﻿Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014
Ran by jan.vojir (administrator) on TURBOPIXLA25 on 13-03-2014 13:50:24
Running from C:\Klienti\jan\frst
Microsoft(R) Windows(R) Server 2003, Enterprise Edition Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(Apache Software Foundation) C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\WebServer\bin\Apache.exe
(Apache Software Foundation) C:\www\prog\apache\bin\httpd.exe
() C:\Program Files\freeSSHd\FreeSSHDService.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Apache Software Foundation) C:\www\prog\apache\bin\httpd.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(LSI  Logic Corporation) C:\Program Files\Fujitsu Siemens\RAID\bin\mr2kserv.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndassvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\snmp.exe
(Microsoft Corporation) C:\WINDOWS\System32\snmptrap.exe
() C:\Program Files\Fujitsu Siemens\RAID\bin\SpySer.exe
(Apache Software Foundation) C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\WebServer\bin\Apache.exe
(Crawler.com) C:\Program Files\Spyware Terminator\sp_rsser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\WINDOWS\system32\lserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\scripts\ServerView\SnmpTrap\AlarmService.exe
(Fujitsu Siemens Computer GmbH) C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\scripts\ServerView\SnmpTrap\SnmpTrapListen.exe
() C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\scripts\ServerView\SnmpTrap\SVFwdServer.exe
() C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\scripts\ServerView\SnmpArchive\SVArchiveServer.exe
() C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\scripts\ServerView\common\SVServerListService.exe
() C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\scripts\ServerView\SnmpExport\ExportServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(Lexmark International, Inc.) C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
( ) C:\WINDOWS\system32\LMabcoms.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(Lexmark International, Inc.) C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Dropbox, Inc.) C:\Documents and Settings\benglik\Application Data\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\logon.scr
(C. Ghisler & Co.) C:\Program Files\wincmd\WINCMD32.EXE
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Jan Lukeš) C:\Documents and Settings\terenska\Programy LAST.CZ\eDoc\eDoc.exe
(C. Ghisler & Co.) C:\Program Files\TC PowerPack\totalcmd.exe
(Microsoft Corporation) C:\WINDOWS\msagent\AgentSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
() C:\WINDOWS\system32\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Dominik Reichl) C:\Program Files\KeePass Password Safe 2\KeePass.exe
(Dominik Reichl) C:\Program Files\KeePass Password Safe 2\KeePass.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Dominik Reichl) C:\Program Files\KeePass Password Safe 2\KeePass.exe
() C:\WINDOWS\system32\svhost.exe
() c:\windows\system32\servger.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(C. Ghisler & Co.) C:\Program Files\wincmd\WINCMD32.EXE
(Dominik Reichl) C:\Program Files\KeePass Password Safe 2\KeePass.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Microsoft Corporation) C:\WINDOWS\system32\tsadmin.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(MicroWorld Technologies Inc.) C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\mexe.com
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Jan Lukeš) C:\Documents and Settings\nikola\Application Data\eDoc\eDoc.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(STORMWARE s.r.o.) C:\Program Files\STORMWARE\POHODA\Pohoda.exe
(STORMWARE s.r.o.) C:\Program Files\STORMWARE\POHODA\StwPh.exe
() c:\DOCUME~1\ALLUSE~1\drm\%SESSI~1\upd956.tmp
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.com
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Citrix Online, a division of Citrix Systems, Inc.) C:\Program Files\Citrix\GoToAssist\482\G2AProcessFactory.exe
(Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
(Broadcom Corporation) C:\Program Files\Broadcom\BACS\BacsTray.exe
(ArcSoft Inc.) C:\Program Files\ArcSoft\MediaConverter 3\Monitor.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Apache Software Foundation) C:\www\prog\apache\bin\ApacheMonitor.exe
(XIMETA, Inc.) C:\Program Files\NDAS\System\ndasmgmt.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\scrnsave.scr
(Last.CZ) C:\Documents and Settings\renca\Application Data\Popisy-CZ\LastPopisy.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\scrcons.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [bacstray] - C:\Program Files\Broadcom\BACS\BacsTray.exe [118784 2006-03-06] (Broadcom Corporation)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207360 2010-03-18] (ArcSoft Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [KeePass 2 PreLoad] - C:\Program Files\KeePass Password Safe 2\KeePass.exe [2065408 2013-11-03] (Dominik Reichl)
HKLM\...\Winlogon: [UIHost] %SystemRoot%\system32\logonui.exe [x ] ()
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\482\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [ShowSuperHidden] 1
HKLM\...\Command Processor:  <======= ATTENTION
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ION) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ION) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ION) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 15] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ION) in session 1] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ION) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 18] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATOPRAMEN) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [Epson (from ZLATOPRAMEN) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from TEREZA-NOTES) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 17] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 16] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 15] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [Epson B-500DN-nahore] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from TEREZA-NOTES) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from TEREZA-NOTES) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from TEREZA-NOTES) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from TEREZA-NOTES) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ION) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SVIJANY) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SVIJANY) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 1] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ION) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SILAS-PC) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SILAS-PC) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from ION) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-dole (from SILAS-PC) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from SILAS-PC) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from ZLATOPRAMEN) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from ION) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from ION) in session 1] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 1] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from ION) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BERNARD) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from ION) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 15] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 16] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 15] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 17] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 18] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 21] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from ION) in session 19] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 17] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 19] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 16] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 20] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 21] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 19] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 18] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 20] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 16] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 24] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 18] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from TABLETPC) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 20] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from ION) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 22] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from ZLATOPRAMEN) in session 23] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from TABLETPC) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 17] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 15] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from TABLETPC) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from TABLETPC) in session 17] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-nahore (from ION) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from BECHER) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from BECHER) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from BECHER) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from BECHER) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from BECHER) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from BECHER) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from BECHER) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from BECHER) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 1] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 16] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 15] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 19] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 16] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 18] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [epsonka (from BERNARD) in session 1] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN-Politickych veznu (from HOLBA) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 1] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPSON B-500DN (from BOBIK) in session 15] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\RunOnce: [tscuninstall] - C:\WINDOWS\system32\tscupgrd.exe [44032 2003-03-25] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [tscuninstall] - C:\WINDOWS\system32\tscupgrd.exe [44032 2003-03-25] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] - C:\WINDOWS\system32\tscupgrd.exe [44032 2003-03-25] (Microsoft Corporation)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1008\...\Run: [] - [X]
HKU\S-1-5-21-3703102239-2470674662-1986853604-1008\...\Run: [SpywareTerminatorUpdate] - "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
HKU\S-1-5-21-3703102239-2470674662-1986853604-1008\...\Run: [EPSON B-500DN-dole] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1008\...\Run: [EPSON B-500DN-dole (from SILAS-PC) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1008\...\Run: [EPSON B-500DN-nahore (from SILAS-PC) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1008\...\Run: [Epson B-500DN-nahore] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1008\...\Run: [EPSON B-500DN-Politickych veznu] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1008\...\MountPoints2: ##Acer-notes#D - Y:\Start.exe
HKU\S-1-5-21-3703102239-2470674662-1986853604-1014\...\Run: [] - [X]
HKU\S-1-5-21-3703102239-2470674662-1986853604-1014\...\Run: [LMab1err] - C:\Program Files\Lexmark\ErrorApp\LMab1err.exe [713648 2007-06-20] (Lexmark International, Inc.)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1014\...\Run: [\\TEREZA-NOTES\B-500DN(Network)] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1014\...\Run: [Epson B-500DN-nahore] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1018\...\Run: [] - [X]
HKU\S-1-5-21-3703102239-2470674662-1986853604-1018\...\Run: [LMab1err] - C:\Program Files\Lexmark\ErrorApp\LMab1err.exe [713648 2007-06-20] (Lexmark International, Inc.)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1023\...\Run: [] - [X]
HKU\S-1-5-21-3703102239-2470674662-1986853604-1023\...\Run: [LMab1err] - C:\Program Files\Lexmark\ErrorApp\LMab1err.exe [713648 2007-06-20] (Lexmark International, Inc.)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-dole] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 8] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 6] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 2] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 7] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 12] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 16] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 15] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 3] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 4] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 10] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1053\...\Run: [EPSON B-500DN-Politickych veznu (from HOLBA) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1057\...\Run: [EPSON B-500DN-Politickych veznu] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1065\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1065\...\Run: [EPSON B-500DN-Politickych veznu] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1071\...\Run: [B-500DN(Network) (from BECHER) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1071\...\Run: [EPSON B-500DN-Jama (from HOLBA) in session 5] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1071\...\Run: [B-500DN(Network) (from ZLATYBAZANT) in session 11] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1071\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 13] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1071\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 9] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3703102239-2470674662-1986853604-1071\...\Run: [B-500DN(Network) (from GAMBRINUS) in session 14] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATICYE.EXE [185856 2008-03-17] (SEIKO EPSON CORPORATION)
Lsa: [Notification Packages] RASSFM KDCSVC WDIGEST scecli
Startup: C:\Documents and Settings\benglik\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\jan.vojir\Application Data\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Documents and Settings\jlukes\Start Menu\Programs\Startup\MySQL System Tray Monitor.lnk
ShortcutTarget: MySQL System Tray Monitor.lnk -> C:\Program Files\MySQL\MySQL Tools for 5.0\MySQLSystemTrayMonitor.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/hardAdmin.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
DPF: {14E35D5F-DEBA-4DB3-B2ED-17542BA12D1F} http://192.168.0.111/AV718.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {FF3BA0DA-79B5-4110-8FAC-C402D85AAEDA} http://192.168.0.249/view.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 03 %SystemRoot%\System32\mswsock.dll [256000] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\..\Interfaces\{4E2EFCD6-730D-4296-ACD6-265C5F483B63}: [NameServer]194.228.2.1,194.228.41.113
Tcpip\..\Interfaces\{EB456402-4E18-40B1-AFA3-3D7FA97B195A}: [NameServer]192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\jan.vojir\Application Data\Mozilla\Firefox\Profiles\48eh458e.default-1385986042157
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @macromedia.com/FlashPlayer9 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-05]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-05]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] - C:\Program Files\Crawler\Toolbar\firefox\
FF Extension: Crawler Toolbar - C:\Program Files\Crawler\Toolbar\firefox\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-06-30]

========================== Services (Whitelisted) =================

S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 amService; C:\Program Files\Fujitsu Siemens\RAID\amService.exe [16384 2006-09-26] (Fujitsu Siemens Computers GmbH)
R2 Apache2; C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\WebServer\bin\Apache.exe [14336 2006-07-24] (Apache Software Foundation)
R2 Apache2.2; C:\www\prog\apache\bin\httpd.exe [20549 2013-07-10] (Apache Software Foundation)
R2 AudioSrv; C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\qmxcf.cc3 [22105981 2014-02-24] ()
S3 Dfs; C:\WINDOWS\system32\Dfssvc.exe [164864 2007-02-17] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 FreeSSHDService; C:\Program Files\freeSSHd\FreeSSHDService.exe [851968 2008-03-06] ()
S2 FSC Download Service; C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\scripts\ServerView\Download\DownloadServerSVC.exe [123014 2006-10-20] (Fujitsu Siemens Computers)
R2 FSC ServerView Services; C:\Program Files\Fujitsu Siemens\ServerView\ServerView Services\scripts\ServerView\SnmpTrap\AlarmService.exe [77956 2006-10-20] (Fujitsu Siemens Computers)
S2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] ()
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [14336 2007-02-17] (Microsoft Corporation)
S4 IsmServ; C:\WINDOWS\System32\ismserv.exe [40448 2007-02-17] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153584 2012-09-24] (Sun Microsystems, Inc.)
S4 kdc; C:\WINDOWS\System32\lsass.exe [13312 2003-03-25] (Microsoft Corporation)
S4 LicenseService; C:\WINDOWS\System32\llssrv.exe [94720 2007-02-17] (Microsoft Corporation)
R3 lmab_device; C:\WINDOWS\system32\LMabcoms.exe [508848 2007-01-12] ( )
R2 mr2kserv; C:\Program Files\Fujitsu Siemens\RAID\bin\mr2kserv.exe [69632 2006-03-06] (LSI  Logic Corporation)
S3 msftesql; c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe [91992 2010-03-26] (Microsoft Corporation)
S3 msftesql$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [91992 2010-03-26] (Microsoft Corporation)
R2 MSFtpsvc; C:\WINDOWS\system32\inetsrv\inetinfo.exe [14336 2007-02-17] (Microsoft Corporation)
R2 MSSQL$MICROSOFTSMLBIZ; c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe [9158656 2008-12-18] (Microsoft Corporation)
S3 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 MySQL_558; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [10175 2013-04-14] ()
R2 ndassvc; C:\Program Files\NDAS\System\ndassvc.exe [236520 2007-06-29] (XIMETA, Inc.)
R2 NntpSvc; C:\WINDOWS\system32\inetsrv\inetinfo.exe [14336 2007-02-17] (Microsoft Corporation)
S3 NtFrs; C:\WINDOWS\system32\ntfrs.exe [792064 2007-02-17] (Microsoft Corporation)
R2 NVIDIA Display Driver Service; C:\WINDOWS\system32\daemonu.exe [126976 2014-02-22] ()
R2 Please Input Service Nior; C:\WINDOWS\system32\svhost.exe [32768 2014-03-03] ()
S3 ReportServer; c:\Program Files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe [16912 2008-08-05] (Microsoft Corporation)
S3 ReportServer$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL.2\Reporting Services\ReportServer\bin\ReportingServicesService.exe [16912 2008-08-05] (Microsoft Corporation)
S3 RSoPProv; C:\WINDOWS\system32\RSoPProv.exe [67072 2007-02-17] (Microsoft Corporation)
S3 sacsvr; C:\WINDOWS\system32\sacsvr.dll [12288 2003-03-25] (Microsoft Corporation)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [14336 2007-02-17] (Microsoft Corporation)
R2 SpySer; C:\Program Files\Fujitsu Siemens\RAID\bin\SpySer.exe [270336 2006-03-06] ()
R2 sp_rssrv; C:\Program Files\Spyware Terminator\sp_rsser.exe [487424 2009-08-13] (Crawler.com)
S3 SQLAgent$MICROSOFTSMLBIZ; c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE [323584 2005-05-03] (Microsoft Corporation)
R2 TermServLicensing; C:\WINDOWS\system32\lserver.exe [349696 2007-02-17] (Microsoft Corporation)
S4 TrkSvr; C:\WINDOWS\system32\trksvr.dll [50688 2003-03-25] (Microsoft Corporation)
S4 Tssdis; C:\WINDOWS\System32\tssdis.exe [71168 2007-02-17] (Microsoft Corporation)
S3 uploadmgr; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [39936 2007-02-17] (Microsoft Corporation)
R2 Xgvyji Mkhrdqij Bxo; C:\WINDOWS\System32\Kimhtdct.bmp [17574400 2014-03-03] ()
R2 Eventlog;  [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

R0 AACMgt; C:\WINDOWS\system32\Drivers\AACMgt.sys [93427 2006-03-06] (Adaptec, Inc.)
R2 BASFND; C:\Program Files\Broadcom\SNMP\BASFND.sys [6025 2003-04-24] (Broadcom Corporation)
S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [67072 2006-01-19] (Broadcom Corporation)
R0 CFsDep; C:\WINDOWS\System32\DRIVERS\CFsDep.sys [19296 2011-11-07] (Citrix Systems, Inc.)
S4 ClusDisk; C:\WINDOWS\System32\DRIVERS\ClusDisk.sys [69120 2007-02-17] (Microsoft Corporation)
R3 cvhdbus; C:\WINDOWS\System32\DRIVERS\cvhdbus52.sys [62080 2011-11-07] (Citrix Systems, Inc.)
R0 DfsDriver; C:\WINDOWS\System32\drivers\Dfs.sys [34816 2007-02-17] (Microsoft Corporation)
S3 FTEVTNTF; C:\WINDOWS\system32\drivers\FTEVTNTF.sys [2304 2007-06-20] ()
R3 G200e; C:\WINDOWS\System32\DRIVERS\G200em.sys [201216 2006-10-30] (Matrox Graphics Inc.)
R0 lfsfilt; C:\WINDOWS\System32\DRIVERS\lfsfilt.sys [254440 2007-06-29] (XIMETA, Inc.)
R0 lpx; C:\WINDOWS\System32\DRIVERS\lpx.sys [62056 2007-06-29] (XIMETA, Inc.)
R0 msas2k3; C:\WINDOWS\System32\drivers\msas2k3.sys [18944 2006-08-23] (LSI Logic Corporation)
R3 ndasbus; C:\WINDOWS\System32\DRIVERS\ndasbus.sys [75880 2007-06-29] (XIMETA, Inc.)
R1 ndasfat; C:\WINDOWS\system32\DRIVERS\ndasfat.sys [372584 2007-06-29] (XIMETA, Inc.)
S3 ndasscsi; C:\WINDOWS\System32\DRIVERS\ndasscsi.sys [187368 2007-06-29] (XIMETA, Inc.)
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [142592 2009-08-13] ()
S4 adpu320; No ImagePath
S4 afcnt; No ImagePath
S3 ALSysIO; \??\C:\DOCUME~1\JAN~1.VOJ\LOCALS~1\Temp\c\ALSysIO.sys [X]
S4 cpqarry2; No ImagePath
S4 cpqcissm; No ImagePath
S4 cpqfcalm; No ImagePath
S4 dellcerc; No ImagePath
S4 hpt3xx; No ImagePath
S4 iirsp; No ImagePath
S4 IntelIde; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 ipsraidn; No ImagePath
U3 LicenseInfo; No ImagePath
S4 lp6nds35; No ImagePath
S4 nfrd960; No ImagePath
S4 ql2100; No ImagePath
S4 ql2200; No ImagePath
S4 ql2300; No ImagePath
U5 sacdrv; C:\Windows\System32\Drivers\sacdrv.sys [72704 2007-02-17] (Microsoft Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [105472 2007-02-17] (Microsoft Corporation)
S4 symmpi; No ImagePath
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit?

==================== NetSvcs (Whitelisted) ===================

NETSVC: Sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation)
NETSVC: TrkSvr -> C:\Windows\system32\trksvr.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2014-03-13 13:50 - 2014-03-13 13:50 - 00015327 _____ () C:\Documents and Settings\jan.vojir\Desktop\LM.bat
2014-03-13 13:50 - 2014-03-13 13:50 - 00000000 ____D () C:\FRST
2014-03-13 09:32 - 2014-03-13 13:41 - 00000000 ____D () C:\Documents and Settings\renca\Local Settings\Temp\a
2014-03-12 06:55 - 2014-03-12 06:55 - 00039783 _____ () C:\WINDOWS\KB2930275.log
2014-03-12 06:55 - 2014-03-12 06:55 - 00039763 _____ () C:\WINDOWS\KB2929961.log
2014-03-11 08:40 - 2014-03-13 12:34 - 00000000 ____D () C:\Documents and Settings\nikola\Local Settings\Temp\6
2014-03-10 11:50 - 2014-03-10 11:51 - 08898138 _____ () C:\WINDOWS\REGBK00.ZIP
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\VDLL.DLL
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\system32\runouce.exe
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\rundll16.exe
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\RUNDL132.EXE
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\logo1_.exe
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\logo_1.exe
2014-03-10 11:34 - 2014-03-10 11:34 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2014-03-10 11:34 - 2014-03-10 11:34 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2014-03-10 11:34 - 2014-03-10 11:34 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2014-03-10 11:34 - 2014-03-10 11:34 - 00000000 ____D () C:\Program Files\Common Files\MicroWorld
2014-03-10 11:34 - 2007-02-17 23:34 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\REGEDIT.COM
2014-03-10 11:34 - 2007-02-17 23:34 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\R.COM
2014-03-10 11:34 - 2007-02-17 03:04 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\TASKMGR.COM
2014-03-10 11:34 - 2007-02-17 03:04 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\T.COM
2014-03-10 11:34 - 2005-09-22 23:22 - 00000522 _____ () C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest
2014-03-10 10:26 - 2014-03-10 10:28 - 00000000 ____D () C:\AdwCleaner
2014-03-10 10:01 - 2014-03-10 10:01 - 00004383 _____ () C:\Documents and Settings\jan.vojir\Desktop\RKreport[0]_D_03102014_100145.txt
2014-03-10 09:41 - 2014-03-10 09:41 - 00004779 _____ () C:\Documents and Settings\jan.vojir\Desktop\RKreport[0]_S_03102014_094138.txt
2014-03-10 09:34 - 2014-03-10 10:23 - 00000000 ____D () C:\Documents and Settings\jan.vojir\Desktop\RK_Quarantine
2014-03-06 00:14 - 2007-02-17 04:07 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbstor.sys
2014-03-06 00:14 - 2007-02-17 04:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-05 23:53 - 2014-03-13 08:10 - 00000000 ____D () C:\Documents and Settings\panoch\Local Settings\Temp\8
2014-03-04 14:11 - 2014-03-04 14:11 - 00037376 _____ () C:\WINDOWS\system32\servger.exe
2014-03-03 19:50 - 2014-03-03 19:50 - 00000000 __SHD () C:\Documents and Settings\piress\IECompatCache
2014-03-03 19:47 - 2014-03-03 19:47 - 17574400 __RSH () C:\WINDOWS\system32\Kimhtdct.bmp
2014-03-03 19:45 - 2014-03-03 19:46 - 00000000 ____D () C:\MinerCache
2014-03-03 19:42 - 2014-03-03 19:42 - 00032768 _____ () C:\WINDOWS\system32\svhost.exe
2014-03-03 19:39 - 2014-03-03 19:39 - 00000000 __SHD () C:\Documents and Settings\piress\PrivacIE
2014-03-03 19:37 - 2014-03-03 19:37 - 00000846 _____ () C:\Documents and Settings\piress\Start Menu\Programs\Internet Explorer.lnk
2014-03-03 19:37 - 2014-03-03 19:37 - 00000781 _____ () C:\Documents and Settings\piress\Start Menu\Programs\Outlook Express.lnk
2014-03-03 19:37 - 2014-03-03 19:37 - 00000000 ____D () C:\Documents and Settings\piress\My Documents\MediaConverter
2014-03-03 19:37 - 2014-03-03 19:37 - 00000000 ____D () C:\Documents and Settings\piress\Application Data\Windows Desktop Search
2014-03-03 19:37 - 2014-03-03 19:37 - 00000000 ____D () C:\Documents and Settings\piress\Application Data\HDDHealth
2014-03-03 19:37 - 2014-03-03 19:37 - 00000000 ____D () C:\Documents and Settings\piress\Application Data\ArcSoft
2014-03-03 19:36 - 2014-03-03 19:51 - 00000178 ___SH () C:\Documents and Settings\piress\ntuser.ini
2014-03-03 19:36 - 2014-03-03 19:50 - 00000000 ____D () C:\Documents and Settings\piress
2014-03-03 19:36 - 2014-03-03 19:37 - 00000000 ___RD () C:\Documents and Settings\piress\Start Menu\Programs\Accessories
2014-03-03 19:36 - 2014-03-03 19:36 - 00000000 ____D () C:\Documents and Settings\piress\WINDOWS
2014-03-03 19:36 - 2009-08-29 07:18 - 00000000 __SHD () C:\Documents and Settings\piress\IETldCache
2014-03-03 19:36 - 2007-06-20 10:43 - 00000000 _____ () C:\Documents and Settings\piress\Sti_Trace.log
2014-03-03 19:36 - 2007-06-20 08:50 - 00001599 _____ () C:\Documents and Settings\piress\Start Menu\Programs\Remote Assistance.lnk
2014-02-28 13:48 - 2014-03-13 13:16 - 00000000 ____D () C:\Documents and Settings\katka.TURBOPIXLA25\Local Settings\Temp\2
2014-02-28 10:59 - 2014-02-28 10:59 - 02902128 ____N (Shenzhen Qvod Technology Co.,Ltd) C:\Documents and Settings\piress\Desktop\MinerSetup_1[1].0.109.72.exe
2014-02-27 08:45 - 2014-03-13 13:50 - 00000000 ____D () C:\Documents and Settings\jan.vojir\Local Settings\Temp\b
2014-02-27 01:39 - 2014-03-13 13:21 - 00000000 ____D () C:\Documents and Settings\silas\Local Settings\Temp\9
2014-02-25 13:06 - 2014-02-25 13:06 - 00000000 ____D () C:\Documents and Settings\nikola\Local Settings\Temp\8
2014-02-24 07:34 - 2014-02-24 07:34 - 00000002 _____ () C:\WINDOWS\v3.log
2014-02-24 07:33 - 2014-02-24 07:33 - 00008192 _____ () C:\WINDOWS\system32\51e92691.rdb
2014-02-22 11:46 - 2014-02-22 11:46 - 00126976 _____ () C:\WINDOWS\system32\daemonu.exe
2014-02-16 14:26 - 2014-02-16 14:26 - 00130646 _____ () C:\Documents and Settings\jan.vojir\My Documents\missing_description_palma.csv
2014-02-13 21:20 - 2014-02-13 21:21 - 00545761 _____ () C:\Documents and Settings\jlukes\Desktop\F_terminy_ciselnik_sub.xml
2014-02-13 21:17 - 2014-02-13 21:19 - 00482672 _____ () C:\Documents and Settings\jlukes\Desktop\F_terminy_ciselnik_sub.xls
2014-02-13 21:14 - 2014-02-13 21:14 - 00000000 ____D () C:\Documents and Settings\jlukes\Local Settings\Temp\5
2014-02-12 16:14 - 2014-02-12 16:14 - 00011482 _____ () C:\WINDOWS\KB2916036.log
2014-02-12 16:14 - 2014-02-12 16:14 - 00000000 ____D () C:\WINDOWS\LastGood

==================== One Month Modified Files and Folders =======

2014-03-13 13:50 - 2014-03-13 13:50 - 00015327 _____ () C:\Documents and Settings\jan.vojir\Desktop\LM.bat
2014-03-13 13:50 - 2014-03-13 13:50 - 00000000 ____D () C:\FRST
2014-03-13 13:50 - 2014-02-27 08:45 - 00000000 ____D () C:\Documents and Settings\jan.vojir\Local Settings\Temp\b
2014-03-13 13:50 - 2012-11-30 13:05 - 00000282 _____ () C:\WINDOWS\Tasks\wgetout.job
2014-03-13 13:41 - 2014-03-13 09:32 - 00000000 ____D () C:\Documents and Settings\renca\Local Settings\Temp\a
2014-03-13 13:41 - 2007-07-02 20:14 - 00000000 ____D () C:\Klienti
2014-03-13 13:40 - 2007-06-20 08:55 - 00032608 _____ () C:\WINDOWS\Tasks\SchedLgU.Txt
2014-03-13 13:21 - 2014-02-27 01:39 - 00000000 ____D () C:\Documents and Settings\silas\Local Settings\Temp\9
2014-03-13 13:16 - 2014-02-28 13:48 - 00000000 ____D () C:\Documents and Settings\katka.TURBOPIXLA25\Local Settings\Temp\2
2014-03-13 13:16 - 2007-07-30 08:44 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-03-13 12:34 - 2014-03-11 08:40 - 00000000 ____D () C:\Documents and Settings\nikola\Local Settings\Temp\6
2014-03-13 12:14 - 2014-01-30 09:45 - 00000000 ____D () C:\Documents and Settings\eliska\Local Settings\Temp\5
2014-03-13 12:08 - 2007-07-02 18:40 - 01588700 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-13 10:27 - 2012-10-11 11:26 - 00000000 ____D () C:\Documents and Settings\renca\Application Data\Popisy-CZ
2014-03-13 09:33 - 2009-06-25 11:58 - 00000000 ____D () C:\Documents and Settings\renca\Application Data\poptavky
2014-03-13 09:32 - 2007-06-20 09:20 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-13 08:33 - 2008-07-14 10:18 - 00000000 ____D () C:\Documents and Settings\eliska\Application Data\poptavky
2014-03-13 08:10 - 2014-03-05 23:53 - 00000000 ____D () C:\Documents and Settings\panoch\Local Settings\Temp\8
2014-03-13 08:05 - 2013-07-16 10:10 - 00000000 ____D () C:\Documents and Settings\benglik\Local Settings\Temp\4
2014-03-13 07:59 - 2011-02-01 09:50 - 00000000 ____D () C:\Documents and Settings\katka.TURBOPIXLA25\Application Data\poptavky
2014-03-13 04:35 - 2012-02-05 21:29 - 00000318 _____ () C:\WINDOWS\Tasks\Zaloha Pohoda.job
2014-03-13 04:35 - 2012-01-24 18:55 - 00000178 ___SH () C:\Documents and Settings\zalohovac\ntuser.ini
2014-03-13 04:35 - 2012-01-24 18:55 - 00000000 ____D () C:\Documents and Settings\zalohovac
2014-03-13 03:30 - 2012-02-05 21:42 - 00000322 _____ () C:\WINDOWS\Tasks\Zaloha Dochazka.job
2014-03-13 03:01 - 2012-02-04 22:12 - 00000322 _____ () C:\WINDOWS\Tasks\Zaloha Poptavky Hodina.job
2014-03-13 00:30 - 2012-02-05 20:58 - 00000314 _____ () C:\WINDOWS\Tasks\Zaloha Edoc.job
2014-03-12 16:48 - 2013-05-15 12:35 - 00000000 ____D () C:\Documents and Settings\nikola\Application Data\Popisy-CZ
2014-03-12 16:27 - 2008-01-18 19:41 - 00000178 ___SH () C:\Documents and Settings\nada\ntuser.ini
2014-03-12 16:07 - 2009-06-25 11:56 - 00000278 ___SH () C:\Documents and Settings\renca\ntuser.ini
2014-03-12 10:39 - 2012-10-11 11:08 - 00000000 ____D () C:\Documents and Settings\eliska\Application Data\Popisy-CZ
2014-03-12 08:40 - 2008-08-14 21:37 - 00000000 ____D () C:\Documents and Settings\nikola\Application Data\poptavky
2014-03-12 06:55 - 2014-03-12 06:55 - 00039783 _____ () C:\WINDOWS\KB2930275.log
2014-03-12 06:55 - 2014-03-12 06:55 - 00039763 _____ () C:\WINDOWS\KB2929961.log
2014-03-12 06:55 - 2007-06-20 10:41 - 00552691 _____ () C:\WINDOWS\setupapi.log
2014-03-12 00:40 - 2007-10-13 19:37 - 00000000 _____ () C:\WINDOWS\system32\signal.txt
2014-03-11 08:54 - 2013-08-08 16:25 - 00000000 ____D () C:\Documents and Settings\nikola\Application Data\eDoc
2014-03-10 17:00 - 2008-08-14 21:35 - 00000178 ___SH () C:\Documents and Settings\nikola\ntuser.ini
2014-03-10 11:51 - 2014-03-10 11:50 - 08898138 _____ () C:\WINDOWS\REGBK00.ZIP
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\VDLL.DLL
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\system32\runouce.exe
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\rundll16.exe
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\RUNDL132.EXE
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\logo1_.exe
2014-03-10 11:45 - 2014-03-10 11:45 - 00000000 ____D () C:\WINDOWS\logo_1.exe
2014-03-10 11:34 - 2014-03-10 11:34 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2014-03-10 11:34 - 2014-03-10 11:34 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2014-03-10 11:34 - 2014-03-10 11:34 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2014-03-10 11:34 - 2014-03-10 11:34 - 00000000 ____D () C:\Program Files\Common Files\MicroWorld
2014-03-10 11:34 - 2012-05-16 15:13 - 00000000 ____D () C:\Documents and Settings\jan.vojir\WINDOWS
2014-03-10 10:49 - 2011-10-06 20:51 - 00001516 _____ () C:\WINDOWS\zipgenius.xml
2014-03-10 10:28 - 2014-03-10 10:26 - 00000000 ____D () C:\AdwCleaner
2014-03-10 10:23 - 2014-03-10 09:34 - 00000000 ____D () C:\Documents and Settings\jan.vojir\Desktop\RK_Quarantine
2014-03-10 10:01 - 2014-03-10 10:01 - 00004383 _____ () C:\Documents and Settings\jan.vojir\Desktop\RKreport[0]_D_03102014_100145.txt
2014-03-10 10:00 - 2007-07-03 21:21 - 00000464 _____ () C:\WINDOWS\Tasks\At1.job
2014-03-10 09:41 - 2014-03-10 09:41 - 00004779 _____ () C:\Documents and Settings\jan.vojir\Desktop\RKreport[0]_S_03102014_094138.txt
2014-03-10 09:35 - 2007-06-20 10:38 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-03-10 09:32 - 2012-10-11 11:24 - 00000000 ____D () C:\Documents and Settings\katka.TURBOPIXLA25\Application Data\eDoc
2014-03-10 04:00 - 2013-04-08 13:21 - 00000334 _____ () C:\WINDOWS\Tasks\Report volneho mista.job
2014-03-09 22:07 - 2007-07-13 17:59 - 00000000 ____D () C:\Documents and Settings\silas\Application Data\poptavky
2014-03-08 19:36 - 2011-02-09 19:34 - 00000682 _____ () C:\WINDOWS\Tasks\mysqlTables.job
2014-03-08 19:36 - 2007-07-13 18:02 - 00000278 ___SH () C:\Documents and Settings\jlukes\ntuser.ini
2014-03-07 17:04 - 2007-07-28 14:25 - 00000000 ____D () C:\Documents and Settings\benglik\Application Data\poptavky
2014-03-07 09:44 - 2012-10-11 11:08 - 00000000 ____D () C:\Documents and Settings\eliska\Application Data\eDoc
2014-03-06 12:34 - 2013-06-17 17:14 - 00000000 ____D () C:\Documents and Settings\benglik\Application Data\Dropbox
2014-03-06 00:45 - 2007-06-20 10:38 - 00000000 ____D () C:\WINDOWS\repair
2014-03-05 23:53 - 2009-08-08 14:34 - 00000178 ___SH () C:\Documents and Settings\panoch\ntuser.ini
2014-03-05 12:20 - 2012-01-04 23:21 - 00021508 ____H () C:\.DS_Store
2014-03-04 18:22 - 2011-12-28 12:12 - 00000000 ____D () C:\Documents and Settings\benglik\Application Data\MySQL
2014-03-04 14:11 - 2014-03-04 14:11 - 00037376 _____ () C:\WINDOWS\system32\servger.exe
2014-03-04 11:39 - 2012-07-24 20:33 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-03 19:51 - 2014-03-03 19:36 - 00000178 ___SH () C:\Documents and Settings\piress\ntuser.ini
2014-03-03 19:50 - 2014-03-03 19:50 - 00000000 __SHD () C:\Documents and Settings\piress\IECompatCache
2014-03-03 19:50 - 2014-03-03 19:36 - 00000000 ____D () C:\Documents and Settings\piress
2014-03-03 19:47 - 2014-03-03 19:47 - 17574400 __RSH () C:\WINDOWS\system32\Kimhtdct.bmp
2014-03-03 19:47 - 2007-06-20 10:38 - 00000000 ____D () C:\WINDOWS\system
2014-03-03 19:46 - 2014-03-03 19:45 - 00000000 ____D () C:\MinerCache
2014-03-03 19:42 - 2014-03-03 19:42 - 00032768 _____ () C:\WINDOWS\system32\svhost.exe
2014-03-03 19:39 - 2014-03-03 19:39 - 00000000 __SHD () C:\Documents and Settings\piress\PrivacIE
2014-03-03 19:37 - 2014-03-03 19:37 - 00000846 _____ () C:\Documents and Settings\piress\Start Menu\Programs\Internet Explorer.lnk
2014-03-03 19:37 - 2014-03-03 19:37 - 00000781 _____ () C:\Documents and Settings\piress\Start Menu\Programs\Outlook Express.lnk
2014-03-03 19:37 - 2014-03-03 19:37 - 00000000 ____D () C:\Documents and Settings\piress\My Documents\MediaConverter
2014-03-03 19:37 - 2014-03-03 19:37 - 00000000 ____D () C:\Documents and Settings\piress\Application Data\Windows Desktop Search
2014-03-03 19:37 - 2014-03-03 19:37 - 00000000 ____D () C:\Documents and Settings\piress\Application Data\HDDHealth
2014-03-03 19:37 - 2014-03-03 19:37 - 00000000 ____D () C:\Documents and Settings\piress\Application Data\ArcSoft
2014-03-03 19:37 - 2014-03-03 19:36 - 00000000 ___RD () C:\Documents and Settings\piress\Start Menu\Programs\Accessories
2014-03-03 19:37 - 2007-06-20 08:49 - 00072398 _____ () C:\WINDOWS\wmsetup.log
2014-03-03 19:36 - 2014-03-03 19:36 - 00000000 ____D () C:\Documents and Settings\piress\WINDOWS
2014-03-01 05:30 - 2012-02-05 21:27 - 00000334 _____ () C:\WINDOWS\Tasks\Zaloha Poptavky Mesic.job
2014-02-28 21:00 - 2014-01-30 08:51 - 00000000 ____D () C:\Documents and Settings\terenska\Local Settings\Temp\3
2014-02-28 17:56 - 2012-10-14 14:40 - 00000000 ____D () C:\Documents and Settings\benglik\Application Data\KeePass
2014-02-28 13:44 - 2011-02-01 09:46 - 00000178 ___SH () C:\Documents and Settings\katka.TURBOPIXLA25\ntuser.ini
2014-02-28 10:59 - 2014-02-28 10:59 - 02902128 ____N (Shenzhen Qvod Technology Co.,Ltd) C:\Documents and Settings\piress\Desktop\MinerSetup_1[1].0.109.72.exe
2014-02-27 12:37 - 2007-09-17 14:48 - 00000000 ____D () C:\Dokumenty
2014-02-27 08:40 - 2012-05-16 15:13 - 00000278 ___SH () C:\Documents and Settings\jan.vojir\ntuser.ini
2014-02-26 13:28 - 2012-11-01 07:14 - 00000000 ____D () C:\Documents and Settings\silas\Application Data\KeePass
2014-02-26 11:36 - 2012-10-11 11:24 - 00000000 ____D () C:\Documents and Settings\katka.TURBOPIXLA25\Application Data\Popisy-CZ
2014-02-26 00:14 - 2012-10-19 16:28 - 00000000 ____D () C:\Documents and Settings\terenska\Application Data\KeePass
2014-02-25 16:16 - 2007-07-15 12:11 - 00000000 ____D () C:\Documents and Settings\terenska\Application Data\poptavky
2014-02-25 13:06 - 2014-02-25 13:06 - 00000000 ____D () C:\Documents and Settings\nikola\Local Settings\Temp\8
2014-02-24 13:41 - 2012-11-15 18:15 - 00000000 ____D () C:\Documents and Settings\jan.vojir\Application Data\KeePass
2014-02-24 13:40 - 2013-09-22 22:05 - 00000600 _____ () C:\Documents and Settings\jan.vojir\Application Data\winscp.rnd
2014-02-24 13:19 - 2012-03-30 15:34 - 00027810 _____ () C:\Documents and Settings\silas\Local Settings\Temp\AdobeARM.log
2014-02-24 07:34 - 2014-02-24 07:34 - 00000002 _____ () C:\WINDOWS\v3.log
2014-02-24 07:33 - 2014-02-24 07:33 - 00008192 _____ () C:\WINDOWS\system32\51e92691.rdb
2014-02-24 07:33 - 2009-10-20 20:13 - 00000000 ____D () C:\Data
2014-02-22 11:46 - 2014-02-22 11:46 - 00126976 _____ () C:\WINDOWS\system32\daemonu.exe
2014-02-21 14:04 - 2011-10-10 15:15 - 00042809 _____ () C:\Documents and Settings\benglik\Local Settings\Temp\AdobeARM.log
2014-02-19 09:11 - 2009-10-20 20:15 - 00000000 ____D () C:\Documents and Settings\jlukes\Application Data\MySQL
2014-02-17 12:27 - 2014-02-05 22:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-16 14:26 - 2014-02-16 14:26 - 00130646 _____ () C:\Documents and Settings\jan.vojir\My Documents\missing_description_palma.csv
2014-02-14 18:36 - 2012-10-13 16:51 - 00000265 _____ () C:\Documents and Settings\benglik\Application Data\mainhst.zgh
2014-02-13 21:21 - 2014-02-13 21:20 - 00545761 _____ () C:\Documents and Settings\jlukes\Desktop\F_terminy_ciselnik_sub.xml
2014-02-13 21:19 - 2014-02-13 21:17 - 00482672 _____ () C:\Documents and Settings\jlukes\Desktop\F_terminy_ciselnik_sub.xls
2014-02-13 21:14 - 2014-02-13 21:14 - 00000000 ____D () C:\Documents and Settings\jlukes\Local Settings\Temp\5
2014-02-13 21:14 - 2010-04-25 15:16 - 00000000 ____D () C:\Documents and Settings\jlukes\My Documents\Stažené soubory
2014-02-12 16:14 - 2014-02-12 16:14 - 00011482 _____ () C:\WINDOWS\KB2916036.log
2014-02-12 16:14 - 2014-02-12 16:14 - 00000000 ____D () C:\WINDOWS\LastGood
2014-02-11 20:17 - 2012-06-04 11:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-11 19:18 - 2010-07-10 04:47 - 00000600 _____ () C:\Documents and Settings\silas\Application Data\winscp.rnd

Files to move or delete:
====================
C:\Documents and Settings\jan.vojir\freespace.bat
C:\Documents and Settings\jan.vojir\TempWmicBatchFile.bat
C:\Windows\Tasks\At1.job


Some content of TEMP:
====================
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\avxdisk.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\bdc.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\bdcore.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\bdfltlib.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\bdfltlib2k.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\bdupdateservice.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\DEVCON.EXE
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\download.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\eEmpty.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\encdec.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\esupdate.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\FSSync.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\Getvlist.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\ikave.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\ipc.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\kave.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\kavvlg.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\KK.EXE
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\msvclnt.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\msvcp80.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\msvcr80.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\msvl64.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\msvlclnt.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\MWAVL.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\MWAVReg.EXE
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\mwunzip.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\ntdll_dump.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\prLoader.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\red32.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\reload.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\scan.dll
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\ScanningProcess.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\setpriv.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\test2.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\unregx.exe
C:\Documents and Settings\jan.vojir\Local Settings\Temp\b\viewtcp.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2007-07-03 07:05] - [2007-02-17 01:58] - 1053184 ____A (Microsoft Corporation) A26C39540F8BE3729846E360E2C57344

C:\WINDOWS\system32\winlogon.exe
[2007-07-03 07:05] - [2007-02-17 03:09] - 0528384 ____A (Microsoft Corporation) B4AA8AE0F18E5DFCF99A671A181D3EDC

C:\WINDOWS\system32\svchost.exe
[2007-07-03 07:05] - [2007-02-17 03:04] - 0014848 ____A (Microsoft Corporation) C09CCFE81DEC9B162533D7184D705682

C:\WINDOWS\system32\services.exe
[2007-06-20 09:19] - [2009-02-03 12:07] - 0113152 ____A (Microsoft Corporation) CF500580CDD83B145646A4DCFCE1CF3C

C:\WINDOWS\system32\User32.dll
[2007-07-02 18:58] - [2007-03-02 07:38] - 0583680 ____A (Microsoft Corporation) 1959150096B010BA953A78B0D6B0B4E4

C:\WINDOWS\system32\userinit.exe
[2007-06-20 09:20] - [2007-02-17 03:07] - 0026112 ____A (Microsoft Corporation) B5FEB3B971A8B8C81CE9DE65031A87E5

C:\WINDOWS\system32\rpcss.dll
[2009-04-15 05:44] - [2009-02-09 12:02] - 0486912 ____A (Microsoft Corporation) 305A8757D66B5D416B47C497C27A01FE

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2003-03-25 00:05] - [2012-08-21 13:56] - 0153600 ____A (Microsoft Corporation) 701D86EC9D221F68C8528CC47D3958E6

C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.

==================== End Of Log ============================