume Information
2010-04-21 14:51:34 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-04-21 14:51:27 ----RSH---- C:\boot.ini
2010-04-21 14:48:59 ----SD---- C:\WINDOWS\Offline Web Pages
2010-04-21 14:48:59 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-21 14:48:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-21 14:48:59 ----RSD---- C:\WINDOWS\Fonts
2010-04-21 14:48:59 ----RD---- C:\WINDOWS\Web
2010-04-21 14:48:59 ----HD---- C:\WINDOWS\inf
2010-04-21 14:48:59 ----D---- C:\WINDOWS\WinSxS
2010-04-21 14:48:59 ----D---- C:\WINDOWS\WBEM
2010-04-21 14:48:59 ----D---- C:\WINDOWS\twain_32
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Temp
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\wins
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\wbem
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\usmt
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\spool
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\ShellExt
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\Setup
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\ras
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\oobe
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\npp
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\mui
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\inetsrv
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\IME
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\icsxml
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\ias
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\export
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\drivers
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\dhcp
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\cs
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\config
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\3com_dmi
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\3076
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\2052
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1054
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1042
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1041
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1037
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1033
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1031
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1029
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1028
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1025
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system
2010-04-21 14:48:59 ----D---- C:\WINDOWS\security
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Resources
2010-04-21 14:48:59 ----D---- C:\WINDOWS\repair
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Provisioning
2010-04-21 14:48:59 ----D---- C:\WINDOWS\pchealth
2010-04-21 14:48:59 ----D---- C:\WINDOWS\PeerNet
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Network Diagnostic
2010-04-21 14:48:59 ----D---- C:\WINDOWS\mui
2010-04-21 14:48:59 ----D---- C:\WINDOWS\msapps
2010-04-21 14:48:59 ----D---- C:\WINDOWS\msagent
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Media
2010-04-21 14:48:59 ----D---- C:\WINDOWS\L2Schemas
2010-04-21 14:48:59 ----D---- C:\WINDOWS\java
2010-04-21 14:48:59 ----D---- C:\WINDOWS\ime
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Help
2010-04-21 14:48:59 ----D---- C:\WINDOWS\ehome
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Driver Cache
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Debug
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Cursors
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Connection Wizard
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Config
2010-04-21 14:48:59 ----D---- C:\WINDOWS\AppPatch
2010-04-21 14:48:59 ----D---- C:\WINDOWS\addins
2010-04-21 14:48:59 ----D---- C:\WINDOWS
2010-04-21 14:16:41 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-04-21 14:15:58 ----D---- C:\Program Files\Microsoft Works
2010-04-21 14:15:43 ----D---- C:\Program Files\Microsoft Visual Studio
2010-04-21 14:15:43 ----D---- C:\Program Files\Common Files\DESIGNER
2010-04-21 14:15:26 ----D---- C:\Program Files\Microsoft.NET
2010-04-21 14:13:48 ----D---- C:\WINDOWS\SHELLNEW
2010-04-21 14:13:38 ----D---- C:\Program Files\Microsoft Office
2010-04-21 14:13:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-21 14:13:36 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Macromedia
2010-04-21 14:13:25 ----RHD---- C:\MSOCache
2010-04-21 14:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-21 14:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-21 14:02:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-21 14:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-21 14:01:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-21 14:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-21 14:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-04-21 14:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-04-21 14:01:14 ----D---- C:\WINDOWS\ie8updates
2010-04-21 14:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-04-21 14:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-04-21 14:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-04-21 14:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-04-21 14:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-04-21 14:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-04-21 14:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-04-21 14:00:38 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-21 13:51:31 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-21 13:51:30 ----D---- C:\Program Files\AMD
2010-04-21 13:51:19 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\InstallShield
2010-04-21 13:47:29 ----SHD---- C:\RECYCLER
2010-04-21 13:45:55 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\HEXelon
2010-04-21 13:45:23 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-21 13:45:14 ----D---- C:\Program Files\TC UP
2010-04-21 13:37:32 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Adobe
2010-04-21 13:36:19 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\ATI
2010-04-21 13:36:17 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Windows Desktop Search
2010-04-21 13:35:44 ----D---- C:\Program Files\Microsoft ActiveSync
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\rapi.dll
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\ppcload.dll
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\pmailext.dll
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\MsgStRPC.dll
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\ceutil.dll
2010-04-21 13:35:43 ----A---- C:\WINDOWS\IsUn0405.exe
2010-04-21 13:35:39 ----D---- C:\Program Files\ESET
2010-04-21 13:35:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-04-21 13:35:21 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Identities
2010-04-21 13:35:19 ----D---- C:\Program Files\Microsoft Windows Small Business Server
2010-04-21 13:35:14 ----SD---- C:\Documents and Settings\rhorsak\Data aplikací\Microsoft
2010-04-21 13:35:14 ----ASH---- C:\Documents and Settings\rhorsak\Data aplikací\desktop.ini
2010-04-21 13:35:07 ----D---- C:\WINDOWS\SchCache
2010-04-21 13:35:01 ----SHD---- C:\WINDOWS\CSC
2010-04-21 13:27:44 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-04-21 13:25:13 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2010-04-21 13:25:08 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2010-04-21 13:24:45 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-21 13:20:33 ----D---- C:\Program Files\ATI
2010-04-21 13:20:20 ----D---- C:\Program Files\ATI Technologies
2010-04-21 13:13:26 ----RA---- C:\WINDOWS\system32\a3d.dll
2010-04-21 13:13:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-21 13:11:57 ----N---- C:\WINDOWS\system32\fdco1.dll
2010-04-21 13:11:57 ----A---- C:\WINDOWS\system32\fdco1ins.dll
2010-04-21 13:11:55 ----N---- C:\WINDOWS\system32\nvconrm.dll
2010-04-21 13:11:55 ----N---- C:\WINDOWS\system32\bdco1.dll
2010-04-21 13:11:55 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-04-21 13:11:55 ----A---- C:\WINDOWS\system32\bdco1ins.dll
2010-04-21 13:11:41 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-04-21 13:11:32 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-21 13:10:57 ----A---- C:\WINDOWS\Ascd_tmp.ini
2010-04-21 13:09:36 ----HD---- C:\Program Files\Uninstall Information
2010-04-21 13:08:49 ----SD---- C:\WINDOWS\system32\Microsoft
2010-04-21 13:08:49 ----D---- C:\WINDOWS\Prefetch
2010-04-21 13:08:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-21 13:06:12 ----D---- C:\WINDOWS\system32\xircom
2010-04-21 13:06:12 ----D---- C:\Program Files\xerox
2010-04-21 13:06:12 ----D---- C:\Program Files\microsoft frontpage
2010-04-21 13:05:40 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-04-21 13:05:39 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2010-04-21 13:05:21 ----D---- C:\WINDOWS\system32\XPSViewer
2010-04-21 13:05:21 ----D---- C:\WINDOWS\system32\en-US
2010-04-21 13:05:21 ----D---- C:\Program Files\MSBuild
2010-04-21 13:05:17 ----D---- C:\Program Files\Reference Assemblies
2010-04-21 13:05:12 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-04-21 13:05:10 ----A---- C:\WINDOWS\system32\rgb9rast_2.dll
2010-04-21 13:04:00 ----A---- C:\WINDOWS\control.ini
2010-04-21 13:04:00 ----A---- C:\AUTOEXEC.BAT
2010-04-21 13:03:40 ----A---- C:\WINDOWS\OEWABLog.txt
2010-04-21 13:03:36 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-04-21 13:03:02 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-04-21 13:03:00 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-04-21 13:02:55 ----HD---- C:\Program Files\WindowsUpdate
2010-04-21 13:02:52 ----D---- C:\Program Files\Online Services
2010-04-21 13:02:43 ----D---- C:\Program Files\Windows Media Connect 2
2010-04-21 13:02:29 ----D---- C:\WINDOWS\system32\DirectX
2010-04-21 13:02:21 ----A---- C:\WINDOWS\system32\atrace.dll
2010-04-21 13:02:19 ----A---- C:\WINDOWS\system32\desktop.ini
2010-04-21 13:02:19 ----A---- C:\WINDOWS\desktop.ini
2010-04-21 13:02:12 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-04-21 13:02:10 ----D---- C:\Program Files\Common Files\Services
2010-04-21 13:02:10 ----A---- C:\WINDOWS\system32\acctres.dll
2010-04-21 13:02:07 ----SD---- C:\WINDOWS\Tasks
2010-04-21 13:02:07 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-04-21 13:02:06 ----D---- C:\Program Files\Common Files\MSSoap
2010-04-21 13:01:59 ----D---- C:\WINDOWS\srchasst
2010-04-21 13:01:58 ----D---- C:\WINDOWS\system32\Macromed
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wups.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-04-21 13:01:54 ----D---- C:\WINDOWS\system32\bits
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-04-21 13:01:51 ----D---- C:\Program Files\Movie Maker
2010-04-21 13:01:33 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-04-21 13:01:32 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-04-21 13:01:32 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-04-21 13:01:32 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-04-21 13:01:29 ----A---- C:\WINDOWS\system32\fltMc.exe
2010-04-21 13:01:29 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-04-21 13:01:28 ----D---- C:\WINDOWS\system32\Restore
2010-04-21 13:01:28 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-04-21 13:01:28 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-04-21 13:01:28 ----A---- C:\WINDOWS\system32\srclient.dll
2010-04-21 13:01:28 ----A---- C:\WINDOWS\system32\ils.dll
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\msconf.dll
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-04-21 13:01:24 ----D---- C:\Program Files\NetMeeting
2010-04-21 13:01:24 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-04-21 13:01:24 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-04-21 13:01:23 ----A---- C:\WINDOWS\system32\inetres.dll
2010-04-21 13:01:23 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-04-21 13:01:21 ----D---- C:\Program Files\Outlook Express
2010-04-21 13:01:21 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-04-21 13:01:21 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-04-21 13:01:21 ----A---- C:\WINDOWS\system32\mstask.dll
2010-04-21 13:01:20 ----A---- C:\WINDOWS\system32\isign32.dll
2010-04-21 13:01:20 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-04-21 13:01:20 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-04-21 13:01:20 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-04-21 13:01:15 ----D---- C:\Program Files\Common Files\System
2010-04-21 13:00:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-04-21 13:00:25 ----RSD---- C:\WINDOWS\assembly
2010-04-21 13:00:17 ----D---- C:\Program Files\ComPlus Applications
2010-04-21 13:00:16 ----A---- C:\WINDOWS\vbaddin.ini
2010-04-21 13:00:16 ----A---- C:\WINDOWS\vb.ini
2010-04-21 13:00:12 ----D---- C:\WINDOWS\Registration
2010-04-21 13:00:07 ----D---- C:\Program Files\Windows Media Player
2010-04-21 13:00:02 ----A---- C:\WINDOWS\system32\xpsshhdr.dll
2010-04-21 13:00:02 ----A---- C:\WINDOWS\system32\prntvpt.dll
2010-04-21 13:00:01 ----A---- C:\WINDOWS\system32\xpssvcs.dll
2010-04-21 12:59:54 ----D---- C:\WINDOWS\BitLockerDiscoveryVolumeContents
2010-04-21 12:59:53 ----D---- C:\WINDOWS\system32\DRM
2010-04-21 12:59:51 ----A---- C:\WINDOWS\system32\winUsbCoinstaller.dll
2010-04-21 12:59:51 ----A---- C:\WINDOWS\system32\WgaTray.exe
2010-04-21 12:59:51 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2010-04-21 12:59:51 ----A---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2010-04-21 12:59:50 ----A---- C:\WINDOWS\system32\WUDFUpdate_01007.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\UncNE.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\UncDMS.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\UncCplExt.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\imapi2.dll
2010-04-21 12:59:48 ----A---- C:\WINDOWS\system32\UncRes.dll
2010-04-21 12:59:48 ----A---- C:\WINDOWS\system32\UncPH.dll
2010-04-21 12:59:48 ----A---- C:\WINDOWS\system32\oephRes.dll
2010-04-21 12:59:48 ----A---- C:\WINDOWS\system32\oeph.dll
2010-04-21 12:59:43 ----D---- C:\Program Files\Windows Desktop Search
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\tquery.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\srchadmin.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\propsys.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\mssrch.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\mssphtb.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\mssph.dll.mui
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\xmlfilter.dll
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\srchadmin.dll
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\searchindexer.exe.mui
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\rtffilt.dll
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\propsys.dll
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\msshsq.dll
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\msshooks.dll
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\idxcntrs.ini
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\gthrctr.ini
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\gsrvctr.ini
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\tquery.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\propdefs.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\msstrc.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\mssrch.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\mssprxy.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\msscb.dll
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\searchprotocolhost.exe
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\searchindexer.exe
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\searchfilterhost.exe
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\mssphtb.dll
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\mssph.dll
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\mssitlb.dll
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\msscntrs.dll
2010-04-21 12:59:37 ----A---- C:\WINDOWS\system32\msxml4r.dll
2010-04-21 12:59:37 ----A---- C:\WINDOWS\system32\msxml4.dll
2010-04-21 12:59:36 ----D---- C:\Program Files\MSXML 4.0

2010-04-21 12:59:29 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-04-21 12:59:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-04-21 12:59:29 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-04-21 12:59:24 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-04-21 12:59:23 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-04-21 12:59:23 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-04-21 12:59:22 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-04-21 12:59:22 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-04-21 12:59:21 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-04-21 12:59:21 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-04-21 12:59:20 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-04-21 12:59:20 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-04-21 12:59:19 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-04-21 12:59:19 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-04-21 12:59:19 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-04-21 12:59:18 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-04-21 12:59:18 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-04-21 12:59:18 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-04-21 12:59:17 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-04-21 12:59:17 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-04-21 12:59:15 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-04-21 12:59:15 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-04-21 12:59:15 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-04-21 12:59:13 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-04-21 12:59:13 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-04-21 12:59:12 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-04-21 12:59:12 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-04-21 12:59:11 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-04-21 12:59:11 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-04-21 12:59:11 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-04-21 12:59:10 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-04-21 12:59:10 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-04-21 12:59:10 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-04-21 12:59:10 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-04-21 12:59:01 ----D---- C:\WINDOWS\SoftwareDistribution
2010-04-21 12:59:01 ----D---- C:\Program Files\Microsoft Silverlight
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\muweb.dll
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\MicrosoftUpdateCatalogWebControl.dll
2010-04-21 12:59:00 ----D---- C:\WINDOWS\system32\PreInstall
2010-04-21 12:58:57 ----A---- C:\WINDOWS\system32\pwrshplugin.dll
2010-04-21 12:58:44 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-04-21 12:58:43 ----D---- C:\WINDOWS\system32\winrm
2010-04-21 12:58:43 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-04-21 12:58:43 ----A---- C:\WINDOWS\system32\wevtfwd.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\wsmanhttpconfig.exe
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrssrv.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrsmgr.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrshost.exe
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrscmd.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrs.exe
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrmprov.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\WsmRes.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\winrm.vbs
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\winrm.cmd
2010-04-21 12:58:33 ----A---- C:\WINDOWS\system32\netfxperf.dll
2010-04-21 12:58:31 ----D---- C:\Program Files\Internet Explorer
2010-04-21 12:58:23 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-21 12:58:20 ----D---- C:\Program Files\Messenger
2010-04-21 12:58:16 ----D---- C:\Program Files\MSN Gaming Zone
2010-04-21 12:58:16 ----A---- C:\WINDOWS\system32\write.exe
2010-04-21 12:58:06 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-04-21 12:58:06 ----A---- C:\WINDOWS\system32\hticons.dll
2010-04-21 12:58:05 ----A---- C:\WINDOWS\system32\winchat.exe
2010-04-21 12:58:05 ----A---- C:\WINDOWS\system32\avwav.dll
2010-04-21 12:58:05 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-04-21 12:58:05 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-04-21 12:57:58 ----A---- C:\WINDOWS\system32\getuname.dll
2010-04-21 12:57:57 ----A---- C:\WINDOWS\system32\sol.exe
2010-04-21 12:57:57 ----A---- C:\WINDOWS\system32\charmap.exe
2010-04-21 12:57:57 ----A---- C:\WINDOWS\system32\calc.exe
2010-04-21 12:57:56 ----A---- C:\WINDOWS\system32\winmine.exe
2010-04-21 12:57:56 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-04-21 12:57:56 ----A---- C:\WINDOWS\system32\freecell.exe
2010-04-21 12:57:55 ----A---- C:\WINDOWS\system32\winlogonnotification.dll
2010-04-21 12:57:55 ----A---- C:\WINDOWS\system32\tspubwmi.dll
2010-04-21 12:57:55 ----A---- C:\WINDOWS\system32\rdpshell.exe
2010-04-21 12:57:55 ----A---- C:\WINDOWS\system32\rdpinit.exe
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\wksprtps.dll
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\wksprt.exe
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\tswbprxy.exe
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\reset.exe
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\MsRdpWebAccess.dll
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tskill.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tscon.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\shadow.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\regini.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\msg.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\logoff.exe
2010-04-21 12:57:52 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-04-21 12:57:52 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-04-21 12:57:46 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-04-21 12:57:45 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-04-21 12:57:45 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-04-21 12:57:45 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-04-21 12:57:45 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-04-21 12:57:44 ----D---- C:\Program Files\Windows NT
2010-04-21 12:57:44 ----A---- C:\WINDOWS\system32\spider.exe
2010-04-21 12:57:44 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-04-21 12:57:44 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-04-21 12:57:43 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-04-21 12:57:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-04-21 12:57:42 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-04-21 12:57:42 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-04-21 12:57:42 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-04-21 12:57:40 ----D---- C:\WINDOWS\system32\MsDtc
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-04-21 12:57:39 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-04-21 12:57:39 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-04-21 12:57:39 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-04-21 12:57:39 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-04-21 12:57:38 ----D---- C:\WINDOWS\system32\Com
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\colbact.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\stclient.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-04-21 12:57:36 ----A---- C:\WINDOWS\system32\comuid.dll
2010-04-21 12:57:36 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-04-21 12:57:36 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-04-21 12:57:36 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-04-21 12:57:30 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-04-21 12:57:30 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-04-21 12:57:30 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-04-21 12:57:29 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-04-22 07:21:45 ----A---- C:\WINDOWS\system32\NVCOI.DLL
2010-04-22 07:21:44 ----A---- C:\WINDOWS\system32\idecoins.dll
2010-04-22 07:21:44 ----A---- C:\WINDOWS\system32\idecoi.dll
2010-04-21 20:14:04 ----A---- C:\WINDOWS\win.ini
2010-04-21 14:53:35 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-01-14 62848]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2010-01-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
R3 c65013264;C-Media CM6501 Like Sound UDAX Interface; C:\WINDOWS\system32\drivers\c6501.sys [2007-01-25 1305600]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2010-01-14 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2010-01-14 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-04-22 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-04-22 13056]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2008-05-30 7296]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2010-01-14 32384]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2010-01-14 30464]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2010-01-14 17152]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2010-01-14 9472]
S3 cm102u32;C-Media CM6501 Like Sound Interface; C:\WINDOWS\system32\drivers\c6501.sys [2007-01-25 1305600]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-01-14 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-01-14 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2010-01-14 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Služba Plánovač2; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2009-12-14 619296]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2008-07-29 3405672]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-22 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2010-01-14 14848]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2010-01-14 14848]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2010-01-14 439808]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-07 520192]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-04-21 651720]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-01-14 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

• Spusťte.
• Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

• Spusťte.
• Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

• Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
  
  Záložka Čistič
• Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
  
  Záložka Registry
• Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
  OK Zavřít

V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

2x restart, pročištěnbo ccleanerem. Firewall mám akorát windowsácký (takže to je skoro žádný) Máme v práci linuxový pc (firewall) za ním je WServer2003 a teprve počétače. Nainstaluji si Comodo ten se mě zdá docela fajn.

OK

Je to vše? Myslím že to ok, jestli je to vše tak moc děkuji a určitě doporučím ostatním příjemnou zkušenost s tímto fórem. (Nemusí všichni všechno řešit formátem )