VIRY.CZ

dobrý den,

prosím o kontrolu logu
Při otevření jednoho z disků se mi okamžitě začne smolit hromada souborů do dočasné složky %temp% a já nevím co je špatně

níže posílám log RSIT (stém je relativně čerstvě naistalovaný

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr Hamrský at 2016-03-21 01:22:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (5%) free of 20 GB
Total RAM: 3071 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:22:31, on 21.3.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.23758)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Data aplikací\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\AthServer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Petr Hamrský\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr Hamrský.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://petr.pianovka.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://files.creative.com/Web/softwareu ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://files.creative.com/Web/softwareu ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://files.creative.com/Web/softwareu ... /CTPID.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - wireless - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFsam Manager - ANDREA VACONDIO - C:\Documents and Settings\All Users\Data aplikací\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe

--
End of file - 6509 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-17 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-17 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-02 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-08-02 86016]
"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Creative MediaSource Go"=C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe [2006-11-09 204800]
"Creative Detector"=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-12-02 102400]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2015-12-06 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Documents and Settings\Petr Hamrský\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Petr Hamrský\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent (Petr Hamrský)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-03-21 01:22:24 ----D---- C:\rsit
2016-03-21 01:22:24 ----D---- C:\Program Files\trend micro
2016-03-21 00:47:43 ----SHD---- C:\RECYCLER
2016-03-20 23:47:16 ----A---- C:\ComboFix.txt
2016-03-20 23:40:07 ----A---- C:\WINDOWS\zip.exe
2016-03-20 23:40:07 ----A---- C:\WINDOWS\SWXCACLS.exe
2016-03-20 23:40:07 ----A---- C:\WINDOWS\SWSC.exe
2016-03-20 23:40:07 ----A---- C:\WINDOWS\SWREG.exe
2016-03-20 23:40:07 ----A---- C:\WINDOWS\sed.exe
2016-03-20 23:40:07 ----A---- C:\WINDOWS\PEV.exe
2016-03-20 23:40:07 ----A---- C:\WINDOWS\NIRCMD.exe
2016-03-20 23:40:07 ----A---- C:\WINDOWS\MBR.exe
2016-03-20 23:40:07 ----A---- C:\WINDOWS\grep.exe
2016-03-20 23:31:10 ----AD---- C:\Qoobox
2016-03-20 23:30:58 ----D---- C:\WINDOWS\erdnt
2016-03-20 23:24:29 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-03-20 23:24:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-03-20 23:24:29 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-03-20 23:24:29 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-03-20 17:31:57 ----D---- C:\Program Files\Burrrn
2016-03-20 17:05:49 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2016-03-20 17:05:47 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2016-03-20 15:04:27 ----D---- C:\Program Files\ESET
2016-03-19 17:17:53 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\uTorrent
2016-03-19 17:08:49 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\foobar2000
2016-03-19 17:08:00 ----D---- C:\Program Files\foobar2000
2016-03-19 11:37:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\LockHunter
2016-03-19 11:36:21 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\LockHunter
2016-03-19 11:36:18 ----D---- C:\Program Files\LockHunter
2016-03-17 02:20:57 ----D---- C:\Program Files\PDF Split And Merge Basic
2016-03-17 02:20:28 ----D---- C:\Program Files\Common Files\Java
2016-03-17 02:20:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2016-03-17 02:20:18 ----A---- C:\WINDOWS\system32\javaws.exe
2016-03-17 02:20:14 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-03-17 02:20:14 ----A---- C:\WINDOWS\system32\javaw.exe
2016-03-17 02:20:14 ----A---- C:\WINDOWS\system32\java.exe
2016-03-17 02:20:02 ----D---- C:\Program Files\Java
2016-03-17 02:19:53 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\Sun
2016-03-17 02:12:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\ANDREA VACONDIO
2016-03-17 02:11:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Oracle
2016-03-17 02:11:39 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\Oracle
2016-03-17 02:10:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\PDFsam Enhanced
2016-03-15 18:57:24 ----D---- C:\Program Files\IrfanView
2016-03-12 23:49:04 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\vlc
2016-03-12 23:47:23 ----D---- C:\Program Files\VideoLAN
2016-03-12 22:49:12 ----D---- C:\Program Files\Common Files\Digidesign
2016-03-12 22:49:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sibelius Software
2016-03-12 22:48:59 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\Sibelius Software
2016-03-12 22:21:12 ----RSD---- C:\WINDOWS\assembly
2016-03-12 22:20:54 ----D---- C:\WINDOWS\system32\en-US
2016-03-12 22:20:51 ----D---- C:\Program Files\Microsoft.NET
2016-03-12 22:20:50 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-12 21:27:04 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\Ashampoo
2016-03-12 21:25:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
2016-03-12 21:25:28 ----D---- C:\Program Files\Ashampoo
2016-03-12 19:55:48 ----D---- C:\Program Files\Sibelius Software
2016-03-12 18:10:41 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\Foxit Software
2016-03-12 17:23:27 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\Foxit AgentInformation
2016-03-12 17:23:13 ----D---- C:\Program Files\Foxit Software
2016-03-11 23:28:51 ----D---- C:\Program Files\7-Zip
2016-03-11 22:02:50 ----D---- C:\WINDOWS\Minidump
2016-03-11 20:18:09 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2016-03-11 20:17:58 ----D---- C:\Program Files\DAEMON Tools Toolbar
2016-03-11 20:17:53 ----D---- C:\Program Files\DAEMON Tools Lite
2016-03-11 20:17:41 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\DAEMON Tools Lite
2016-03-11 20:17:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2016-03-11 20:12:32 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-03-11 20:01:46 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2016-03-11 19:52:13 ----A---- C:\WINDOWS\system32\h323log.txt
2016-03-11 19:51:39 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2016-03-11 19:50:54 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2016-03-11 19:49:57 ----A---- C:\WINDOWS\system32\usbui.dll
2016-03-11 19:49:48 ----A---- C:\WINDOWS\system32\drivers\intelide.sys
2016-03-11 19:48:47 ----SHD---- C:\WINDOWS\Installer
2016-03-11 19:48:47 ----D---- C:\Program Files\Common Files\ODBC
2016-03-11 19:48:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-11 19:48:47 ----A---- C:\WINDOWS\ODBCINST.INI
2016-03-11 19:48:42 ----RD---- C:\Program Files
2016-03-11 19:48:42 ----D---- C:\Program Files\Common Files\SpeechEngines
2016-03-11 19:48:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-03-11 19:48:42 ----D---- C:\Program Files\Common Files
2016-03-11 19:48:38 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2016-03-11 19:48:38 ----RA---- C:\WINDOWS\system32\kbdru.dll
2016-03-11 19:48:32 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2016-03-11 19:48:32 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2016-03-11 19:48:32 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2016-03-11 19:48:32 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2016-03-11 19:48:29 ----A---- C:\WINDOWS\system32\spxcoins.dll
2016-03-11 19:48:29 ----A---- C:\WINDOWS\system32\irclass.dll
2016-03-11 19:48:29 ----A---- C:\WINDOWS\system32\eqnclass.dll
2016-03-11 19:48:29 ----A---- C:\WINDOWS\system32\dgsetup.dll
2016-03-11 19:48:29 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2016-03-11 19:48:26 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2016-03-11 19:48:26 ----A---- C:\WINDOWS\taskman.exe
2016-03-11 19:48:26 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2016-03-11 19:48:26 ----A---- C:\WINDOWS\system32\batt.dll
2016-03-11 19:48:25 ----A---- C:\WINDOWS\system32\storprop.dll
2016-03-11 19:48:25 ----A---- C:\WINDOWS\NOTEPAD.EXE
2016-03-11 19:48:16 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2016-03-11 19:46:33 ----RA---- C:\WINDOWS\SET4.tmp
2016-03-11 19:46:31 ----RA---- C:\WINDOWS\SET3.tmp
2016-03-11 19:46:26 ----D---- C:\WINDOWS\system32\CatRoot2
2016-03-11 19:46:26 ----D---- C:\WINDOWS\system32\CatRoot
2016-03-11 19:46:21 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2016-03-11 19:46:01 ----A---- C:\WINDOWS\setuplog.txt
2016-03-11 19:45:58 ----D---- C:\Documents and Settings
2016-03-11 19:45:57 ----SHD---- C:\System Volume Information
2016-03-11 19:45:57 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-11 19:45:02 ----SH---- C:\boot.ini
2016-03-11 19:40:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-03-11 19:40:43 ----RSD---- C:\WINDOWS\Fonts
2016-03-11 19:40:43 ----RD---- C:\WINDOWS\Web
2016-03-11 19:40:43 ----HD---- C:\WINDOWS\inf
2016-03-11 19:40:43 ----D---- C:\WINDOWS\WinSxS
2016-03-11 19:40:43 ----D---- C:\WINDOWS\WBEM
2016-03-11 19:40:43 ----D---- C:\WINDOWS\twain_32
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Temp
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\wins
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\wbem
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\usmt
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\spool
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\ShellExt
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\Setup
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\ras
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\oobe
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\npp
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\mui
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\IME
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\icsxml
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\ias
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\export
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\drivers\etc
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\drivers\disdn
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\drivers
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\dhcp
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\cs-cz
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\cs
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\config
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\3com_dmi
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\3076
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\2052
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1054
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1042
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1041
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1037
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1033
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1031
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1029
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1028
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32\1025
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system32
2016-03-11 19:40:43 ----D---- C:\WINDOWS\system
2016-03-11 19:40:43 ----D---- C:\WINDOWS\security
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Resources
2016-03-11 19:40:43 ----D---- C:\WINDOWS\repair
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Provisioning
2016-03-11 19:40:43 ----D---- C:\WINDOWS\pchealth
2016-03-11 19:40:43 ----D---- C:\WINDOWS\PeerNet
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Offline Web Pages
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Network Diagnostic
2016-03-11 19:40:43 ----D---- C:\WINDOWS\mui
2016-03-11 19:40:43 ----D---- C:\WINDOWS\msapps
2016-03-11 19:40:43 ----D---- C:\WINDOWS\msagent
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Media
2016-03-11 19:40:43 ----D---- C:\WINDOWS\L2Schemas
2016-03-11 19:40:43 ----D---- C:\WINDOWS\java
2016-03-11 19:40:43 ----D---- C:\WINDOWS\ime
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Help
2016-03-11 19:40:43 ----D---- C:\WINDOWS\ehome
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Driver Cache
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Downloaded Program Files
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Debug
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Cursors
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Connection Wizard
2016-03-11 19:40:43 ----D---- C:\WINDOWS\Config
2016-03-11 19:40:43 ----D---- C:\WINDOWS\AppPatch
2016-03-11 19:40:43 ----D---- C:\WINDOWS\addins
2016-03-11 19:40:43 ----D---- C:\WINDOWS
2016-03-11 19:40:43 ----ASH---- C:\pagefile.sys
2016-03-11 19:40:33 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\Creative
2016-03-11 19:40:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Creative
2016-03-11 19:38:22 ----N---- C:\WINDOWS\Ctregrun.exe
2016-03-11 19:37:02 ----N---- C:\WINDOWS\system32\CTSVCCTL.EXE
2016-03-11 19:37:02 ----N---- C:\WINDOWS\system32\CTSVCCDA.EXE
2016-03-11 19:36:46 ----D---- C:\Program Files\Common Files\Creative
2016-03-11 19:36:44 ----HD---- C:\Program Files\Creative Installation Information
2016-03-11 19:36:04 ----N---- C:\WINDOWS\Updreg.EXE
2016-03-11 19:35:56 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2016-03-11 19:35:54 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2016-03-11 19:35:53 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2016-03-11 19:35:52 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2016-03-11 19:35:51 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2016-03-11 19:35:49 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2016-03-11 19:35:48 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2016-03-11 19:35:47 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2016-03-11 19:35:45 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2016-03-11 19:35:44 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2016-03-11 19:35:42 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2016-03-11 19:35:39 ----A---- C:\WINDOWS\system32\CtDvInst.dll
2016-03-11 19:35:38 ----A---- C:\WINDOWS\system32\ksuser.dll
2016-03-11 19:35:38 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-03-11 19:35:38 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2016-03-11 19:35:26 ----D---- C:\WINDOWS\system32\Data
2016-03-11 19:35:26 ----A---- C:\WINDOWS\system32\Ludap17.ini
2016-03-11 19:35:26 ----A---- C:\WINDOWS\system32\ctzapxx.ini
2016-03-11 19:35:25 ----A---- C:\WINDOWS\INRES.DLL
2016-03-11 19:34:24 ----D---- C:\Program Files\Creative
2016-03-11 19:30:17 ----D---- C:\WINDOWS\nview
2016-03-11 19:30:17 ----A---- C:\WINDOWS\system32\nvudisp.exe
2016-03-11 19:30:02 ----D---- C:\Program Files\Common Files\InstallShield
2016-03-11 19:29:57 ----D---- C:\NVIDIA
2016-03-11 19:25:20 ----D---- C:\WINDOWS\system32\ReinstallBackups
2016-03-11 19:25:19 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-03-11 19:25:18 ----D---- C:\Program Files\Intel
2016-03-11 19:25:18 ----A---- C:\WINDOWS\system32\CSVer.dll
2016-03-11 19:25:09 ----D---- C:\Intel
2016-03-11 19:11:39 ----D---- C:\Program Files\Google
2016-03-11 19:08:42 ----D---- C:\Documents and Settings\Petr Hamrský\Data aplikací\TP-LINK
2016-03-11 19:08:35 ----A---- C:\WINDOWS\system32\drivers\AegisP.sys
2016-03-11 19:08:32 ----A---- C:\WINDOWS\system32\AegisI5Installer.exe
2016-03-11 19:08:24 ----A---- C:\WINDOWS\system32\jswscsup.dll
2016-03-11 19:08:24 ----A---- C:\WINDOWS\system32\jswscimd.sys
2016-03-11 19:08:24 ----A---- C:\WINDOWS\system32\drivers\jswscimd.sys
2016-03-11 19:08:23 ----RHD---- C:\Documents and Settings\All Users\Data aplikací\Atheros
2016-03-11 19:08:20 ----A---- C:\WINDOWS\system32\IPTests.dll
2016-03-11 19:08:20 ----A---- C:\WINDOWS\system32\acs.exe
2016-03-11 19:07:27 ----A---- C:\WINDOWS\system32\wsimd.sys
2016-03-11 19:07:27 ----A---- C:\WINDOWS\system32\drivers\wsimd.sys
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\wsimd.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\wsfwDS.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\wgapi.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\wcapiU.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\wcapi.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\dsaNac.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\dsa.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\athcfg20U.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\athcfg20resU.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\athcfg20res.dll
2016-03-11 19:07:26 ----A---- C:\WINDOWS\system32\athcfg20.dll
2016-03-11 19:07:25 ----D---- C:\Program Files\TP-LINK
2016-03-11 19:07:25 ----A---- C:\WINDOWS\system32\W32N55.INI
2016-03-11 19:07:25 ----A---- C:\WINDOWS\system32\W32N55.dll
2016-03-11 19:07:25 ----A---- C:\WINDOWS\system32\Scutum.dll
2016-03-11 19:07:25 ----A---- C:\WINDOWS\system32\drivers\Scutum50.sys
2016-03-11 19:07:25 ----A---- C:\WINDOWS\system32\DiagFunc.ini
2016-03-11 19:07:25 ----A---- C:\WINDOWS\system32\DiagFunc.dll
2016-03-11 19:07:25 ----A---- C:\WINDOWS\system32\CTAAEI.dll
2016-03-11 19:06:29 ----HD---- C:\Program Files\InstallShield Installation Information
2016-03-11 19:06:29 ----A---- C:\WINDOWS\system32\drivers\athuw.sys
2016-03-11 19:06:29 ----A---- C:\WINDOWS\system32\athuw.sys
2016-03-11 19:06:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
2016-03-11 19:03:37 ----HD---- C:\Program Files\Uninstall Information
2016-03-11 19:03:23 ----SD---- C:\Documents and Settings\Petr Hamrský\Data aplikací\Microsoft
2016-03-11 19:03:23 ----ASH---- C:\Documents and Settings\Petr Hamrský\Data aplikací\desktop.ini
2016-03-11 19:02:48 ----D---- C:\WINDOWS\SoftwareDistribution
2016-03-11 19:02:46 ----D---- C:\WINDOWS\Prefetch
2016-03-11 19:02:45 ----SD---- C:\WINDOWS\system32\Microsoft
2016-03-11 19:02:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-03-11 19:01:21 ----AS---- C:\WINDOWS\bootstat.dat
2016-03-11 18:57:39 ----D---- C:\WINDOWS\system32\xircom
2016-03-11 18:57:39 ----D---- C:\WINDOWS\system32\restore
2016-03-11 18:57:39 ----D---- C:\WINDOWS\system32\inetsrv
2016-03-11 18:57:39 ----D---- C:\Program Files\xerox
2016-03-11 18:57:39 ----D---- C:\Program Files\outlook express
2016-03-11 18:57:39 ----D---- C:\Program Files\netmeeting
2016-03-11 18:57:39 ----D---- C:\Program Files\movie maker
2016-03-11 18:57:39 ----D---- C:\Program Files\microsoft frontpage
2016-03-11 18:57:19 ----RASH---- C:\MSDOS.SYS
2016-03-11 18:57:19 ----RASH---- C:\IO.SYS
2016-03-11 18:57:19 ----A---- C:\WINDOWS\control.ini
2016-03-11 18:57:19 ----A---- C:\CONFIG.SYS
2016-03-11 18:57:19 ----A---- C:\AUTOEXEC.BAT
2016-03-11 18:57:07 ----A---- C:\WINDOWS\system32\mapi32.dll
2016-03-11 18:56:35 ----SD---- C:\WINDOWS\Tasks
2016-03-11 18:56:10 ----HD---- C:\Program Files\WindowsUpdate
2016-03-11 18:55:52 ----D---- C:\WINDOWS\system32\DirectX
2016-03-11 18:55:43 ----A---- C:\WINDOWS\system32\atrace.dll
2016-03-11 18:55:40 ----A---- C:\WINDOWS\system32\desktop.ini
2016-03-11 18:55:40 ----A---- C:\WINDOWS\desktop.ini
2016-03-11 18:55:33 ----D---- C:\WINDOWS\Úlohy
2016-03-11 18:55:33 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2016-03-11 18:55:32 ----D---- C:\Program Files\Common Files\MSSoap
2016-03-11 18:55:23 ----D---- C:\WINDOWS\srchasst
2016-03-11 18:55:22 ----D---- C:\WINDOWS\system32\Macromed
2016-03-11 18:55:20 ----A---- C:\WINDOWS\system32\wuweb.dll
2016-03-11 18:55:20 ----A---- C:\WINDOWS\system32\wucltui.dll
2016-03-11 18:55:20 ----A---- C:\WINDOWS\system32\wuauserv.dll
2016-03-11 18:55:20 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\wups.dll
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2016-03-11 18:55:19 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2016-03-11 18:55:18 ----A---- C:\WINDOWS\system32\qmgr.dll
2016-03-11 18:55:01 ----A---- C:\WINDOWS\system32\safrslv.dll
2016-03-11 18:55:01 ----A---- C:\WINDOWS\system32\safrdm.dll
2016-03-11 18:55:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2016-03-11 18:55:01 ----A---- C:\WINDOWS\system32\racpldlg.dll
2016-03-11 18:54:56 ----A---- C:\WINDOWS\system32\fltMc.exe
2016-03-11 18:54:56 ----A---- C:\WINDOWS\system32\fltlib.dll
2016-03-11 18:54:56 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2016-03-11 18:54:55 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-11 18:54:55 ----A---- C:\WINDOWS\system32\mstinit.exe
2016-03-11 18:54:55 ----A---- C:\WINDOWS\system32\mstask.dll
2016-03-11 18:54:54 ----A---- C:\WINDOWS\system32\isign32.dll
2016-03-11 18:54:54 ----A---- C:\WINDOWS\system32\inetcfg.dll
2016-03-11 18:54:54 ----A---- C:\WINDOWS\system32\icwphbk.dll
2016-03-11 18:54:54 ----A---- C:\WINDOWS\system32\icwdial.dll
2016-03-11 18:54:48 ----D---- C:\Program Files\Common Files\System
2016-03-11 18:54:46 ----D---- C:\Program Files\Internet Explorer
2016-03-11 18:54:37 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-03-11 18:54:29 ----D---- C:\Program Files\ComPlus Applications
2016-03-11 18:54:27 ----A---- C:\WINDOWS\vbaddin.ini
2016-03-11 18:54:27 ----A---- C:\WINDOWS\vb.ini
2016-03-11 18:54:23 ----D---- C:\WINDOWS\Registration
2016-03-11 18:53:46 ----D---- C:\Program Files\Windows Media Connect 2
2016-03-11 18:53:45 ----D---- C:\Program Files\Windows Media Player
2016-03-11 18:53:39 ----D---- C:\Program Files\MSN Gaming Zone
2016-03-11 18:53:39 ----A---- C:\WINDOWS\system32\write.exe
2016-03-11 18:53:31 ----A---- C:\WINDOWS\system32\sndvol32.exe
2016-03-11 18:53:25 ----A---- C:\WINDOWS\system32\getuname.dll
2016-03-11 18:53:24 ----A---- C:\WINDOWS\system32\sol.exe
2016-03-11 18:53:24 ----A---- C:\WINDOWS\system32\charmap.exe
2016-03-11 18:53:24 ----A---- C:\WINDOWS\system32\calc.exe
2016-03-11 18:53:23 ----A---- C:\WINDOWS\system32\winmine.exe
2016-03-11 18:53:23 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2016-03-11 18:53:23 ----A---- C:\WINDOWS\system32\reset.exe
2016-03-11 18:53:23 ----A---- C:\WINDOWS\system32\mshearts.exe
2016-03-11 18:53:23 ----A---- C:\WINDOWS\system32\freecell.exe
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\tslabels.ini
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\tskill.exe
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\tscon.exe
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\shadow.exe
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\rwinsta.exe
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\regini.exe
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2016-03-11 18:53:22 ----A---- C:\WINDOWS\system32\qwinsta.exe
2016-03-11 18:53:21 ----A---- C:\WINDOWS\system32\qappsrv.exe
2016-03-11 18:53:21 ----A---- C:\WINDOWS\system32\msg.exe
2016-03-11 18:53:21 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2016-03-11 18:53:21 ----A---- C:\WINDOWS\system32\logoff.exe
2016-03-11 18:53:21 ----A---- C:\WINDOWS\system32\cdmodem.dll
2016-03-11 18:53:15 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2016-03-11 18:53:13 ----D---- C:\Program Files\Windows NT
2016-03-11 18:53:13 ----A---- C:\WINDOWS\system32\sndrec32.exe
2016-03-11 18:53:13 ----A---- C:\WINDOWS\system32\mplay32.exe
2016-03-11 18:53:13 ----A---- C:\WINDOWS\system32\accwiz.exe
2016-03-11 18:53:12 ----A---- C:\WINDOWS\system32\spider.exe
2016-03-11 18:53:12 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-03-11 18:53:12 ----A---- C:\WINDOWS\system32\clipbrd.exe
2016-03-11 18:53:11 ----A---- C:\WINDOWS\system32\tsgqec.dll
2016-03-11 18:53:11 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2016-03-11 18:53:11 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2016-03-11 18:53:11 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2016-03-11 18:53:11 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2016-03-11 18:53:10 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2016-03-11 18:53:10 ----A---- C:\WINDOWS\system32\aaclient.dll
2016-03-11 18:53:09 ----A---- C:\WINDOWS\system32\sessmgr.exe
2016-03-11 18:53:09 ----A---- C:\WINDOWS\system32\remotepg.dll
2016-03-11 18:53:09 ----A---- C:\WINDOWS\system32\rdshost.exe
2016-03-11 18:53:09 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2016-03-11 18:53:09 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-11 18:53:09 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-03-11 18:53:08 ----A---- C:\WINDOWS\system32\termsrv.dll
2016-03-11 18:53:08 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2016-03-11 18:53:08 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2016-03-11 18:53:08 ----A---- C:\WINDOWS\system32\rdpclip.exe
2016-03-11 18:53:08 ----A---- C:\WINDOWS\system32\rdchost.dll
2016-03-11 18:53:08 ----A---- C:\WINDOWS\system32\qprocess.exe
2016-03-11 18:53:08 ----A---- C:\WINDOWS\system32\icaapi.dll
2016-03-11 18:53:08 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-03-11 18:53:07 ----D---- C:\WINDOWS\system32\MsDtc
2016-03-11 18:53:07 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-03-11 18:53:07 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2016-03-11 18:53:07 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-03-11 18:53:06 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-03-11 18:53:06 ----A---- C:\WINDOWS\system32\msdtctm.dll
2016-03-11 18:53:06 ----A---- C:\WINDOWS\system32\msdtclog.dll
2016-03-11 18:53:06 ----A---- C:\WINDOWS\system32\msdtc.exe
2016-03-11 18:53:05 ----D---- C:\WINDOWS\system32\Com
2016-03-11 18:53:05 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2016-03-11 18:53:05 ----A---- C:\WINDOWS\system32\mtxex.dll
2016-03-11 18:53:05 ----A---- C:\WINDOWS\system32\mtxdm.dll
2016-03-11 18:53:05 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2016-03-11 18:53:05 ----A---- C:\WINDOWS\system32\comrepl.dll
2016-03-11 18:53:05 ----A---- C:\WINDOWS\system32\comaddin.dll
2016-03-11 18:53:05 ----A---- C:\WINDOWS\system32\colbact.dll
2016-03-11 18:53:04 ----A---- C:\WINDOWS\system32\stclient.dll
2016-03-11 18:53:04 ----A---- C:\WINDOWS\system32\clbcatex.dll
2016-03-11 18:53:04 ----A---- C:\WINDOWS\system32\catsrvut.dll
2016-03-11 18:53:04 ----A---- C:\WINDOWS\system32\catsrvps.dll
2016-03-11 18:53:04 ----A---- C:\WINDOWS\system32\catsrv.dll
2016-03-11 18:53:03 ----A---- C:\WINDOWS\system32\comuid.dll
2016-03-11 18:53:03 ----A---- C:\WINDOWS\system32\comsvcs.dll
2016-03-11 18:53:03 ----A---- C:\WINDOWS\system32\comsnap.dll
2016-03-11 18:53:02 ----A---- C:\WINDOWS\system32\clbcatq.dll
2016-03-11 18:52:56 ----A---- C:\WINDOWS\system32\servdeps.dll
2016-03-11 18:52:56 ----A---- C:\WINDOWS\system32\mmfutil.dll
2016-03-11 18:52:55 ----A---- C:\WINDOWS\system32\licwmi.dll
2016-03-11 18:52:55 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2016-03-11 18:52:55 ----A---- C:\WINDOWS\system32\cmprops.dll
2016-03-11 18:52:54 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2016-03-20 23:46:06 ----A---- C:\WINDOWS\system.ini
2016-03-11 20:01:46 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2016-03-11 18:57:17 ----A---- C:\WINDOWS\win.ini
2016-03-11 18:56:51 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2016-03-11 218688]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-20 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2016-03-11 21361]
R3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2013-06-28 1763584]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2013-06-28 57440]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-08-02 3198560]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;SB Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2007-06-15 1127936]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2013-06-28 58208]
S3 catchme;catchme; \??\C:\DOCUME~1\PETRHA~1\LOCALS~1\Temp\catchme.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2015-12-06 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2015-12-06 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 acs;Configuration Service; C:\WINDOWS\system32\acs.exe [2013-06-28 503808]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2016-03-17 182696]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
R2 PDFsam Manager;PDFsam Manager; C:\Documents and Settings\All Users\Data aplikací\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe [2015-11-13 1050224]
R2 RalinkRegistryWriter;RalinkRegistryWriter; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe [2013-06-28 376832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-11 154440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-11 154440]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [2013-06-28 364544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

a log combofixu

ComboFix 16-03-19.01 - Petr Hamrský 20.03.2016 23:41:34.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2602 [GMT 1:00]
Spuštěný z: c:\documents and settings\Petr Hamrskř\Dokumenty\Downloads\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\regopt.log
i:\recycler\S-1-5-18\Di1\1025\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1028\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1029\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1030\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1031\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1032\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1033\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1035\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1036\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1037\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1038\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1040\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1041\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1042\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1043\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1044\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1045\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1046\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1049\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1053\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\1055\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\2052\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\2070\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\3076\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di1\3082\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1025\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1028\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1029\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1030\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1031\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1032\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1033\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1035\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1036\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1037\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1038\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1040\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1041\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1042\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1043\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1044\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1045\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1046\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1049\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1053\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\1055\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\2052\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\2070\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\3076\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di2\3082\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1025\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1028\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1029\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1030\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1031\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1032\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1033\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1035\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1036\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1037\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1038\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1040\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1041\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1042\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1043\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1044\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1045\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1046\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1049\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1053\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\1055\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\2052\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\2070\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\3076\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di3\3082\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1025\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1028\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1029\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1030\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1031\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1032\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1033\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1035\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1036\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1037\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1038\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1040\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1041\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1042\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1043\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1044\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1045\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1046\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1049\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1053\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\1055\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\2052\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\2070\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\3076\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di4\3082\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1025\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1028\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1029\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1030\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1031\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1032\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1033\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1035\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1036\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1037\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1038\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1040\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1041\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1042\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1043\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1044\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1045\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1046\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1049\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1053\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\1055\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\2052\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\2070\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\3076\HotFixInstallerUI.dll
i:\recycler\S-1-5-18\Di5\3082\HotFixInstallerUI.dll
.
c:\windows\system32\srsvc.dll . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-20 do 2016-03-20 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-11 19:01 . 2003-03-28 03:24 114688 ----a-w- c:\windows\system32\OpenAL32.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2015-12-06 . 52151D558097554AF316BC526D4AAB29 . 361600 . . [5.1.2600.6935] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2015-12-06 . 218B3BBB1FAD634A84FB1A1BB030D956 . 78336 . . [5.1.2600.6260] . . c:\windows\system32\browser.dll
.
[-] 2015-12-06 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
.
[-] 2015-12-06 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
.
[-] 2015-12-06 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
.
[-] 2015-12-06 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2001-09-20 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2015-12-06 15:19 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
.
[-] 2015-12-06 . 8FCD8501AFFD89FB1F40CDABA21C880F . 991744 . . [5.1.2600.6532] . . c:\windows\system32\kernel32.dll
.
[-] 2015-12-06 . 72B5B9AF2C6FBD80D137DA442F50561A . 6013440 . . [8.00.6001.23758] . . c:\windows\system32\mshtml.dll
.
[-] 2015-12-06 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
.
[-] 2015-12-06 . 8B9884067070E5D9C18DF19B06ED4CE3 . 920064 . . [8.00.6001.23758] . . c:\windows\system32\wininet.dll
.
[-] 2015-12-06 . AB74B27168A3FDD2B437D09A6EDD8CA9 . 1289728 . . [5.1.2600.6854] . . c:\windows\system32\ole32.dll
.
[-] 2015-12-06 . DFCB3C794F39C7F96B7A5AD8C7DC6E32 . 406528 . . [1.0420.2600.6557] . . c:\windows\system32\usp10.dll
.
.
[-] 2010-12-09 . AB5CE6ECA795C0AAD55D6584293D7B51 . 713216 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
.
[-] 2015-12-06 . A1369BA4933815CFB7D0961521A698AC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
.
[-] 2015-12-06 15:24 . 2BC3ED47ACB42F664D5D1D247F2553AA . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
.
[-] 2015-12-06 15:14 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\system32\mspmsnsv.dll
.
[-] 2015-12-06 . AD6C62A92E45D26D733AEC9A61C9C849 . 2030592 . . [5.1.2600.6748] . . c:\windows\system32\ntkrnlpa.exe
.
[-] 2015-12-06 . 6DFE49F9AF741E69D3D3CD19E9023E75 . 2151936 . . [5.1.2600.6748] . . c:\windows\system32\ntoskrnl.exe
.
c:\windows\System32\srsvc.dll ... chybí !!
c:\windows\System32\regsvc.dll ... chybí !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative MediaSource Go"="c:\program files\Creative\MediaSource5\Go\CTCMSGoU.exe" [2006-11-09 204800]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]
"nwiz"="nwiz.exe" [2005-08-02 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"P17Helper"="P17.dll" [2005-05-03 64512]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2015-12-06 128512]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
TP-LINK Wireless Configuration Utility.lnk - c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2016-3-11 847360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Documents and Settings\\Petr Hamrský\\Data aplikací\\uTorrent\\uTorrent.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [11.3.2016 20:18 218688]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [11.3.2016 19:06 1763584]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [11.3.2016 19:08 57440]
S2 PDFsam Manager;PDFsam Manager;c:\documents and settings\All Users\Data aplikací\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe [13.11.2015 10:48 1050224]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [11.3.2016 19:08 364544]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-11 18:14 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-03-11 18:11]
.
2016-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-03-11 18:11]
.
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
uInternet Connection Wizard,ShellNext = ftp://petr.pianovka.cz/
TCP: DhcpNameServer = 192.168.2.1 192.168.10.1 10.11.0.251
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-03-20 23:45
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2016-03-20 23:47:15
ComboFix-quarantined-files.txt 2016-03-20 22:47
.
Před spuštěním: 3 430 416 384
Po spuštění: 3 484 057 600
.
- - End Of File - - 9239728F3245CAEAD23D828EED9FF811
413FC2A0C716421B3158746D63736515

Zdravím ale za hrátky s ComboFixem tě nepochválím

V příloze jsou chybějící knihovny
rozbalíš a obě nakopíruješ do C:\Windows\system32
a do C:\WINDOWS\system32\dllcache

Při otevření jednoho z disků se mi okamžitě začne smolit hromada souborů do dočasné složky %temp%

o který oddíl/disk se jedná? jaké soubory jsou v tempu např.?

Jedná se o disk I:

rpoměnná temp je na jiném disku C

přikládám výpis adresáře proměnné %temp% (při každém otevření se vytvářejí nové a nové soubory)
Svazek v jednotce C nem  § dnou jmenovku.
S‚riov‚ źˇslo svazku je 6881-9A59.

Věpis adres ýe C:\DOCUME~1\PETRHA~1\LOCALS~1\Temp

21.03.2016 11:35 <DIR> .
21.03.2016 11:35 <DIR> ..
21.03.2016 11:33 726 jusched.log
17.09.2013 02:36 4˙811˙753 Thu10.tmp
24.03.2014 10:24 14˙394˙201 Thu100.tmp
22.03.2014 15:04 21˙480˙443 Thu101.tmp
22.03.2014 15:14 17˙248˙344 Thu102.tmp
18.08.2014 02:59 1˙390˙018 Thu103.tmp
08.11.2014 14:02 211˙412 Thu104.tmp
08.11.2014 13:06 176˙977 Thu105.tmp
07.09.2013 15:11 8˙833˙274 Thu106.tmp
22.04.2014 18:11 1˙333˙759 Thu107.tmp
15.02.2014 01:23 22˙907˙599 Thu108.tmp
17.02.2014 01:59 39˙628˙160 Thu109.tmp
23.09.2014 07:23 270˙872 Thu10A.tmp
01.12.2013 23:34 34˙373 Thu10B.tmp
14.02.2014 18:15 41˙666˙848 Thu10C.tmp
20.07.2014 22:58 730˙541 Thu10D.tmp
14.12.2014 13:08 7˙910˙483 Thu10E.tmp
04.05.2015 15:02 4˙211˙614 Thu10F.tmp
21.08.2014 21:17 4˙468˙920 Thu11.tmp
11.02.2014 10:44 1˙166˙256 Thu110.tmp
12.03.2015 12:44 968˙614 Thu111.tmp
15.10.2015 12:50 587˙512 Thu112.tmp
18.04.2014 00:50 6˙336˙292 Thu113.tmp
14.07.2014 19:09 5˙437˙530 Thu114.tmp
16.10.2015 20:21 7˙326˙594 Thu115.tmp
30.09.2013 02:11 1˙446˙784 Thu116.tmp
29.09.2013 16:46 161˙024 Thu117.tmp
20.12.2014 18:15 769˙166 Thu118.tmp
02.11.2013 20:02 412˙604 Thu119.tmp
15.09.2013 14:53 9˙326˙992 Thu11A.tmp
02.11.2014 10:44 79˙864˙323 Thu11B.tmp
04.05.2015 15:07 1˙360˙427 Thu11C.tmp
12.02.2014 23:48 6˙567˙432 Thu11D.tmp
25.09.2013 16:01 59˙858 Thu12.tmp
06.09.2013 01:26 30˙131˙742 Thu122.tmp
06.09.2013 01:26 6˙988˙813 Thu123.tmp
06.09.2013 01:26 23˙625˙920 Thu124.tmp
14.02.2014 00:36 1˙751˙624 Thu128.tmp
02.05.2015 16:12 122˙377 Thu129.tmp
24.05.2014 06:17 278˙669 Thu12A.tmp
01.08.2014 12:10 441˙719 Thu12B.tmp
15.09.2012 17:44 192˙230 Thu12C.tmp
03.09.2012 23:07 1˙947˙858 Thu12D.tmp
23.03.2014 05:06 514˙373 Thu12E.tmp
10.11.2014 10:11 513˙147 Thu12F.tmp
25.09.2013 19:59 387˙699 Thu13.tmp
27.06.2013 23:36 492˙442 Thu130.tmp
13.03.2015 20:33 448˙972 Thu131.tmp
06.04.2014 04:34 3˙288˙489 Thu132.tmp
26.04.2014 15:38 7˙976˙545 Thu133.tmp
29.10.2013 22:51 1˙506˙533 Thu134.tmp
30.09.2013 00:24 308˙476 Thu135.tmp
16.08.2012 16:10 1˙328˙021 Thu136.tmp
09.01.2015 21:11 3˙923˙083 Thu137.tmp
19.12.2013 00:38 3˙362˙319 Thu138.tmp
10.03.2015 14:29 158˙834 Thu139.tmp
22.12.2013 01:09 1˙007˙012 Thu13A.tmp
21.11.2011 00:59 712˙773 Thu13B.tmp
29.06.2014 13:33 214˙821 Thu13C.tmp
23.04.2014 01:00 258˙803 Thu13D.tmp
28.01.2014 21:32 1˙245˙959 Thu13E.tmp
22.08.2014 22:30 20˙513˙286 Thu13F.tmp
25.09.2013 19:58 332˙215 Thu14.tmp
27.01.2015 13:07 599˙699 Thu140.tmp
02.12.2014 15:57 318˙332 Thu141.tmp
10.11.2014 00:43 318˙332 Thu142.tmp
26.02.2014 17:50 273˙991 Thu143.tmp
27.09.2012 12:16 51˙280 Thu144.tmp
26.11.2012 14:27 299˙667 Thu145.tmp
26.11.2012 13:24 506˙964 Thu146.tmp
21.06.2015 20:37 171˙236 Thu147.tmp
08.03.2014 00:12 620˙154 Thu148.tmp
19.09.2015 13:46 511˙720 Thu149.tmp
20.10.2014 11:16 184˙205 Thu14A.tmp
14.07.2014 21:20 358˙914 Thu14B.tmp
18.08.2013 19:02 317˙401 Thu14C.tmp
10.01.2015 15:46 414˙665 Thu14D.tmp
11.04.2015 10:20 270˙446 Thu14E.tmp
04.09.2013 23:45 270˙446 Thu14F.tmp
17.09.2013 02:11 527˙502 Thu15.tmp
26.11.2012 13:29 681˙356 Thu150.tmp
05.11.2013 01:41 557˙053 Thu151.tmp
20.03.2014 08:13 295˙736 Thu152.tmp
20.12.2014 21:33 722˙757 Thu153.tmp
24.09.2015 02:21 477˙276 Thu154.tmp
14.07.2014 17:54 756˙371 Thu155.tmp
18.09.2015 20:04 511˙720 Thu156.tmp
13.01.2015 15:00 896˙412 Thu157.tmp
11.12.2014 18:52 2˙521˙513 Thu158.tmp
23.03.2015 10:42 1˙010˙897 Thu159.tmp
12.07.2011 22:29 190˙151 Thu15A.tmp
12.12.2011 21:59 5˙390˙465 Thu15B.tmp
20.05.2015 14:50 545˙850 Thu15C.tmp
24.08.2014 02:28 510˙166 Thu15D.tmp
12.09.2013 00:37 820˙733 Thu15E.tmp
11.12.2014 18:42 510˙504 Thu15F.tmp
20.09.2015 02:58 885˙236 Thu160.tmp
06.02.2014 01:41 3˙908˙924 Thu161.tmp
16.02.2012 21:50 857˙376 Thu162.tmp
25.07.2013 08:21 798˙304 Thu163.tmp
16.02.2012 22:13 411˙705 Thu164.tmp
29.10.2013 22:25 2˙204˙353 Thu165.tmp
30.09.2013 00:28 346˙712 Thu166.tmp
08.03.2014 01:14 1˙103˙732 Thu167.tmp
22.01.2014 07:35 999˙181 Thu168.tmp
03.07.2012 00:11 253˙300 Thu169.tmp
21.01.2014 03:48 141˙360 Thu16A.tmp
07.03.2014 22:05 2˙870˙643 Thu16B.tmp
06.04.2014 04:25 2˙347˙193 Thu16C.tmp
25.06.2011 11:59 924˙171 Thu16D.tmp
26.04.2014 15:40 2˙893˙498 Thu16E.tmp
19.12.2014 22:47 237˙555 Thu16F.tmp
07.02.2013 16:20 1˙480˙542 Thu170.tmp
16.08.2012 17:06 319˙948 Thu171.tmp
16.08.2012 09:14 620˙796 Thu172.tmp
21.07.2014 11:54 2˙198˙288 Thu173.tmp
17.02.2015 11:14 502˙262 Thu174.tmp
11.11.2013 02:20 163˙005 Thu175.tmp
08.03.2015 02:43 743˙229 Thu176.tmp
15.06.2011 09:52 330˙215 Thu177.tmp
19.05.2015 22:13 328˙172 Thu178.tmp
11.04.2015 12:55 28˙824˙163 Thu179.tmp
02.10.2013 15:33 532˙318 Thu17A.tmp
10.02.2012 16:26 2˙563˙294 Thu17B.tmp
10.02.2012 14:09 38˙782 Thu17C.tmp
28.05.2015 19:03 2˙015˙621 Thu17D.tmp
27.04.2014 17:27 278˙533 Thu17E.tmp
13.09.2013 14:52 33˙621 Thu17F.tmp
17.09.2014 16:17 1˙811˙384 Thu180.tmp
19.10.2014 15:36 86˙254 Thu181.tmp
03.03.2014 10:59 190˙396 Thu182.tmp
18.10.2014 17:24 317˙401 Thu183.tmp
26.09.2013 12:23 804˙521 Thu184.tmp
10.11.2014 10:08 682˙052 Thu185.tmp
21.01.2013 21:53 2˙746˙811 Thu186.tmp
12.09.2013 09:38 100˙994 Thu187.tmp
27.02.2013 02:10 603˙326 Thu188.tmp
20.06.2013 10:50 6˙634˙833 Thu189.tmp
18.04.2015 22:25 181˙352 Thu18A.tmp
12.09.2012 14:47 396˙616 Thu18B.tmp
13.09.2014 09:20 91˙949 Thu18C.tmp
01.04.2015 22:57 248˙403 Thu18D.tmp
06.09.2013 01:54 126˙823 Thu18E.tmp
25.09.2013 20:04 2˙044˙442 Thu18F.tmp
25.09.2013 19:56 1˙908˙129 Thu190.tmp
25.09.2013 20:35 1˙908˙353 Thu191.tmp
04.11.2013 11:57 2˙219˙678 Thu192.tmp
25.09.2013 23:01 237˙669 Thu193.tmp
11.08.2014 15:20 132˙676 Thu194.tmp
19.08.2012 11:36 262˙169 Thu195.tmp
22.01.2014 13:02 596˙437 Thu196.tmp
19.01.2014 02:05 596˙437 Thu197.tmp
09.09.2011 17:42 331˙213 Thu198.tmp
13.06.2015 13:44 1˙013˙291 Thu199.tmp
22.09.2014 10:12 460˙599 Thu19A.tmp
27.01.2014 23:56 4˙959˙265 Thu19B.tmp
25.09.2014 09:49 5˙476˙232 Thu19C.tmp
11.04.2014 00:18 134˙435 Thu19D.tmp
11.04.2014 00:14 528˙785 Thu19E.tmp
11.04.2014 00:26 185˙440 Thu19F.tmp
12.09.2014 05:09 991˙471 Thu1A.tmp
11.04.2014 00:28 483˙067 Thu1A0.tmp
11.04.2014 00:18 483˙067 Thu1A1.tmp
27.06.2015 11:10 16˙120 Thu1A2.tmp
27.06.2015 11:18 16˙759 Thu1A3.tmp
19.09.2014 10:32 880˙986 Thu1A4.tmp
16.06.2015 14:30 973˙912 Thu1A5.tmp
13.09.2013 15:12 314˙283 Thu1A6.tmp
18.10.2014 17:38 386˙413 Thu1A7.tmp
18.08.2011 10:52 487˙817 Thu1A8.tmp
01.06.2011 00:38 479˙579 Thu1A9.tmp
24.09.2014 22:54 183˙398 Thu1AA.tmp
22.05.2011 03:12 257˙177 Thu1AB.tmp
15.07.2013 07:01 152˙698 Thu1AC.tmp
11.10.2012 21:03 7˙691˙957 Thu1AD.tmp
24.09.2015 02:16 383˙409 Thu1AE.tmp
21.03.2015 14:44 300˙508 Thu1AF.tmp
12.09.2014 05:12 1˙572˙640 Thu1B.tmp
20.02.2015 21:44 600˙730 Thu1B0.tmp
02.07.2011 11:21 149˙385 Thu1B1.tmp
09.01.2014 16:54 456˙306 Thu1B2.tmp
26.09.2013 02:55 449˙510 Thu1B3.tmp
10.11.2014 11:32 2˙610˙801 Thu1B4.tmp
22.07.2013 09:48 1˙988˙201 Thu1B5.tmp
11.04.2015 14:29 76˙925 Thu1B6.tmp
26.03.2015 10:10 76˙925 Thu1B7.tmp
29.01.2014 11:48 438˙616 Thu1B8.tmp
28.11.2012 20:09 870˙797 Thu1B9.tmp
13.01.2012 13:50 122˙173 Thu1BA.tmp
15.07.2014 10:42 396˙309 Thu1BB.tmp
11.12.2013 16:29 751˙036 Thu1BC.tmp
21.07.2013 15:55 751˙036 Thu1BD.tmp
11.12.2013 16:29 701˙969 Thu1BE.tmp
11.12.2013 16:29 642˙325 Thu1BF.tmp
12.09.2014 05:12 1˙375˙760 Thu1C.tmp
11.12.2013 16:29 801˙272 Thu1C0.tmp
22.01.2014 07:29 1˙227˙924 Thu1C1.tmp
22.01.2014 16:58 1˙712˙988 Thu1C2.tmp
21.07.2013 15:38 1˙712˙988 Thu1C3.tmp
23.07.2013 00:06 363˙061 Thu1C4.tmp
22.07.2013 19:15 344˙142 Thu1C5.tmp
23.05.2014 22:01 413˙591 Thu1C6.tmp
30.09.2013 14:48 385˙296 Thu1C7.tmp
29.01.2014 11:47 169˙910 Thu1C8.tmp
29.01.2014 11:46 169˙910 Thu1C9.tmp
29.01.2014 11:47 169˙910 Thu1CA.tmp
30.05.2013 11:34 52˙329˙301 Thu1CB.tmp
06.09.2013 02:31 1˙386˙375 Thu1CC.tmp
24.03.2015 22:23 779˙627 Thu1CD.tmp
06.06.2015 08:54 814˙970 Thu1CE.tmp
30.10.2012 23:39 131˙093 Thu1CF.tmp
12.09.2014 05:08 1˙081˙548 Thu1D.tmp
19.09.2014 10:43 1˙407˙566 Thu1D0.tmp
12.12.2011 22:16 289˙062 Thu1D1.tmp
25.07.2013 11:27 8˙412˙470 Thu1D2.tmp
16.05.2014 21:49 1˙367˙540 Thu1D3.tmp
16.05.2014 21:51 1˙367˙540 Thu1D4.tmp
11.03.2014 15:37 1˙386˙288 Thu1D5.tmp
28.06.2014 14:45 1˙010˙782 Thu1D6.tmp
04.06.2015 11:14 6˙649˙901 Thu1D7.tmp
03.03.2015 20:18 1˙029˙530 Thu1D8.tmp
11.11.2013 03:27 1˙872˙456 Thu1D9.tmp
22.12.2014 17:47 276˙312 Thu1DA.tmp
13.09.2012 22:55 908˙605 Thu1DB.tmp
07.10.2012 12:29 555˙796 Thu1DC.tmp
06.04.2013 14:14 13˙755 Thu1DD.tmp
14.11.2013 19:01 119˙245 Thu1DE.tmp
04.11.2013 10:45 279˙362 Thu1DF.tmp
12.09.2014 05:08 1˙759˙430 Thu1E.tmp
22.04.2015 22:58 632˙030 Thu1E0.tmp
14.04.2014 17:48 2˙389˙040 Thu1E1.tmp
26.04.2015 16:31 259˙665 Thu1E2.tmp
26.04.2015 15:55 1˙633˙505 Thu1E3.tmp
26.04.2015 15:55 287˙496 Thu1E4.tmp
02.07.2012 21:20 41˙943 Thu1E5.tmp
18.12.2014 21:36 211˙613 Thu1E6.tmp
21.11.2011 00:57 226˙136 Thu1E7.tmp
18.10.2014 17:43 184˙994 Thu1E8.tmp
01.05.2015 18:44 4˙015˙206 Thu1E9.tmp
27.07.2013 15:10 162˙477 Thu1EA.tmp
20.03.2014 00:42 486˙142 Thu1EB.tmp
12.09.2014 06:41 274˙668 Thu1EC.tmp
19.11.2013 13:12 5˙604˙828 Thu1ED.tmp
14.03.2015 03:21 342˙016 Thu1EE.tmp
23.02.2013 21:58 4˙855˙043 Thu1EF.tmp
12.09.2014 05:11 1˙448˙595 Thu1F.tmp
23.02.2013 22:01 11˙128˙593 Thu1F0.tmp
23.08.2012 13:42 90˙237 Thu1F1.tmp
10.03.2015 14:30 16˙270 Thu1F2.tmp
23.04.2015 09:02 776˙101 Thu1F3.tmp
02.12.2014 13:41 537˙332 Thu1F4.tmp
26.02.2014 17:29 296˙710 Thu1F5.tmp
29.10.2013 22:09 760˙129 Thu1F6.tmp
29.10.2013 23:06 172˙936 Thu1F7.tmp
26.02.2014 14:40 29˙367˙302 Thu1F8.tmp
22.12.2013 01:24 1˙090˙081 Thu1F9.tmp
21.07.2013 15:53 1˙232˙001 Thu1FA.tmp
23.08.2012 12:30 166˙230 Thu1FB.tmp
08.02.2015 16:00 1˙108˙949 Thu1FC.tmp
27.02.2015 23:23 3˙425˙068 Thu1FD.tmp
24.05.2014 06:12 300˙236 Thu1FE.tmp
12.03.2015 10:36 696˙571 Thu1FF.tmp
12.09.2014 05:12 1˙664˙371 Thu20.tmp
14.01.2015 16:48 241˙499 Thu200.tmp
12.07.2011 21:28 459˙164 Thu201.tmp
17.04.2015 17:49 2˙037˙015 Thu202.tmp
28.03.2014 00:52 133˙843 Thu203.tmp
07.09.2014 19:58 672˙200 Thu204.tmp
21.03.2014 07:49 1˙425˙821 Thu205.tmp
10.04.2014 11:22 409˙225 Thu206.tmp
09.07.2012 08:00 32˙300 Thu207.tmp
27.09.2012 22:13 2˙215˙497 Thu208.tmp
25.08.2012 22:14 1˙878˙747 Thu209.tmp
26.05.2015 17:38 1˙569˙638 Thu20A.tmp
19.09.2012 00:24 1˙007˙145 Thu20B.tmp
19.09.2012 00:22 802˙292 Thu20C.tmp
21.07.2013 22:23 2˙558˙938 Thu20D.tmp
13.10.2013 02:19 1˙640˙890 Thu20E.tmp
29.09.2013 01:15 150˙348 Thu20F.tmp
12.09.2014 05:11 1˙203˙982 Thu21.tmp
01.04.2015 12:52 271˙574 Thu210.tmp
01.04.2015 12:55 289˙039 Thu211.tmp
01.07.2014 20:44 756˙371 Thu212.tmp
08.01.2014 02:02 9˙987˙507 Thu213.tmp
17.04.2014 11:39 39˙875 Thu214.tmp
04.02.2015 18:59 61˙972 Thu215.tmp
15.07.2011 11:25 137˙946 Thu216.tmp
11.01.2015 12:55 213˙488 Thu217.tmp
17.07.2011 15:36 2˙719˙874 Thu218.tmp
22.04.2014 16:04 1˙991˙298 Thu219.tmp
22.04.2014 19:45 2˙991˙412 Thu21A.tmp
21.01.2014 15:19 46˙437 Thu21B.tmp
18.12.2014 16:18 328˙292 Thu21C.tmp
17.02.2012 19:03 622˙451 Thu21D.tmp
01.10.2012 11:00 6˙434˙590 Thu21E.tmp
22.04.2014 16:08 715˙310 Thu21F.tmp
12.09.2014 05:10 1˙215˙407 Thu22.tmp
22.04.2014 16:07 715˙310 Thu220.tmp
02.06.2014 10:49 1˙438˙591 Thu221.tmp
19.08.2012 11:37 675˙777 Thu222.tmp
19.08.2012 11:39 517˙885 Thu223.tmp
19.08.2012 11:35 221˙797 Thu224.tmp
19.08.2012 11:38 399˙201 Thu225.tmp
19.08.2012 11:38 533˙545 Thu226.tmp
19.08.2012 11:39 1˙075˙348 Thu227.tmp
19.08.2012 10:57 7˙861˙526 Thu228.tmp
13.02.2015 11:17 3˙439˙593 Thu229.tmp
26.04.2013 18:52 160˙916 Thu22A.tmp
21.07.2013 10:36 467˙288 Thu22B.tmp
13.10.2014 13:58 31˙295 Thu22C.tmp
20.01.2014 22:21 336˙287 Thu22D.tmp
16.02.2012 22:23 90˙437 Thu22E.tmp
03.02.2014 11:55 798˙189 Thu22F.tmp
12.09.2014 05:09 1˙203˙868 Thu23.tmp
12.01.2014 00:12 1˙238˙850 Thu230.tmp
01.09.2012 15:55 1˙750˙995 Thu231.tmp
22.05.2011 13:40 1˙316˙060 Thu232.tmp
30.10.2013 15:54 153˙160 Thu233.tmp
24.09.2012 22:48 2˙907˙712 Thu234.tmp
13.10.2014 10:27 3˙575˙760 Thu235.tmp
16.09.2014 12:53 15˙727˙842 Thu236.tmp
11.09.2013 23:32 8˙306˙906 Thu237.tmp
16.05.2014 22:17 171˙554 Thu238.tmp
16.08.2012 16:34 227˙478 Thu239.tmp
07.10.2012 00:28 139˙108 Thu23A.tmp
28.03.2014 00:32 1˙050˙639 Thu23B.tmp
22.08.2014 22:21 2˙134˙919 Thu23C.tmp
25.10.2012 23:04 2˙628˙530 Thu23D.tmp
11.07.2014 10:58 12˙720˙805 Thu23F.tmp
12.09.2014 05:12 1˙383˙510 Thu24.tmp
23.07.2013 01:37 6˙496˙432 Thu240.tmp
01.12.2012 13:12 2˙755˙089 Thu241.tmp
25.11.2014 19:37 4˙956˙672 Thu242.tmp
24.07.2011 18:57 4˙956˙672 Thu243.tmp
26.11.2012 15:03 166˙026 Thu244.tmp
23.09.2013 09:56 7˙311˙457 Thu245.tmp
29.01.2014 11:43 438˙616 Thu246.tmp
13.09.2014 14:03 4˙427˙401 Thu247.tmp
10.08.2014 18:01 1˙235˙456 Thu248.tmp
12.11.2014 15:57 2˙134˙716 Thu249.tmp
13.09.2012 18:42 9˙310˙571 Thu24A.tmp
17.10.2014 17:28 4˙134˙973 Thu24B.tmp
20.01.2014 22:43 305˙108 Thu24C.tmp
04.11.2013 13:47 1˙033˙196 Thu24D.tmp
21.07.2013 16:33 2˙001˙039 Thu24E.tmp
26.09.2013 08:50 266˙285 Thu24F.tmp
12.09.2014 05:11 929˙155 Thu25.tmp
17.04.2012 09:16 16˙907 Thu250.tmp
09.04.2014 13:31 584˙591 Thu251.tmp
13.03.2015 20:05 693˙884 Thu252.tmp
21.12.2012 09:47 382˙356 Thu253.tmp
17.07.2011 15:43 2˙723˙374 Thu254.tmp
21.01.2014 03:23 125˙954 Thu255.tmp
18.09.2014 19:59 57˙307 Thu256.tmp
12.06.2013 00:18 1˙015˙950 Thu257.tmp
29.06.2014 11:28 491˙475 Thu258.tmp
21.12.2014 23:14 154˙879 Thu259.tmp
23.08.2014 11:45 4˙259˙840 Thu25A.tmp
15.03.2011 22:09 439˙534 Thu25B.tmp
16.07.2013 20:22 1˙860˙275 Thu25C.tmp
13.12.2011 00:56 289˙766 Thu25D.tmp
09.06.2014 23:34 666˙914 Thu25E.tmp
19.07.2013 09:20 1˙612˙186 Thu25F.tmp
12.09.2014 05:10 651˙094 Thu26.tmp
21.11.2011 00:57 226˙136 Thu260.tmp
21.02.2015 13:00 256˙976 Thu261.tmp
09.01.2014 16:45 1˙781˙808 Thu262.tmp
17.10.2014 17:34 1˙351˙834 Thu263.tmp
01.12.2012 10:39 1˙764˙678 Thu264.tmp
21.07.2014 11:47 395˙330 Thu265.tmp
21.07.2014 11:46 44˙147 Thu266.tmp
27.01.2014 23:49 3˙588˙074 Thu267.tmp
27.01.2014 23:50 4˙544˙143 Thu268.tmp
09.03.2014 02:08 789˙067 Thu269.tmp
29.06.2014 10:57 530˙117 Thu26A.tmp
29.09.2014 06:58 931˙236 Thu26B.tmp
22.02.2015 11:12 284˙058 Thu26C.tmp
06.05.2015 18:12 982˙372 Thu26D.tmp
23.03.2015 11:03 214˙436 Thu26E.tmp
14.07.2014 17:42 81˙781 Thu26F.tmp
12.09.2014 05:10 948˙929 Thu27.tmp
14.07.2014 17:57 14˙716˙409 Thu270.tmp
14.07.2014 09:31 410˙862 Thu271.tmp
29.09.2013 03:34 681˙869 Thu272.tmp
12.07.2011 21:36 684˙911 Thu273.tmp
21.07.2013 16:29 2˙031˙009 Thu274.tmp
13.01.2015 12:51 303˙667 Thu275.tmp
13.02.2015 11:15 768˙277 Thu276.tmp
07.10.2013 13:28 422˙650 Thu277.tmp
07.01.2014 17:45 298˙172 Thu278.tmp
05.11.2013 13:11 292˙443 Thu279.tmp
17.04.2012 11:07 3˙390˙435 Thu27A.tmp
20.01.2014 22:10 435˙345 Thu27B.tmp
12.06.2014 23:14 1˙024˙355 Thu27C.tmp
24.03.2015 10:34 2˙414˙647 Thu27D.tmp
12.02.2013 02:29 657˙902 Thu27E.tmp
11.09.2013 15:37 1˙069˙422 Thu27F.tmp
12.09.2014 05:10 663˙774 Thu28.tmp
15.07.2013 07:08 1˙027˙977 Thu280.tmp
18.08.2013 17:27 316˙503 Thu281.tmp
24.05.2015 13:39 175˙806 Thu282.tmp
26.04.2015 11:15 7˙736˙374 Thu283.tmp
10.04.2014 11:26 77˙634 Thu284.tmp
22.04.2013 12:05 799˙358 Thu285.tmp
15.08.2013 08:22 377˙880 Thu286.tmp
04.03.2015 17:15 314˙289 Thu287.tmp
16.08.2011 08:28 9˙521˙461 Thu288.tmp
14.04.2013 21:26 488˙456 Thu289.tmp
13.04.2015 23:36 230˙710 Thu28A.tmp
04.09.2014 14:48 273˙481 Thu28B.tmp
10.03.2015 14:15 353˙280 Thu28C.tmp
09.06.2015 15:17 253˙056 Thu28D.tmp
07.06.2015 21:19 298˙542 Thu28E.tmp
10.03.2014 02:05 401˙685 Thu28F.tmp
12.09.2014 05:10 1˙225˙518 Thu29.tmp
12.11.2014 13:25 261˙748 Thu290.tmp
12.09.2014 22:03 245˙541 Thu291.tmp
11.02.2015 11:28 409˙459 Thu292.tmp
11.02.2015 11:04 555˙678 Thu293.tmp
17.03.2015 22:18 327˙015 Thu294.tmp
12.01.2014 00:54 450˙901 Thu295.tmp
21.07.2014 08:11 387˙707 Thu296.tmp
31.05.2014 11:50 156˙661 Thu297.tmp
08.03.2015 01:17 1˙283˙301 Thu298.tmp
30.06.2011 10:24 2˙716˙491 Thu299.tmp
23.04.2012 12:40 218˙342 Thu29A.tmp
23.08.2014 05:34 453˙609 Thu29B.tmp
08.03.2014 00:04 789˙067 Thu29C.tmp
16.08.2012 17:22 854˙927 Thu29D.tmp
14.02.2014 00:35 1˙056˙234 Thu29E.tmp
22.12.2013 00:58 996˙518 Thu29F.tmp
12.09.2014 05:09 953˙152 Thu2A.tmp
22.12.2013 00:57 996˙518 Thu2A0.tmp
16.05.2014 21:21 974˙609 Thu2A1.tmp
24.04.2014 01:33 1˙778˙469 Thu2A2.tmp
20.01.2014 20:45 1˙415˙922 Thu2A3.tmp
29.09.2014 07:04 1˙165˙096 Thu2A4.tmp
21.07.2013 16:41 1˙165˙096 Thu2A5.tmp
14.03.2015 03:09 1˙181˙678 Thu2A6.tmp
01.12.2013 22:39 382˙700 Thu2A7.tmp
23.09.2011 09:58 165˙237 Thu2A8.tmp
22.08.2014 22:10 1˙292˙857 Thu2A9.tmp
21.07.2013 16:38 3˙981˙362 Thu2AA.tmp
22.01.2014 16:50 328˙327 Thu2AB.tmp
23.08.2012 15:52 1˙325˙130 Thu2AC.tmp
16.12.2014 12:14 489˙001 Thu2AD.tmp
12.03.2015 12:39 496˙688 Thu2AE.tmp
12.11.2014 15:53 277˙348 Thu2AF.tmp
12.09.2014 05:11 884˙118 Thu2B.tmp
14.10.2014 12:01 277˙348 Thu2B0.tmp
11.03.2015 19:45 109˙914 Thu2B1.tmp
12.03.2015 15:39 220˙334 Thu2B2.tmp
22.02.2015 11:09 453˙691 Thu2B3.tmp
16.05.2014 17:20 431˙519 Thu2B4.tmp
24.09.2015 02:41 701˙398 Thu2B5.tmp
11.12.2014 12:17 701˙398 Thu2B6.tmp
08.02.2015 16:01 1˙108˙949 Thu2B7.tmp
21.07.2013 16:34 861˙790 Thu2B8.tmp
21.07.2013 16:34 1˙022˙945 Thu2B9.tmp
10.10.2013 14:28 422˙284 Thu2BA.tmp
10.10.2013 14:28 574˙343 Thu2BB.tmp
21.07.2013 16:34 574˙343 Thu2BC.tmp
21.07.2013 16:34 395˙304 Thu2BD.tmp
21.07.2013 16:35 392˙890 Thu2BE.tmp
21.07.2013 16:35 634˙537 Thu2BF.tmp
12.09.2014 05:13 1˙632˙145 Thu2C.tmp
21.07.2013 16:35 2˙152˙712 Thu2C0.tmp
14.01.2015 19:35 495˙836 Thu2C1.tmp
25.09.2013 17:14 2˙044˙471 Thu2C2.tmp
12.09.2012 17:00 232˙522 Thu2C3.tmp
07.02.2014 13:18 22˙421 Thu2C4.tmp
09.07.2012 07:55 31˙858 Thu2C5.tmp
30.09.2014 14:04 27˙225 Thu2C6.tmp
06.04.2013 21:29 362˙542 Thu2C7.tmp
06.04.2013 21:51 362˙848 Thu2C8.tmp
20.06.2013 09:28 245˙465 Thu2C9.tmp
22.09.2014 14:00 13˙294 Thu2CA.tmp
12.09.2012 17:38 199˙503 Thu2CB.tmp
11.04.2013 10:50 1˙503˙336 Thu2CC.tmp
11.03.2014 17:22 386˙108 Thu2CD.tmp
11.03.2014 17:26 386˙185 Thu2CE.tmp
11.03.2014 17:19 385˙925 Thu2CF.tmp
12.09.2014 05:08 2˙178˙687 Thu2D.tmp
12.09.2012 18:22 196˙233 Thu2D0.tmp
18.05.2015 14:22 201˙857 Thu2D1.tmp
24.01.2014 12:53 1˙559˙849 Thu2D2.tmp
07.04.2013 02:02 328˙745 Thu2D3.tmp
11.08.2014 14:50 132˙314 Thu2D4.tmp
13.08.2014 06:24 127˙277 Thu2D5.tmp
18.05.2015 14:28 321˙473 Thu2D6.tmp
23.08.2014 12:44 3˙544˙493 Thu2D7.tmp
22.08.2014 21:37 3˙544˙493 Thu2D8.tmp
25.09.2014 10:25 8˙250˙354 Thu2D9.tmp
25.09.2014 10:19 3˙546˙540 Thu2DA.tmp
30.09.2014 14:07 27˙225 Thu2DB.tmp
07.04.2013 00:52 219˙282 Thu2DC.tmp
07.04.2013 01:37 283˙079 Thu2DD.tmp
18.05.2015 11:34 537˙623 Thu2DE.tmp
28.04.2015 10:24 370˙497 Thu2DF.tmp
29.06.2015 10:11 964˙405 Thu2E0.tmp
13.09.2012 21:31 216˙869 Thu2E1.tmp
06.04.2013 21:35 249˙998 Thu2E2.tmp
07.04.2013 13:00 250˙020 Thu2E3.tmp
18.05.2015 13:37 381˙911 Thu2E4.tmp
30.09.2014 22:24 393˙814 Thu2E5.tmp
30.09.2014 22:30 267˙272 Thu2E6.tmp
30.05.2014 08:35 347˙113 Thu2E7.tmp
08.06.2015 16:20 1˙754˙735 Thu2E8.tmp

a navíc se na tom disku I: objevuje pravidelně (i přes mé smazání) složka s podivným nesmyslným názvem a následujícím obsahem
Svazek v jednotce I je TERA.
S‚riov‚ źˇslo svazku je 66BE-1231.

Věpis adres ýe I:\fb171417582d8d2c00268933

21.03.2016 11:44 <DIR> .
21.03.2016 11:44 <DIR> ..
30.01.2009 17:23 249˙856 drmupgds.exe
30.01.2009 20:33 991˙744 drmv2clt.dll
30.01.2009 20:33 11˙264 laprxy.dll
13.11.2015 14:18 <DIR> locbin
30.01.2009 17:37 100˙864 logagent.exe
30.01.2009 20:33 212˙992 mfplat.dll
30.01.2009 20:33 259˙072 mp43decd.dll
30.01.2009 20:33 4˙096 mp43dmod.dll
30.01.2009 20:33 317˙440 mp4sdecd.dll
30.01.2009 20:33 4˙096 mp4sdmod.dll
30.01.2009 20:33 259˙072 mpg4decd.dll
30.01.2009 20:33 4˙096 mpg4dmod.dll
30.01.2009 20:33 179˙712 msnetobj.dll
30.01.2009 20:33 27˙136 mspmsnsv.dll
30.01.2009 20:33 175˙616 mspmsp.dll
30.01.2009 20:33 414˙720 msscp.dll
30.01.2009 20:33 321˙536 mswmdm.dll
30.01.2009 20:34 254˙976 portabledeviceapi.dll
30.01.2009 20:34 101˙888 portabledeviceclassextension.dll
30.01.2009 20:34 166˙912 portabledevicetypes.dll
30.01.2009 20:34 132˙096 portabledevicewiacompat.dll
30.01.2009 20:34 199˙168 portabledevicewmdrm.dll
30.01.2009 20:34 211˙456 qasf.dll
13.02.2008 12:52 213˙216 spuninst.exe
13.02.2008 12:52 22˙752 spupdsvc.exe
13.11.2015 14:18 <DIR> update
02.02.2009 20:01 8˙704 uwdf.exe
21.03.2016 11:44 0 vypis.txt
30.01.2009 20:34 4˙096 wdfapi.dll
02.02.2009 20:01 8˙704 wdfmgr.exe
30.01.2009 20:34 757˙248 wmadmod.dll
30.01.2009 20:34 1˙117˙696 wmadmoe.dll
30.01.2009 20:34 222˙208 wmasf.dll
30.01.2009 20:34 33˙792 wmdmlog.dll
30.01.2009 20:34 37˙376 wmdmps.dll
30.01.2009 20:34 429˙056 wmdrmdev.dll
30.01.2009 20:34 348˙672 wmdrmnet.dll
30.01.2009 20:34 535˙040 wmdrmsdk.dll
30.01.2009 20:34 157˙184 wmidx.dll
30.01.2009 20:34 938˙496 wmnetmgr.dll
30.01.2009 20:34 4˙096 wmsdmod.dll
30.01.2009 20:34 4˙096 wmsdmoe2.dll
30.01.2009 17:40 1˙669˙632 wmsetsdk.exe
30.01.2009 20:34 604˙160 wmspdmod.dll
30.01.2009 20:34 1˙329˙152 wmspdmoe.dll
30.01.2009 20:34 4˙096 wmvadvd.dll
30.01.2009 20:34 4˙096 wmvadve.dll
30.01.2009 20:34 2˙458˙112 wmvcore.dll
30.01.2009 20:35 1˙543˙680 wmvdecod.dll
30.01.2009 20:35 4˙096 wmvdmod.dll
30.01.2009 20:35 4˙096 wmvdmoe2.dll
30.01.2009 20:35 1˙575˙424 wmvencod.dll
30.01.2009 20:35 1˙382˙912 wmvsdecd.dll
30.01.2009 20:35 767˙488 wmvsencd.dll
30.01.2009 20:35 656˙896 wmvxencd.dll
30.01.2009 20:35 35˙840 wpdconns.dll
02.02.2009 20:01 13˙312 wpdinstallutil.dll
30.01.2009 20:35 154˙624 wpdmtp.dll
13.02.2008 10:07 8˙019 wpdmtp.inf
30.01.2009 20:35 671˙232 wpdmtpdr.dll
13.02.2008 10:07 1˙816 wpdmtphw.inf
30.01.2009 20:35 63˙488 wpdmtpus.dll
30.01.2009 20:35 2˙603˙008 wpdshext.dll
30.01.2009 17:21 17˙408 wpdshextautoplay.exe
30.01.2009 20:35 133˙632 wpdshserviceobj.dll
30.01.2009 20:35 356˙352 wpdsp.dll
30.01.2009 17:20 38˙528 wpdusb.sys
30.01.2009 20:35 629˙760 wpd_ci.dll
66 soubor…, 26˙173˙099 bajt…
Adres ý…: 4, Volněch bajt…: 166˙002˙331˙648

I:\ podobnou složku si na oddílu s nejvěším volným prostorem vytvářely aktualizace
zakaž Automatické aktualizace - stejně už pro WinXP žádné navycházejí

Vyčisti Ccleanerem

Stáhni Ccleaner - http://www.filehippo.com/download_ccleaner
Při instalaci vyhodit fajfku u instalace různých toolbarů

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Obnova systému" - 1.řádek zachovej, ostatní "Odstranit"
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)
Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Jakou verzi MBAM tam máš a chodí ti?