VIRY.CZ

Složka Dc33 vznikla v koši "tvrdým" smazáním složky Qoobox (která byla vytvořena Combofixem) Unlockerem. Nelze ji trvale odstranit ani obnovit, ani Unlockerem. Složka se tváří, že je prázdná.

Vyskakování oken pokračuje, popřípadě vyskakování blokovacích zpráv od Avastu (jeli zapnutý síťový štít).

Je to stejné u prohlížeče Mozzila Firefox i Internet Explorer. Pouze se mění hlášení o blokaci
Proces: C:\Program Files\Mozzila Firefox\firefox.exe
Proces: C:\Program Files\Internet Explorer\explore.exe

Objekt je u obou případů nesmyslná řada čísel a písmen (nicméně stále stejná)

Nouzový režim NELZE SPUSTIT

Pokud jste měl na mysli složku Dc34, hledal jsem ji pomocí vyhledávače, ale bez výsledků.

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Ještě jednou se omlouvám, nepovolené použití Combofixu se už nebude opakovat.

Zde vyslédný log:

ComboFix 13-02-07.02 - Libor 08.02.2013 7:40.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1936.1458 [GMT 1:00]
Spuštěný z: c:\documents and settings\Libor\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-08 do 2013-02-08 )))))))))))))))))))))))))))))))
.
.
2013-02-04 18:56 . 2013-02-04 18:56 -------- d-----w- C:\_OTM
2013-02-02 05:23 . 2013-02-02 05:23 -------- d-----w- C:\rsit
2013-01-22 19:23 . 2013-02-07 20:20 -------- d-----w- C:\Hry
2013-01-22 19:23 . 2013-02-01 22:47 -------- d-----w- C:\Programy
2013-01-22 17:02 . 2013-02-07 20:07 -------- d-----r- C:\Program Files
2013-01-22 17:01 . 2013-01-22 16:35 -------- d-----w- C:\Documents and Settings
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 05:40 . 2008-04-13 22:10 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2012-12-16 12:23 . 2008-04-14 06:37 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 11:55 . 2008-04-14 05:45 1866368 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 05:06 . 2013-02-02 05:19 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-10-31 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-09-07 16:14 152160 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-24 143128]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-24 181528]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-24 169752]
"RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Libor\Nabídka Start\Programy\Po spuštění\
ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A]
.
c:\documents and settings\Libor\Nabídka Start\Programy\Po spuštění\
ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A]
.
c:\documents and settings\Libor\Nabídka Start\Programy\Po spuštění\
ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A]
.
c:\documents and settings\Libor\Nabídka Start\Programy\Po spuštění\
ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programy\\uTorrent.exe"=
.
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [22.1.2013 17:49 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.2.2013 5:16 340048]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.2.2013 5:16 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.2.2013 5:16 17744]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [8.12.2011 16:32 423136]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [22.1.2013 17:49 161560]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [22.1.2013 17:49 363800]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [22.1.2013 20:29 242240]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [22.1.2013 17:49 46080]
R4 RegFilter;RegFilter;\??\c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys --> c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [?]
R4 UrlFilter;UrlFilter;\??\c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys --> c:\program files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [22.1.2013 17:47 1691480]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - REGFILTER
*NewlyCreated* - URLFILTER
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 89.235.30.10
FF - ProfilePath - c:\documents and settings\Libor\Data aplikací\Mozilla\Firefox\Profiles\cs17gxmd.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF - ExtSQL: 2013-01-23 03:08; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-02-02 03:13; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Libor\Data aplikacĂÂ\Mozilla\Firefox\Profiles\cs17gxmd.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-02-07 20:49; wtxpcom@mybrowserbar.com; c:\program files\Common Files\Spigot\wtxpcom\
FF - ExtSQL: 2013-02-07 20:49; iobitapps@mybrowserbar.com; c:\program files\IObit Apps Toolbar\FF\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe
AddRemove-čeština do hry T34 versus TIGER - c:\hry\T34vsTiger\Uninstal.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST380819AS rev.3.02 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST380819AS______________________________3.02____#5&68882c2&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x89AAB6EC
user & kernel MBR OK
sectors 156301486 (+177): user != kernel
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1796)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2013-02-08 07:48:26
ComboFix-quarantined-files.txt 2013-02-08 06:48
.
Před spuštěním: Volných bajtů: 30 814 597 120
Po spuštění: Volných bajtů: 30 789 320 704
.
- - End Of File - - 3AF20213080BF74B6A118A6A88291DAF

Najdete tento soubor c:\windows\system32\sfcfiles.dll a otestujte ho na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

Firefox::
FF - ProfilePath - c:\documents and settings\Libor\Data aplikací\Mozilla\Firefox\Profiles\cs17gxmd.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =198484&p=
FF - ExtSQL: 2013-02-07 20:49; wtxpcom@mybrowserbar.com; c:\program files\Common Files\Spigot\wtxpcom\
FF - ExtSQL: 2013-02-07 20:49; iobitapps@mybrowserbar.com; c:\program files\IObit Apps Toolbar\FF\

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Soubor sfcfiles.dll neměl žádný nález na "virustolal", ani na "jotti".

Zde výsledný log od Combofixu:

ComboFix 13-02-07.02 - Libor 08.02.2013 20:35:34.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1936.1523 [GMT 1:00]
Spuštěný z: c:\documents and settings\Libor\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Libor\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-08 do 2013-02-08 )))))))))))))))))))))))))))))))
.
.
2013-02-04 18:56 . 2013-02-04 18:56 -------- d-----w- C:\_OTM
2013-02-02 05:23 . 2013-02-02 05:23 -------- d-----w- C:\rsit
2013-01-22 19:23 . 2013-02-07 20:20 -------- d-----w- C:\Hry
2013-01-22 19:23 . 2013-02-01 22:47 -------- d-----w- C:\Programy
2013-01-22 17:02 . 2013-02-07 20:07 -------- d-----r- C:\Program Files
2013-01-22 17:01 . 2013-01-22 16:35 -------- d-----w- C:\Documents and Settings
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 05:40 . 2008-04-13 22:10 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2012-12-16 12:23 . 2008-04-14 06:37 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 11:55 . 2008-04-14 05:45 1866368 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 05:06 . 2013-02-02 05:19 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-10-31 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-09-07 16:14 152160 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-24 143128]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-24 181528]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-24 169752]
"RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Libor\Nabídka Start\Programy\Po spuštění\
ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A]
.
c:\documents and settings\Libor\Nabídka Start\Programy\Po spuštění\
ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A]
.
c:\documents and settings\Libor\Nabídka Start\Programy\Po spuštění\
ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A]
.
c:\documents and settings\Libor\Nabídka Start\Programy\Po spuštění\
ubisoft register.lnk - c:\program files\Ubi Soft\Register\schedule.exe [N/A]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programy\\uTorrent.exe"=
.
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [22.1.2013 17:49 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.2.2013 5:16 340048]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.2.2013 5:16 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.2.2013 5:16 17744]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [8.12.2011 16:32 423136]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [22.1.2013 17:49 161560]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [22.1.2013 17:49 363800]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [22.1.2013 20:29 242240]
R3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [22.1.2013 17:49 46080]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [22.1.2013 17:47 1691480]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 89.235.30.10
FF - ProfilePath - c:\documents and settings\Libor\Data aplikací\Mozilla\Firefox\Profiles\cs17gxmd.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - ExtSQL: 2013-01-23 03:08; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-02-02 03:13; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Libor\Data aplikacĂÂ\Mozilla\Firefox\Profiles\cs17gxmd.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-02-07 20:49; wtxpcom@mybrowserbar.com; c:\program files\Common Files\Spigot\wtxpcom\
FF - ExtSQL: 2013-02-07 20:49; iobitapps@mybrowserbar.com; c:\program files\IObit Apps Toolbar\FF\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-08 20:42
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST380819AS rev.3.02 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x89AA5841]<<
_asm { PUSH EBP; MOV EBP, ESP; MOV ECX, [0xffdf0308]; MOV EAX, [EBP+0x8]; SUB ESP, 0x14; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; CMP EAX, [ECX+0x4]; JNZ 0x6d; XOR EDI, EDI; }
1 ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Harddisk0\DR0[0x89B23AB8]
3 CLASSPNP[0xB98E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\00000069[0x89B3C318]
5 ACPI[0xB977F620] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> [0x89B37940]
[0x89B32498] -> IRP_MJ_CREATE -> 0x89AA5841
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST380819AS______________________________3.02____#5&68882c2&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x89AA56EC
user & kernel MBR OK
sectors 156301486 (+185): user != kernel
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3572)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2013-02-08 20:45:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-08 19:45
ComboFix2.txt 2013-02-08 06:48
.
Před spuštěním: Volných bajtů: 47 256 072 192
Po spuštění: Volných bajtů: 47 352 582 144
.
- - End Of File - - 7D54AE3DE1E8E812BE6DB556AFC063CC

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL.Txt (1. část):

OTL logfile created on: 8.2.2013 21:02:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Libor\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,89 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 80,43% Memory free
3,74 Gb Paging File | 3,52 Gb Available in Paging File | 94,19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 44,12 Gb Free Space | 59,21% Space Free | Partition Type: NTFS

Computer Name: LIBOR-PC | User Name: Libor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.02.08 21:01:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\OTL.exe
PRC - [2011.12.16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011.12.08 16:32:50 | 000,423,136 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013.02.08 07:52:47 | 002,051,584 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\13020800\algo.dll
MOD - [2012.07.01 20:34:04 | 000,344,064 | ---- | M] () -- C:\Programy\rarlng.dll
MOD - [2011.12.16 10:39:00 | 001,198,872 | ---- | M] () -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
MOD - [2010.09.07 17:13:40 | 000,142,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2011.12.16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011.12.08 16:32:50 | 000,423,136 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\AppleChargerSrv.exe -- (AppleChargerSrv)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Libor\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013.01.22 22:38:38 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.01.17 12:19:14 | 007,081,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.12.08 07:09:16 | 000,327,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2011.11.10 00:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (MEI)
DRV - [2011.01.10 18:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010.09.07 16:53:58 | 000,340,048 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.11.18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\..\SearchScopes,DefaultScope = {396281CE-6973-4971-9ED6-B376D8922349}
IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\..\SearchScopes\{396281CE-6973-4971-9ED6-B376D8922349}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.3.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Programy\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programy\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.02 06:19:03 | 000,000,000 | ---D | M]

[2013.02.02 03:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Libor\Data aplikací\Mozilla\Extensions
[2013.02.07 21:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Libor\Data aplikací\Mozilla\Firefox\Profiles\cs17gxmd.default\extensions
[2013.02.03 05:19:48 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Documents and Settings\Libor\Data aplikací\Mozilla\Firefox\Profiles\cs17gxmd.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.02.02 06:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.02.02 06:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2013.02.02 06:19:02 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIBOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\CS17GXMD.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
[2011.12.17 06:06:17 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.17 03:57:21 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.17 03:57:21 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.17 03:57:21 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.17 03:57:21 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.17 03:57:21 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2013.02.08 20:42:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\Libor\Nabídka Start\Programy\Po spuštění\ubisoft register.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.235.30.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFB3C9C7-F8FE-4C89-B7E1-BE14896650F2}: DhcpNameServer = 89.235.30.10
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Libor\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Libor\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.02.08 21:01:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\OTL.exe
[2013.02.08 20:45:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.02.08 07:38:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.02.08 07:38:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.02.08 07:38:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.02.08 07:38:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.02.08 07:37:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.08 07:37:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.02.08 07:36:49 | 005,030,592 | R--- | C] (Swearware) -- C:\Documents and Settings\Libor\Plocha\ComboFix.exe
[2013.02.07 21:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\Apple Computer
[2013.02.07 20:49:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.02.07 20:49:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.02.07 20:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\IObit
[2013.02.07 20:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013.02.06 08:12:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Dokumenty\Mount&Blade With Fire and Sword
[2013.02.06 08:09:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Mount&Blade With Fire and Sword
[2013.02.06 03:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\Mount&Blade With Fire and Sword
[2013.02.04 19:56:15 | 000,000,000 | ---D | C] -- C:\_OTM
[2013.02.04 19:55:04 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\OTM.exe
[2013.02.02 22:43:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Plocha\RK_Quarantine
[2013.02.02 08:06:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Nabídka Start\Programy\čeština do hry T34 versus TIGER
[2013.02.02 07:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Lighthouse Interactive
[2013.02.02 06:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.02.02 06:23:15 | 000,000,000 | ---D | C] -- C:\rsit
[2013.02.02 05:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\Malwarebytes
[2013.02.02 05:56:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.02.02 05:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.02.02 04:53:48 | 000,000,000 | ---D | C] -- C:\RECYCLER
[2013.02.02 03:37:48 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.02.02 03:35:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Nástroje pro správu
[2013.02.02 03:35:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Dokumenty\Filmy
[2013.02.02 03:13:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\Mozilla
[2013.02.02 03:13:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.02 02:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2013.02.02 02:08:09 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2013.02.02 02:08:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2013.02.02 02:08:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2013.02.02 02:08:08 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2013.02.02 02:08:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2013.02.02 02:08:08 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2013.02.02 02:08:06 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2013.02.02 02:08:06 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2013.02.02 02:08:06 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2013.02.01 23:05:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2013.02.01 23:05:16 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2013.02.01 23:05:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2013.02.01 23:05:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2013.02.01 23:05:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2013.02.01 23:05:15 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2013.02.01 23:05:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2013.02.01 23:05:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2013.02.01 23:05:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2013.02.01 23:05:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2013.02.01 23:05:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2013.02.01 23:05:13 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2013.02.01 23:05:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2013.02.01 23:05:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2013.02.01 23:05:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2013.02.01 23:05:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2013.02.01 23:05:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2013.02.01 23:05:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2013.02.01 23:05:11 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2013.02.01 23:05:10 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2013.02.01 23:05:10 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2013.02.01 23:05:09 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2013.02.01 23:05:08 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2013.02.01 23:05:07 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2013.02.01 23:05:07 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2013.02.01 23:05:07 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2013.02.01 23:05:06 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2013.02.01 23:05:06 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2013.02.01 23:05:06 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2013.02.01 23:05:06 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2013.02.01 23:05:06 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2013.02.01 23:05:05 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013.02.01 23:05:05 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013.02.01 23:05:05 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013.02.01 23:04:57 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2013.02.01 23:04:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013.02.01 23:04:56 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013.02.01 23:04:56 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013.02.01 23:04:56 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013.02.01 23:04:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2013.02.01 23:04:55 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013.02.01 23:04:54 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013.02.01 23:04:54 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013.02.01 23:04:52 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013.02.01 05:16:09 | 000,340,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.02.01 05:16:09 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.02.01 05:16:09 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.02.01 05:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Pro Antivirus
[2013.02.01 05:16:08 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.02.01 05:16:08 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.02.01 05:16:07 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2013.02.01 05:16:07 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2013.02.01 05:16:07 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2013.02.01 05:15:51 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.02.01 05:15:51 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.02.01 04:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2013.02.01 04:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2013.02.01 03:19:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013.01.31 21:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabdka Start
[2013.01.31 21:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013.01.30 11:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Dokumenty\WBGames
[2013.01.30 11:22:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2013.01.30 11:22:59 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2013.01.30 11:22:59 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2013.01.30 11:22:59 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2013.01.30 11:22:58 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2013.01.30 11:22:58 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2013.01.30 11:22:58 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2013.01.30 11:22:58 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2013.01.30 11:22:55 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2013.01.30 00:57:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Ubi Soft
[2013.01.30 00:00:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Libor\PrivacIE
[2013.01.29 23:07:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
[2013.01.29 22:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\Adobe
[2013.01.29 22:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.01.29 21:25:52 | 001,077,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2013.01.29 21:25:52 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll
[2013.01.29 21:25:52 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2013.01.29 21:25:51 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2013.01.29 21:25:51 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2013.01.29 20:58:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\MediaHuman
[2013.01.28 22:43:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Dokumenty\Downloads
[2013.01.28 22:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\uTorrent
[2013.01.28 16:07:46 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Comdlg32.ocx
[2013.01.28 16:07:46 | 000,115,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2013.01.28 16:07:46 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2013.01.28 16:07:46 | 000,026,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlinst.exe
[2013.01.28 16:07:46 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2013.01.28 06:06:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\vlc
[2013.01.28 05:50:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2013.01.24 18:22:59 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2013.01.23 03:30:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Libor\IETldCache
[2013.01.23 03:25:04 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.01.23 03:24:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013.01.23 03:24:13 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013.01.23 03:24:13 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013.01.23 03:24:13 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.01.23 03:24:13 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.01.23 03:24:13 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.01.23 03:24:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013.01.23 03:23:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013.01.23 03:15:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2013.01.23 00:53:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Dokumenty\Mount&Blade Warband Savegames
[2013.01.23 00:52:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Dokumenty\Mount&Blade Warband
[2013.01.23 00:44:31 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2013.01.22 22:40:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\Mount&Blade Warband
[2013.01.22 22:40:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Mount&Blade Warband
[2013.01.22 22:39:54 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2013.01.22 22:39:54 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2013.01.22 22:39:53 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2013.01.22 22:39:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2013.01.22 21:14:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\Adobe
[2013.01.22 21:13:34 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.01.22 21:13:34 | 000,074,248 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.01.22 21:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Adobe
[2013.01.22 20:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\TuneUp Software
[2013.01.22 20:31:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2013.01.22 20:31:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.01.22 20:31:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.01.22 20:29:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Nabídka Start\Programy\WinRAR
[2013.01.22 20:29:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\WinRAR
[2013.01.22 20:29:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2013.01.22 20:29:28 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2013.01.22 20:29:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\DAEMON Tools Lite
[2013.01.22 20:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.01.22 20:23:17 | 000,000,000 | ---D | C] -- C:\Hry
[2013.01.22 20:23:10 | 000,000,000 | ---D | C] -- C:\Programy
[2013.01.22 20:22:45 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2013.01.22 20:20:44 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2013.01.22 20:19:33 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013.01.22 20:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Dokumenty\Stažené soubory
[2013.01.22 20:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\Mozilla
[2013.01.22 20:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\Macromedia
[2013.01.22 18:13:56 | 002,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013.01.22 18:13:56 | 002,150,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013.01.22 18:13:56 | 002,071,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013.01.22 18:13:56 | 002,029,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013.01.22 18:07:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013.01.22 18:07:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013.01.22 18:03:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2013.01.22 18:02:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2013.01.22 18:02:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2013.01.22 18:02:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2013.01.22 18:02:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2013.01.22 18:02:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2013.01.22 18:02:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2013.01.22 18:02:13 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2013.01.22 18:02:12 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2013.01.22 18:02:12 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2013.01.22 18:02:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2013.01.22 18:02:12 | 000,000,000 | R--D | C] -- C:\Program Files
[2013.01.22 18:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2013.01.22 18:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2013.01.22 18:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2013.01.22 18:02:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2013.01.22 18:02:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2013.01.22 18:02:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2013.01.22 18:02:08 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2013.01.22 18:02:08 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2013.01.22 18:02:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2013.01.22 18:02:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2013.01.22 18:02:08 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2013.01.22 18:02:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2013.01.22 18:02:06 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2013.01.22 18:02:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2013.01.22 18:02:05 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2013.01.22 18:02:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2013.01.22 18:02:05 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2013.01.22 18:02:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2013.01.22 18:02:05 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2013.01.22 18:02:05 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2013.01.22 18:02:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2013.01.22 18:02:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2013.01.22 18:02:05 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2013.01.22 18:02:05 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2013.01.22 18:02:05 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2013.01.22 18:02:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2013.01.22 18:02:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2013.01.22 18:02:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2013.01.22 18:02:04 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2013.01.22 18:02:04 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2013.01.22 18:02:04 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2013.01.22 18:02:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2013.01.22 18:02:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2013.01.22 18:02:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2013.01.22 18:02:04 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2013.01.22 18:02:04 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2013.01.22 18:02:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2013.01.22 18:02:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2013.01.22 18:02:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2013.01.22 18:02:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2013.01.22 18:02:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2013.01.22 18:02:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2013.01.22 18:02:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2013.01.22 18:02:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2013.01.22 18:02:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2013.01.22 18:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2013.01.22 18:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2013.01.22 18:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2013.01.22 18:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2013.01.22 18:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2013.01.22 18:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2013.01.22 18:02:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2013.01.22 18:02:01 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2013.01.22 18:02:01 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2013.01.22 18:02:01 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2013.01.22 18:02:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2013.01.22 18:02:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2013.01.22 18:02:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2013.01.22 18:02:00 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2013.01.22 18:02:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2013.01.22 18:02:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2013.01.22 18:01:59 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2013.01.22 18:01:59 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013.01.22 18:01:59 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013.01.22 18:01:59 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2013.01.22 18:01:59 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2013.01.22 18:01:59 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013.01.22 18:01:59 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013.01.22 18:01:59 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013.01.22 18:01:59 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013.01.22 18:01:59 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013.01.22 18:01:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013.01.22 18:01:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013.01.22 18:01:59 | 000,009,291 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013.01.22 18:01:59 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013.01.22 18:01:59 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013.01.22 18:01:58 | 000,127,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013.01.22 18:01:58 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013.01.22 18:01:58 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013.01.22 18:01:58 | 000,073,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013.01.22 18:01:58 | 000,070,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013.01.22 18:01:58 | 000,033,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013.01.22 18:01:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013.01.22 18:01:58 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013.01.22 18:01:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013.01.22 18:01:58 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013.01.22 18:01:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013.01.22 18:01:58 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013.01.22 18:01:58 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013.01.22 18:01:58 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013.01.22 18:01:58 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013.01.22 18:01:58 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013.01.22 18:01:57 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2013.01.22 18:01:57 | 000,069,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2013.01.22 18:01:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013.01.22 18:01:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2013.01.22 18:01:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2013.01.22 18:01:57 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2013.01.22 18:01:57 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013.01.22 18:01:56 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2013.01.22 18:01:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
[2013.01.22 18:01:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start
[2013.01.22 18:01:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2013.01.22 18:01:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Šablony
[2013.01.22 18:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Plocha
[2013.01.22 18:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Oblíbené položky
[2013.01.22 18:01:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013.01.22 18:01:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013.01.22 18:01:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft
[2013.01.22 18:01:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Data aplikací
[2013.01.22 18:01:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.01.22 18:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013.01.22 17:57:43 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013.01.22 17:57:43 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013.01.22 17:57:43 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013.01.22 17:57:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1029
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013.01.22 17:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2013.01.22 17:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent
[2013.01.22 17:49:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013.01.22 17:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2013.01.22 17:49:09 | 000,046,080 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\HECI.sys
[2013.01.22 17:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Intel
[2013.01.22 17:48:58 | 000,327,400 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2013.01.22 17:48:54 | 000,080,488 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\RtNicProp32.dll
[2013.01.22 17:48:52 | 000,102,416 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\RTNUninst32.dll
[2013.01.22 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\InstallShield
[2013.01.22 17:48:41 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2013.01.22 17:48:40 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2013.01.22 17:48:39 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2013.01.22 17:48:38 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2013.01.22 17:48:37 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2013.01.22 17:48:34 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2013.01.22 17:48:34 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2013.01.22 17:48:32 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2013.01.22 17:48:31 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2013.01.22 17:48:30 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2013.01.22 17:48:29 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2013.01.22 17:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2013.01.22 17:48:00 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013.01.22 17:48:00 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2013.01.22 17:48:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2013.01.22 17:48:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2013.01.22 17:47:59 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2013.01.22 17:47:59 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2013.01.22 17:47:59 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013.01.22 17:47:59 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2013.01.22 17:47:53 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2013.01.22 17:47:53 | 000,084,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2013.01.22 17:47:52 | 001,493,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2013.01.22 17:47:51 | 007,081,064 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2013.01.22 17:47:50 | 000,891,496 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.CPL
[2013.01.22 17:47:50 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2013.01.22 17:47:50 | 000,064,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstIIXP.dll
[2013.01.22 17:47:50 | 000,011,368 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoLDRXP.dll
[2013.01.22 17:47:48 | 009,721,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE
[2013.01.22 17:47:42 | 002,180,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2013.01.22 17:47:42 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2013.01.22 17:47:37 | 000,064,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
[2013.01.22 17:47:36 | 002,815,592 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2013.01.22 17:47:35 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2013.01.22 17:47:35 | 000,285,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2013.01.22 17:47:35 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

OTL.Txt (2. část)

[2013.01.22 17:47:34 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013.01.22 17:47:29 | 001,698,408 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2013.01.22 17:47:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013.01.22 17:47:22 | 000,319,456 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2013.01.22 17:47:13 | 000,081,920 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5398.dll
[2013.01.22 17:47:12 | 014,134,272 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\ig4icd32.dll
[2013.01.22 17:47:12 | 000,438,272 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2013.01.22 17:47:12 | 000,437,760 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2013.01.22 17:47:12 | 000,437,760 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresn.lrc
[2013.01.22 17:47:12 | 000,437,248 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2013.01.22 17:47:12 | 000,437,248 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrom.lrc
[2013.01.22 17:47:12 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2013.01.22 17:47:12 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2013.01.22 17:47:12 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2013.01.22 17:47:12 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2013.01.22 17:47:12 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhrv.lrc
[2013.01.22 17:47:12 | 000,436,736 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2013.01.22 17:47:12 | 000,436,224 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsky.lrc
[2013.01.22 17:47:12 | 000,436,224 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2013.01.22 17:47:12 | 000,436,224 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2013.01.22 17:47:12 | 000,436,224 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2013.01.22 17:47:12 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2013.01.22 17:47:12 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2013.01.22 17:47:12 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrslv.lrc
[2013.01.22 17:47:12 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2013.01.22 17:47:12 | 000,435,712 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2013.01.22 17:47:12 | 000,435,200 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2013.01.22 17:47:12 | 000,435,200 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2013.01.22 17:47:12 | 000,433,664 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2013.01.22 17:47:12 | 000,433,664 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2013.01.22 17:47:12 | 000,430,080 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2013.01.22 17:47:12 | 000,428,544 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2013.01.22 17:47:12 | 000,427,008 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2013.01.22 17:47:12 | 000,426,496 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2013.01.22 17:47:12 | 000,284,160 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2013.01.22 17:47:12 | 000,024,576 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2013.01.22 17:47:11 | 009,023,488 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2013.01.22 17:47:11 | 005,873,432 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\GfxUI.exe
[2013.01.22 17:47:11 | 004,739,072 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll
[2013.01.22 17:47:11 | 003,840,864 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll
[2013.01.22 17:47:11 | 000,313,344 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2013.01.22 17:47:11 | 000,208,384 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll
[2013.01.22 17:47:11 | 000,173,056 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\gfxSrvc.dll
[2013.01.22 17:47:11 | 000,130,048 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2013.01.22 17:47:11 | 000,120,320 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2013.01.22 17:47:11 | 000,096,256 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2013.01.22 17:47:11 | 000,059,392 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll
[2013.01.22 17:47:11 | 000,058,880 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2013.01.22 17:46:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2013.01.22 17:46:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2013.01.22 17:46:20 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2013.01.22 17:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013.01.22 17:46:16 | 000,000,000 | ---D | C] -- C:\Intel
[2013.01.22 17:45:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013.01.22 17:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013.01.22 17:45:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013.01.22 17:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013.01.22 17:45:22 | 000,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013.01.22 17:45:21 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013.01.22 17:45:19 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013.01.22 17:45:19 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2013.01.22 17:45:19 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2013.01.22 17:45:18 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2013.01.22 17:45:18 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013.01.22 17:45:18 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013.01.22 17:45:18 | 000,000,000 | ---D | C] -- C:\9ded52f49cd2c2f68a252b17d424
[2013.01.22 17:45:01 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013.01.22 17:44:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013.01.22 17:35:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\Identities
[2013.01.22 17:35:25 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2013.01.22 17:35:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Dokumenty\Obrázky
[2013.01.22 17:35:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Dokumenty\Hudba
[2013.01.22 17:35:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Libor\Data aplikací\Microsoft
[2013.01.22 17:35:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Libor\Data aplikací
[2013.01.22 17:35:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Příslušenství
[2013.01.22 17:35:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Po spuštění
[2013.01.22 17:35:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Nabídka Start
[2013.01.22 17:35:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Dokumenty
[2013.01.22 17:35:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Libor\Cookies
[2013.01.22 17:35:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Libor\Local Settings
[2013.01.22 17:35:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\Microsoft
[2013.01.22 17:35:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Libor\SendTo
[2013.01.22 17:35:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Libor\Recent
[2013.01.22 17:35:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Libor\Oblíbené položky
[2013.01.22 17:35:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Libor\Šablony
[2013.01.22 17:35:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Libor\Okolní tiskárny
[2013.01.22 17:35:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Libor\Okolní síť
[2013.01.22 17:35:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Plocha
[2013.01.22 17:33:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013.01.22 17:33:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013.01.22 17:33:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.01.22 17:33:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2013.01.22 17:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2013.01.22 17:26:26 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2013.01.22 17:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2013.01.22 17:25:29 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2013.01.22 17:25:29 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2013.01.22 17:25:29 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2013.01.22 17:25:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2013.01.22 17:25:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2013.01.22 17:25:28 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2013.01.22 17:25:28 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2013.01.22 17:25:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2013.01.22 17:25:28 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2013.01.22 17:25:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2013.01.22 17:25:28 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013.01.22 17:25:28 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013.01.22 17:25:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2013.01.22 17:25:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2013.01.22 17:25:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2013.01.22 17:25:27 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2013.01.22 17:25:27 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2013.01.22 17:25:27 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013.01.22 17:25:26 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2013.01.22 17:25:26 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2013.01.22 17:25:26 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2013.01.22 17:25:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2013.01.22 17:25:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2013.01.22 17:25:26 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2013.01.22 17:25:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013.01.22 17:25:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2013.01.22 17:25:25 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2013.01.22 17:25:25 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013.01.22 17:25:25 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013.01.22 17:25:25 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013.01.22 17:25:25 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013.01.22 17:25:24 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013.01.22 17:25:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2013.01.22 17:25:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2013.01.22 17:25:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2013.01.22 17:25:24 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2013.01.22 17:25:23 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2013.01.22 17:25:23 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2013.01.22 17:25:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2013.01.22 17:25:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013.01.22 17:25:23 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2013.01.22 17:25:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2013.01.22 17:25:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2013.01.22 17:25:22 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2013.01.22 17:25:22 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2013.01.22 17:25:22 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2013.01.22 17:25:22 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2013.01.22 17:25:22 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013.01.22 17:25:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2013.01.22 17:25:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013.01.22 17:25:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013.01.22 17:25:22 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013.01.22 17:25:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2013.01.22 17:25:22 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2013.01.22 17:25:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013.01.22 17:25:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013.01.22 17:25:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013.01.22 17:25:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013.01.22 17:25:21 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013.01.22 17:25:21 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013.01.22 17:25:21 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013.01.22 17:25:21 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013.01.22 17:25:21 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013.01.22 17:25:21 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013.01.22 17:25:21 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013.01.22 17:25:21 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013.01.22 17:25:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013.01.22 17:25:20 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2013.01.22 17:25:20 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2013.01.22 17:25:20 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2013.01.22 17:25:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013.01.22 17:25:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013.01.22 17:25:19 | 000,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2013.01.22 17:25:19 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2013.01.22 17:25:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2013.01.22 17:25:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2013.01.22 17:25:19 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013.01.22 17:25:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2013.01.22 17:25:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2013.01.22 17:25:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2013.01.22 17:25:18 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2013.01.22 17:25:18 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013.01.22 17:25:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013.01.22 17:25:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2013.01.22 17:25:17 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2013.01.22 17:25:17 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013.01.22 17:25:17 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2013.01.22 17:25:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2013.01.22 17:25:17 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2013.01.22 17:25:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013.01.22 17:25:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013.01.22 17:25:16 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2013.01.22 17:25:16 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2013.01.22 17:25:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2013.01.22 17:25:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2013.01.22 17:25:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2013.01.22 17:25:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2013.01.22 17:25:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2013.01.22 17:25:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2013.01.22 17:25:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2013.01.22 17:25:14 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2013.01.22 17:25:14 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2013.01.22 17:25:13 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2013.01.22 17:25:12 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2013.01.22 17:25:12 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2013.01.22 17:25:12 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2013.01.22 17:25:09 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013.01.22 17:25:09 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013.01.22 17:25:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2013.01.22 17:25:09 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2013.01.22 17:25:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2013.01.22 17:25:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2013.01.22 17:25:08 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2013.01.22 17:25:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2013.01.22 17:25:08 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2013.01.22 17:25:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2013.01.22 17:25:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2013.01.22 17:25:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2013.01.22 17:25:07 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2013.01.22 17:25:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013.01.22 17:25:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013.01.22 17:25:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013.01.22 17:25:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2013.01.22 17:25:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2013.01.22 17:25:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2013.01.22 17:25:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2013.01.22 17:25:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013.01.22 17:25:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2013.01.22 17:25:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2013.01.22 17:25:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2013.01.22 17:25:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2013.01.22 17:25:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2013.01.22 17:25:06 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013.01.22 17:25:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2013.01.22 17:25:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2013.01.22 17:25:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2013.01.22 17:25:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2013.01.22 17:25:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2013.01.22 17:25:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013.01.22 17:25:06 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2013.01.22 17:25:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2013.01.22 17:25:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2013.01.22 17:25:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2013.01.22 17:25:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2013.01.22 17:25:05 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2013.01.22 17:25:05 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2013.01.22 17:25:05 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2013.01.22 17:25:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2013.01.22 17:25:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2013.01.22 17:25:05 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2013.01.22 17:25:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2013.01.22 17:25:04 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2013.01.22 17:25:04 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2013.01.22 17:25:04 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2013.01.22 17:25:04 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2013.01.22 17:25:04 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2013.01.22 17:25:04 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2013.01.22 17:25:04 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2013.01.22 17:25:04 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2013.01.22 17:25:03 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2013.01.22 17:25:03 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2013.01.22 17:25:03 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2013.01.22 17:25:03 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2013.01.22 17:25:03 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2013.01.22 17:25:03 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2013.01.22 17:25:03 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2013.01.22 17:25:03 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2013.01.22 17:25:03 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2013.01.22 17:25:03 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2013.01.22 17:25:02 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2013.01.22 17:25:02 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2013.01.22 17:25:02 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2013.01.22 17:25:02 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2013.01.22 17:25:02 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2013.01.22 17:25:02 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2013.01.22 17:25:02 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2013.01.22 17:25:02 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2013.01.22 17:25:02 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2013.01.22 17:25:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2013.01.22 17:25:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2013.01.22 17:25:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2013.01.22 17:25:02 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2013.01.22 17:24:59 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2013.01.22 17:24:53 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2013.01.22 17:24:53 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2013.01.22 17:24:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2013.01.22 17:24:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2013.01.22 17:24:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2013.01.22 17:24:52 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2013.01.22 17:24:52 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2013.01.22 17:24:52 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2013.01.22 17:24:52 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2013.01.22 17:24:52 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2013.01.22 17:24:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2013.01.22 17:24:52 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2013.01.22 17:24:51 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2013.01.22 17:24:51 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2013.01.22 17:24:51 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2013.01.22 17:24:51 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2013.01.22 17:24:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2013.01.22 17:24:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2013.01.22 17:24:51 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013.01.22 17:24:51 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2013.01.22 17:24:51 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013.01.22 17:24:51 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2013.01.22 17:24:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2013.01.22 17:24:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013.01.22 17:24:51 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2013.01.22 17:24:51 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2013.01.22 17:24:51 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2013.01.22 17:24:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013.01.22 17:24:51 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2013.01.22 17:24:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2013.01.22 17:24:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2013.01.22 17:24:50 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2013.01.22 17:24:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2013.01.22 17:24:50 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2013.01.22 17:24:50 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2013.01.22 17:24:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013.01.22 17:24:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2013.01.22 17:24:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2013.01.22 17:24:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2013.01.22 17:24:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013.01.22 17:24:49 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013.01.22 17:24:49 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2013.01.22 17:24:49 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2013.01.22 17:24:49 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013.01.22 17:24:49 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013.01.22 17:24:49 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013.01.22 17:24:49 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013.01.22 17:24:49 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2013.01.22 17:24:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2013.01.22 17:24:46 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2013.01.22 17:24:46 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2013.01.22 17:24:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013.01.22 17:24:45 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2013.01.22 17:24:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2013.01.22 17:24:45 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2013.01.22 17:24:45 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2013.01.22 17:24:44 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2013.01.22 17:24:44 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2013.01.22 17:24:44 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2013.01.22 17:24:44 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2013.01.22 17:24:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2013.01.22 17:24:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2013.01.22 17:24:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2013.01.22 17:24:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2013.01.22 17:24:43 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013.01.22 17:24:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013.01.22 17:24:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013.01.22 17:24:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013.01.22 17:24:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013.01.22 17:24:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013.01.22 17:24:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013.01.22 17:24:42 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2013.01.22 17:24:40 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2013.01.22 17:24:39 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2013.01.22 17:24:39 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2013.01.22 17:24:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2013.01.22 17:24:39 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2013.01.22 17:24:38 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2013.01.22 17:24:38 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2013.01.22 17:24:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2013.01.22 17:24:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2013.01.22 17:24:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2013.01.22 17:24:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2013.01.22 17:24:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2013.01.22 17:24:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2013.01.22 17:24:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2013.01.22 17:24:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2013.01.22 17:24:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2013.01.22 17:24:37 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2013.01.22 17:24:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2013.01.22 17:24:35 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2013.01.22 17:24:35 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2013.01.22 17:24:35 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2013.01.22 17:24:35 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2013.01.22 17:24:35 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2013.01.22 17:24:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2013.01.22 17:24:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2013.01.22 17:24:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2013.01.22 17:24:32 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2013.01.22 17:24:32 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2013.01.22 17:24:32 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2013.01.22 17:24:32 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2013.01.22 17:24:32 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2013.01.22 17:24:32 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2013.01.22 17:24:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2013.01.22 17:24:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2013.01.22 17:24:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2013.01.22 17:24:31 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2013.01.22 17:24:31 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2013.01.22 17:24:31 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2013.01.22 17:24:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2013.01.22 17:24:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2013.01.22 17:24:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2013.01.22 17:24:30 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2013.01.22 17:24:30 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2013.01.22 17:24:30 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2013.01.22 17:24:30 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2013.01.22 17:24:30 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2013.01.22 17:24:30 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2013.01.22 17:24:30 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2013.01.22 17:24:30 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2013.01.22 17:24:30 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2013.01.22 17:24:30 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2013.01.22 17:24:30 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2013.01.22 17:24:30 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2013.01.22 17:24:30 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2013.01.22 17:24:30 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2013.01.22 17:24:29 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2013.01.22 17:24:29 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2013.01.22 17:24:29 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2013.01.22 17:24:29 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2013.01.22 17:24:29 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2013.01.22 17:24:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2013.01.22 17:24:29 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2013.01.22 17:24:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2013.01.22 17:24:29 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2013.01.22 17:24:29 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2013.01.22 17:24:28 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2013.01.22 17:24:28 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2013.01.22 17:24:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2013.01.22 17:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2013.01.22 17:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2013.01.22 17:24:09 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013.01.22 17:23:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013.01.22 17:23:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013.01.22 17:23:40 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013.01.22 17:23:34 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2013.01.22 17:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2013.01.22 17:23:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013.01.22 17:23:18 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013.01.22 17:23:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013.01.22 17:23:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013.01.22 17:23:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013.01.22 17:23:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013.01.22 17:23:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013.01.22 17:23:12 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013.01.22 17:23:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013.01.22 17:23:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013.01.22 17:23:11 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013.01.22 17:23:11 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013.01.22 17:23:11 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2013.01.22 17:23:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2013.01.22 17:23:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2013.01.22 17:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2013.01.22 17:23:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2013.01.22 17:23:09 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2013.01.22 17:23:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2013.01.22 17:23:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2013.01.22 17:23:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013.01.22 17:23:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013.01.22 17:23:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013.01.22 17:23:09 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013.01.22 17:23:08 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2013.01.22 17:23:08 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2013.01.22 17:23:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2013.01.22 17:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013.01.22 17:23:06 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2013.01.22 17:23:06 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013.01.22 17:23:06 | 000,726,590 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2013.01.22 17:23:06 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2013.01.22 17:23:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013.01.22 17:23:05 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2013.01.22 17:23:05 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2013.01.22 17:23:05 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2013.01.22 17:23:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013.01.22 17:23:04 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2013.01.22 17:23:04 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2013.01.22 17:23:04 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2013.01.22 17:23:04 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2013.01.22 17:23:04 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2013.01.22 17:23:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2013.01.22 17:23:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2013.01.22 17:23:04 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2013.01.22 17:23:03 | 001,933,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2013.01.22 17:23:03 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013.01.22 17:23:03 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2013.01.22 17:23:03 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013.01.22 17:23:03 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2013.01.22 17:23:03 | 000,219,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2013.01.22 17:23:03 | 000,210,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2013.01.22 17:23:03 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013.01.22 17:23:03 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2013.01.22 17:23:03 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013.01.22 17:23:03 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2013.01.22 17:23:03 | 000,053,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2013.01.22 17:23:03 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013.01.22 17:23:03 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2013.01.22 17:23:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2013.01.22 17:23:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013.01.22 17:23:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2013.01.22 17:23:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013.01.22 17:23:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2013.01.22 17:23:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013.01.22 17:23:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2013.01.22 17:23:02 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2013.01.22 17:23:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013.01.22 17:23:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2013.01.22 17:23:01 | 004,263,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2013.01.22 17:23:01 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2013.01.22 17:23:01 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2013.01.22 17:23:01 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2013.01.22 17:23:01 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2013.01.22 17:23:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2013.01.22 17:23:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2013.01.22 17:23:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2013.01.22 17:23:00 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2013.01.22 17:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2013.01.22 17:22:51 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2013.01.22 17:22:51 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2013.01.22 17:22:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2013.01.22 17:22:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2013.01.22 17:22:51 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2013.01.22 17:22:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2013.01.22 17:22:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2013.01.22 17:22:49 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2013.01.22 17:22:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2013.01.22 17:22:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013.01.22 17:22:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2013.01.22 17:22:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013.01.22 17:22:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2013.01.22 17:22:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013.01.22 17:22:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2013.01.22 17:22:49 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2013.01.22 17:22:49 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013.01.22 17:22:49 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2013.01.22 17:22:47 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2013.01.22 17:22:47 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013.01.22 17:22:47 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2013.01.22 17:22:47 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2013.01.22 17:22:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2013.01.22 17:22:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2013.01.22 17:22:47 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2013.01.22 17:22:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2013.01.22 17:22:46 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2013.01.22 17:22:46 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013.01.22 17:22:46 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2013.01.22 17:22:46 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2013.01.22 17:22:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013.01.22 17:22:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2013.01.22 17:22:46 | 000,073,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2013.01.22 17:22:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2013.01.22 17:22:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013.01.22 17:22:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2013.01.22 17:22:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013.01.22 17:22:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2013.01.22 17:22:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore

OTL.Txt (3. část):

[2013.01.22 17:22:45 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2013.01.22 17:22:45 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2013.01.22 17:22:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013.01.22 17:22:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2013.01.22 17:22:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2013.01.22 17:22:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2013.01.22 17:22:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2013.01.22 17:22:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013.01.22 17:22:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2013.01.22 17:22:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2013.01.22 17:22:44 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2013.01.22 17:22:44 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2013.01.22 17:22:44 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2013.01.22 17:22:44 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2013.01.22 17:22:44 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2013.01.22 17:22:44 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2013.01.22 17:22:44 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2013.01.22 17:22:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2013.01.22 17:22:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2013.01.22 17:22:44 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2013.01.22 17:22:43 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2013.01.22 17:22:43 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2013.01.22 17:22:43 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013.01.22 17:22:43 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2013.01.22 17:22:43 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2013.01.22 17:22:43 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013.01.22 17:22:43 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2013.01.22 17:22:43 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2013.01.22 17:22:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2013.01.22 17:22:43 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013.01.22 17:22:43 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2013.01.22 17:22:43 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013.01.22 17:22:43 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2013.01.22 17:22:43 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2013.01.22 17:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2013.01.22 17:22:42 | 002,481,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2013.01.22 17:22:42 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2013.01.22 17:22:42 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2013.01.22 17:22:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2013.01.22 17:22:42 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2013.01.22 17:22:41 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2013.01.22 17:22:41 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013.01.22 17:22:41 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2013.01.22 17:22:41 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2013.01.22 17:22:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013.01.22 17:22:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2013.01.22 17:22:41 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2013.01.22 17:22:41 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013.01.22 17:22:41 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2013.01.22 17:22:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013.01.22 17:22:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2013.01.22 17:22:41 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2013.01.22 17:22:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013.01.22 17:22:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2013.01.22 17:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2013.01.22 17:22:40 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2013.01.22 17:22:40 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2013.01.22 17:22:40 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2013.01.22 17:22:40 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2013.01.22 17:22:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2013.01.22 17:22:40 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2013.01.22 17:22:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2013.01.22 17:22:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2013.01.22 17:22:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2013.01.22 17:22:39 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2013.01.22 17:22:39 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2013.01.22 17:22:39 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2013.01.22 17:22:39 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2013.01.22 17:22:39 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2013.01.22 17:22:39 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2013.01.22 17:22:39 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2013.01.22 17:22:39 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2013.01.22 17:22:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2013.01.22 17:22:39 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2013.01.22 17:22:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2013.01.22 17:22:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2013.01.22 17:22:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2013.01.22 17:22:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2013.01.22 17:22:38 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2013.01.22 17:22:38 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2013.01.22 17:22:38 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2013.01.22 17:22:38 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2013.01.22 17:22:38 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2013.01.22 17:22:38 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2013.01.22 17:22:38 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2013.01.22 17:22:38 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2013.01.22 17:22:38 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2013.01.22 17:22:38 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2013.01.22 17:22:38 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2013.01.22 17:22:38 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2013.01.22 17:22:38 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2013.01.22 17:22:38 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2013.01.22 17:22:38 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2013.01.22 17:22:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2013.01.22 17:22:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2013.01.22 17:22:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2013.01.22 17:22:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2013.01.22 17:22:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2013.01.22 17:22:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2013.01.22 17:22:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2013.01.22 17:22:37 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2013.01.22 17:22:37 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2013.01.22 17:22:37 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2013.01.22 17:22:37 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2013.01.22 17:22:37 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2013.01.22 17:22:37 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2013.01.22 17:22:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2013.01.22 17:22:37 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2013.01.22 17:22:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2013.01.22 17:22:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2013.01.22 17:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2013.01.22 17:22:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Obrázky
[2013.01.22 17:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2013.01.22 17:22:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Hry
[2013.01.22 17:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013.01.22 17:22:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Nástroje pro správu
[2013.01.22 17:22:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013.01.22 17:22:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Hudba
[2013.01.22 17:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2013.01.22 17:22:00 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2013.01.22 17:22:00 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2013.01.22 17:22:00 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2013.01.22 17:22:00 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2013.01.22 17:22:00 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2013.01.22 17:22:00 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2013.01.22 17:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013.01.22 17:21:59 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2013.01.22 17:21:59 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2013.01.22 17:21:59 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2013.01.22 17:21:59 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2013.01.22 17:21:59 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2013.01.22 17:21:59 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2013.01.22 17:21:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2013.01.22 17:21:59 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2013.01.22 17:21:59 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2013.01.22 17:21:59 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2013.01.22 17:21:59 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2013.01.22 17:21:59 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2013.01.22 17:21:59 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2013.01.22 17:21:58 | 001,040,467 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2013.01.22 17:21:58 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2013.01.22 17:21:58 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2013.01.22 17:21:58 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2013.01.22 17:21:58 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2013.01.22 17:21:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013.01.22 17:21:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013.01.22 17:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2013.01.22 17:21:53 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.01.22 17:21:53 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013.01.22 17:21:52 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013.01.22 17:21:52 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013.01.22 17:21:52 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013.01.22 17:21:52 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013.01.22 17:21:52 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013.01.22 17:21:52 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013.01.22 17:21:52 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013.01.22 17:21:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013.01.22 17:21:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013.01.22 17:21:52 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2013.01.22 17:21:48 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013.01.22 17:21:48 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013.01.22 17:21:48 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013.01.22 17:21:48 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013.01.22 17:21:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013.01.22 17:21:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013.01.22 17:21:47 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013.01.22 17:21:47 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013.01.22 17:21:47 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013.01.22 17:21:47 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013.01.22 17:21:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013.01.22 17:21:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013.01.22 17:21:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013.01.22 17:21:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013.01.22 17:21:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013.01.22 17:21:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013.01.22 17:21:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013.01.22 17:21:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013.01.22 17:21:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013.01.22 17:21:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013.01.22 17:21:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013.01.22 17:21:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013.01.22 17:21:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013.01.22 17:21:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013.01.22 17:21:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013.01.22 17:21:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013.01.22 17:21:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013.01.22 17:21:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013.01.22 17:21:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013.01.22 17:21:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013.01.22 17:21:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013.01.22 17:21:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013.01.22 17:21:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013.01.22 17:21:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013.01.22 17:21:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013.01.22 17:21:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013.01.22 17:21:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013.01.22 17:21:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013.01.22 17:21:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013.01.22 17:21:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013.01.22 17:21:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013.01.22 17:21:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013.01.22 17:21:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013.01.22 17:21:45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013.01.22 17:21:44 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013.01.22 17:21:43 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013.01.22 17:21:43 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013.01.22 17:21:43 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013.01.22 17:21:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013.01.22 17:21:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013.01.22 17:21:43 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013.01.22 17:21:43 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013.01.22 17:21:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013.01.22 17:21:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013.01.22 17:21:43 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013.01.22 17:21:43 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013.01.22 17:21:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013.01.22 17:21:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013.01.22 17:21:42 | 000,282,112 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2013.01.22 17:21:42 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013.01.22 17:21:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013.01.22 17:21:41 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2013.01.22 17:21:41 | 000,351,232 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013.01.22 17:21:41 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013.01.22 17:21:41 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2013.01.22 17:21:41 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2013.01.22 17:21:41 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013.01.22 17:21:41 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013.01.22 17:21:41 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2013.01.22 17:21:41 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013.01.22 17:21:41 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2013.01.22 17:21:41 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2013.01.22 17:21:41 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013.01.22 17:21:41 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2013.01.22 17:21:41 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013.01.22 17:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2013.01.22 17:21:40 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013.01.22 17:21:40 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2013.01.22 17:21:40 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013.01.22 17:21:40 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013.01.22 17:21:40 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2013.01.22 17:21:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013.01.22 17:21:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2013.01.22 17:21:40 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2013.01.22 17:21:40 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2013.01.22 17:21:39 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2013.01.22 17:21:39 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2013.01.22 17:21:39 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013.01.22 17:21:39 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2013.01.22 17:21:39 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2013.01.22 17:21:39 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013.01.22 17:21:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013.01.22 17:21:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2013.01.22 17:21:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2013.01.22 17:21:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013.01.22 17:21:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2013.01.22 17:21:38 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2013.01.22 17:21:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013.01.22 17:21:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2013.01.22 17:21:38 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013.01.22 17:21:38 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2013.01.22 17:21:38 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2013.01.22 17:21:38 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2013.01.22 17:21:38 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013.01.22 17:21:38 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2013.01.22 17:21:38 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013.01.22 17:21:38 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2013.01.22 17:21:38 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2013.01.22 17:21:38 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013.01.22 17:21:38 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013.01.22 17:21:38 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2013.01.22 17:21:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013.01.22 17:21:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2013.01.22 17:21:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2013.01.22 17:21:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013.01.22 17:21:37 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013.01.22 17:21:37 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2013.01.22 17:21:37 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013.01.22 17:21:37 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2013.01.22 17:21:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013.01.22 17:21:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2013.01.22 17:21:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013.01.22 17:21:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2013.01.22 17:21:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2013.01.22 17:21:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2013.01.22 17:21:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2013.01.22 17:21:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013.01.22 17:21:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2013.01.22 17:21:36 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2013.01.22 17:21:36 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2013.01.22 17:21:36 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2013.01.22 17:21:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2013.01.22 17:21:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013.01.22 17:21:36 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2013.01.22 17:21:36 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013.01.22 17:21:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2013.01.22 17:21:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013.01.22 17:21:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2013.01.22 17:21:36 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013.01.22 17:21:36 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2013.01.22 17:21:36 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013.01.22 17:21:36 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2013.01.22 17:21:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013.01.22 17:21:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2013.01.22 17:21:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2013.01.22 17:21:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013.01.22 17:21:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013.01.22 17:21:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2013.01.22 17:21:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013.01.22 17:21:35 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2013.01.22 17:21:35 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2013.01.22 17:21:35 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013.01.22 17:21:35 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2013.01.22 17:21:35 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2013.01.22 17:21:35 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013.01.22 17:21:34 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2013.01.22 17:21:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2013.01.22 17:21:34 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2013.01.22 17:21:33 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2013.01.22 17:21:33 | 000,361,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2013.01.22 17:21:33 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2013.01.22 17:21:33 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2013.01.22 17:21:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2013.01.22 17:21:33 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2013.01.22 17:21:33 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2013.01.22 17:21:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2013.01.22 17:21:33 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2013.01.22 17:21:33 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2013.01.22 17:21:33 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2013.01.22 17:21:33 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2013.01.22 17:21:33 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2013.01.22 17:21:33 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2013.01.22 17:21:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2013.01.22 17:21:33 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2013.01.22 17:21:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2013.01.22 17:21:33 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2013.01.22 17:21:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2013.01.22 17:21:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2013.01.22 17:21:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2013.01.22 17:21:32 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2013.01.22 17:21:32 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2013.01.22 17:21:32 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2013.01.22 17:21:32 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2013.01.22 17:21:32 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2013.01.22 17:21:32 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2013.01.22 17:21:32 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2013.01.22 17:21:32 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2013.01.22 17:21:32 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2013.01.22 17:21:32 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2013.01.22 17:21:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2013.01.22 17:21:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2013.01.22 17:21:31 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2013.01.22 17:21:31 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2013.01.22 17:21:31 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2013.01.22 17:21:31 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013.01.22 17:21:31 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2013.01.22 17:21:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013.01.22 17:21:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2013.01.22 17:21:30 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2013.01.22 17:21:30 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013.01.22 17:21:30 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013.01.22 17:21:30 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2013.01.22 17:21:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Filmy
[2013.01.22 17:21:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Příslušenství

========== Files - Modified Within 30 Days ==========

[2013.02.08 21:03:26 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.02.08 21:01:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\OTL.exe
[2013.02.08 20:46:37 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.02.08 20:46:37 | 000,429,018 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.02.08 20:46:37 | 000,078,030 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.02.08 20:46:37 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.02.08 20:42:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.02.08 20:42:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.02.08 07:37:10 | 005,030,592 | R--- | M] (Swearware) -- C:\Documents and Settings\Libor\Plocha\ComboFix.exe
[2013.02.08 06:40:39 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2013.02.07 06:20:38 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.06 04:37:54 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\Zástupce - mb_wfas.lnk
[2013.02.04 19:55:04 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\OTM.exe
[2013.02.02 22:42:27 | 000,771,072 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\RogueKiller.exe
[2013.02.02 21:13:51 | 000,580,235 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\adwcleaner.exe
[2013.02.02 08:43:00 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\Zástupce - T34.lnk
[2013.02.02 06:23:05 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\RSIT.exe
[2013.02.02 06:19:05 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2013.02.02 03:37:53 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.02.02 02:55:45 | 000,001,055 | ---- | M] () -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Po spuštění\ubisoft register.lnk
[2013.02.01 23:09:20 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2013.02.01 05:16:09 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Pro Antivirus.lnk
[2013.02.01 05:16:08 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.01.31 23:09:57 | 000,041,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\Oreans.sys
[2013.01.31 23:05:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.30 18:29:14 | 000,000,507 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\Zástupce - FEAR2.exe.lnk
[2013.01.30 11:26:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.01.30 00:57:40 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\IL-2 Sturmovik Forgotten Battles.lnk
[2013.01.30 00:21:05 | 000,000,222 | ---- | M] () -- C:\WINDOWS\MP32WAV.INI
[2013.01.29 23:07:29 | 000,001,039 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk
[2013.01.28 05:50:51 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2013.01.26 04:27:58 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\Zástupce - mb_warband.lnk
[2013.01.24 03:01:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.01.23 03:29:56 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.22 22:38:38 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2013.01.22 21:13:34 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.01.22 21:13:34 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.01.22 18:20:21 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013.01.22 18:03:16 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2013.01.22 18:03:16 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2013.01.22 17:40:24 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini
[2013.01.22 17:26:29 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013.01.22 17:25:34 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.01.22 17:24:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013.01.22 17:24:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013.01.22 17:24:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013.01.22 17:24:16 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.01.22 17:24:16 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.01.22 17:24:09 | 000,004,249 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.01.22 17:22:20 | 000,021,812 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.01.22 17:21:01 | 000,000,211 | ---- | M] () -- C:\Boot.bak

========== Files Created - No Company Name ==========

[2013.02.08 21:03:26 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.02.08 07:38:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.02.08 07:38:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.02.08 07:38:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.02.08 07:38:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.02.06 02:59:13 | 000,000,658 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\Zástupce - mb_wfas.lnk
[2013.02.02 22:42:27 | 000,771,072 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\RogueKiller.exe
[2013.02.02 21:13:51 | 000,580,235 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\adwcleaner.exe
[2013.02.02 16:01:25 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.02.02 08:43:00 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\Zástupce - T34.lnk
[2013.02.02 06:23:05 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\RSIT.exe
[2013.02.02 06:19:05 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2013.02.02 06:19:05 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2013.02.02 03:37:53 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.02.02 03:37:49 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.02.02 03:36:33 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.02.02 02:55:45 | 000,001,055 | ---- | C] () -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Po spuštění\ubisoft register.lnk
[2013.02.01 05:16:09 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Pro Antivirus.lnk
[2013.01.31 23:09:57 | 000,041,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\Oreans.sys
[2013.01.30 18:29:14 | 000,000,507 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\Zástupce - FEAR2.exe.lnk
[2013.01.30 00:57:40 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\IL-2 Sturmovik Forgotten Battles.lnk
[2013.01.30 00:20:38 | 000,000,222 | ---- | C] () -- C:\WINDOWS\MP32WAV.INI
[2013.01.29 23:07:29 | 000,001,039 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk
[2013.01.29 22:57:37 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader XI.lnk
[2013.01.29 21:25:51 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2013.01.28 16:09:45 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.28 16:07:46 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2013.01.28 16:07:46 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2013.01.28 16:07:46 | 000,035,840 | ---- | C] () -- C:\WINDOWS\System32\comdlg32.oca
[2013.01.28 16:07:46 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\MSINET.oca
[2013.01.28 05:50:51 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2013.01.23 00:58:47 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\Zástupce - mb_warband.lnk
[2013.01.22 18:20:21 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013.01.22 18:13:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.01.22 18:13:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.01.22 18:03:16 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2013.01.22 18:03:15 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2013.01.22 18:02:17 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.01.22 18:02:15 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.01.22 18:02:13 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013.01.22 18:02:13 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013.01.22 18:02:13 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013.01.22 18:02:12 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013.01.22 18:01:57 | 000,001,592 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.01.22 18:01:50 | 002,033,597 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013.01.22 18:01:50 | 001,246,067 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013.01.22 18:01:50 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013.01.22 18:01:50 | 000,631,112 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013.01.22 18:01:50 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013.01.22 18:01:50 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2013.01.22 18:01:50 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2013.01.22 18:01:50 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013.01.22 18:01:50 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2013.01.22 18:01:50 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013.01.22 18:01:50 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013.01.22 18:01:50 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013.01.22 18:01:50 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013.01.22 18:01:50 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013.01.22 18:01:50 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013.01.22 18:01:50 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013.01.22 18:01:50 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013.01.22 18:01:17 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.22 18:00:17 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2013.01.22 18:00:15 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.01.22 17:49:31 | 000,015,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\IntelMEFWVer.dll
[2013.01.22 17:49:11 | 000,031,272 | ---- | C] () -- C:\WINDOWS\System32\AppleChargerSrv.exe
[2013.01.22 17:49:11 | 000,018,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\AppleCharger.sys
[2013.01.22 17:47:43 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013.01.22 17:47:12 | 000,219,089 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.th-TH.resources
[2013.01.22 17:47:12 | 000,206,074 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.el-GR.resources
[2013.01.22 17:47:12 | 000,190,306 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ru-RU.resources
[2013.01.22 17:47:12 | 000,163,151 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ar-SA.resources
[2013.01.22 17:47:12 | 000,160,273 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ja-JP.resources
[2013.01.22 17:47:12 | 000,156,020 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.he-IL.resources
[2013.01.22 17:47:12 | 000,146,945 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.it-IT.resources
[2013.01.22 17:47:12 | 000,145,559 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ko-KR.resources
[2013.01.22 17:47:12 | 000,144,621 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.es-ES.resources
[2013.01.22 17:47:12 | 000,144,501 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.de-DE.resources
[2013.01.22 17:47:12 | 000,143,191 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.ro-RO.resources
[2013.01.22 17:47:12 | 000,142,754 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.fr-FR.resources
[2013.01.22 17:47:12 | 000,142,035 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.tr-TR.resources
[2013.01.22 17:47:12 | 000,141,601 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.pt-BR.resources
[2013.01.22 17:47:12 | 000,141,258 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.nl-NL.resources
[2013.01.22 17:47:12 | 000,141,134 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.hu-HU.resources
[2013.01.22 17:47:12 | 000,140,501 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.pt-PT.resources
[2013.01.22 17:47:12 | 000,140,404 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.sv-SE.resources
[2013.01.22 17:47:12 | 000,139,864 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.pl-PL.resources
[2013.01.22 17:47:12 | 000,139,839 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.cs-CZ.resources
[2013.01.22 17:47:12 | 000,139,623 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.fi-FI.resources
[2013.01.22 17:47:12 | 000,139,095 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.sk-SK.resources
[2013.01.22 17:47:12 | 000,138,414 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.hr-HR.resources
[2013.01.22 17:47:12 | 000,135,443 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.sl-SI.resources
[2013.01.22 17:47:12 | 000,135,396 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.nb-NO.resources
[2013.01.22 17:47:12 | 000,134,952 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.da-DK.resources
[2013.01.22 17:47:12 | 000,130,387 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.en-US.resources
[2013.01.22 17:47:12 | 000,124,032 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.zh-TW.resources
[2013.01.22 17:47:12 | 000,122,610 | R--- | C] () -- C:\WINDOWS\System32\Gfxres.zh-CN.resources
[2013.01.22 17:47:12 | 000,009,216 | R--- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2013.01.22 17:47:11 | 001,674,683 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013.01.22 17:47:11 | 000,963,144 | R--- | C] () -- C:\WINDOWS\System32\igkrng600.bin
[2013.01.22 17:47:11 | 000,261,208 | R--- | C] () -- C:\WINDOWS\System32\igfcg600m.bin
[2013.01.22 17:47:11 | 000,145,804 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng600.bin
[2013.01.22 17:47:11 | 000,058,558 | R--- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2013.01.22 17:47:11 | 000,042,616 | R--- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2013.01.22 17:47:11 | 000,001,023 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013.01.22 17:47:11 | 000,000,264 | R--- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2013.01.22 17:40:24 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2013.01.22 17:40:24 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2013.01.22 17:35:26 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Outlook Express.lnk
[2013.01.22 17:35:25 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Internet Explorer.lnk
[2013.01.22 17:35:21 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Vzdálená pomoc.lnk
[2013.01.22 17:35:21 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Libor\Nabídka Start\Programy\Windows Media Player.lnk
[2013.01.22 17:26:29 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013.01.22 17:25:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.01.22 17:25:17 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013.01.22 17:25:07 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013.01.22 17:25:04 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013.01.22 17:25:03 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013.01.22 17:25:02 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013.01.22 17:24:56 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013.01.22 17:24:52 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013.01.22 17:24:50 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013.01.22 17:24:44 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013.01.22 17:24:18 | 000,002,553 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.01.22 17:24:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013.01.22 17:24:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013.01.22 17:24:18 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013.01.22 17:24:16 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.01.22 17:24:16 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.01.22 17:24:16 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.01.22 17:23:34 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Movie Maker.lnk
[2013.01.22 17:23:27 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013.01.22 17:23:17 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.01.22 17:23:17 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.01.22 17:23:12 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013.01.22 17:22:47 | 000,378,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013.01.22 17:22:21 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Messenger.lnk
[2013.01.22 17:22:20 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.01.22 17:21:49 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Mýdlové bubliny.bmp
[2013.01.22 17:21:49 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prérijní vítr.bmp
[2013.01.22 17:21:49 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Omítka Santa Fe.bmp
[2013.01.22 17:21:49 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Řeka Sumida.bmp
[2013.01.22 17:21:49 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Zelený kámen.bmp
[2013.01.22 17:21:49 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2013.01.22 17:21:49 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybách.bmp
[2013.01.22 17:21:49 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Zrnko kávy.bmp
[2013.01.22 17:21:49 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Textura peří.bmp
[2013.01.22 17:21:49 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013.01.22 17:21:49 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Modrá krajka 16.bmp
[2013.01.22 17:21:47 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.01.22 17:21:47 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.01.22 17:21:46 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.01.22 17:21:42 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\IusEventLog.dll

========== ZeroAccess Check ==========

[2013.01.22 17:45:01 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.10.31 12:32:37 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.02.01 05:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2013.01.22 20:31:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.01.22 22:38:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.02.07 20:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.01.22 20:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2013.01.22 20:31:24 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.02.07 20:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.02.01 23:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\DAEMON Tools Lite
[2013.02.07 20:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\IObit
[2013.01.22 22:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Mount&Blade Warband
[2013.02.06 03:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Mount&Blade With Fire and Sword
[2013.01.22 20:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\TuneUp Software
[2013.02.02 03:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013.01.22 17:23:09 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.01.22 17:33:31 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

< >

< MD5 for: AGP440.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2013.02.08 06:40:39 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2013.02.08 06:40:39 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2013.02.08 06:40:39 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2008.10.31 08:48:54 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\NLDRV\001\iastor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

OTL.Txt (4. část):

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.01.29 22:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Adobe
[2013.02.07 21:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Apple Computer
[2013.02.01 23:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\DAEMON Tools Lite
[2013.01.22 17:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Identities
[2013.01.22 17:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\InstallShield
[2013.02.07 20:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\IObit
[2013.01.22 20:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Macromedia
[2013.02.02 05:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Malwarebytes
[2013.01.29 22:58:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Libor\Data aplikací\Microsoft
[2013.01.22 22:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Mount&Blade Warband
[2013.02.06 03:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Mount&Blade With Fire and Sword
[2013.02.02 03:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Mozilla
[2013.01.22 20:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\TuneUp Software
[2013.02.02 03:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\uTorrent
[2013.02.08 11:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\vlc
[2013.01.22 22:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2013.01.24 18:28:17 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Libor\Data aplikací\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2013.01.22 18:00:17 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.01.22 18:00:17 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.01.22 18:00:17 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2013.02.08 06:40:39 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys

< %systemroot%\system32\*.* /3 >
[2013.02.08 20:42:30 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt
[2013.02.08 20:46:37 | 000,078,030 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.02.08 20:46:37 | 000,067,448 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.02.08 20:46:37 | 000,429,018 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.02.08 20:46:37 | 000,432,492 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.02.08 20:46:37 | 001,020,296 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.11.06 11:46:46 | 003,673,728 | ---- | M] (DT Soft Ltd)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.02.08 21:03:26 | 000,000,512 | ---- | M] () MD5=C852B582D49947DE4C32FA6C52D23A0A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.02.08 11:34:40 | 000,000,626 | ---- | M] () -- \Documents and Settings\Libor\Recent\aircrack-ng-1.1-win.lnk
[2013.02.06 08:03:45 | 000,001,230 | ---- | M] () -- \Documents and Settings\Libor\Recent\Mount & Blade - With Fire And Sword + Crack.lnk
[2009.01.19 13:27:44 | 000,083,645 | ---- | M] () -- \Hry\Mount&Blade Warband\Sounds\Fire_Small_Crackle_Slick_op.ogg
[2011.02.15 16:29:38 | 000,083,645 | ---- | M] () -- \Hry\Mount&Blade With Fire and Sword\Sounds\Fire_Small_Crackle_Slick_op.ogg

< *keygen* /s >

< *loader* /s >
[2008.09.12 16:26:32 | 000,150,132 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderHit01.wav
[2008.09.12 16:26:28 | 000,196,212 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderHit02.wav
[2008.09.12 16:26:26 | 000,188,276 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderHit03.wav
[2008.09.12 16:26:22 | 000,141,940 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderNoAmmo.wav
[2008.09.12 16:26:20 | 000,139,636 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderNoShell.wav
[2008.09.12 16:26:16 | 000,106,356 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderReady01.wav
[2008.09.12 16:26:14 | 000,112,756 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderReady02.wav
[2008.09.12 16:26:10 | 000,105,972 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderReady03.wav
[2008.09.12 16:26:08 | 000,115,060 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderReady04.wav
[2008.09.12 16:26:04 | 000,112,244 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderReady05.wav
[2008.09.12 16:26:00 | 000,194,676 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderShellAP.wav
[2008.09.12 16:24:56 | 000,127,348 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderShellHE.wav
[2008.09.12 16:24:54 | 000,181,364 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderShellSubAP.wav
[2008.09.12 16:24:50 | 000,163,444 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderTurretDmg01.wav
[2008.09.12 16:24:48 | 000,173,684 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderTurretDmg02.wav
[2008.09.12 16:24:44 | 000,142,196 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\GLoaderTurretDmg03.wav
[2008.09.12 16:40:32 | 000,153,204 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderHit01.wav
[2008.09.12 16:40:28 | 000,158,836 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderHit02.wav
[2008.09.12 16:40:26 | 000,170,612 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderHit03.wav
[2008.09.12 16:40:22 | 000,143,220 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderNoAmmo.wav
[2008.09.12 16:40:20 | 000,124,020 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderNoShell.wav
[2008.09.12 16:40:16 | 000,108,660 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderReady01.wav
[2008.09.12 16:40:14 | 000,105,076 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderReady02.wav
[2008.09.12 16:40:12 | 000,110,964 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderReady03.wav
[2008.09.12 16:40:08 | 000,103,028 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderReady04.wav
[2008.09.12 16:40:06 | 000,120,692 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderReady05.wav
[2008.09.12 16:40:02 | 000,121,972 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderShellAP.wav
[2008.09.12 16:40:00 | 000,125,812 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderShellHE.wav
[2008.09.12 16:39:58 | 000,128,884 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderShellSubAP.wav
[2008.09.12 16:39:54 | 000,192,116 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderTurretDmg01.wav
[2008.09.12 16:39:52 | 000,184,692 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderTurretDmg02.wav
[2008.09.12 16:39:48 | 000,186,228 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Resources\SLoaderTurretDmg03.wav
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2013.02.02 07:20:22 | 000,000,854 | ---- | M] () -- \Documents and Settings\Libor\Recent\WWII-T34-vs-Tiger-serial-cd-key.lnk
[2003.11.25 12:40:22 | 000,000,519 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Scripts\Common\ISerializeable.script
[2003.11.25 13:25:00 | 000,001,268 | ---- | M] () -- \Hry\Lighthouse Interactive\T34vsTiger\Scripts\Common\SerializeableGroup.script
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013.01.23 03:27:31 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.23 03:17:36 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.23 09:36:00 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.23 09:34:54 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

Extras.Txt:

OTL Extras logfile created on: 8.2.2013 21:02:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Libor\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,89 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 80,43% Memory free
3,74 Gb Paging File | 3,52 Gb Available in Paging File | 94,19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 44,12 Gb Free Space | 59,21% Space Free | Partition Type: NTFS

Computer Name: LIBOR-PC | User Name: Libor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1123561945-1647877149-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programy\uTorrent.exe" = C:\Programy\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{852F940A-BE93-4DF9-98E5-6F5FA7AFF3EE}" = Intel® Trusted Connect Service Client
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast5" = avast! Pro Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"FLV to AVI MPEG WMV 3GP MP4 iPod Converter_is1" = FLV to AVI MPEG WMV 3GP MP4 iPod Converter 6.0.0202
"ie8" = Windows Internet Explorer 8
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mount&Blade Warband" = Mount&Blade Warband
"Mount&Blade With Fire and Sword" = Mount&Blade With Fire and Sword
"Mozilla Firefox 9.0 (x86 cs)" = Mozilla Firefox 9.0 (x86 cs)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.4
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 27.1.2013 16:26:50 | Computer Name = LIBOR-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace il2fb.exe, verze 0.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.1.2013 16:33:34 | Computer Name = LIBOR-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace il2fb.exe, verze 0.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2013 10:53:48 | Computer Name = LIBOR-PC | Source = MsiInstaller | ID = 1013
Description = Product: IL-2 Sturmovik: Forgotten Battles -- 1: This installation
cannot be run by directly launching the MSI package. You must run setup.exe.

[ System Events ]
Error - 5.2.2013 8:42:19 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262189
Description = Systému se nepodařilo úspěšně načíst ovladač výpisu stavu systému.

Error - 5.2.2013 8:42:19 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 5.2.2013 9:27:27 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262189
Description = Systému se nepodařilo úspěšně načíst ovladač výpisu stavu systému.

Error - 5.2.2013 9:27:27 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 5.2.2013 9:35:49 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262189
Description = Systému se nepodařilo úspěšně načíst ovladač výpisu stavu systému.

Error - 5.2.2013 9:35:49 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 5.2.2013 20:59:44 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262189
Description = Systému se nepodařilo úspěšně načíst ovladač výpisu stavu systému.

Error - 5.2.2013 20:59:44 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 6.2.2013 3:16:32 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262189
Description = Systému se nepodařilo úspěšně načíst ovladač výpisu stavu systému.

Error - 6.2.2013 3:16:32 | Computer Name = LIBOR-PC | Source = Ftdisk | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

< End of report >

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\..\SearchScopes,DefaultScope = {396281CE-6973-4971-9ED6-B376D8922349}
IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\..\SearchScopes\{396281CE-6973-4971-9ED6-B376D8922349}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}
IE - HKU\S-1-5-21-1123561945-1647877149-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - user.js - File not found
[2013.02.07 20:49:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.02.07 20:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\IObit
[2013.02.07 20:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Při procesu mi to nahlásilo chybu, že nelze otevřít koš a jestli si ho přeji vysypat. Dal jsem ano a nechal program dokončit práci. Zde výsledný log:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Libor
->Temp folder emptied: 704692 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 308212976 bytes
->Flash cache emptied: 11770 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 295,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Libor
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1123561945-1647877149-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1123561945-1647877149-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1123561945-1647877149-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{396281CE-6973-4971-9ED6-B376D8922349}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{396281CE-6973-4971-9ED6-B376D8922349}\ not found.
Registry key HKEY_USERS\S-1-5-21-1123561945-1647877149-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "chr-greentree_ff&ilc=12&type=198484" removed from browser.search.param.yahoo-fr
C:\Documents and Settings\All Users\Data aplikací\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\IObit\IObit Malware Fighter folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\IObit\Advanced SystemCare V6\Log folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\IObit\Advanced SystemCare V6\Downloader folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\IObit\Advanced SystemCare V6\Boottime folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\IObit\Advanced SystemCare V6\Backup folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\IObit folder moved successfully.
C:\Program Files\IObit\IObit Malware Fighter\log\scan folder moved successfully.
C:\Program Files\IObit\IObit Malware Fighter\log\realtime folder moved successfully.
C:\Program Files\IObit\IObit Malware Fighter\log folder moved successfully.
C:\Program Files\IObit\IObit Malware Fighter folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 6\Update folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 6\LatestNews folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 6 folder moved successfully.
C:\Program Files\IObit folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP165.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP63.tmp\System.Workflow.Activities.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP63.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP742.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7FE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP933.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP956.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD6F.tmp folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX87.tmp\system folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX87.tmp\sysbckup folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX87.tmp\inf folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX87.tmp\help folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX87.tmp\drivers folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX87.tmp\directx folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX87.tmp\dxdllreg.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX87.tmp folder deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 02092013_115450

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada

A jeste jednu vec pak udelejte

Postupujte podle navodu kolegy

vyosek píše: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
Kliknete na volbu Change parametrs

V okne Additional Option zakliknete vsechny moznosti

Kliknete na OK

Utilite prikazte, at skenuje - klik na Start Scan

Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip

Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip

Pokud mate vsude Skip, kliknete na Continue

Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

VIRY.CZ

relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge

Re: relevantknowledge